urlscan.io logo urlscan.io
SecurityTrails logo

canadianvisa.org Open in urlscan Pro
167.99.182.231  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.canadianvisa.org//canada/-immigration//skilled/-worker//quebec/-skilled/-worker/-visa
Effective URL: https://canadianvisa.org/
Submission: On September 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 2 countries across 14 domains to perform 41 HTTP transactions. The main IP is 167.99.182.231, located in Toronto, Canada and belongs to DIGITALOCEAN-ASN, US. The main domain is canadianvisa.org.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 29th 2024. Valid for: a year.
This is the only time canadianvisa.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:20::681a:e08 (United States)

ASN13335 (CLOUDFLARENET, US)
www.canadianvisa.org
2    167.99.182.231 (Toronto, Canada)

ASN14061 (DIGITALOCEAN-ASN, US)
canadianvisa.org
5    2600:9000:223f:b800:15:20a2:3900:21 (United States)

ASN16509 (AMAZON-02, US)
d1ac9zce9817ms.cloudfront.net
1    2600:9000:2670:ae00:c:ec32:f140:21 (United States)

ASN16509 (AMAZON-02, US)
d1dje5mxb6emkl.cloudfront.net
3    2a00:1450:4001:81d::2008 (None, )

ASN- ()
www.googletagmanager.com
10    34.96.75.226 (None, )

ASN- ()
api.exponea.com
2    2a00:1450:4001:831::200e (None, )

ASN- ()
www.google-analytics.com
2    157.240.252.13 (None, )

ASN- ()
connect.facebook.net
2    2a00:1450:4001:827::200e (None, )

ASN- ()
www.youtube.com
5    104.126.37.146 (None, )

ASN- ()
analytics.tiktok.com
1    13.248.221.98 (None, )

ASN- ()
lcgroups-org.freshchat.com
3    2001:4860:4802:32::36 (None, )

ASN- ()
region1.analytics.google.com
region1.google-analytics.com
2    2a00:1450:400c:c1d::9c (None, )

ASN- ()
stats.g.doubleclick.net
1    142.250.181.227 (None, )

ASN- ()
www.google.de
2    2a03:2880:f177:83:face:b00c:0:25de (None, )

ASN- ()
www.facebook.com
1    76.223.64.65 (None, )

ASN- ()
lcgroups-org.freshchat.com
1    2606:4700:4400::6812:2602 (None, )

ASN- ()
brxcdn.com
Domain Requested by
10 api.exponea.com canadianvisa.org
api.exponea.com
5 analytics.tiktok.com canadianvisa.org
analytics.tiktok.com
5 d1ac9zce9817ms.cloudfront.net canadianvisa.org
3 www.googletagmanager.com canadianvisa.org
www.googletagmanager.com
2 www.facebook.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 region1.analytics.google.com 1 redirects www.googletagmanager.com
2 lcgroups-org.freshchat.com canadianvisa.org
lcgroups-org.freshchat.com
2 www.youtube.com www.googletagmanager.com
www.youtube.com
2 connect.facebook.net canadianvisa.org
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 canadianvisa.org 1 redirects
1 brxcdn.com
1 www.google.de
1 region1.google-analytics.com
1 d1dje5mxb6emkl.cloudfront.net canadianvisa.org
1 www.canadianvisa.org 1 redirects
41 17

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.trustpilot.com
college-ic.ca
Subject Issuer Validity Valid
*.canadianvisa.org
Sectigo RSA Domain Validation Secure Server CA		 2024-08-29 -
2025-09-29		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
*.google-analytics.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
api.exponea.com
WR3		 2024-09-07 -
2024-12-06		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-06-27 -
2024-09-25		 3 months crt.sh
*.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.tiktok.com
RapidSSL TLS ECC CA G1		 2024-07-15 -
2025-07-15		 a year crt.sh
*.freshchat.com
Amazon RSA 2048 M02		 2024-01-22 -
2025-02-18		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.google.de
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
brxcdn.com
E6		 2024-09-08 -
2024-12-07		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://canadianvisa.org/
Frame ID: 89E061A51C560759D43865AE76AAB159
Requests: 50 HTTP requests in this frame

Frame: https://lcgroups-org.freshchat.com/widget/config_iframe.html?host=https://lcgroups-org.freshchat.com&token=77eb97aa-035d-4771-8acf-7a8638e3ae6d&origin=https://canadianvisa.org&widgetUuid=0f8202d2-085a-46a7-880a-8d3cea2076b2
Frame ID: B9C83977188D4D10A28741EB27FABF53
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Canadian Visa | Canadian Immigration Consultants - CanadianVisa.org

Page URL History Show full URLs

  1. http://www.canadianvisa.org//canada/-immigration//skilled/-worker//quebec/-skilled/-worker/-visa HTTP 307
    https://www.canadianvisa.org//canada/-immigration//skilled/-worker//quebec/-skilled/-worker/-visa HTTP 301
    https://canadianvisa.org//canada/-immigration//skilled/-worker//quebec/-skilled/-worker/-visa HTTP 302
    https://canadianvisa.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

41
Requests

98 %
HTTPS

59 %
IPv6

14
Domains

17
Subdomains

17
IPs

2
Countries

1173 kB
Transfer

3070 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.canadianvisa.org//canada/-immigration//skilled/-worker//quebec/-skilled/-worker/-visa HTTP 307
    https://www.canadianvisa.org//canada/-immigration//skilled/-worker//quebec/-skilled/-worker/-visa HTTP 301
    https://canadianvisa.org//canada/-immigration//skilled/-worker//quebec/-skilled/-worker/-visa HTTP 302
    https://canadianvisa.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://region1.analytics.google.com/g/collect?v=2&tid=G-7ZX12XDL4S&gtm=45je4990v899124946za200zb812215509&_p=1726610853555&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101529665&cid=1089411626.1726610854&ul=de-de&sr=1600x1200&are=1&frm=0&pscdl=noapi&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAg&_s=2&sid=1726610853&sct=1&seg=0&dl=https%3A%2F%2Fcanadianvisa.org%2F&dt=Canadian%20Visa%20%7C%20Canadian%20Immigration%20Consultants%20-%20CanadianVisa.org&en=sign_up___thank_you_page&_c=1&_et=3&tfd=6716 HTTP 302
  • https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1089411626.1726610854&dbk=17750648533841399453&dma=1&dma_cps=syphamo&en=sign_up___thank_you_page&gtm=45je4990v899124946za200zb812215509&npa=1&tid=G-7ZX12XDL4S&dl=https%3A%2F%2Fcanadianvisa.org%3F

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
canadianvisa.org/
Redirect Chain
  • http://www.canadianvisa.org//canada/-immigration//skilled/-worker//quebec/-skilled/-worker/-visa
  • https://www.canadianvisa.org//canada/-immigration//skilled/-worker//quebec/-skilled/-worker/-visa
  • https://canadianvisa.org//canada/-immigration//skilled/-worker//quebec/-skilled/-worker/-visa
  • https://canadianvisa.org/
259 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://canadianvisa.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.99.182.231 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / Express
Resource Hash
0e54720db370c54b23462f99d1fed880b969e3ba5d68a9c3c98a61c660b24d36

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
secret_key,language,x-api-key,x-api-password,Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 17 Sep 2024 22:07:28 GMT
etag
W/"40bd5-ybOwzNCsQaV4blI9lxJt3w"
server
nginx
vary
Accept-Encoding
x-powered-by
Express

Redirect headers

access-control-allow-headers
secret_key,language,x-api-key,x-api-password,Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-origin
*
content-length
46
content-type
text/html; charset=utf-8
date
Tue, 17 Sep 2024 22:07:27 GMT
location
/
server
nginx
vary
Accept, Accept-Encoding
x-powered-by
Express
logo_dark.svg
d1ac9zce9817ms.cloudfront.net/images-new/icons/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ac9zce9817ms.cloudfront.net/images-new/icons/logo_dark.svg
Requested by
Host: canadianvisa.org
URL: https://canadianvisa.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:b800:15:20a2:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1dcef7571c7a81d58988666316fdf1895ce18814907cb8b58cad5597f9f59565

Request headers

Referer
https://canadianvisa.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
Nn91e5iAjNfXRtVQ3LZwF_4jw1KB9t88
content-encoding
gzip
via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
date
Tue, 17 Sep 2024 05:09:03 GMT
last-modified
Fri, 24 Feb 2023 20:21:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
61106
x-amz-server-side-encryption
AES256
etag
W/"1a8810eed522f459ce56339985b9d468"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-replication-status
REPLICA
x-amz-cf-id
Z0rfvAa01hvFVQBBsnFMHPrLeZmQJZZrNF-0nKPQigqnDX186HQi4g==
hp_intro_1_1.jpg
d1ac9zce9817ms.cloudfront.net/images-new/banners/ 		106 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ac9zce9817ms.cloudfront.net/images-new/banners/hp_intro_1_1.jpg
Requested by
Host: canadianvisa.org
URL: https://canadianvisa.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:b800:15:20a2:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0fa1a287a26a46c4e20a8aef15bb8bc19988b3f0ec09c37b233f0b626d5d7cf3

Request headers

Referer
https://canadianvisa.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
iSmESEU2cxmzYMhjDo.92IEA2Bd2kGhZ
date
Tue, 17 Sep 2024 11:46:44 GMT
via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
37245
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
content-length
108509
last-modified
Wed, 13 Sep 2023 09:29:03 GMT
server
AmazonS3
etag
"1ae438f5669b4467f8ee5ce237f1ae77"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
x-amz-cf-id
UOQLhijZf0U5uAp-YG2BcF6Ui9GMhPHo6bt-seFge6GXk_X5INdKkQ==
hp_intro_1_2.jpg
d1ac9zce9817ms.cloudfront.net/images-new/banners/ 		105 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ac9zce9817ms.cloudfront.net/images-new/banners/hp_intro_1_2.jpg
Requested by
Host: canadianvisa.org
URL: https://canadianvisa.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:b800:15:20a2:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6085fd6db5a344a62ae3dfc54e322f04c2e1aad6759258d136e15308cc799cc5

Request headers

Referer
https://canadianvisa.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
YNW4VR8btYkpWn4w8ha2Zhv1M.UL52HF
date
Tue, 17 Sep 2024 05:38:09 GMT
via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
59360
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
content-length
107571
last-modified
Wed, 13 Sep 2023 09:29:02 GMT
server
AmazonS3
etag
"5d6a44b10f47e712e133a36d3bc83635"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
x-amz-cf-id
IcYKPRAvXCHDQ0JWpL50xF5dcjx9P4Ge47MxMv6M9Z3tqg656F98lA==
truncated
/ 		342 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
191eecfbeac4b117c0ef38dc4010cc9dca89b85aff1c78c831519ac6091d3026

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		458 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44e1a7f23a3f2080e964f978c227133b54abef1d37513bc986b820758de3344f

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		634 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe9ff4b7d446db9808e137ee48c6dbb4eac338d80c98fde761b2da97a760c68e

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		967 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0aa46a7e3d9463bd836dada3eedd9fa8da29ccabd03eff603365d54c416bb4d9

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		461 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
387fe7869d96c8b789d2a82e16fe63127134e3bc40dcf0660354df20e51b2029

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		543 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a8ab08ac91385fc5936570478f3210293f0842b3490d4a602dabd44d7eee3bc

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f140a077b90f5cee49da445e08eb1fe29028132c20084b4351fc6b13b48f557

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		333 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23b2cec6c9860b9e60e8f7f966a386a2040e564bb9c8c3462d46f09d01601b3f

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		238 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b09369f2b8aa6ff0ac771734b3a78cacdd4e92db19dd582b116a20ad40f40340

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
select-arrow.svg
d1ac9zce9817ms.cloudfront.net/images-new/icons/ 		640 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ac9zce9817ms.cloudfront.net/images-new/icons/select-arrow.svg
Requested by
Host: canadianvisa.org
URL: https://canadianvisa.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:b800:15:20a2:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
85b6810b918333166d4eac8f7135ea1a9caef685c970c59baba3b7324d5c5508

Request headers

Referer
https://canadianvisa.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 14:26:11 GMT
x-amz-version-id
bgl6bQnJgEpFPBZYfkGtu1SmrOmnYHYK
via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 13:35:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
26293278
etag
"e6c71ba80e50fbde4383da1de36f0867"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=31536000
x-amz-replication-status
REPLICA
accept-ranges
bytes
content-length
640
x-amz-cf-id
p1zzLM1MzfA0jn8m8y2nWsM7ds0x09ucCE7yecaD0xom7YECJ7p-fg==
favicon.ico
d1ac9zce9817ms.cloudfront.net/favicon/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://d1ac9zce9817ms.cloudfront.net/favicon/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:b800:15:20a2:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fa92b4261e29c6302ad6e5d3e73798eaf541ffbbf202438fc39da46a7e3a9e80

Request headers

Referer
https://canadianvisa.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 02:32:44 GMT
x-amz-version-id
ib3YOM6jbuON_MWtIOmKsTeALwtHAudk
via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
last-modified
Wed, 14 Apr 2021 14:47:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
70485
etag
"954445bcc466fe7bac5f3ee68eb7daff"
x-cache
Hit from cloudfront
content-type
image/x-icon
x-amz-replication-status
REPLICA
accept-ranges
bytes
content-length
15086
x-amz-cf-id
DQjNTWq-SmEZozQbOV3XEFaBn0o0rZh9F28taMwmt0fPtiUsosT8Mg==
cve.js.br
d1dje5mxb6emkl.cloudfront.net/cve/ 		64 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1dje5mxb6emkl.cloudfront.net/cve/cve.js.br
Requested by
Host: canadianvisa.org
URL: https://canadianvisa.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2670:ae00:c:ec32:f140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5f3270c409718eabbe3a6f94875ce4e2637b2898a372a1dfac2e9af461402fbc

Request headers

Referer
https://canadianvisa.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 07:50:08 GMT
content-encoding
br
via
1.1 f5af2731a86629973e69564f824d95be.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P9
age
51443
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
16961
last-modified
Wed, 10 Jul 2024 11:39:27 GMT
server
AmazonS3
etag
"2acb15d67c461c3311921d98d2094649"
content-type
binary/octet-stream
cache-control
none
accept-ranges
bytes
x-amz-cf-id
zDpEKeyi0UrmnmxZAZvkpBhscN6lPhIDPKcqu93I7LXX3JxkJ0p5KA==
gtm.js
www.googletagmanager.com/ 		350 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PTTXXK2
Requested by
Host: canadianvisa.org
URL: https://canadianvisa.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
468e098b6ab35bce105f98f6ae20540a6ebec020668dc31a3cdb122383000358
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://canadianvisa.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 22:07:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113440
x-xss-protection
0
last-modified
Tue, 17 Sep 2024 21:21:06 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 17 Sep 2024 22:07:33 GMT
exponea.min.js
api.exponea.com/js/ 		186 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.exponea.com/js/exponea.min.js
Requested by
Host: canadianvisa.org
URL: https://canadianvisa.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.75.226 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
3a5f599a6355e5708ad7d040b8ab4f451310b98fe68074b11ba0b4d66f1dc9a9

Request headers

Referer
https://canadianvisa.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 22:07:33 GMT
content-encoding
gzip
via
1.1 google
last-modified
Thu, 12 Sep 2024 09:43:43 GMT
server
nginx
etag
"66e2b7cf-df4a"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57162
expires
Tue, 17 Sep 2024 23:07:33 GMT
js
www.googletagmanager.com/gtag/ 		350 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7ZX12XDL4S&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PTTXXK2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4544fc29e45c3410894535cac8ea005106c4563e73e22dc53b31de4341432c33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://canadianvisa.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 22:07:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
110904
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 17 Sep 2024 22:07:33 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PTTXXK2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://canadianvisa.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 17 Sep 2024 21:26:17 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2476
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 17 Sep 2024 23:26:17 GMT
fbevents.js
connect.facebook.net/en_US/ 		225 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: canadianvisa.org
URL: https://canadianvisa.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://canadianvisa.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 17 Sep 2024 22:07:33 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58953
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=43, rtx=0, c=23, mss=1232, tbw=4436, tp=9, tpl=0, uplat=3, ullat=-1
pragma
public
x-fb-debug
7l0/Z2ocn07saYtB1jTqHrm1BYfgtrQsXR4WR3ChnXwrfMGchGSuHtwST2VvR858Pjw25zs6RbytyQgfb1/v4g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PTTXXK2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
65c11c6c2669731c5dfad7f5ba371d85ca809dfcb42b2df3ba0aff596f7a535c
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://canadianvisa.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 22:07:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script'
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Tue, 17 Sep 2024 22:07:33 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CJNG30RC77U5TJETLFEG&lib=ttq
Requested by
Host: canadianvisa.org
URL: https://canadianvisa.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.146 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
9a5168116ea2e2beaeabf72e4eb025d0599ad893fdc89133be48cc28c9f97a30

Request headers

Referer
https://canadianvisa.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id
6a0f853
date
Tue, 17 Sep 2024 22:07:34 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24091722073448FFA6D46D034E2B9BAE-7DEE35B6B250DBC2-00
x-cache
TCP_MISS from a104-126-37-172.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
server-timing
inner; dur=7, cdn-cache; desc=MISS, edge; dur=2, origin; dur=105
content-length
1835
pragma
no-cache
server
nginx
x-tt-logid
2024091722073448FFA6D46D034E2B9BAE
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
105,104.126.37.172
x-tt-trace-host
01176b51d7392c1fa000bd81347ecbc731403e51ce9721feb9c4c386d4adf8a4596107f1169d221af32b545e61f10b0b5347e892c2a7bcc8338ec88407fabeeb4af9b6be8451c3dde9f6873f437e6c7d6faac437c46d28e47eeb2867a723c1ba3f
expires
Tue, 17 Sep 2024 22:07:34 GMT
widget.js
lcgroups-org.freshchat.com/js/ 		67 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lcgroups-org.freshchat.com/js/widget.js
Requested by
Host: canadianvisa.org
URL: https://canadianvisa.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.221.98 -, , ASN (),
Reverse DNS
Software
fwe /
Resource Hash
aeb9d13933d7e6305a96508c85d6b9335f9f395681bbef4ba02105fcf46ddf03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://canadianvisa.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-trace-id
00-358717b83507fc9578caba87a6668186-f3e9840cb366bc9f-00
date
Tue, 17 Sep 2024 22:07:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Tue, 17 Sep 2024 05:05:22 GMT
server
fwe
nel
{ "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to
{ "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
content-type
application/javascript
x-fw-ratelimiting-managed
false
cache-control
max-age=900, must-revalidate
x-server
hdv5l
x-envoy-upstream-service-time
1
x-xss-protection
1; mode=block
x-request-id
322ffba9-cbb9-4909-9219-c7112cf184f6
destination
www.googletagmanager.com/gtag/ 		392 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-873086315&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PTTXXK2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4269549a061c3dc70075519ace2eb49aefe99e4d634150c74da7f4f738c90c46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://canadianvisa.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 22:07:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
125090
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 17 Sep 2024 22:07:33 GMT
bundle
api.exponea.com/webxp/projects/9a5c1884-6c59-11eb-8b86-9ef8a0068af9/ 		24 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.exponea.com/webxp/projects/9a5c1884-6c59-11eb-8b86-9ef8a0068af9/bundle
Requested by
Host: api.exponea.com
URL: https://api.exponea.com/js/exponea.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.75.226 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
deda749089f31597981f56bb657b040ad336fcf29bae581fe4bf89ed19f722b1

Request headers

Accept
application/json
Referer
https://canadianvisa.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 22:07:33 GMT
content-encoding
br
via
1.1 google
etag
"deda749089f31597981f56bb657b040ad336fcf29bae581fe4bf89ed19f722b1"
content-type
application/json
access-control-allow-origin
https://canadianvisa.org
cache-control
no-cache, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1131
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-7ZX12XDL4S&gtm=45je4990v899124946z8812215509za200zb812215509&_p=1726610853555&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101529665&cid=1089411626.1726610854&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=Ag&_s=1&sid=1726610853&sct=1&seg=0&dl=https%3A%2F%2Fcanadianvisa.org%2F&dt=Canadian%20Visa%20%7C%20Canadian%20Immigration%20Consultants%20-%20CanadianVisa.org&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=6712
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7ZX12XDL4S&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://canadianvisa.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Sep 2024 22:07:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://canadianvisa.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7ZX12XDL4S&cid=1089411626.1726610854&gtm=45je4990v899124946z8812215509za200zb812215509&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101529665
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7ZX12XDL4S&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1d::9c -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://canadianvisa.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Sep 2024 22:07:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://canadianvisa.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
register-conversion
region1.google-analytics.com/privacy-sandbox/
Redirect Chain
  • https://region1.analytics.google.com/g/collect?v=2&tid=G-7ZX12XDL4S&gtm=45je4990v899124946za200zb812215509&_p=1726610853555&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101529665&cid=108941...
  • https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1089411626.1726610854&dbk=17750648533841399453&dma=1&dma_cps=syphamo&en=sign_up___thank_you_page&gtm=45je4990v89912...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1089411626.1726610854&dbk=17750648533841399453&dma=1&dma_cps=syphamo&en=sign_up___thank_you_page&gtm=45je4990v899124946za200zb812215509&npa=1&tid=G-7ZX12XDL4S&dl=https%3A%2F%2Fcanadianvisa.org%3F
Protocol
H2
Server
2001:4860:4802:32::36 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://canadianvisa.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
attribution-reporting-register-trigger
{"aggregatable_trigger_data":[{"key_piece":"0xa4c2b1159a9c2b19","source_keys":["1"]},{"key_piece":"0x1d929f75f6ae0b11","source_keys":["2","3","4"]}],"aggregatable_values":{"1":65,"2":65,"3":65,"4":6356},"debug_key":"17750648533841399453","debug_reporting":true,"event_trigger_data":[{"filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"}],"filters":{"2":["961998689"],"5":["09-17","09-16","09-15"]}}
date
Tue, 17 Sep 2024 22:07:34 GMT
attribution-reporting-register-os-trigger
"https://region1.google-analytics.com/privacy-sandbox/register-os-conversion?_c=1&cid=1089411626.1726610854&dbk=17750648533841399453&dma=1&dma_cps=syphamo&en=sign_up___thank_you_page&gtm=45je4990v899124946za200zb812215509&npa=1&tid=G-7ZX12XDL4S&dl=https%3A%2F%2Fcanadianvisa.org%3F"
server
Golfe2
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
attribution-reporting-info
preferred-platform=os
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 Sep 2024 22:07:34 GMT
server
Golfe2
content-type
text/html; charset=UTF-8
location
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1089411626.1726610854&dbk=17750648533841399453&dma=1&dma_cps=syphamo&en=sign_up___thank_you_page&gtm=45je4990v899124946za200zb812215509&npa=1&tid=G-7ZX12XDL4S&dl=https%3A%2F%2Fcanadianvisa.org%3F
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
510
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7ZX12XDL4S&cid=1089411626.1726610854&gtm=45je4990v899124946z8812215509za200zb812215509&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101529665&tag_exp=101529665&z=713895538
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.227 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://canadianvisa.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Sep 2024 22:07:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bulk
api.exponea.com/ 		212 B
449 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.exponea.com/bulk
Requested by
Host: api.exponea.com
URL: https://api.exponea.com/js/exponea.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.75.226 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd4fd47283a86d5dd8fab0adedc424e6f12205680cf8e6d9a19e04af1fff01b8

Request headers

Accept
application/json
Referer
https://canadianvisa.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 17 Sep 2024 22:07:34 GMT
via
1.1 google
content-type
application/json
access-control-allow-origin
https://canadianvisa.org
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
212
x-request-id
5574ae0b-b15e-4141-8c68-542bc612e599
www-widgetapi.js
www.youtube.com/s/player/7fe34188/www-widgetapi.vflset/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/7fe34188/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
c0a6abe23ed2079bd903057224afa93bc7b7706cb284eb6726ac475297d6fed6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://canadianvisa.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 20:37:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
5375
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10726
x-xss-protection
0
last-modified
Mon, 16 Sep 2024 04:13:01 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 17 Sep 2025 20:37:59 GMT
collect
www.google-analytics.com/j/ 		3 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1824014606&t=pageview&_s=1&dl=https%3A%2F%2Fcanadianvisa.org%2F&ul=de-de&de=UTF-8&dt=Canadian%20Visa%20%7C%20Canadian%20Immigration%20Consultants%20-%20CanadianVisa.org&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABBAAAACAAI~&jid=671810680&gjid=353260549&cid=1089411626.1726610854&tid=UA-60594623-1&_gid=1388744851.1726610854&_slc=1&gtm=45He4990n81PTTXXK2v812215509za200&cd6=&cd16=&cd18=&cd19=&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&npa=1&z=190112811
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://canadianvisa.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Sep 2024 22:07:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://canadianvisa.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-60594623-1&cid=1089411626.1726610854&jid=671810680&gjid=353260549&_gid=1388744851.1726610854&npa=1&_u=YCDAiEABBAAAAGAAI~&z=651870775
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1d::9c -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://canadianvisa.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 17 Sep 2024 22:07:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://canadianvisa.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
638202162930393
connect.facebook.net/signals/config/ 		66 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/638202162930393?v=2.9.167&r=stable&domain=canadianvisa.org&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
24973481672eaaf80266556ff73aa74b68aa346bd4d7f2b793f12b2ac7e5ad0a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://canadianvisa.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 17 Sep 2024 22:07:34 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=54, rtx=0, c=74, mss=1232, tbw=67138, tp=63, tpl=0, uplat=96, ullat=0
pragma
public
x-fb-debug
PCCusY2IYH9qXHJkPQ7YLKp8fGqr4E76Rd6NHI+QlsncecpsKQUoU5Ad0IO8NE0Sa53Mk75ftQOP3qlacHDNoA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
main.MTcyYmY3Y2UyMA.js
analytics.tiktok.com/i18n/pixel/static/ 		335 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTcyYmY3Y2UyMA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CJNG30RC77U5TJETLFEG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.146 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
6eade210358ca6b41631cf5c309c6b1a3fa1c043133ef84d5fc6b173ac1c9928

Request headers

Referer
https://canadianvisa.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id
6a0fa66
date
Tue, 17 Sep 2024 22:07:34 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
2024091417171954D37F8A8A947DAE23A2
x-tt-trace-id
00-24091417171954D37F8A8A947DAE23A2-00F6E0A0DFC71373-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a104-126-37-172.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
0165b46c61b952658806b1dfcfe39b2e1000c22101a88ecfd4dd72572293d242763e792afd2e7d142862d9694c2deffd8f366d150c1aeeeeaa39e7080766edf4cc4c00c941c2a0f8eb1ab74fa3a4c317bfe0cc1880db4e33d64e4ba847d8a5c4fe
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=16
content-length
95124
bulk
api.exponea.com/ 		314 B
330 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.exponea.com/bulk
Requested by
Host: api.exponea.com
URL: https://api.exponea.com/js/exponea.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.75.226 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
b132a81f4ae5caaec3ed71a4fd3b2ac888b2a9bc872e239ade03353b211f61d7

Request headers

Accept
application/json
Referer
https://canadianvisa.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 17 Sep 2024 22:07:34 GMT
via
1.1 google
content-type
application/json
access-control-allow-origin
https://canadianvisa.org
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-request-id
df4ef8d5-be36-48ef-963e-586d32428273
show
api.exponea.com/managed-tags/ 		38 B
83 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.exponea.com/managed-tags/show
Requested by
Host: api.exponea.com
URL: https://api.exponea.com/js/exponea.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.75.226 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
5c858b1c80e2a37e46abc26525a908fe14db93ebdce1dbdbdd2828cd180bbeec

Request headers

Accept
application/json
Referer
https://canadianvisa.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 17 Sep 2024 22:07:34 GMT
content-encoding
gzip
via
1.1 google
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://canadianvisa.org
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
link-ids
api.exponea.com/webxp/projects/9a5c1884-6c59-11eb-8b86-9ef8a0068af9/cookies/4fdf1deb-cc1a-48ff-abb1-d1c06f072880/ 		0
11 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.exponea.com/webxp/projects/9a5c1884-6c59-11eb-8b86-9ef8a0068af9/cookies/4fdf1deb-cc1a-48ff-abb1-d1c06f072880/link-ids
Requested by
Host: api.exponea.com
URL: https://api.exponea.com/js/exponea.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.75.226 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://canadianvisa.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://canadianvisa.org
date
Tue, 17 Sep 2024 22:07:34 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
show
api.exponea.com/campaigns/banners/ 		19 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.exponea.com/campaigns/banners/show
Requested by
Host: api.exponea.com
URL: https://api.exponea.com/js/exponea.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.75.226 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2af49646a3db2fdeba3a725968b24364160d166bcf463e1f30cfd09866c0019e

Request headers

Accept
application/json
Referer
https://canadianvisa.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 17 Sep 2024 22:07:34 GMT
content-encoding
gzip
via
1.1 google
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://canadianvisa.org
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=638202162930393&ev=PageView&dl=https%3A%2F%2Fcanadianvisa.org%2F&rl=&if=false&ts=1726610854194&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1726610854193.92237277137912820&ler=empty&cdl=API_unavailable&it=1726610854038&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de -, , ASN (),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://canadianvisa.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=32, rtx=0, c=10, mss=1297, tbw=2820, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 17 Sep 2024 22:07:34 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=638202162930393&ev=PageView&dl=https%3A%2F%2Fcanadianvisa.org%2F&rl=&if=false&ts=1726610854194&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1726610854193.92237277137912820&ler=empty&cdl=API_unavailable&it=1726610854038&coo=false&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de -, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://canadianvisa.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x59d0fd9be37036f6","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["24:6804923282900268","7830:6804923282900268","10853:6804923282900268","41:6804923282900268","8046:6804923282900268"]},"debug_reporting":true,"debug_key":"1302656672598764127"}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Tue, 17 Sep 2024 22:07:34 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7415737152757665794", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=32, rtx=0, c=12, mss=1297, tbw=3138, tp=-1, tpl=-1, uplat=166, ullat=0
pragma
no-cache
x-fb-debug
MgstfYL6G46+safxS3sDXJkn6IPXfbcLGoQujtAXoQoVIG0/njMYCCeodf2wEiV3orspUqVIcwZqx2UPA4dtIQ==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7415737152757665794"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
config_iframe.html
lcgroups-org.freshchat.com/widget/ Frame B9C8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://lcgroups-org.freshchat.com/widget/config_iframe.html?host=https://lcgroups-org.freshchat.com&token=77eb97aa-035d-4771-8acf-7a8638e3ae6d&origin=https://canadianvisa.org&widgetUuid=0f8202d2-085a-46a7-880a-8d3cea2076b2
Requested by
Host: lcgroups-org.freshchat.com
URL: https://lcgroups-org.freshchat.com/js/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.64.65 -, , ASN (),
Reverse DNS
Software
fwe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://canadianvisa.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-encoding
gzip
content-security-policy
style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-type
text/html
date
Tue, 17 Sep 2024 22:07:34 GMT
last-modified
Tue, 17 Sep 2024 05:05:22 GMT
nel
{ "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to
{ "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
server
fwe
strict-transport-security
max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
1
x-fw-ratelimiting-managed
false
x-request-id
fa08f030-0723-49f3-b5db-c1ffdcccb916
x-server
hdv5l
x-trace-id
00-857e8ddb0ea27eff659e0b996f522aff-4b41c4f7aeb1bc6c-00
x-xss-protection
1; mode=block
f7ba5388-bfc8-11ec-bd24-ee721601124f
brxcdn.com/exp-app-storage/9a5c1884-6c59-11eb-8b86-9ef8a0068af9/media/original/ 		198 KB
199 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brxcdn.com/exp-app-storage/9a5c1884-6c59-11eb-8b86-9ef8a0068af9/media/original/f7ba5388-bfc8-11ec-bd24-ee721601124f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2602 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
318186c87017e4e0e6e002e0907d50cabbc7e3478b2ac10a417cbf174c932e5f

Request headers

Referer
https://canadianvisa.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 22:07:34 GMT
last-modified
Wed, 21 Aug 2024 21:22:29 GMT
server
cloudflare
etag
"bc813c93ec94997fa46cc8c2d9e44bf1"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, s-maxage=3600, maxage=1800
x-robots-tag
noindex
cf-ray
8c4c68f00cb09bfa-FRA
content-length
202828
expires
Tue, 17 Sep 2024 23:07:34 GMT
identify_7bf75739.js
analytics.tiktok.com/i18n/pixel/static/ 		146 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_7bf75739.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcyYmY3Y2UyMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.146 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4

Request headers

Referer
https://canadianvisa.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id
6a0fcb4
date
Tue, 17 Sep 2024 22:07:34 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240830022527CBF5A6BDAC95BF85457C
x-tt-trace-id
00-240830022527CBF5A6BDAC95BF85457C-5FCCE23284D5383A-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a104-126-37-172.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
019cd81d430e382d22765268805daf2a1ed00bbf855ae9ed467d1da7885edad72cb00cb70985005c1de089a0a7fbb52c36fd8d02a4d9f7ae6ff597e3efb941b9bf875b60c3d790a2a84eec0c13cb20e8bea64ceb5ee2071c300573373bbc3698de
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length
39498
pixel
analytics.tiktok.com/api/v2/ 		0
719 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcyYmY3Y2UyMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.146 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://canadianvisa.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
6a0fcce
date
Tue, 17 Sep 2024 22:07:34 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2409172207344921A9CA423B484276D9-74D2E32ADEB101CA-00
x-cache
TCP_MISS from a104-126-37-172.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
server-timing
inner; dur=23, cdn-cache; desc=MISS, edge; dur=10, origin; dur=120
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202409172207344921A9CA423B484276D9
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
120,104.126.37.172
x-tt-trace-host
01176b51d7392c1fa000bd81347ecbc731403e51ce9721feb9c4c386d4adf8a459b4cb732d4a5366ed3f0ce611f7dcfc451ffd3421bffe659f30c1ec4e61d917b08b04162af2732fcb124c29a26ffbd8f764be6abfbb9c30ebf32d79703bfc33d9
access-control-allow-headers
Authorization,*
expires
Tue, 17 Sep 2024 22:07:34 GMT
modifications.min.js
api.exponea.com/webxp/script/9a5c1884-6c59-11eb-8b86-9ef8a0068af9/4fdf1deb-cc1a-48ff-abb1-d1c06f072880/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.exponea.com/webxp/script/9a5c1884-6c59-11eb-8b86-9ef8a0068af9/4fdf1deb-cc1a-48ff-abb1-d1c06f072880/modifications.min.js?http-referer=https%3A%2F%2Fcanadianvisa.org%2F&cookie-expires=1821218854
Requested by
Host: api.exponea.com
URL: https://api.exponea.com/js/exponea.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.75.226 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e9449cd1e48866df5c17dca786d91a2a10148c15c40fdea3c0d65d134aec6b2

Request headers

Referer
https://canadianvisa.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 22:07:34 GMT
content-encoding
gzip
via
1.1 google
etag
"7e9449cd1e48866df5c17dca786d91a2a10148c15c40fdea3c0d65d134aec6b2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, max-age=0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
bulk
api.exponea.com/ 		107 B
123 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.exponea.com/bulk
Requested by
Host: api.exponea.com
URL: https://api.exponea.com/js/exponea.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.75.226 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
d45fe059e4eeb5f07106b5ad13892ab4cb2444cb16be987b80263c1c3baf3e04

Request headers

Accept
application/json
Referer
https://canadianvisa.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 17 Sep 2024 22:07:34 GMT
via
1.1 google
content-type
application/json
access-control-allow-origin
https://canadianvisa.org
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
107
x-request-id
322b4eda-8b0e-4be2-82e2-e0c618918ccb
bundle
api.exponea.com/webxp/projects/9a5c1884-6c59-11eb-8b86-9ef8a0068af9/ 		24 KB
12 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.exponea.com/webxp/projects/9a5c1884-6c59-11eb-8b86-9ef8a0068af9/bundle
Requested by
Host: api.exponea.com
URL: https://api.exponea.com/webxp/script/9a5c1884-6c59-11eb-8b86-9ef8a0068af9/4fdf1deb-cc1a-48ff-abb1-d1c06f072880/modifications.min.js?http-referer=https%3A%2F%2Fcanadianvisa.org%2F&cookie-expires=1821218854
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.75.226 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
deda749089f31597981f56bb657b040ad336fcf29bae581fe4bf89ed19f722b1

Request headers

Referer
https://canadianvisa.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 22:07:34 GMT
via
1.1 google
content-encoding
br
etag
"deda749089f31597981f56bb657b040ad336fcf29bae581fe4bf89ed19f722b1"
content-type
application/json
access-control-allow-origin
https://canadianvisa.org
cache-control
no-cache, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1131
act
analytics.tiktok.com/api/v2/pixel/ 		0
718 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcyYmY3Y2UyMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.146 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://canadianvisa.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
6a0ff4f
date
Tue, 17 Sep 2024 22:07:34 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240917220734078390F37236A12936BF-151EAB76F9C3B80A-00
x-cache
TCP_MISS from a104-126-37-172.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
server-timing
inner; dur=24, cdn-cache; desc=MISS, edge; dur=23, origin; dur=119
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240917220734078390F37236A12936BF
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
120,104.126.37.172
x-tt-trace-host
01176b51d7392c1fa000bd81347ecbc731403e51ce9721feb9c4c386d4adf8a4594dca64d9cbd7626ac940a63b27d7c2aafa06b9abac0a85d28c0e741ccd54fbade5afc2c4ff8dd60a0cee8da5aa0ef06d525156ff9fc066751a0dabef0548d483
access-control-allow-headers
Authorization,*
expires
Tue, 17 Sep 2024 22:07:34 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| loadDeferredStyles function| loadScript function| firstInteraction function| cve

2 Cookies

Domain/Path Name / Value
canadianvisa.org/ Name: connect.sid
Value: s%3AHC089m2eksfgYS0mX260k5AO97ebKUY7.SttI7FOvqWLyo6Ck7LS04NmmF0XX1Pvop%2BtTVU2wGyg
canadianvisa.org/ Name: cve_ip
Value: 217.114.218.27

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://canadianvisa.org/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
api.exponea.com
brxcdn.com
canadianvisa.org
connect.facebook.net
d1ac9zce9817ms.cloudfront.net
d1dje5mxb6emkl.cloudfront.net
lcgroups-org.freshchat.com
region1.analytics.google.com
region1.google-analytics.com
stats.g.doubleclick.net
www.canadianvisa.org
www.facebook.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.youtube.com
104.126.37.146
13.248.221.98
142.250.181.227
157.240.252.13
167.99.182.231
2001:4860:4802:32::36
2600:9000:223f:b800:15:20a2:3900:21
2600:9000:2670:ae00:c:ec32:f140:21
2606:4700:20::681a:e08
2606:4700:4400::6812:2602
2a00:1450:4001:81d::2008
2a00:1450:4001:827::200e
2a00:1450:4001:831::200e
2a00:1450:400c:c1d::9c
2a03:2880:f177:83:face:b00c:0:25de
34.96.75.226
76.223.64.65
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
0aa46a7e3d9463bd836dada3eedd9fa8da29ccabd03eff603365d54c416bb4d9
0e54720db370c54b23462f99d1fed880b969e3ba5d68a9c3c98a61c660b24d36
0fa1a287a26a46c4e20a8aef15bb8bc19988b3f0ec09c37b233f0b626d5d7cf3
191eecfbeac4b117c0ef38dc4010cc9dca89b85aff1c78c831519ac6091d3026
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1dcef7571c7a81d58988666316fdf1895ce18814907cb8b58cad5597f9f59565
23b2cec6c9860b9e60e8f7f966a386a2040e564bb9c8c3462d46f09d01601b3f
24973481672eaaf80266556ff73aa74b68aa346bd4d7f2b793f12b2ac7e5ad0a
2a8ab08ac91385fc5936570478f3210293f0842b3490d4a602dabd44d7eee3bc
2af49646a3db2fdeba3a725968b24364160d166bcf463e1f30cfd09866c0019e
318186c87017e4e0e6e002e0907d50cabbc7e3478b2ac10a417cbf174c932e5f
387fe7869d96c8b789d2a82e16fe63127134e3bc40dcf0660354df20e51b2029
3a5f599a6355e5708ad7d040b8ab4f451310b98fe68074b11ba0b4d66f1dc9a9
4269549a061c3dc70075519ace2eb49aefe99e4d634150c74da7f4f738c90c46
44e1a7f23a3f2080e964f978c227133b54abef1d37513bc986b820758de3344f
4544fc29e45c3410894535cac8ea005106c4563e73e22dc53b31de4341432c33
468e098b6ab35bce105f98f6ae20540a6ebec020668dc31a3cdb122383000358
5c858b1c80e2a37e46abc26525a908fe14db93ebdce1dbdbdd2828cd180bbeec
5f140a077b90f5cee49da445e08eb1fe29028132c20084b4351fc6b13b48f557
5f3270c409718eabbe3a6f94875ce4e2637b2898a372a1dfac2e9af461402fbc
6085fd6db5a344a62ae3dfc54e322f04c2e1aad6759258d136e15308cc799cc5
65c11c6c2669731c5dfad7f5ba371d85ca809dfcb42b2df3ba0aff596f7a535c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6eade210358ca6b41631cf5c309c6b1a3fa1c043133ef84d5fc6b173ac1c9928
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4
7e9449cd1e48866df5c17dca786d91a2a10148c15c40fdea3c0d65d134aec6b2
85b6810b918333166d4eac8f7135ea1a9caef685c970c59baba3b7324d5c5508
9a5168116ea2e2beaeabf72e4eb025d0599ad893fdc89133be48cc28c9f97a30
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aeb9d13933d7e6305a96508c85d6b9335f9f395681bbef4ba02105fcf46ddf03
b09369f2b8aa6ff0ac771734b3a78cacdd4e92db19dd582b116a20ad40f40340
b132a81f4ae5caaec3ed71a4fd3b2ac888b2a9bc872e239ade03353b211f61d7
c0a6abe23ed2079bd903057224afa93bc7b7706cb284eb6726ac475297d6fed6
cd4fd47283a86d5dd8fab0adedc424e6f12205680cf8e6d9a19e04af1fff01b8
d45fe059e4eeb5f07106b5ad13892ab4cb2444cb16be987b80263c1c3baf3e04
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deda749089f31597981f56bb657b040ad336fcf29bae581fe4bf89ed19f722b1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa92b4261e29c6302ad6e5d3e73798eaf541ffbbf202438fc39da46a7e3a9e80
fe9ff4b7d446db9808e137ee48c6dbb4eac338d80c98fde761b2da97a760c68e