rimscrmp.rims.org Open in urlscan Pro
38.98.118.166 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://rimscrmp.rims.org/ViewEmploymentAffadavit.aspx?k=YqKEOdJ9V6GaBe2NalJggWpMS+DVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MU...
Submission: On November 01 via manual (November 1st 2023, 6:35:20 pm UTC) from CA — Scanned from CA

Summary HTTP 82 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 34 IPs in 3 countries across 27 domains to perform 82 HTTP transactions. The main IP is 38.98.118.166, located in Old Westbury, United States and belongs to COGENT-174, US. The main domain is rimscrmp.rims.org.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on February 7th 2023. Valid for: a year.

This is the only time rimscrmp.rims.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	38.98.118.166 38.98.118.166	174 (COGENT-174) (COGENT-174)
2	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.251.111.95 142.251.111.95	15169 (GOOGLE) (GOOGLE)
1	172.253.115.95 172.253.115.95	15169 (GOOGLE) (GOOGLE)
1	152.195.19.97 152.195.19.97	15133 (EDGECAST) (EDGECAST)
3	142.251.163.97 142.251.163.97	15169 (GOOGLE) (GOOGLE)
2	172.253.63.155 172.253.63.155	15169 (GOOGLE) (GOOGLE)
5	142.251.16.102 142.251.16.102	15169 (GOOGLE) (GOOGLE)
2	23.43.85.208 23.43.85.208	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	146.75.28.157 146.75.28.157	54113 (FASTLY) (FASTLY)
3	37.19.207.34 37.19.207.34	60068 (CDN77 ^_^) (CDN77 ^_^)
2	31.13.66.19 31.13.66.19	32934 (FACEBOOK) (FACEBOOK)
2 4	207.198.113.205 207.198.113.205	13768 (COGECO-PEER1) (COGECO-PEER1)
1	104.21.82.163 104.21.82.163	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.107.21.200 13.107.21.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	172.253.62.154 172.253.62.154	15169 (GOOGLE) (GOOGLE)
2	205.201.46.12 205.201.46.12	14618 (AMAZON-AES) (AMAZON-AES)
3	172.253.122.101 172.253.122.101	15169 (GOOGLE) (GOOGLE)
2	172.253.115.155 172.253.115.155	15169 (GOOGLE) (GOOGLE)
4	172.253.115.94 172.253.115.94	15169 (GOOGLE) (GOOGLE)
3	142.251.111.99 142.251.111.99	15169 (GOOGLE) (GOOGLE)
6	52.45.71.197 52.45.71.197	14618 (AMAZON-AES) (AMAZON-AES)
1	13.32.151.55 13.32.151.55	16509 (AMAZON-02) (AMAZON-02)
2	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
2	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	18.160.18.24 18.160.18.24	16509 (AMAZON-02) (AMAZON-02)
1 2	52.2.54.142 52.2.54.142	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	52.26.6.186 52.26.6.186	16509 (AMAZON-02) (AMAZON-02)
1	37.19.206.5 37.19.206.5	60068 (CDN77 ^_^) (CDN77 ^_^)
1	172.253.122.155 172.253.122.155	15169 (GOOGLE) (GOOGLE)
1 2	18.215.35.44 18.215.35.44	14618 (AMAZON-AES) (AMAZON-AES)
3 4	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	157.240.244.35 157.240.244.35	32934 (FACEBOOK) (FACEBOOK)
2 2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2	23.101.166.71 23.101.166.71	() ()
82	34

17 38.98.118.166 (Old Westbury, United States)

ASN174 (COGENT-174, US)

rimscrmp.rims.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.111.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f95.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.115.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.195.19.97 (San Jose, United States)

ASN15133 (EDGECAST, US)

dec.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.163.97 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.63.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.16.102 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f102.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.43.85.208 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-43-85-208.deploy.static.akamaitechnologies.com

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.28.157 (Ashburn, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.19.207.34 (Ashburn, United States)

ASN60068 (CDN77 ^_^, GB)
PTR: 37-19-207-34.bunnyinfra.net

a.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 207.198.113.205 (Herndon, United States) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.82.163 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.feathr.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.62.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f154.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 205.201.46.12 (United States)

ASN14618 (AMAZON-AES, US)
PTR: mail.46.12.mmsend.com

tracking.magnetmail.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.122.101 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f101.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.115.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.253.115.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f94.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.111.99 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f99.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.45.71.197 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-71-197.compute-1.amazonaws.com

polo.feathr.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
polo-v1.feathr.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.151.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-151-55.iad66.r.cloudfront.net

marco.feathr.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.18.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-18-24.iad12.r.cloudfront.net

api.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.2.54.142 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-54-142.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.26.6.186 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-26-6-186.us-west-2.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.19.206.5 (Ashburn, United States)

ASN60068 (CDN77 ^_^, GB)
PTR: 476000398.ash.cdn77.com

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.122.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f155.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.215.35.44 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-35-44.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.107.42.14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.244.35 (Apodaca, Mexico)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-mty2.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.101.166.71 (None, )

ASN- ()

api.dec.sitefinity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	rims.org rimscrmp.rims.org	1 MB
8	feathr.co cdn.feathr.co — Cisco Umbrella Rank: 19426 polo.feathr.co — Cisco Umbrella Rank: 15199 marco.feathr.co — Cisco Umbrella Rank: 15628 polo-v1.feathr.co — Cisco Umbrella Rank: 35014	57 KB
6	google.com analytics.google.com — Cisco Umbrella Rank: 157 www.google.com — Cisco Umbrella Rank: 2	1015 B
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 pubads.g.doubleclick.net — Cisco Umbrella Rank: 401 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 245	5 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 377 www.linkedin.com — Cisco Umbrella Rank: 629	5 KB
4	google.ca www.google.ca — Cisco Umbrella Rank: 9133	777 B
4	sitescout.com 2 redirects pixel.sitescout.com — Cisco Umbrella Rank: 3887	3 KB
4	omappapi.com a.omappapi.com — Cisco Umbrella Rank: 5303 api.omappapi.com — Cisco Umbrella Rank: 5594	28 KB
3	exelator.com 2 redirects loadm.exelator.com — Cisco Umbrella Rank: 1743 load77.exelator.com — Cisco Umbrella Rank: 4116	2 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 366	14 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	305 KB
2	sitefinity.com api.dec.sitefinity.com	159 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 353	705 B
2	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 865	1 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 487	1 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 228	2 KB
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 747	611 B
2	t.co t.co — Cisco Umbrella Rank: 607	580 B
2	magnetmail.net tracking.magnetmail.net — Cisco Umbrella Rank: 45999	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	89 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 778	7 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 364 fonts.googleapis.com — Cisco Umbrella Rank: 31	34 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1137	30 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	185 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 713	15 KB
1	azureedge.net dec.azureedge.net — Cisco Umbrella Rank: 287903	3 KB
82	27

	Domain	Requested by
17	rimscrmp.rims.org	rimscrmp.rims.org
5	polo.feathr.co	cdn.feathr.co rimscrmp.rims.org
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com rimscrmp.rims.org
4	www.google.ca	rimscrmp.rims.org
4	pixel.sitescout.com	2 redirects rimscrmp.rims.org
3	px.ads.linkedin.com	2 redirects rimscrmp.rims.org
3	www.google.com	rimscrmp.rims.org
3	analytics.google.com	www.googletagmanager.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com rimscrmp.rims.org
3	a.omappapi.com	rimscrmp.rims.org a.omappapi.com
3	www.googletagmanager.com	rimscrmp.rims.org www.googletagmanager.com
2	api.dec.sitefinity.com	dec.azureedge.net
2	match.adsrvr.org	2 redirects
2	sync.crwdcntrl.net	1 redirects rimscrmp.rims.org
2	loadm.exelator.com	2 redirects
2	pixel.tapad.com	1 redirects rimscrmp.rims.org
2	dpm.demdex.net	1 redirects rimscrmp.rims.org
2	analytics.twitter.com	rimscrmp.rims.org
2	t.co	rimscrmp.rims.org
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	tracking.magnetmail.net	www.googletagmanager.com tracking.magnetmail.net
2	connect.facebook.net	rimscrmp.rims.org connect.facebook.net
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	maxcdn.bootstrapcdn.com	rimscrmp.rims.org
1	polo-v1.feathr.co	rimscrmp.rims.org
1	www.facebook.com	rimscrmp.rims.org
1	www.linkedin.com	1 redirects
1	cm.g.doubleclick.net	rimscrmp.rims.org
1	load77.exelator.com
1	api.omappapi.com	a.omappapi.com
1	marco.feathr.co	rimscrmp.rims.org
1	pubads.g.doubleclick.net	rimscrmp.rims.org
1	cdn.feathr.co	rimscrmp.rims.org
1	static.ads-twitter.com	rimscrmp.rims.org
1	dec.azureedge.net	rimscrmp.rims.org
1	fonts.googleapis.com	rimscrmp.rims.org
1	ajax.googleapis.com	rimscrmp.rims.org
82	38

This site contains links to these domains. Also see Links.

Domain
www.rims.org

Subject Issuer	Validity	Valid
rimscrmp.rims.org DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-03-09`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2023-07-16` - `2024-07-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
a.omappapi.com R3	`2023-10-05` - `2024-01-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-11` - `2023-11-09`	3 months	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
feathr.co GTS CA 1P5	`2023-10-12` - `2024-01-10`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
*.magnetmail.net AlphaSSL CA - SHA256 - G4	`2023-04-27` - `2024-05-28`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
polo.feathr.co R3	`2023-09-11` - `2023-12-10`	3 months	crt.sh
marco.feathr.co Amazon RSA 2048 M01	`2023-07-23` - `2024-08-20`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2023-02-01` - `2024-02-01`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-31` - `2024-01-30`	a year	crt.sh
api.opmnstr.com Amazon RSA 2048 M01	`2023-03-01` - `2024-02-08`	a year	crt.sh
*.insight.sitefinity.com GlobalSign ECC OV SSL CA 2018	`2023-07-11` - `2024-08-11`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://rimscrmp.rims.org/ViewEmploymentAffadavit.aspx?k=YqKEOdJ9V6GaBe2NalJggWpMS+DVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3/PIvL6XXiOJk116eUfedXwCD2g5+da1JI2J1zW
Frame ID: 7797E2B60ADB5F7A0E59A293323C244D
Requests: 75 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Frame ID: C16F4D149C000B8DB83F5FCCE9683DF3
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

RIMS - Certification - Employment Affadavit

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)
<input[^>]+name="__VIEWSTATE

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

82
Requests

91 %
HTTPS

0 %
IPv6

27
Domains

38
Subdomains

34
IPs

3
Countries

1884 kB
Transfer

4113 kB
Size

43
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.rims.org/login
Title: login

Search URL Search Domain Scan URL

URL: https://www.rims.org/Certification

Search URL Search Domain Scan URL

URL: https://www.rims.org/Certification/Pages/About-RIMS-CRMP-FED.aspx
Title: About RIMS-CRMP-FED

Search URL Search Domain Scan URL

URL: https://www.rims.org/

Search URL Search Domain Scan URL

URL: https://www.rims.org/contact-us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.rims.org/legal
Title: Legal Notice

Search URL Search Domain Scan URL

URL: https://www.rims.org/privacy
Title: Privacy Statement

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://pixel.sitescout.com/dmp/asyncPixelSync HTTP 302
https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1

Request Chain 29

https://pixel.sitescout.com/iap/7ac39d935ac5f666 HTTP 302
https://pixel.sitescout.com/iap/7ac39d935ac5f666?cookieQ=1

Request Chain 54

https://dpm.demdex.net/ibs:dpid=82530&dpuuid=be3f7fc0-d32f-4662-bc1c-e02df9cc4b95-65429a62-5341&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=be3f7fc0-d32f-4662-bc1c-e02df9cc4b95-65429a62-5341&gdpr=0&gdpr_consent=

Request Chain 55

https://pixel.tapad.com/idsync/ex/receive?partner_id=2499&partner_device_id=be3f7fc0-d32f-4662-bc1c-e02df9cc4b95-65429a62-5341 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=be3f7fc0-d32f-4662-bc1c-e02df9cc4b95-65429a62-5341

Request Chain 56

https://loadm.exelator.com/load/?p=204&g=700&j=0&buid=be3f7fc0-d32f-4662-bc1c-e02df9cc4b95-65429a62-5341&gdpr=0&gdpr_consent= HTTP 302
https://loadm.exelator.com/load/?p=204&g=700&j=0&buid=be3f7fc0-d32f-4662-bc1c-e02df9cc4b95-65429a62-5341&gdpr=0&gdpr_consent=&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 58

https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=be3f7fc0-d32f-4662-bc1c-e02df9cc4b95-65429a62-5341&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=be3f7fc0-d32f-4662-bc1c-e02df9cc4b95-65429a62-5341&gdpr=0&gdpr_consent=&ct=y

Request Chain 64

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4158529%2C4764034&time=1698863715056&url=https%3A%2F%2Frimscrmp.rims.org%2FViewEmploymentAffadavit.aspx%3Fk%3DYqKEOdJ9V6GaBe2NalJggWpMS%2BDVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3%2FPIvL6XXiOJk116eUfedXwCD2g5%2Bda1JI2J1zW HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4158529%2C4764034&time=1698863715056&url=https%3A%2F%2Frimscrmp.rims.org%2FViewEmploymentAffadavit.aspx%3Fk%3DYqKEOdJ9V6GaBe2NalJggWpMS%2BDVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3%2FPIvL6XXiOJk116eUfedXwCD2g5%2Bda1JI2J1zW&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4158529%252C4764034%26time%3D1698863715056%26url%3Dhttps%253A%252F%252Frimscrmp.rims.org%252FViewEmploymentAffadavit.aspx%253Fk%253DYqKEOdJ9V6GaBe2NalJggWpMS%252BDVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3%252FPIvL6XXiOJk116eUfedXwCD2g5%252Bda1JI2J1zW%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4158529%2C4764034&time=1698863715056&url=https%3A%2F%2Frimscrmp.rims.org%2FViewEmploymentAffadavit.aspx%3Fk%3DYqKEOdJ9V6GaBe2NalJggWpMS%2BDVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3%2FPIvL6XXiOJk116eUfedXwCD2g5%2Bda1JI2J1zW&cookiesTest=true&liSync=true

Request Chain 71

https://match.adsrvr.org/track/cmf/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=65429a635c15d90008d6cb54&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=65429a635c15d90008d6cb54&gdpr=0 HTTP 302
https://polo-v1.feathr.co/v1/analytics/match?f_id=65429a635c15d90008d6cb54&ttd_id=90a4d968-318b-40b9-bae6-3205fc0cf7fa

82 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request ViewEmploymentAffadavit.aspx Show response
rimscrmp.rims.org/ 60 KB
60 KB 672ms
285ms Document
text/html 38.98.118.166
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://rimscrmp.rims.org/ViewEmploymentAffadavit.aspx?k=YqKEOdJ9V6GaBe2NalJggWpMS+DVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3/PIvL6XXiOJk116eUfedXwCD2g5+da1JI2J1zW
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 38.98.118.166 Old Westbury, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9e542dc421aaa26278f6913be8f0879850a8a6cd6467ae21bfa4da2a090db963

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: private
Content-Length: 61464
Content-Type: text/html; charset=utf-8
Date: Wed, 01 Nov 2023 18:35:14 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/ 115 KB
20 KB 81ms
36ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css

Requested by

Host: rimscrmp.rims.org
URL: https://rimscrmp.rims.org/ViewEmploymentAffadavit.aspx?k=YqKEOdJ9V6GaBe2NalJggWpMS+DVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3/PIvL6XXiOJk116eUfedXwCD2g5+da1JI2J1zW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:35:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 876
age: 4333
cdn-cachedat: 09/04/2022 09:22:42
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:58 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"eedf9ee80c2faa4e1b9ab9017cdfcb88"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 1618e898199956ea0e72e576db88d8aa
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 81f63c860af15413-YYZ
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.2/ 94 KB
33 KB 112ms
37ms Script
text/javascript 142.251.111.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f95.1e100.net

Software

sffe /

Resource Hash

2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 06:15:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 389958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33495
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Oct 2024 06:15:56 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1016 B 125ms
50ms Stylesheet
text/css 172.253.115.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:400,300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f95.1e100.net

Software

ESF /

Resource Hash

9292445432c2cf6a9058fbad020969b2cdc693c7ab81d8b1b4d0948e33bdcf7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 01 Nov 2023 18:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 16:51:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Nov 2023 18:35:14 GMT

GET
H/1.1 200
OK rimscert.css
rimscrmp.rims.org/Resources/CSS/ 7 KB
8 KB 84ms
47ms Stylesheet
text/css 38.98.118.166
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://rimscrmp.rims.org/Resources/CSS/rimscert.css
Requested by: Host: rimscrmp.rims.org
URL: https://rimscrmp.rims.org/ViewEmploymentAffadavit.aspx?k=YqKEOdJ9V6GaBe2NalJggWpMS+DVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3/PIvL6XXiOJk116eUfedXwCD2g5+da1JI2J1zW
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 38.98.118.166 Old Westbury, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: dab47b75ab2c5a1511bd9f142d54edacc30f124e256be626fefa4f6468891225

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/ViewEmploymentAffadavit.aspx?k=YqKEOdJ9V6GaBe2NalJggWpMS+DVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3/PIvL6XXiOJk116eUfedXwCD2g5+da1JI2J1zW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 18:35:14 GMT
Last-Modified: Thu, 11 Jan 2018 15:18:12 GMT
Server: Microsoft-IIS/8.5
ETag: "23552365ef8ad31:0"
X-Powered-By: ASP.NET
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 7451

GET
H/1.1 200
OK animate.css
rimscrmp.rims.org/Resources/CSS/ 69 KB
69 KB 138ms
53ms Stylesheet
text/css 38.98.118.166
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://rimscrmp.rims.org/Resources/CSS/animate.css
Requested by: Host: rimscrmp.rims.org
URL: https://rimscrmp.rims.org/ViewEmploymentAffadavit.aspx?k=YqKEOdJ9V6GaBe2NalJggWpMS+DVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3/PIvL6XXiOJk116eUfedXwCD2g5+da1JI2J1zW
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 38.98.118.166 Old Westbury, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c065a79be7511e259631f7f99f4191ad98befcfcc2f739cb2c18e39f11c48272

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/ViewEmploymentAffadavit.aspx?k=YqKEOdJ9V6GaBe2NalJggWpMS+DVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3/PIvL6XXiOJk116eUfedXwCD2g5+da1JI2J1zW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 18:35:14 GMT
Last-Modified: Thu, 11 Jan 2018 15:18:12 GMT
Server: Microsoft-IIS/8.5
ETag: "6a962265ef8ad31:0"
X-Powered-By: ASP.NET
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 70808

GET
H/1.1 200
OK wow.min.js Show response
rimscrmp.rims.org/Resources/JS/ 7 KB
7 KB 245ms
47ms Script
application/javascript 38.98.118.166
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://rimscrmp.rims.org/Resources/JS/wow.min.js
Requested by: Host: rimscrmp.rims.org
URL: https://rimscrmp.rims.org/ViewEmploymentAffadavit.aspx?k=YqKEOdJ9V6GaBe2NalJggWpMS+DVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3/PIvL6XXiOJk116eUfedXwCD2g5+da1JI2J1zW
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 38.98.118.166 Old Westbury, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 36a88df037dc6c940450a9e251a34c9321d76d894d3d1734ee8cede45028d84c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/ViewEmploymentAffadavit.aspx?k=YqKEOdJ9V6GaBe2NalJggWpMS+DVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3/PIvL6XXiOJk116eUfedXwCD2g5+da1JI2J1zW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 18:35:14 GMT
Last-Modified: Thu, 11 Jan 2018 15:18:12 GMT
Server: Microsoft-IIS/8.5
ETag: "618b3165ef8ad31:0"
X-Powered-By: ASP.NET
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 7082

GET
H/1.1 200
OK RIMS-Cert-App.css
rimscrmp.rims.org/Resources/CSS/ 8 KB
8 KB 196ms
46ms Stylesheet
text/css 38.98.118.166
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://rimscrmp.rims.org/Resources/CSS/RIMS-Cert-App.css?v=1
Requested by: Host: rimscrmp.rims.org
URL: https://rimscrmp.rims.org/ViewEmploymentAffadavit.aspx?k=YqKEOdJ9V6GaBe2NalJggWpMS+DVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3/PIvL6XXiOJk116eUfedXwCD2g5+da1JI2J1zW
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 38.98.118.166 Old Westbury, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: f4f499f4e3a1364aabfc7827487244a6b84be2fcebc966f2c1ffceb0b55387b9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/ViewEmploymentAffadavit.aspx?k=YqKEOdJ9V6GaBe2NalJggWpMS+DVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3/PIvL6XXiOJk116eUfedXwCD2g5+da1JI2J1zW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 18:35:14 GMT
Last-Modified: Mon, 26 Nov 2018 19:56:35 GMT
Server: Microsoft-IIS/8.5
ETag: "11661123c285d41:0"
X-Powered-By: ASP.NET
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 7964

GET
H/1.1 200
OK WebResource.axd Show response
rimscrmp.rims.org/ 23 KB
23 KB 253ms
40ms Script
application/x-javascript 38.98.118.166
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://rimscrmp.rims.org/WebResource.axd?d=a4YItg8X0l58_tL9zksrIEjbLYocHuShSPok_VG5l0N4cYVtZzjKK0jF9wzU0NaF5sxu1A5h1cB82BFv5zkDqGBhwGebCBBjLf4SBdBHW_81&t=637814473746327080
Requested by: Host: rimscrmp.rims.org
URL: https://rimscrmp.rims.org/ViewEmploymentAffadavit.aspx?k=YqKEOdJ9V6GaBe2NalJggWpMS+DVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3/PIvL6XXiOJk116eUfedXwCD2g5+da1JI2J1zW
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 38.98.118.166 Old Westbury, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/ViewEmploymentAffadavit.aspx?k=YqKEOdJ9V6GaBe2NalJggWpMS+DVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3/PIvL6XXiOJk116eUfedXwCD2g5+da1JI2J1zW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 18:35:14 GMT
Last-Modified: Sat, 26 Feb 2022 09:42:54 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/x-javascript
Cache-Control: public
Content-Length: 23063
Expires: Thu, 31 Oct 2024 15:11:31 GMT

GET
H/1.1 200
OK 263x90_RIMS-CRMP_logo.png
rimscrmp.rims.org/Resources/Images/ 10 KB
10 KB 295ms
43ms Image
image/png 38.98.118.166
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rimscrmp.rims.org/Resources/Images/263x90_RIMS-CRMP_logo.png
Requested by: Host: rimscrmp.rims.org
URL: https://rimscrmp.rims.org/ViewEmploymentAffadavit.aspx?k=YqKEOdJ9V6GaBe2NalJggWpMS+DVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3/PIvL6XXiOJk116eUfedXwCD2g5+da1JI2J1zW
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 38.98.118.166 Old Westbury, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 58326cb5768a543a3ae1940e3787e3a6ef207169b15587e2dcfcb8bcc75d18ce

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/ViewEmploymentAffadavit.aspx?k=YqKEOdJ9V6GaBe2NalJggWpMS+DVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3/PIvL6XXiOJk116eUfedXwCD2g5+da1JI2J1zW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 18:35:14 GMT
Last-Modified: Thu, 11 Jan 2018 15:18:12 GMT
Server: Microsoft-IIS/8.5
ETag: "754f2765ef8ad31:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 9806

GET
H/1.1 200
OK DXR.axd Show response
rimscrmp.rims.org/ 565 KB
106 KB 375ms
123ms Script
text/javascript 38.98.118.166
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://rimscrmp.rims.org/DXR.axd?r=1_230,1_134,1_223,1_168,1_131,1_215,1_213-ds45g
Requested by: Host: rimscrmp.rims.org
URL: https://rimscrmp.rims.org/ViewEmploymentAffadavit.aspx?k=YqKEOdJ9V6GaBe2NalJggWpMS+DVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3/PIvL6XXiOJk116eUfedXwCD2g5+da1JI2J1zW
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 38.98.118.166 Old Westbury, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9eb7fb32aeb68e39e428dce1923d6d4c6a2b15fa17a96d243f343615c83936ff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/ViewEmploymentAffadavit.aspx?k=YqKEOdJ9V6GaBe2NalJggWpMS+DVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3/PIvL6XXiOJk116eUfedXwCD2g5+da1JI2J1zW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 18:35:14 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Jan 2018 21:21:04 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: text/javascript
Cache-Control: public, max-age=31536000
Content-Length: 107966
Expires: Thu, 10 Jan 2019 21:21:04 GMT

GET
H/1.1 200
OK DXR.axd
rimscrmp.rims.org/ 234 KB
31 KB 200ms
109ms Stylesheet
text/css 38.98.118.166
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://rimscrmp.rims.org/DXR.axd?r=0_2280,1_33,1_35,0_2282-es45g
Requested by: Host: rimscrmp.rims.org
URL: https://rimscrmp.rims.org/ViewEmploymentAffadavit.aspx?k=YqKEOdJ9V6GaBe2NalJggWpMS+DVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3/PIvL6XXiOJk116eUfedXwCD2g5+da1JI2J1zW
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 38.98.118.166 Old Westbury, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 675924d8477789a008090280f57271eb72b211849ea2af9b0c9500fd22af9eaa

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/ViewEmploymentAffadavit.aspx?k=YqKEOdJ9V6GaBe2NalJggWpMS+DVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3/PIvL6XXiOJk116eUfedXwCD2g5+da1JI2J1zW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 18:35:14 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Jan 2018 21:21:05 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: text/css
Cache-Control: public, max-age=31536000
Content-Length: 31406
Expires: Thu, 10 Jan 2019 21:21:05 GMT

GET
H/1.1 200
OK DXR.axd
rimscrmp.rims.org/ 43 B
321 B 158ms
67ms Image
image/gif 38.98.118.166
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rimscrmp.rims.org/DXR.axd?r=1_37-ds45g
Requested by: Host: rimscrmp.rims.org
URL: https://rimscrmp.rims.org/ViewEmploymentAffadavit.aspx?k=YqKEOdJ9V6GaBe2NalJggWpMS+DVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3/PIvL6XXiOJk116eUfedXwCD2g5+da1JI2J1zW
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 38.98.118.166 Old Westbury, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/ViewEmploymentAffadavit.aspx?k=YqKEOdJ9V6GaBe2NalJggWpMS+DVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3/PIvL6XXiOJk116eUfedXwCD2g5+da1JI2J1zW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 18:35:14 GMT
Last-Modified: Wed, 10 Jan 2018 21:21:04 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: public, max-age=31536000
Content-Length: 43
Expires: Thu, 10 Jan 2019 21:21:04 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/ 35 KB
10 KB 37ms
34ms Script
application/javascript 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:35:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 674, 617, 617
age: 4329
cdn-cachedat: 2021-04-13 11:53:38
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:58 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: e8fa4a0004a8256bd6a1c68495e6b9a9
timing-allow-origin: *
cdn-requestcountrycode: US
cf-ray: 81f63c875ced5413-YYZ
cdn-requestpullsuccess: True

GET
H/1.1 200
OK rimscert.js Show response
rimscrmp.rims.org/Resources/JS/ 919 B
1 KB 168ms
77ms Script
application/javascript 38.98.118.166
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://rimscrmp.rims.org/Resources/JS/rimscert.js
Requested by: Host: rimscrmp.rims.org
URL: https://rimscrmp.rims.org/ViewEmploymentAffadavit.aspx?k=YqKEOdJ9V6GaBe2NalJggWpMS+DVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3/PIvL6XXiOJk116eUfedXwCD2g5+da1JI2J1zW
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 38.98.118.166 Old Westbury, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 541d2a516db316994a9ac86f005257fa58f8f938a67014c7fbf65a6a2728d5fd

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/ViewEmploymentAffadavit.aspx?k=YqKEOdJ9V6GaBe2NalJggWpMS+DVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3/PIvL6XXiOJk116eUfedXwCD2g5+da1JI2J1zW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 18:35:14 GMT
Last-Modified: Thu, 11 Jan 2018 15:18:12 GMT
Server: Microsoft-IIS/8.5
ETag: "70d62f65ef8ad31:0"
X-Powered-By: ASP.NET
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 919

GET
H/1.1 200
OK rims-logo.png
rimscrmp.rims.org/Resources/Images/ 6 KB
7 KB 158ms
77ms Image
image/png 38.98.118.166
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rimscrmp.rims.org/Resources/Images/rims-logo.png
Requested by: Host: rimscrmp.rims.org
URL: https://rimscrmp.rims.org/ViewEmploymentAffadavit.aspx?k=YqKEOdJ9V6GaBe2NalJggWpMS+DVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3/PIvL6XXiOJk116eUfedXwCD2g5+da1JI2J1zW
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 38.98.118.166 Old Westbury, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 4dfbdadbc8d3cd930d41bc1cf5fa1362613447a108067d5410ecacf361816897

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/ViewEmploymentAffadavit.aspx?k=YqKEOdJ9V6GaBe2NalJggWpMS+DVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3/PIvL6XXiOJk116eUfedXwCD2g5+da1JI2J1zW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 18:35:14 GMT
Last-Modified: Thu, 11 Jan 2018 15:18:12 GMT
Server: Microsoft-IIS/8.5
ETag: "74dd2c65ef8ad31:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 6602

GET
H2 200 telerik-dec-client.min.1.0.0.142.js Show response
dec.azureedge.net/sdk/ 12 KB
3 KB 160ms
38ms Script
text/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://dec.azureedge.net/sdk/telerik-dec-client.min.1.0.0.142.js
Requested by: Host: rimscrmp.rims.org
URL: https://rimscrmp.rims.org/ViewEmploymentAffadavit.aspx?k=YqKEOdJ9V6GaBe2NalJggWpMS+DVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3/PIvL6XXiOJk116eUfedXwCD2g5+da1JI2J1zW
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (chd/0753) /
Resource Hash: 0dac6a4bebb88854486159433f16f09c41850211c896edd3869a7682d8931b9f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 01 Nov 2023 18:35:14 GMT
content-encoding: gzip
content-md5: UFNsTiJ/gYS9oKWxoXpyhA==
age: 2178369
x-cache: HIT
content-length: 3164
x-ms-lease-status: unlocked
last-modified: Mon, 12 Sep 2016 08:09:42 GMT
server: ECAcc (chd/0753)
etag: 0x8D3DAE426BEB3C9
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-ms-request-id: 8d6163e0-d01e-0057-7222-f9892e000000
access-control-expose-headers: x-ms-request-id,x-ms-version
cache-control: max-age=2592000
x-ms-version: 2009-09-19
expires: Wed, 08 Nov 2023 18:35:14 GMT

GET
H/1.1 200
OK rimscert-print.css
rimscrmp.rims.org/Resources/CSS/ 236 B
482 B 49ms
48ms Stylesheet
text/css 38.98.118.166
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://rimscrmp.rims.org/Resources/CSS/rimscert-print.css
Requested by: Host: rimscrmp.rims.org
URL: https://rimscrmp.rims.org/ViewEmploymentAffadavit.aspx?k=YqKEOdJ9V6GaBe2NalJggWpMS+DVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3/PIvL6XXiOJk116eUfedXwCD2g5+da1JI2J1zW
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 38.98.118.166 Old Westbury, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a903e2fbbeb022ad7997e7fe92c8d9ad6941412fd542046db0c8166077a4e4f1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/ViewEmploymentAffadavit.aspx?k=YqKEOdJ9V6GaBe2NalJggWpMS+DVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3/PIvL6XXiOJk116eUfedXwCD2g5+da1JI2J1zW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 18:35:14 GMT
Last-Modified: Thu, 11 Jan 2018 15:18:12 GMT
Server: Microsoft-IIS/8.5
ETag: "85b82865ef8ad31:0"
X-Powered-By: ASP.NET
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 236

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 351 KB
110 KB 135ms
57ms Script
application/javascript 142.251.163.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M956LDR

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

4b64b6e313571e2bbf95b2fe6827973918d459a5f4740cbd5cddf386952ea522

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:35:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111903
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 01 Nov 2023 18:35:14 GMT

GET
H/1.1 200
OK RIMS_certification_site_image_web.jpg
rimscrmp.rims.org/Resources/Images/ 886 KB
886 KB 97ms
60ms Image
image/jpeg 38.98.118.166
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rimscrmp.rims.org/Resources/Images/RIMS_certification_site_image_web.jpg
Requested by: Host: rimscrmp.rims.org
URL: https://rimscrmp.rims.org/Resources/CSS/rimscert.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 38.98.118.166 Old Westbury, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 36b044820470c5284dadada357130651638e24aa0548118beffda6a611da7801

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/Resources/CSS/rimscert.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 18:35:14 GMT
Last-Modified: Thu, 11 Jan 2018 15:18:12 GMT
Server: Microsoft-IIS/8.5
ETag: "caa35565ef8ad31:0"
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 907116

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 320 KB
104 KB 66ms
65ms Script
application/javascript 142.251.163.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9V3Q43T01V&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M956LDR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

3b7deee43954841cac724b1bc8af26fccffd116050158606e79590ae5e8165d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:35:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 106122
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 01 Nov 2023 18:35:14 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
92 KB 56ms
56ms Script
application/javascript 142.251.163.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MHK8NDVLF3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M956LDR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

e8cfc70fb378a9ba330b2994a3f81c72ee045cd639541680d5a935c2d80a7ea4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:35:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93741
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 01 Nov 2023 18:35:14 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/989970389/ 3 KB
2 KB 128ms
51ms Script
text/javascript 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/989970389/?random=1698863714681&cv=11&fst=1698863714681&bg=ffffff&guid=ON&async=1&gtm=45He3au1v831938435&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Frimscrmp.rims.org%2FViewEmploymentAffadavit.aspx%3Fk%3DYqKEOdJ9V6GaBe2NalJggWpMS%2BDVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3%2FPIvL6XXiOJk116eUfedXwCD2g5%2Bda1JI2J1zW&hn=www.googleadservices.com&frm=0&tiba=RIMS%20-%20Certification%20-%20Employment%20Affadavit&auid=1553337749.1698863715&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M956LDR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

cafe /

Resource Hash

d6453fdd6e031af17a93ef5a681244635a67e2051637521259f62ab8c2008c13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 18:35:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1395
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 114ms
38ms Script
text/javascript 142.251.16.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M956LDR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 Nov 2023 18:26:14 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 540
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 01 Nov 2023 20:26:14 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 142ms
42ms Script
application/javascript 23.43.85.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M956LDR

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.43.85.208 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-43-85-208.deploy.static.akamaitechnologies.com

Software

Resource Hash

672e173a1961506da81fd51463bb8b4aeacf8be4d484d02dca74b3e3a848ab7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 31 Oct 2023 08:37:21 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=41943
accept-ranges: bytes
content-length: 3840

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 124ms
38ms Script
application/javascript 146.75.28.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: rimscrmp.rims.org
URL: https://rimscrmp.rims.org/ViewEmploymentAffadavit.aspx?k=YqKEOdJ9V6GaBe2NalJggWpMS+DVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3/PIvL6XXiOJk116eUfedXwCD2g5+da1JI2J1zW
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:35:14 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 15:55:14 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kiad7000099-IAD

GET
H2 200 api.min.js Show response
a.omappapi.com/app/js/ 51 KB
18 KB 128ms
36ms Script
application/javascript 37.19.207.34
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.js
Requested by: Host: rimscrmp.rims.org
URL: https://rimscrmp.rims.org/ViewEmploymentAffadavit.aspx?k=YqKEOdJ9V6GaBe2NalJggWpMS+DVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3/PIvL6XXiOJk116eUfedXwCD2g5+da1JI2J1zW
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 37-19-207-34.bunnyinfra.net
Software: BunnyCDN-ASB1-925 /
Resource Hash: a2558a61b38a7b03525f0b74a510f4483332f14059245769233ede3f66dec7e0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:35:14 GMT
content-encoding: br
cdn-edgestorageid: 925
perma-cache: HIT
cdn-storageserver: NY-268
cdn-cachedat: 11/01/2023 17:12:07
cdn-pullzone: 293267
last-modified: Wed, 25 Oct 2023 17:46:02 GMT
server: BunnyCDN-ASB1-925
cdn-fileserver: 622
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"6539545a-cb8d"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: eba4db91f0987c56a35efef9d2d893dd
cdn-requestcountrycode: CA
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 116ms
38ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 01 Nov 2023 18:35:14 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: HrGXO2HwbEmgy40iVCCXL+Du9tUfvUxxAAd8CH4N4zNBtqSy6fJW3oWXNbON1nmx4uDHJfpYTjEv2z0LZjj4Xg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

asyncPixelSync Show response
pixel.sitescout.com/dmp/ Frame C16F
Redirect Chain

https://pixel.sitescout.com/dmp/asyncPixelSync
https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1

1 KB
2 KB

34ms
33ms

Document
text/html

207.198.113.205
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Requested by: Host: rimscrmp.rims.org
URL: https://rimscrmp.rims.org/ViewEmploymentAffadavit.aspx?k=YqKEOdJ9V6GaBe2NalJggWpMS+DVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3/PIvL6XXiOJk116eUfedXwCD2g5+da1JI2J1zW
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 207.198.113.205 Herndon, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: A /
Resource Hash: a9fbba90927f2e50a8cd39f2dba08d824b24c9656bb51edbcc254050bfa5364d

Request headers

Referer: https://rimscrmp.rims.org/ViewEmploymentAffadavit.aspx?k=YqKEOdJ9V6GaBe2NalJggWpMS+DVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3/PIvL6XXiOJk116eUfedXwCD2g5+da1JI2J1zW
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
content-length: 1142
content-type: text/html;charset=UTF-8
date: Wed, 01 Nov 2023 18:35:14 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: A

Redirect headers

content-length: 0
date: Wed, 01 Nov 2023 18:35:14 GMT
location: https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
server: A

GET
H2 200 boomerang.min.js Show response
cdn.feathr.co/js/ 184 KB
53 KB 91ms
39ms Script
text/javascript 104.21.82.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.feathr.co/js/boomerang.min.js
Requested by: Host: rimscrmp.rims.org
URL: https://rimscrmp.rims.org/ViewEmploymentAffadavit.aspx?k=YqKEOdJ9V6GaBe2NalJggWpMS+DVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3/PIvL6XXiOJk116eUfedXwCD2g5+da1JI2J1zW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.82.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebcc4d43d31df7982ad1969a9256632e8de9f3ba601d53afd05292485bcfe2d5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:35:14 GMT
x-amz-version-id: tB4hDpweFtj1TM0MTuYs.s_6MBpV665l
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: Z6X6Y71NAZF2X76G
age: 5189
alt-svc: h3=":443"; ma=86400
x-amz-id-2: VQr7XsNO/MYnfJZeuUir+7QtfRQziwQi7bswn2GiWvtsH5NaFw8Dh61UnrC3WmzsGYA11+k52no=
last-modified: Mon, 29 May 2023 15:20:13 GMT
server: cloudflare
etag: W/"500ed5e84b71afdb1bcc2413d6583f37"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hyUKFB8gk4Ep9cRj3JsaI03DtU%2Bm9S2zdmzeckgIQO3YM6DOrLaCgekrcKFPShCgR8B8ZmWmUVGio5yx7iXo2M3tyhuo1NC%2FpTbhPNBmKpr%2BIfgF1AvlyasriR2dLF%2BV"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 81f63c8959f8a211-YYZ

GET
H2

204

7ac39d935ac5f666
pixel.sitescout.com/iap/
Redirect Chain

https://pixel.sitescout.com/iap/7ac39d935ac5f666
https://pixel.sitescout.com/iap/7ac39d935ac5f666?cookieQ=1

0
341 B

33ms
33ms

Image
text/plain

207.198.113.205
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/iap/7ac39d935ac5f666?cookieQ=1
Requested by: Host: rimscrmp.rims.org
URL: https://rimscrmp.rims.org/ViewEmploymentAffadavit.aspx?k=YqKEOdJ9V6GaBe2NalJggWpMS+DVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3/PIvL6XXiOJk116eUfedXwCD2g5+da1JI2J1zW
Protocol: H2
Server: 207.198.113.205 Herndon, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Wed, 01 Nov 2023 18:35:14 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location: https://pixel.sitescout.com/iap/7ac39d935ac5f666?cookieQ=1
date: Wed, 01 Nov 2023 18:35:14 GMT
server: AC1.1
content-length: 0

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 123ms
51ms Script
application/javascript 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M956LDR

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0dc90421cbf6414c9f1ef5e93af3dbe48a4e51899452330f0ae0b2815e38be94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 01 Nov 2023 18:35:14 GMT
last-modified: Fri, 20 Oct 2023 01:13:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C89DA7B437244E6FB7CBA3C3A3EA0118 Ref B: YTO01EDGE0717 Ref C: 2023-11-01T18:35:14Z
etag: "0125f9ff22da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13079

GET
H2 200 activity;xsp=4770741;ord=4948203097125.825
pubads.g.doubleclick.net/ 42 B
542 B 134ms
55ms Image
image/gif 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;xsp=4770741;ord=4948203097125.825?

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 18:35:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK MagnetLeads.js Show response
tracking.magnetmail.net/ 2 KB
2 KB 151ms
38ms Script
application/javascript 205.201.46.12
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.magnetmail.net/MagnetLeads.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M956LDR
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 205.201.46.12 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: mail.46.12.mmsend.com
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: 666af3013700ed16bfc348050da6e011bc2550d695d4d5ae9e6102b1c9f3b249

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 18:35:14 GMT
X-mID: 2395
Last-Modified: Mon, 19 Jul 2021 19:16:57 GMT
Server: Microsoft-IIS/8.0
ETag: "95512fa4d27cd71:0"
X-Powered-By: ASP.NET
Vary: Origin
Access-Control-Allow-Methods: GET,POST
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: private
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 1661
Expires: Wed, 01 Nov 2023 18:36:15 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
163 B 46ms
45ms Ping
text/plain 142.251.16.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-MHK8NDVLF3&gtm=45je3au1v896806147z8831938435&_p=213799366&gcd=11l1l1l1l1&cid=782787863.1698863715&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698863714&sct=1&seg=0&dl=https%3A%2F%2Frimscrmp.rims.org%2FViewEmploymentAffadavit.aspx%3Fk%3DYqKEOdJ9V6GaBe2NalJggWpMS%2BDVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3%2FPIvL6XXiOJk116eUfedXwCD2g5%2Bda1JI2J1zW&dt=RIMS%20-%20Certification%20-%20Employment%20Affadavit&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1303
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MHK8NDVLF3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.16.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bl-in-f102.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 18:35:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rimscrmp.rims.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/989970389/ 3 KB
2 KB 52ms
51ms Script
text/javascript 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/989970389/?random=1698863714853&cv=11&fst=1698863714853&bg=ffffff&guid=ON&async=1&gtm=45je3au1v896791238z8831938435&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Frimscrmp.rims.org%2FViewEmploymentAffadavit.aspx%3Fk%3DYqKEOdJ9V6GaBe2NalJggWpMS%2BDVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3%2FPIvL6XXiOJk116eUfedXwCD2g5%2Bda1JI2J1zW&hn=www.googleadservices.com&frm=0&tiba=RIMS%20-%20Certification%20-%20Employment%20Affadavit&auid=1553337749.1698863715&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9V3Q43T01V&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

cafe /

Resource Hash

d92efb4bcaf8da66b11a06eef171a3c94cdc0cd8726e56135eda582ebd877f75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 18:35:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1442
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
246 B 122ms
45ms Ping
text/plain 172.253.122.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-9V3Q43T01V&gtm=45je3au1v896791238z8831938435&_p=213799366&_gaz=1&gcd=11l1l1l1l1&cid=782787863.1698863715&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=Eg&_s=1&sid=1698863714&sct=1&seg=0&dl=https%3A%2F%2Frimscrmp.rims.org%2FViewEmploymentAffadavit.aspx%3Fk%3DYqKEOdJ9V6GaBe2NalJggWpMS%2BDVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3%2FPIvL6XXiOJk116eUfedXwCD2g5%2Bda1JI2J1zW&dt=RIMS%20-%20Certification%20-%20Employment%20Affadavit&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9V3Q43T01V&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.122.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bh-in-f101.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 18:35:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rimscrmp.rims.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
255 B 123ms
46ms Ping
text/plain 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-9V3Q43T01V&cid=782787863.1698863715&gtm=45je3au1v896791238z8831938435&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9V3Q43T01V&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bg-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 18:35:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rimscrmp.rims.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
45 B 127ms
54ms Ping
text/plain 172.253.122.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-9V3Q43T01V&gtm=45je3au1v896791238&_p=213799366&gcd=11l1l1l1l1&cid=782787863.1698863715&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAg&_s=2&sid=1698863714&sct=1&seg=0&dl=https%3A%2F%2Frimscrmp.rims.org%2FViewEmploymentAffadavit.aspx%3Fk%3DYqKEOdJ9V6GaBe2NalJggWpMS%2BDVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3%2FPIvL6XXiOJk116eUfedXwCD2g5%2Bda1JI2J1zW&dt=RIMS%20-%20Certification%20-%20Employment%20Affadavit&en=rims_marketplace_interests&_c=1&_et=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9V3Q43T01V&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.122.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bh-in-f101.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 18:35:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rimscrmp.rims.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
107 B 129ms
50ms Image
image/gif 172.253.115.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9V3Q43T01V&cid=782787863.1698863715&gtm=45je3au1v896791238z8831938435&aip=1&z=1522975861

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 18:35:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/989970389/ 42 B
455 B 125ms
50ms Image
image/gif 142.251.111.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/989970389/?random=1698863714681&cv=11&fst=1698861600000&bg=ffffff&guid=ON&async=1&gtm=45He3au1v831938435&u_w=1600&u_h=1200&url=https%3A%2F%2Frimscrmp.rims.org%2FViewEmploymentAffadavit.aspx%3Fk%3DYqKEOdJ9V6GaBe2NalJggWpMS%2BDVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3%2FPIvL6XXiOJk116eUfedXwCD2g5%2Bda1JI2J1zW&frm=0&tiba=RIMS%20-%20Certification%20-%20Employment%20Affadavit&fmt=3&is_vtc=1&cid=CAQSGwDICaaNicTcMqd-zvJ1e3nvtHVzbKIq6obfpQ&random=200058977&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f99.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 18:35:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/989970389/ 42 B
455 B 104ms
50ms Image
image/gif 172.253.115.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/989970389/?random=1698863714681&cv=11&fst=1698861600000&bg=ffffff&guid=ON&async=1&gtm=45He3au1v831938435&u_w=1600&u_h=1200&url=https%3A%2F%2Frimscrmp.rims.org%2FViewEmploymentAffadavit.aspx%3Fk%3DYqKEOdJ9V6GaBe2NalJggWpMS%2BDVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3%2FPIvL6XXiOJk116eUfedXwCD2g5%2Bda1JI2J1zW&frm=0&tiba=RIMS%20-%20Certification%20-%20Employment%20Affadavit&fmt=3&is_vtc=1&cid=CAQSGwDICaaNicTcMqd-zvJ1e3nvtHVzbKIq6obfpQ&random=200058977&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 18:35:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 45ms
45ms XHR
text/plain 142.251.16.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=213799366&t=pageview&_s=1&dl=https%3A%2F%2Frimscrmp.rims.org%2FViewEmploymentAffadavit.aspx%3Fk%3DYqKEOdJ9V6GaBe2NalJggWpMS%2BDVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3%2FPIvL6XXiOJk116eUfedXwCD2g5%2Bda1JI2J1zW&ul=en-us&de=UTF-8&dt=RIMS%20-%20Certification%20-%20Employment%20Affadavit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=212926251&gjid=1055740643&cid=782787863.1698863715&tid=UA-231732-1&_gid=1300227880.1698863715&_r=1&_slc=1&gtm=45He3au1n81M956LDRv831938435&gcd=11l1l1l1l1&z=373427484

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rimscrmp.rims.org/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 18:35:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rimscrmp.rims.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
37ms Image
image/gif 142.251.16.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=213799366&t=pageview&_s=1&dl=https%3A%2F%2Frimscrmp.rims.org%2FViewEmploymentAffadavit.aspx%3Fk%3DYqKEOdJ9V6GaBe2NalJggWpMS%2BDVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3%2FPIvL6XXiOJk116eUfedXwCD2g5%2Bda1JI2J1zW&dp=%2FViewEmploymentAffadavit.aspx%3Fk%3DYqKEOdJ9V6GaBe2NalJggWpMS%2BDVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3%2FPIvL6XXiOJk116eUfedXwCD2g5%2Bda1JI2J1zW&ul=en-us&de=UTF-8&dt=RIMS%20-%20Certification%20-%20Employment%20Affadavit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=&gjid=&cid=782787863.1698863715&tid=UA-231732-1&_gid=1300227880.1698863715&gtm=45He3au1n81M956LDRv831938435&gcd=11l1l1l1l1&cd7=k%3DYqKEOdJ9V6GaBe2NalJggWpMS%2BDVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3%2FPIvL6XXiOJk116eUfedXwCD2g5%2Bda1JI2J1zW&z=999971584

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:35:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 82761
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrations Show response
polo.feathr.co/v1/accounts/62d6b83ce8a412b398928dcc/ 31 B
368 B 204ms
44ms XHR
application/json 52.45.71.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://polo.feathr.co/v1/accounts/62d6b83ce8a412b398928dcc/integrations

Requested by

Host: cdn.feathr.co
URL: https://cdn.feathr.co/js/boomerang.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.45.71.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-71-197.compute-1.amazonaws.com

Software

Resource Hash

559382b44a7cb0b397c474fe76532f50b622824e15440784425d1f4a42a991de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:35:15 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
content-length: 31

GET
H2 200 refresh
marco.feathr.co/v1/ 43 B
609 B 183ms
82ms Image
image/gif 13.32.151.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marco.feathr.co/v1/refresh
Requested by: Host: rimscrmp.rims.org
URL: https://rimscrmp.rims.org/ViewEmploymentAffadavit.aspx?k=YqKEOdJ9V6GaBe2NalJggWpMS+DVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3/PIvL6XXiOJk116eUfedXwCD2g5+da1JI2J1zW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.151.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-151-55.iad66.r.cloudfront.net
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:35:15 GMT
via: 1.1 62b5a67033f9ddeb513aca6c5afc317e.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD66-C2
x-amzn-requestid: 1a259879-ffb2-407b-b211-5841de3fa09d
x-amzn-trace-id: Root=1-65429a63-63864c167410b45c071154f4;Sampled=0;lineage=5eb2f403:0
access-control-allow-methods: *
content-type: image/gif
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-apigw-id: Nu0PiGRdIAMEp0A=
content-length: 43
x-amz-cf-id: vAGmMNTsXdTYCkfQoBVUFlv886DtKgRqaWwPVEEcJEmvksIyRdLGoA==
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key

GET
H2 200 468050598241095 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 89ms
88ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/468050598241095?v=2.9.138&r=stable&domain=rimscrmp.rims.org

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

0f1596fb6145dd48b88c6528fdf1ba47ace986324fba290418dd7589f13df39d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 01 Nov 2023 18:35:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: dKlPqJefsJtq9c+aDswXDmh/K/K7BjOLS33U+QUDg9gcvooyZO993CHr3cKHP52lbN4lt6BuSfJU7dnEsIhyHg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 49ms
47ms XHR
text/plain 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-231732-1&cid=782787863.1698863715&jid=212926251&gjid=1055740643&_gid=1300227880.1698863715&_u=YADAAEAAAAAAACAAI~&z=287316295

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rimscrmp.rims.org/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 01 Nov 2023 18:35:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rimscrmp.rims.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 43ms
42ms Script
application/x-javascript 23.43.85.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.43.85.208 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-43-85-208.deploy.static.akamaitechnologies.com

Software

Resource Hash

5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:35:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 15 Oct 2023 08:32:45 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=46630
accept-ranges: bytes
content-length: 3272

GET
H2 200 adsct
t.co/i/ 43 B
376 B 162ms
63ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=3112b574-b168-44e0-9b07-386414c67284&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=cb0c8533-838b-4e97-a5f1-190d8124f6f6&tw_document_href=https%3A%2F%2Frimscrmp.rims.org%2FViewEmploymentAffadavit.aspx%3Fk%3DYqKEOdJ9V6GaBe2NalJggWpMS%2BDVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3%2FPIvL6XXiOJk116eUfedXwCD2g5%2Bda1JI2J1zW&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5qng&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-response-time: 8
date: Wed, 01 Nov 2023 18:35:14 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 6837c2235571350a
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: ac93ee8a590065a988d2da129e2df01676e9171a97510f6d37cf005037dc843f
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
396 B 224ms
122ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=3112b574-b168-44e0-9b07-386414c67284&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=cb0c8533-838b-4e97-a5f1-190d8124f6f6&tw_document_href=https%3A%2F%2Frimscrmp.rims.org%2FViewEmploymentAffadavit.aspx%3Fk%3DYqKEOdJ9V6GaBe2NalJggWpMS%2BDVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3%2FPIvL6XXiOJk116eUfedXwCD2g5%2Bda1JI2J1zW&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5qng&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-response-time: 74
date: Wed, 01 Nov 2023 18:35:14 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 0a2a8da5094c97d8
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: aa0526f7a8a9be2493d1786fd31ce96da5f9d3ff19ae68cb4b0400f090813738
content-length: 43

GET
H2 200 adsct
t.co/i/ 43 B
204 B 233ms
134ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=336d8098-6553-4870-b487-1525c1f26fcc&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=cb0c8533-838b-4e97-a5f1-190d8124f6f6&tw_document_href=https%3A%2F%2Frimscrmp.rims.org%2FViewEmploymentAffadavit.aspx%3Fk%3DYqKEOdJ9V6GaBe2NalJggWpMS%2BDVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3%2FPIvL6XXiOJk116eUfedXwCD2g5%2Bda1JI2J1zW&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5qng&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-response-time: 80
date: Wed, 01 Nov 2023 18:35:14 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 1ff471e194477031
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: ac93ee8a590065a988d2da129e2df01676e9171a97510f6d37cf005037dc843f
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
215 B 236ms
135ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=336d8098-6553-4870-b487-1525c1f26fcc&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=cb0c8533-838b-4e97-a5f1-190d8124f6f6&tw_document_href=https%3A%2F%2Frimscrmp.rims.org%2FViewEmploymentAffadavit.aspx%3Fk%3DYqKEOdJ9V6GaBe2NalJggWpMS%2BDVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3%2FPIvL6XXiOJk116eUfedXwCD2g5%2Bda1JI2J1zW&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5qng&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-response-time: 87
date: Wed, 01 Nov 2023 18:35:14 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 31b9a6e26d6d0560
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: aa0526f7a8a9be2493d1786fd31ce96da5f9d3ff19ae68cb4b0400f090813738
content-length: 43

GET
H2 200 api.min.css
a.omappapi.com/app/js/ 10 KB
3 KB 37ms
37ms Stylesheet
text/css 37.19.207.34
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.css
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 37-19-207-34.bunnyinfra.net
Software: BunnyCDN-ASB1-925 /
Resource Hash: 9c80b2722f72540a8210e5f5a4c46a118422c79608489a796a0af3e204db45f2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:35:15 GMT
content-encoding: br
cdn-edgestorageid: 925
perma-cache: HIT
cdn-storageserver: NY-268
cdn-cachedat: 11/01/2023 17:14:11
cdn-pullzone: 293267
last-modified: Wed, 25 Oct 2023 17:46:53 GMT
server: BunnyCDN-ASB1-925
cdn-fileserver: 622
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"6539548d-2644"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 6b756cb024d6c6aa9a173e2db72045f8
cdn-requestcountrycode: CA
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 119466 Show response
api.omappapi.com/v2/embed/ 227 B
826 B 108ms
34ms XHR
application/json 18.160.18.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/119466?d=rimscrmp.rims.org
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.18.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-18-24.iad12.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: 5aa4142a40b5a1e0cdee8d5416c145c0e3d8b785254a566b5393069dcd2e0de8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:35:15 GMT
via: 1.1 853942afcee145910ece677317fb7b3c.cloudfront.net (CloudFront)
x-cache-config: 0 0
x-amz-cf-pop: IAD12-P4
x-cache-status: HIT
x-cache: Miss from cloudfront
content-length: 227
x-optinmonster-account: 131620
x-user-agent: standard--
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Pagely Gateway/1.5.1
etag: "b91e5dc54e033e761837b7b846da520f"
vary: Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: X-OptinMonster-Account, X-User-Agent
cache-control: public, max-age=30, stale-while-revalidate=1800
access-control-allow-headers: X-CSRF-Token
x-amz-cf-id: -6z_gKn6tOz9AKGwKFlVUEmXmx35FerrF6puUOH-OenzOT7nEQ5jNw==
expires: Wed, 01 Nov 2023 18:08:10 GMT

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame C16F
Redirect Chain

https://dpm.demdex.net/ibs:dpid=82530&dpuuid=be3f7fc0-d32f-4662-bc1c-e02df9cc4b95-65429a62-5341&gdpr=0&gdpr_consent=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=be3f7fc0-d32f-4662-bc1c-e02df9cc4b95-65429a62-5341&gdpr=0&gdpr_consent=

42 B
940 B

44ms
44ms

Image
image/gif

52.2.54.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=be3f7fc0-d32f-4662-bc1c-e02df9cc4b95-65429a62-5341&gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

52.2.54.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-2-54-142.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pixel.sitescout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v052-05ed3be68.edge-va6.demdex.com 6 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: r4ebD0aOQh4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-va6-2-v052-087b1f1b9.edge-va6.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: yWD+BuayTEk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=be3f7fc0-d32f-4662-bc1c-e02df9cc4b95-65429a62-5341&gdpr=0&gdpr_consent=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame C16F
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2499&partner_device_id=be3f7fc0-d32f-4662-bc1c-e02df9cc4b95-65429a62-5341
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=be3f7fc0-d32f-4662-bc1c-e02df9cc4b95-65429a62-5341

95 B
437 B

56ms
55ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=be3f7fc0-d32f-4662-bc1c-e02df9cc4b95-65429a62-5341

Requested by

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pixel.sitescout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:35:15 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Wed, 01 Nov 2023 18:35:15 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=be3f7fc0-d32f-4662-bc1c-e02df9cc4b95-65429a62-5341
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

pixel.gif
load77.exelator.com/ Frame C16F
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=700&j=0&buid=be3f7fc0-d32f-4662-bc1c-e02df9cc4b95-65429a62-5341&gdpr=0&gdpr_consent=
https://loadm.exelator.com/load/?p=204&g=700&j=0&buid=be3f7fc0-d32f-4662-bc1c-e02df9cc4b95-65429a62-5341&gdpr=0&gdpr_consent=&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
385 B

126ms
46ms

Image
image/gif

37.19.206.5
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Protocol: H2
Server: 37.19.206.5 Ashburn, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 476000398.ash.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pixel.sitescout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-77-pop: ashburnUSVA
date: Wed, 01 Nov 2023 18:35:16 GMT
x-age-lb: 128423
x-77-cache: HIT
x-accel-date: 1698735293
content-length: 43
x-77-nzt: ASUTzgQ3Nzf/p/UBAA
x-accel-expires: @1699772093
x-77-age: 128423
x-cache-lb: HIT
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
etag: "59f0c3fc-2b"
x-77-nzt-ray: 8e305f1c8b1f0e56649a426519e9d301
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes

Redirect headers

date: Wed, 01 Nov 2023 18:35:15 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame C16F 170 B
409 B 126ms
48ms Image
image/png 172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=vj9_wNMvRmK8HOAt-cxLlWVCmmI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pixel.sitescout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 18:35:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame C16F
Redirect Chain

https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=be3f7fc0-d32f-4662-bc1c-e02df9cc4b95-65429a62-5341&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=be3f7fc0-d32f-4662-bc1c-e02df9cc4b95-65429a62-5341&gdpr=0&gdpr_consent=&ct=y

49 B
738 B

59ms
59ms

Image
image/gif

18.215.35.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=be3f7fc0-d32f-4662-bc1c-e02df9cc4b95-65429a62-5341&gdpr=0&gdpr_consent=&ct=y
Requested by: Host: rimscrmp.rims.org
URL: https://rimscrmp.rims.org/ViewEmploymentAffadavit.aspx?k=YqKEOdJ9V6GaBe2NalJggWpMS+DVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3/PIvL6XXiOJk116eUfedXwCD2g5+da1JI2J1zW
Protocol: H2
Server: 18.215.35.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-215-35-44.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pixel.sitescout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 18:35:15 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.8.91
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 01 Nov 2023 18:35:15 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=be3f7fc0-d32f-4662-bc1c-e02df9cc4b95-65429a62-5341&gdpr=0&gdpr_consent=&ct=y
cache-control: no-cache
x-server: 10.40.13.94
content-length: 0
expires: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/989970389/ 42 B
108 B 57ms
56ms Image
image/gif 142.251.111.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/989970389/?random=1698863714853&cv=11&fst=1698861600000&bg=ffffff&guid=ON&async=1&gtm=45je3au1v896791238z8831938435&u_w=1600&u_h=1200&url=https%3A%2F%2Frimscrmp.rims.org%2FViewEmploymentAffadavit.aspx%3Fk%3DYqKEOdJ9V6GaBe2NalJggWpMS%2BDVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3%2FPIvL6XXiOJk116eUfedXwCD2g5%2Bda1JI2J1zW&frm=0&tiba=RIMS%20-%20Certification%20-%20Employment%20Affadavit&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNxH9Vtgvizk4x8xVlR0m4J0YKEPMxyoyiKQ4UIpqNnzq_BlNf&random=962933601&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f99.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 18:35:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/989970389/ 42 B
108 B 56ms
55ms Image
image/gif 172.253.115.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/989970389/?random=1698863714853&cv=11&fst=1698861600000&bg=ffffff&guid=ON&async=1&gtm=45je3au1v896791238z8831938435&u_w=1600&u_h=1200&url=https%3A%2F%2Frimscrmp.rims.org%2FViewEmploymentAffadavit.aspx%3Fk%3DYqKEOdJ9V6GaBe2NalJggWpMS%2BDVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3%2FPIvL6XXiOJk116eUfedXwCD2g5%2Bda1JI2J1zW&frm=0&tiba=RIMS%20-%20Certification%20-%20Employment%20Affadavit&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNxH9Vtgvizk4x8xVlR0m4J0YKEPMxyoyiKQ4UIpqNnzq_BlNf&random=962933601&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 18:35:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK visit-page Show response
tracking.magnetmail.net/rbmkoDOX8EmCdoWr7O9IoQ/ 0
757 B 38ms
38ms Script
application/javascript 205.201.46.12
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.magnetmail.net/rbmkoDOX8EmCdoWr7O9IoQ/visit-page?_=1698863715033
Requested by: Host: tracking.magnetmail.net
URL: https://tracking.magnetmail.net/MagnetLeads.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 205.201.46.12 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: mail.46.12.mmsend.com
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Nov 2023 18:35:14 GMT
X-mID: 2395
Server: Microsoft-IIS/8.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Origin
Access-Control-Allow-Methods: GET,POST
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Content-Length: 0
Expires: -1

GET
H2 204 17554895.js Show response
bat.bing.com/p/action/ 0
117 B 49ms
49ms Script
text/plain 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/17554895.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 01 Nov 2023 18:35:14 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CB1ECE0249934B51B77153A1E30441B2 Ref B: YTO01EDGE0717 Ref C: 2023-11-01T18:35:15Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
361 B 106ms
106ms Image
text/plain 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=17554895&tm=gtm002&Ver=2&mid=0e369097-db88-4ef7-8654-4e6abe86f165&sid=6612614078e511ee8d7703282d9c91b4&vid=66127d3078e511eeb7fc779d3697810f&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=RIMS%20-%20Certification%20-%20Employment%20Affadavit&p=https%3A%2F%2Frimscrmp.rims.org%2FViewEmploymentAffadavit.aspx%3Fk%3DYqKEOdJ9V6GaBe2NalJggWpMS%2BDVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3%2FPIvL6XXiOJk116eUfedXwCD2g5%2Bda1JI2J1zW&r=&lt=1266&evt=pageLoad&sv=1&rn=322020

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 01 Nov 2023 18:35:14 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EA3A00CA75384281808CEC1627F74E8D Ref B: YTO01EDGE0717 Ref C: 2023-11-01T18:35:15Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4158529%2C4764034&time=1698863715056&url=https%3A%2F%2Frimscrmp.rims.org%2FViewEmploymentAffadavit.aspx%3Fk%3DYqKEOdJ9V6GaBe2NalJggWpMS%2BDVo5dIPq...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4158529%2C4764034&time=1698863715056&url=https%3A%2F%2Frimscrmp.rims.org%2FViewEmploymentAffadavit.aspx%3Fk%3DYqKEOdJ9V6GaBe2NalJggWpMS%2BDVo5dIPq...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4158529%252C4764034%26time%3D1698863715056%26url%3Dhttps%253A%252F%252Frimscrmp.r...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4158529%2C4764034&time=1698863715056&url=https%3A%2F%2Frimscrmp.rims.org%2FViewEmploymentAffadavit.aspx%3Fk%3DYqKEOdJ9V6GaBe2NalJggWpMS%2BDVo5dIPq...

0
399 B

124ms
123ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4158529%2C4764034&time=1698863715056&url=https%3A%2F%2Frimscrmp.rims.org%2FViewEmploymentAffadavit.aspx%3Fk%3DYqKEOdJ9V6GaBe2NalJggWpMS%2BDVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3%2FPIvL6XXiOJk116eUfedXwCD2g5%2Bda1JI2J1zW&cookiesTest=true&liSync=true
Requested by: Host: rimscrmp.rims.org
URL: https://rimscrmp.rims.org/ViewEmploymentAffadavit.aspx?k=YqKEOdJ9V6GaBe2NalJggWpMS+DVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3/PIvL6XXiOJk116eUfedXwCD2g5+da1JI2J1zW
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:35:15 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 6F799B71C694410485169EBD1C39916C Ref B: YTO01EDGE0512 Ref C: 2023-11-01T18:35:15Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYJG4hJVj65+0iCSqgThg==

Redirect headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com cdn.linkedin.oribi.io dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.microsoft.com *.adnxs.com; script-src 'report-sample' 'sha256-SSoodjUD3LGm2FfFCVHGqEb8D4UM3OOigidT2UKDcYg=' 'sha256-cKTgdnmO6+hXd85a9wKg1effVfVzenUAtUCyOKY9bQE=' 'sha256-DwtT8+ZZKpxH9pqZNAmJ3GdbLAh5SsYaXR3omTXPCns=' 'sha256-sV9jZa797T0QWBzcU/CNd4tpBhTnh+TFdLnfjlitl28=' 'sha256-aa/Q8CRBDSqTQbCIyioPhZaz+G+dbPyu7BzsjInEmiU=' 'sha256-THuVhwbXPeTR0HszASqMOnIyxqEgvGyBwSPBKBF/iMc=' 'sha256-zTIusdVJJeXz9+iox2a+pdDglzbpRpFVRzEwvW4AONk=' 'sha256-iC8MPqNLw0FDnsBf4DlSkFLNTwhkI85aouiAEB819ic=' 'sha256-2EqrEvcPzl8c6/TSGVvaVMEe7lg700MAz/te4/3kTYY=' 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-3RIGhhApBii1KY+aW1xk7kFyoQY8vSVE5DfT7E9SJUc=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q=' 'sha256-vIfNcKb8ixJg1cfJIoNNYjWcm0lezj1/XpUNFiZyVsU=' 'sha256-cLsHUHFgT/VGX04cZrJ9xgm4HbzTR7ptutkxK+7BlMk=' 'sha256-BwU8jMnQYUhjOpsDVABpfddV/DlP1ZYrFcTumYw7x54=' 'sha256-wz6ika9i3WU3bpUPdhYDZeO/NrDQniDyiscN0LWnyaY=' 'sha256-wy4DvlEW9PHPIGvQJW6Wv4woBSa/0LJHs8LHsBVVXCs=' 'sha256-065A0cJTDQ+hyKvufSL/flW02hIbgLndOINLRWux6To=' 'sha256-Ga5SLB8hPdWUE8Wb6LgZ05D9Z5vrdLAaPbDBW2m3BI8=' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com snap.licdn.com; img-src data: blob: * android-webview-video-poster:; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src 'self' *.licdn.com *.lynda.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' www.youtube.com/embed/ www.youtube-nocookie.com/embed/ lnkd.demdex.net smartlock.google.com accounts.google.com player.vimeo.com *.linkedin.com www.slideshare.net *.megaphone.fm *.omny.fm *.sounder.fm msit.powerbi.com app.powerbi.com linkedin.github.io *.licdn.com *.adnxs.com acdn.adnxs-simple.com radar.cedexis.com; frame-ancestors 'self' *.www.linkedin.com:*; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=default
x-content-type-options: nosniff
date: Wed, 01 Nov 2023 18:35:14 GMT
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAYJG4hHXyf5HvmC5S7Bpg==
pragma: no-cache
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 46E7FBD0224342D0AFFDB09FED9AB4D2 Ref B: YTO01EDGE0512 Ref C: 2023-11-01T18:35:15Z
x-frame-options: sameorigin
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4158529%2C4764034&time=1698863715056&url=https%3A%2F%2Frimscrmp.rims.org%2FViewEmploymentAffadavit.aspx%3Fk%3DYqKEOdJ9V6GaBe2NalJggWpMS%2BDVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3%2FPIvL6XXiOJk116eUfedXwCD2g5%2Bda1JI2J1zW&cookiesTest=true&liSync=true
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 50ms
50ms Image
image/gif 142.251.111.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-231732-1&cid=782787863.1698863715&jid=212926251&_u=YADAAEAAAAAAACAAI~&z=447051883

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f99.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 18:35:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
107 B 49ms
49ms Image
image/gif 172.253.115.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-231732-1&cid=782787863.1698863715&jid=212926251&_u=YADAAEAAAAAAACAAI~&z=447051883

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 18:35:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 201ms
67ms Image
text/plain 157.240.244.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=468050598241095&ev=PageView&dl=https%3A%2F%2Frimscrmp.rims.org%2FViewEmploymentAffadavit.aspx%3Fk%3DYqKEOdJ9V6GaBe2NalJggWpMS%2BDVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3%2FPIvL6XXiOJk116eUfedXwCD2g5%2Bda1JI2J1zW&rl=&if=false&ts=1698863715101&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1698863715099.1454415048&ler=empty&it=1698863714990&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.244.35 Apodaca, Mexico, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-mty2.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 01 Nov 2023 18:35:15 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 5.c3191d3c.min.js Show response
a.omappapi.com/app/js/ 16 KB
6 KB 37ms
37ms Script
application/javascript 37.19.207.34
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/5.c3191d3c.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 37-19-207-34.bunnyinfra.net
Software: BunnyCDN-ASB1-925 /
Resource Hash: 745b79544835c8ee16198c039bdde0b6ec42333c0f830df5770bd4dcd60a6ac6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:35:15 GMT
content-encoding: br
cdn-edgestorageid: 925
perma-cache: HIT
cdn-storageserver: NY-427
cdn-cachedat: 11/01/2023 17:06:26
cdn-pullzone: 293267
last-modified: Wed, 25 Oct 2023 17:46:02 GMT
server: BunnyCDN-ASB1-925
cdn-fileserver: 622
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"6539545a-4146"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 216b2039dbc00f6a7c635b4edcbab4b6
cdn-requestcountrycode: CA
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 script.js Show response
polo.feathr.co/v1/analytics/match/ 290 B
680 B 137ms
49ms Script
text/javascript 52.45.71.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://polo.feathr.co/v1/analytics/match/script.js?pk=feathr&cb=1698863715182

Requested by

Host: cdn.feathr.co
URL: https://cdn.feathr.co/js/boomerang.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.45.71.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-71-197.compute-1.amazonaws.com

Software

Resource Hash

a8da9223914500e0f702b414f459588081cd5dd9283614aa9a307895f03d3afc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:35:15 GMT
strict-transport-security: max-age=15724800; includeSubDomains
etag: "65429a635c15d90008d6cb54"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: no-cache, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
content-length: 290

GET
H2 200 pixel.js Show response
polo.feathr.co/v1/accounts/62d6b83ce8a412b398928dcc/ 32 B
402 B 140ms
53ms Script
text/javascript 52.45.71.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://polo.feathr.co/v1/accounts/62d6b83ce8a412b398928dcc/pixel.js?pk=feathr

Requested by

Host: cdn.feathr.co
URL: https://cdn.feathr.co/js/boomerang.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.45.71.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-71-197.compute-1.amazonaws.com

Software

Resource Hash

eacfa4f711eaca1336ff82619c8a2d310dec11266d594fbc7e5a91259cebf848

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:35:15 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=14400
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
content-length: 32

GET
H2

200

match
polo-v1.feathr.co/v1/analytics/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=65429a635c15d90008d6cb54&gdpr=0
https://match.adsrvr.org/track/cmb/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=65429a635c15d90008d6cb54&gdpr=0
https://polo-v1.feathr.co/v1/analytics/match?f_id=65429a635c15d90008d6cb54&ttd_id=90a4d968-318b-40b9-bae6-3205fc0cf7fa

43 B
407 B

60ms
55ms

Image
image/gif

52.45.71.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://polo-v1.feathr.co/v1/analytics/match?f_id=65429a635c15d90008d6cb54&ttd_id=90a4d968-318b-40b9-bae6-3205fc0cf7fa

Requested by

Protocol

Server

52.45.71.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-71-197.compute-1.amazonaws.com

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:35:15 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0,no-cache,no-store
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
content-length: 43

Redirect headers

location: https://polo-v1.feathr.co/v1/analytics/match?f_id=65429a635c15d90008d6cb54&ttd_id=90a4d968-318b-40b9-bae6-3205fc0cf7fa
date: Wed, 01 Nov 2023 18:35:15 GMT
server: Kestrel
content-length: 267

GET
H2 200 script.js Show response
polo.feathr.co/v1/analytics/match/ 207 B
596 B 48ms
48ms Script
text/javascript 52.45.71.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://polo.feathr.co/v1/analytics/match/script.js?pk=feathr&cb=1698863715601

Requested by

Host: cdn.feathr.co
URL: https://cdn.feathr.co/js/boomerang.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.45.71.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-71-197.compute-1.amazonaws.com

Software

Resource Hash

6e6e83bc8076b4f72594250ade9241271f7687021fcc5b5241a9916799526a51

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:35:15 GMT
strict-transport-security: max-age=15724800; includeSubDomains
etag: "65429a635c15d90008d6cb54"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: no-cache, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
content-length: 207

GET
H2 200 crumb
polo.feathr.co/v1/analytics/ 43 B
504 B 55ms
55ms Image
image/gif 52.45.71.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://polo.feathr.co/v1/analytics/crumb?cb=1698863715653&a_id=62d6b83ce8a412b398928dcc&f_id=65429a635c15d90008d6cb54&ses_id=65429a62f707b369a556007e&ttd_id=90a4d968-318b-40b9-bae6-3205fc0cf7fa&flvr=page_view&loc_url=https%3A%2F%2Frimscrmp.rims.org%2FViewEmploymentAffadavit.aspx%3Fk%3DYqKEOdJ9V6GaBe2NalJggWpMS%2BDVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3%2FPIvL6XXiOJk116eUfedXwCD2g5%2Bda1JI2J1zW&s_w=1600&s_h=1200&b_w=1600&b_h=1200&cust_params=e30=

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.45.71.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-71-197.compute-1.amazonaws.com

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:35:15 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0,no-cache,no-store
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
content-length: 43

POST
H/1.1 200
OK ViewEmploymentAffadavit.aspx Show response
rimscrmp.rims.org/ 1 KB
675 B 81ms
80ms XHR
text/plain 38.98.118.166
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://rimscrmp.rims.org/ViewEmploymentAffadavit.aspx?k=YqKEOdJ9V6GaBe2NalJggWpMS+DVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3%2fPIvL6XXiOJk116eUfedXwCD2g5+da1JI2J1zW
Requested by: Host: rimscrmp.rims.org
URL: https://rimscrmp.rims.org/WebResource.axd?d=a4YItg8X0l58_tL9zksrIEjbLYocHuShSPok_VG5l0N4cYVtZzjKK0jF9wzU0NaF5sxu1A5h1cB82BFv5zkDqGBhwGebCBBjLf4SBdBHW_81&t=637814473746327080
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 38.98.118.166 Old Westbury, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 6ed1f423e04b167b81ac491b80fe4c10b60c77c600e3fd5a1abc64a2d151c0f5

Request headers

Referer: https://rimscrmp.rims.org/ViewEmploymentAffadavit.aspx?k=YqKEOdJ9V6GaBe2NalJggWpMS+DVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3/PIvL6XXiOJk116eUfedXwCD2g5+da1JI2J1zW
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 01 Nov 2023 18:35:15 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/plain; charset=utf-8
Cache-Control: no-cache, no-store
Content-Length: 388
Expires: -1

GET
H/1.1 200
OK DXR.axd
rimscrmp.rims.org/ 17 KB
17 KB 40ms
39ms Image
image/png 38.98.118.166
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rimscrmp.rims.org/DXR.axd?r=0_2281-es45g
Requested by: Host: rimscrmp.rims.org
URL: https://rimscrmp.rims.org/DXR.axd?r=0_2280,1_33,1_35,0_2282-es45g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 38.98.118.166 Old Westbury, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 78d5f2fcadbc8a4c06faaf2461ccb749d11ef6a942d3faf66235514f3b9fd9be

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/DXR.axd?r=0_2280,1_33,1_35,0_2282-es45g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 18:35:15 GMT
Last-Modified: Wed, 10 Jan 2018 21:21:05 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: public, max-age=31536000
Content-Length: 16919
Expires: Thu, 10 Jan 2019 21:21:05 GMT

GET
H/1.1 200
OK DXR.axd
rimscrmp.rims.org/ 234 KB
31 KB 51ms
50ms Stylesheet
text/css 38.98.118.166
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://rimscrmp.rims.org/DXR.axd?r=0_2280,1_33,1_35,0_2282-es45g
Requested by: Host: rimscrmp.rims.org
URL: https://rimscrmp.rims.org/DXR.axd?r=1_230,1_134,1_223,1_168,1_131,1_215,1_213-ds45g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 38.98.118.166 Old Westbury, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 675924d8477789a008090280f57271eb72b211849ea2af9b0c9500fd22af9eaa

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/ViewEmploymentAffadavit.aspx?k=YqKEOdJ9V6GaBe2NalJggWpMS+DVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3/PIvL6XXiOJk116eUfedXwCD2g5+da1JI2J1zW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 18:35:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Jan 2018 21:21:05 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: text/css
Cache-Control: public, max-age=31536000
Content-Length: 31406
Expires: Thu, 10 Jan 2019 21:21:05 GMT

POST
H2 200 Membership%20Application Show response
api.dec.sitefinity.com/collect/v1/data-centers/0d7980fb-8b9c-21ed-c8ef-f18ea874d13e/sentences/datasource/ 1 B
159 B 38ms
38ms XHR
application/json 23.101.166.71

General

Check archive.org

Show headers Download Go to

Full URL: https://api.dec.sitefinity.com/collect/v1/data-centers/0d7980fb-8b9c-21ed-c8ef-f18ea874d13e/sentences/datasource/Membership%20Application
Requested by: Host: dec.azureedge.net
URL: https://dec.azureedge.net/sdk/telerik-dec-client.min.1.0.0.142.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.101.166.71 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / Express
Resource Hash: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Referer: https://rimscrmp.rims.org/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 01 Nov 2023 18:35:19 GMT
server: Microsoft-IIS/10.0
etag: W/"1-NWoZK3kTsExUV00Ywo1G5jlUKKs"
x-powered-by: Express
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Content-Length, X-Requested-With, Authorization, x-dataintelligence-accountkey, x-dataintelligence-datacenterkey, x-dataintelligence-datasource, x-dataintelligence-sort, x-dataintelligence-skip, x-dataintelligence-take, x-dataintelligence-fields, x-dataintelligence-count, x-dataintelligence-filterby, x-dataintelligence-filter, x-dataintelligence-contains, x-dataintelligence-nextrowkey, x-dataintelligence-flush, x-dataintelligence-fromdate, x-dataintelligence-todate, x-dataintelligence-period, x-dataintelligence-scale, x-dataintelligence-predicate, x-dataintelligence-subject, x-dataintelligence-ids, x-dataintelligence-datasources, x-dataintelligence-imagecrop, x-dataintelligence-contacts, x-forwarded-for, x-dataintelligence-sdk-version, x-dataintelligence-clientid, x-dataintelligence-campaignids, x-dataintelligence-userid, x-dataintelligence-errorid, x-dataintelligence-correlationid
content-length: 1
request-context: appId=cid-v1:a33f2e3a-ec15-4d53-8ac6-897af884626b

OPTIONS
H2 200 Membership%20Application
api.dec.sitefinity.com/collect/v1/data-centers/0d7980fb-8b9c-21ed-c8ef-f18ea874d13e/sentences/datasource/ Frame 0
0 164ms
36ms Preflight 23.101.166.71

General

Check archive.org

Show headers Download Go to

Full URL: https://api.dec.sitefinity.com/collect/v1/data-centers/0d7980fb-8b9c-21ed-c8ef-f18ea874d13e/sentences/datasource/Membership%20Application
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.101.166.71 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://rimscrmp.rims.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Content-Length, X-Requested-With, Authorization, x-dataintelligence-accountkey, x-dataintelligence-datacenterkey, x-dataintelligence-datasource, x-dataintelligence-sort, x-dataintelligence-skip, x-dataintelligence-take, x-dataintelligence-fields, x-dataintelligence-count, x-dataintelligence-filterby, x-dataintelligence-filter, x-dataintelligence-contains, x-dataintelligence-nextrowkey, x-dataintelligence-flush, x-dataintelligence-fromdate, x-dataintelligence-todate, x-dataintelligence-period, x-dataintelligence-scale, x-dataintelligence-predicate, x-dataintelligence-subject, x-dataintelligence-ids, x-dataintelligence-datasources, x-dataintelligence-imagecrop, x-dataintelligence-contacts, x-forwarded-for, x-dataintelligence-sdk-version, x-dataintelligence-clientid, x-dataintelligence-campaignids, x-dataintelligence-userid, x-dataintelligence-errorid, x-dataintelligence-correlationid
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin: *
content-length: 0
date: Wed, 01 Nov 2023 18:35:19 GMT
server: Microsoft-IIS/10.0

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 45ms
45ms Ping
text/plain 142.251.16.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-MHK8NDVLF3&gtm=45je3au1v896806147&_p=213799366&gcd=11l1l1l1l1&cid=782787863.1698863715&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1698863714&sct=1&seg=0&dl=https%3A%2F%2Frimscrmp.rims.org%2FViewEmploymentAffadavit.aspx%3Fk%3DYqKEOdJ9V6GaBe2NalJggWpMS%2BDVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3%2FPIvL6XXiOJk116eUfedXwCD2g5%2Bda1JI2J1zW&dt=RIMS%20-%20Certification%20-%20Employment%20Affadavit&en=scroll&epn.percent_scrolled=90&_et=5&tfd=6311
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MHK8NDVLF3&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.16.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bl-in-f102.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 18:35:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rimscrmp.rims.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 46ms
45ms Ping
text/plain 172.253.122.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-9V3Q43T01V&gtm=45je3au1v896791238&_p=213799366&gcd=11l1l1l1l1&cid=782787863.1698863715&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEA&_s=3&sid=1698863714&sct=1&seg=0&dl=https%3A%2F%2Frimscrmp.rims.org%2FViewEmploymentAffadavit.aspx%3Fk%3DYqKEOdJ9V6GaBe2NalJggWpMS%2BDVo5dIPq6sGVPIDeGszoEqPXA8ztu3yjBJr29MUoDVTTrjHdlJ2elgySJKxjLMP3%2FPIvL6XXiOJk116eUfedXwCD2g5%2Bda1JI2J1zW&dt=RIMS%20-%20Certification%20-%20Employment%20Affadavit&en=scroll&epn.percent_scrolled=90&_et=11
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9V3Q43T01V&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.122.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bh-in-f101.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rimscrmp.rims.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 18:35:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rimscrmp.rims.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

132 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

43 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
rimscrmp.rims.org/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 2fjrdrz2qj45jxw2yektegpa
.rims.org/	1970-01-20 18:03:59	Name: _gcl_au Value: 1.1.1553337749.1698863715
rimscrmp.rims.org/	1970-01-21 00:39:59	Name: sf-data-intell-subject Value: 258a47ad-1020-4319-bf8b-333ca2044b4a
.sitescout.com/	1970-01-21 00:39:59	Name: ssi Value: be3f7fc0-d32f-4662-bc1c-e02df9cc4b95#1698863714789
.rims.org/	1970-01-21 01:30:23	Name: _ga_MHK8NDVLF3 Value: GS1.1.1698863714.1.0.1698863714.0.0.0
.sitescout.com/	1970-01-20 16:37:35	Name: _ssuma Value: eyIyIjoxNjk4ODYzNzE0ODMxLCI2OCI6MTY5ODg2MzcxNDgzMSwiNCI6MTY5ODg2MzcxNDgzMSwiMzkiOjE2OTg4NjM3MTQ4MzEsIjciOjE2OTg4NjM3MTQ4MzF9
.rims.org/	1970-01-21 01:30:23	Name: _ga_9V3Q43T01V Value: GS1.1.1698863714.1.0.1698863714.60.0.0
.rims.org/	1970-01-21 01:30:23	Name: _ga Value: GA1.2.782787863.1698863715
.doubleclick.net/	1970-01-21 01:30:23	Name: IDE Value: AHWqTUnjc81hUOw_tXUXhd2GD9hOhEPUa6FKwrohZR3G9vt8LnI-fvnzp11aQ3Gd
.rims.org/	1970-01-20 15:55:50	Name: _gid Value: GA1.2.1300227880.1698863715
.rims.org/	1970-01-20 15:54:23	Name: _gat_UA-231732-1 Value: 1
.magnetmail.net/	1970-01-20 17:21:14	Name: _rm_tk Value: RnMpw0LGuZU
.magnetmail.net/	1969-12-31 23:59:59	Name: _rm_ts Value: RnMpw0LGuZU
.rimscrmp.rims.org/	1970-01-20 15:54:27	Name: feathr_session_id Value: 65429a62f707b369a556007e
rimscrmp.rims.org/	1970-01-21 01:30:23	Name: _omappvp Value: HxJoJic4cK3gZwC3aCKhseC2vA6mrNeQgUDkBtsU1OD3V7EoKMBG2LNkORYy4rmR541LLHOGdVX3ydw9j17PKzkiAzhKLUgg
rimscrmp.rims.org/	1970-01-20 15:54:24	Name: _omappvs Value: 1698863715025
.rims.org/	1970-01-20 15:55:50	Name: _uetsid Value: 6612614078e511ee8d7703282d9c91b4
.rims.org/	1970-01-21 01:15:59	Name: _uetvid Value: 66127d3078e511eeb7fc779d3697810f
.rims.org/	1970-01-20 18:03:59	Name: _fbp Value: fb.1.1698863715099.1454415048
.tapad.com/	1970-01-20 17:20:47	Name: TapAd_TS Value: 1698863715103
.tapad.com/	1970-01-20 17:20:47	Name: TapAd_DID Value: 079916af-ea23-4b7e-9c39-8cf34f0c38e9
.bing.com/	1970-01-21 01:15:59	Name: MUID Value: 17EAEB90A8FF60EB2CDEF82CA95561B3
.bat.bing.com/	1970-01-20 16:04:28	Name: MR Value: 0
.feathr.co/	1970-01-21 00:39:59	Name: f_id Value: 65429a635c15d90008d6cb54
.tapad.com/	1970-01-20 17:20:47	Name: TapAd_3WAY_SYNCS Value:
.demdex.net/	1970-01-20 20:13:35	Name: demdex Value: 46242801205488065980809812142161648406
.dpm.demdex.net/	1970-01-20 20:13:35	Name: dpm Value: 46242801205488065980809812142161648406
.crwdcntrl.net/	1970-01-20 22:23:10	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 22:23:10	Name: _cc_id Value: cb85b3a09718282cd4141372b0668311
.crwdcntrl.net/	1970-01-20 22:23:11	Name: _cc_cc Value: "ACZ4XmNQSE6yME0yTjSwNDe0MLIwSk4xMTQxNDY3SjIwM7MwNjRkAIJUp1nJIBoKADjRCYo%3D"
.crwdcntrl.net/	1970-01-20 22:23:11	Name: _cc_aud Value: "ABR4XmNgYGBIdZqVDKSgAAAUawGl"
.linkedin.com/	1970-01-20 18:03:59	Name: li_sugr Value: d743f157-064f-4065-8808-f64541bc63fc
.linkedin.com/	1970-01-21 00:39:59	Name: bcookie Value: "v=2&1cab65fa-8ff2-4903-88be-779568b699fb"
.linkedin.com/	1970-01-20 15:55:50	Name: lidc Value: "b=OGST05:s=O:r=O:a=O:p=O:g=2875:u=1:x=1:i=1698863715:t=1698950115:v=2:sig=AQF_zzMBrEs4O_9Qt-xpQxaZZ-32ASZB"
.t.co/	1970-01-21 01:30:23	Name: muc_ads Value: c191e57b-a1a3-438e-bdfa-799afb6096c7
.twitter.com/	1970-01-21 01:30:23	Name: personalization_id Value: "v1_QHn8ivy5okUtM3weiujJdQ=="
.linkedin.com/	1970-01-20 16:37:35	Name: UserMatchHistory Value: AQJoh5L6mQ8LFgAAAYuMKxPg9AVh7KFR0QbuFXqpentPQA3uXLinfIgJOU0yqU2yWz7j4FKW7TXg3Q
.linkedin.com/	1970-01-20 16:37:35	Name: AnalyticsSyncHistory Value: AQK6ivW0u9kcAwAAAYuMKxPgbhnj6AvOgerHk9dubtz-oHgVd74qjYOMPNXL-kJndPxJHVt5mhKSl3yxv4WGWg
.adsrvr.org/	1970-01-21 00:41:26	Name: TDID Value: 90a4d968-318b-40b9-bae6-3205fc0cf7fa
.www.linkedin.com/	1970-01-21 00:39:59	Name: bscookie Value: "v=1&20231101183515b992fd8c-2d93-4eba-82ee-edaf366bc123AQEEmVXHiHughBEDwdCMgerClpmr462j"
.adsrvr.org/	1970-01-21 00:41:26	Name: TDCPM Value: CAEYBSABKAIyCwjQ-o7agMWtPBAFOAE.
.exelator.com/	1970-01-20 18:47:11	Name: EE Value: "0d900a0e101d506bd238794757e98216"
.exelator.com/	1970-01-20 18:47:11	Name: ud Value: "eJxrXxzq6XKLQcEgxdLAINEg1dDAMMXUwCwpxcjYwtzSxNzUPNXSwsjQbHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQYkl%252BUWb6ImfHxUUpaQyLSopPBR89JgYAUm0pQA%253D%253D"

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.omappapi.com
ajax.googleapis.com
analytics.google.com
analytics.twitter.com
api.dec.sitefinity.com
api.omappapi.com
bat.bing.com
cdn.feathr.co
cm.g.doubleclick.net
connect.facebook.net
dec.azureedge.net
dpm.demdex.net
fonts.googleapis.com
googleads.g.doubleclick.net
load77.exelator.com
loadm.exelator.com
marco.feathr.co
match.adsrvr.org
maxcdn.bootstrapcdn.com
pixel.sitescout.com
pixel.tapad.com
polo-v1.feathr.co
polo.feathr.co
pubads.g.doubleclick.net
px.ads.linkedin.com
rimscrmp.rims.org
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
sync.crwdcntrl.net
t.co
tracking.magnetmail.net
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.linkedin.com
104.18.10.207
104.21.82.163
104.244.42.131
104.244.42.5
13.107.21.200
13.107.42.14
13.32.151.55
142.251.111.95
142.251.111.99
142.251.16.102
142.251.163.97
146.75.28.157
15.197.193.217
152.195.19.97
157.240.244.35
172.253.115.155
172.253.115.94
172.253.115.95
172.253.122.101
172.253.122.155
172.253.62.154
172.253.63.155
18.160.18.24
18.215.35.44
205.201.46.12
207.198.113.205
23.101.166.71
23.43.85.208
31.13.66.19
34.111.113.62
37.19.206.5
37.19.207.34
38.98.118.166
52.2.54.142
52.26.6.186
52.45.71.197
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dac6a4bebb88854486159433f16f09c41850211c896edd3869a7682d8931b9f
0dc90421cbf6414c9f1ef5e93af3dbe48a4e51899452330f0ae0b2815e38be94
0f1596fb6145dd48b88c6528fdf1ba47ace986324fba290418dd7589f13df39d
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
36a88df037dc6c940450a9e251a34c9321d76d894d3d1734ee8cede45028d84c
36b044820470c5284dadada357130651638e24aa0548118beffda6a611da7801
3b7deee43954841cac724b1bc8af26fccffd116050158606e79590ae5e8165d1
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
4b64b6e313571e2bbf95b2fe6827973918d459a5f4740cbd5cddf386952ea522
4dfbdadbc8d3cd930d41bc1cf5fa1362613447a108067d5410ecacf361816897
541d2a516db316994a9ac86f005257fa58f8f938a67014c7fbf65a6a2728d5fd
559382b44a7cb0b397c474fe76532f50b622824e15440784425d1f4a42a991de
58326cb5768a543a3ae1940e3787e3a6ef207169b15587e2dcfcb8bcc75d18ce
5aa4142a40b5a1e0cdee8d5416c145c0e3d8b785254a566b5393069dcd2e0de8
5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b
666af3013700ed16bfc348050da6e011bc2550d695d4d5ae9e6102b1c9f3b249
672e173a1961506da81fd51463bb8b4aeacf8be4d484d02dca74b3e3a848ab7c
675924d8477789a008090280f57271eb72b211849ea2af9b0c9500fd22af9eaa
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e6e83bc8076b4f72594250ade9241271f7687021fcc5b5241a9916799526a51
6ed1f423e04b167b81ac491b80fe4c10b60c77c600e3fd5a1abc64a2d151c0f5
745b79544835c8ee16198c039bdde0b6ec42333c0f830df5770bd4dcd60a6ac6
78d5f2fcadbc8a4c06faaf2461ccb749d11ef6a942d3faf66235514f3b9fd9be
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
9292445432c2cf6a9058fbad020969b2cdc693c7ab81d8b1b4d0948e33bdcf7d
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9c80b2722f72540a8210e5f5a4c46a118422c79608489a796a0af3e204db45f2
9e542dc421aaa26278f6913be8f0879850a8a6cd6467ae21bfa4da2a090db963
9eb7fb32aeb68e39e428dce1923d6d4c6a2b15fa17a96d243f343615c83936ff
a2558a61b38a7b03525f0b74a510f4483332f14059245769233ede3f66dec7e0
a8da9223914500e0f702b414f459588081cd5dd9283614aa9a307895f03d3afc
a903e2fbbeb022ad7997e7fe92c8d9ad6941412fd542046db0c8166077a4e4f1
a9fbba90927f2e50a8cd39f2dba08d824b24c9656bb51edbcc254050bfa5364d
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c065a79be7511e259631f7f99f4191ad98befcfcc2f739cb2c18e39f11c48272
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
d6453fdd6e031af17a93ef5a681244635a67e2051637521259f62ab8c2008c13
d92efb4bcaf8da66b11a06eef171a3c94cdc0cd8726e56135eda582ebd877f75
dab47b75ab2c5a1511bd9f142d54edacc30f124e256be626fefa4f6468891225
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8cfc70fb378a9ba330b2994a3f81c72ee045cd639541680d5a935c2d80a7ea4
eacfa4f711eaca1336ff82619c8a2d310dec11266d594fbc7e5a91259cebf848
ebcc4d43d31df7982ad1969a9256632e8de9f3ba601d53afd05292485bcfe2d5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
f4f499f4e3a1364aabfc7827487244a6b84be2fcebc966f2c1ffceb0b55387b9

rimscrmp.rims.org Open in urlscan Pro 38.98.118.166 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

82 Requests

91 %HTTPS

0 %IPv6

27 Domains

38 Subdomains

34 IPs

3 Countries

1884 kBTransfer

4113 kBSize

43 Cookies

7 Outgoing links

Redirected requests

82 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

rimscrmp.rims.org Open in urlscan Pro
38.98.118.166 Public Scan

Screenshot
Live screenshot

Full Image

82
Requests

91 %
HTTPS

0 %
IPv6

27
Domains

38
Subdomains

34
IPs

3
Countries

1884 kB
Transfer

4113 kB
Size

43
Cookies

82 HTTP transactions
0 data transactions