canadaims.site Open in urlscan Pro
2606:4700:3036::6815:b73 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_me
Submission: On May 15 via manual (May 15th 2023, 8:22:24 pm UTC) from IN — Scanned from DE

Summary HTTP 47 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 10 domains to perform 47 HTTP transactions. The main IP is 2606:4700:3036::6815:b73, located in United States and belongs to CLOUDFLARENET, US. The main domain is canadaims.site.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 17th 2022. Valid for: a year.

This is the only time canadaims.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:303... 2606:4700:3036::6815:b73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2606:4700:303... 2606:4700:3033::6815:456f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	107.154.114.122 107.154.114.122	19551 (INCAPSULA) (INCAPSULA)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	23.35.237.86 23.35.237.86	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	70.42.32.223 70.42.32.223	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
17	45.223.128.234 45.223.128.234	19551 (INCAPSULA) (INCAPSULA)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
47	12

2 2606:4700:3036::6815:b73 (United States)

ASN13335 (CLOUDFLARENET, US)

canadaims.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:3033::6815:456f (United States)

ASN13335 (CLOUDFLARENET, US)

canadaims.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.154.114.122 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.114.122.ip.incapdns.net

atsc.activetrail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.223 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 45.223.128.234 (United States)

ASN19551 (INCAPSULA, US)

direct.tranzila.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	tranzila.com direct.tranzila.com — Cisco Umbrella Rank: 923361	177 KB
16	canadaims.org canadaims.org	265 KB
3	gstatic.com fonts.gstatic.com	52 KB
3	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 3121 tr.outbrain.com — Cisco Umbrella Rank: 2937	8 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 161	114 KB
2	canadaims.site canadaims.site	7 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	21 KB
1	activetrail.com atsc.activetrail.com — Cisco Umbrella Rank: 117119	25 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2649	22 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 50	1 KB
47	10

	Domain	Requested by
17	direct.tranzila.com	canadaims.org direct.tranzila.com
16	canadaims.org	canadaims.site canadaims.org
3	fonts.gstatic.com	fonts.googleapis.com
2	tr.outbrain.com	amplify.outbrain.com canadaims.site
2	connect.facebook.net	canadaims.site connect.facebook.net
2	canadaims.site	canadaims.site
1	www.google-analytics.com	direct.tranzila.com
1	amplify.outbrain.com	canadaims.site
1	atsc.activetrail.com	canadaims.site
1	stackpath.bootstrapcdn.com	canadaims.site
1	fonts.googleapis.com	canadaims.site
47	11

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-07-17` - `2023-07-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.canadaims.org E1	`2023-04-11` - `2023-07-10`	3 months	crt.sh
imperva.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-05-10` - `2023-11-06`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-22` - `2023-05-23`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_me
Frame ID: 5387F24A741C15BA15B1A7E87420E255
Requests: 30 HTTP requests in this frame

Frame: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
Frame ID: 8FE9F56FFFCD51A80679F3D55D4F274C
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Canadian Visa Assessment - Payment

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Ionicons (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+ionicons(?:\.min)?\.css

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

47
Requests

100 %
HTTPS

64 %
IPv6

10
Domains

11
Subdomains

12
IPs

2
Countries

693 kB
Transfer

2005 kB
Size

16
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request online Show response
canadaims.site/payment/ 18 KB
6 KB 161ms
115ms Document
text/html 2606:4700:3036::6815:b73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_me

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:b73 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0aaaded84d116d173c7469789122d7771d592bcf88078dd8506493dfe4206a92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7c7e17a8ac5a18f7-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 15 May 2023 20:22:20 GMT
expires: -1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hA4GmrOf4THXCevVy%2FexXa00GT7cOntRTHxPeR8rqy%2FdicS9RNXpe9fDlj2jvw0J0uyMcAX9nxF1eTzNuiGP%2BdqNnzAniQ%2B2uN44iPYGTF3ZbLyPgn6pe%2B4DsGpLkBwLlr6sYzh3ueus7eiouw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 42ms
19ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C300italic%2C400italic%7CQuestrial%7CLora%3A400%2C700%2C400italic&ver=4.4.2&mod=1&num=1516616507

Requested by

Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_me

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ef777bd0809ca54263eacc7b8b456a7c5fc90589d6843b1a56b9a9f03c1b5bd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 May 2023 20:22:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 May 2023 20:22:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 May 2023 20:22:20 GMT

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/ 138 KB
22 KB 37ms
18ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css

Requested by

Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_me

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://canadaims.site/
Origin: https://canadaims.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:22:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 723
age: 27862
cdn-cachedat: 05/03/2023 13:34:43
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"04aca1f4cd3ec3c05a75a879f3be75a3"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: d2b281ed88bcdae1be2fdc5a8e0684cf
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7c7e17a98faf19b3-FRA
cdn-requestpullsuccess: True

GET
H2 200 izi_modal.min.css
canadaims.org/assets/payment_pages/register-39-new/css/ 84 KB
16 KB 79ms
18ms Stylesheet
text/css 2606:4700:3033::6815:456f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://canadaims.org/assets/payment_pages/register-39-new/css/izi_modal.min.css?rev=1daabd51d277cdc2b2712434d88f3c06
Requested by: Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_me
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e952979610647fcb810a38cb3d660b5df164a531f4cf24555ceaa9f4edc4f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:22:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29848
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 05 Aug 2021 07:30:16 GMT
server: cloudflare
etag: W/"610b9388-14f6e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bMAH%2BZhTqH0%2BJ8MZPYd%2F8efOgIEM4JmAHS%2FoHUJ3GwV7DDOeZz3a0X%2BCqcd4W0affrMbeUfCaDYarHwnvXzLPq8cXIPooBSnKmQyh5ruvm49d3Xoq7qplyb5x%2BI%2Fgip2zevqqJ70te8IAxDp"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7c7e17a9c8493650-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ionicons.min.css
canadaims.org/assets/payment_pages/register-39-new/css/ 42 KB
7 KB 78ms
17ms Stylesheet
text/css 2606:4700:3033::6815:456f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://canadaims.org/assets/payment_pages/register-39-new/css/ionicons.min.css?rev=1daabd51d277cdc2b2712434d88f3c06
Requested by: Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_me
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 268ecf688828cfdce59659a476ab0913b4e92556395ec549f12cf8194a6f8669

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:22:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29848
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 05 Aug 2021 07:30:16 GMT
server: cloudflare
etag: W/"610b9388-a7f6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hi4b8l%2B7aBEnUW06rAKQ2r%2Bnc4F4uIhdun8xCfy0Dppg6VZXj84dks89ZQTV9zsai4WosVfRfcUusJgHQI%2Fp16HpIFhVNITl%2FhNzFIRfHScMKyvBzx2XR1pZCalH6yIpAgEjZbhk%2FINkR9DC"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7c7e17a9c84a3650-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
canadaims.org/assets/payment_pages/register-39-new/css/ 15 KB
5 KB 76ms
16ms Stylesheet
text/css 2606:4700:3033::6815:456f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://canadaims.org/assets/payment_pages/register-39-new/css/style.css?rev=1daabd51d277cdc2b2712434d88f3c06
Requested by: Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_me
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0adb446c46bfb04eb747f952342d757469cf29733a3e5a124a28e0d94c2e03d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:22:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29848
cf-polished: origSize=47226
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 11 May 2023 07:52:14 GMT
server: cloudflare
etag: W/"645c9eae-b87a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ciwQ1k%2FyZRec6DR1khO678biC%2FR%2Fn2oUlWyC9wzWnI0NtEOhcBolJBE9NWIBF1cN6bg9lG%2BeA7o4yDou01DNgPCqMZ8CTRQg%2BvlvlPYsffv2FVl2ZjazTHUP3w58qGLyFNymwTbYWAh2UNt"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7c7e17a9c84b3650-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo-white.png
canadaims.org/assets/img/ 17 KB
17 KB 20ms
17ms Image
image/png 2606:4700:3033::6815:456f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canadaims.org/assets/img/logo-white.png?rev=1daabd51d277cdc2b2712434d88f3c06
Requested by: Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_me
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c49f381b5efb66e5c5cd15453336a9963f527a68d5f71ee091a910999e093ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:22:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29848
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17179
last-modified: Wed, 04 Aug 2021 07:22:14 GMT
server: cloudflare
etag: "610a4026-431b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nxxf5PeC8DrQQMPyQT9I%2FOKdtZXFQIUL7YxRlP%2FY7HjtpC%2FscNsMHq5c63PSfn9Uu%2B9tk9SVxp2AevgV2keAU4lqzKrp5Gx0mWECL9Gdpye88J64LyKK2RBFrSOrVD6%2FTIXpPdZvZ1Yi6Od2"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7c7e17aa189f3650-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 flag-canada.svg
canadaims.org/assets/img/ 1 KB
1 KB 18ms
16ms Image
image/svg+xml 2606:4700:3033::6815:456f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canadaims.org/assets/img/flag-canada.svg?rev=1daabd51d277cdc2b2712434d88f3c06
Requested by: Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_me
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aee034d31571969a8134d9e6afd5cfca4ee3a95a3111326f9170be403a66b3f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:22:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29848
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 13 Jun 2021 06:26:07 GMT
server: cloudflare
etag: W/"60c5a4ff-58f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0a9h9Xl0a%2BkoIVtrhxw%2F1APrsnhx6dMgcBCApnZdcD3k7ISZ9fVDk3tR2nDn1JqCu%2FzBhVLdX%2FdcGRFgryUBrLGI6e7eNDr4IxOl311CaVb66UQ4rI2%2F4tFIgly0pGDsKwF0prIqHV%2FvJ13O"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7c7e17aa18a03650-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 secure-payment.jpg
canadaims.org/assets/payment_pages/register-39-new/img/ 45 KB
45 KB 26ms
24ms Image
image/jpeg 2606:4700:3033::6815:456f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canadaims.org/assets/payment_pages/register-39-new/img/secure-payment.jpg?rev=1daabd51d277cdc2b2712434d88f3c06
Requested by: Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_me
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 464a3e62ca0ac77ca4070d5a5cd1bdc7346ee6c9459e037a8e0f612609bac8cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:22:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29848
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45832
last-modified: Thu, 23 Dec 2021 09:20:51 GMT
server: cloudflare
etag: "61c43f73-b308"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qlcqgN5jQReFwnGU6CYQUo016kPhYsdmaGy7ZdxNL9Jct8MmYU3k2JuESsov%2FQ9FEtXY9zZB%2FGFlZDQl1IMBIsHziUhakw6SnQKShQtwUJRvefGAH%2B%2B2BeOuTLRDEALGRPtjTjjvHEF%2BhYV5"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7c7e17aa18a23650-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 visa.svg
canadaims.org/assets/payment_pages/register-39-new/img/ 1 KB
1 KB 22ms
20ms Image
image/svg+xml 2606:4700:3033::6815:456f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canadaims.org/assets/payment_pages/register-39-new/img/visa.svg?rev=1daabd51d277cdc2b2712434d88f3c06
Requested by: Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_me
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c63a22d1299d8cf6a4a6e9cabf3ca03bac10f335b24fcd28899e8dd892d80af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:22:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29848
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 05 Aug 2021 07:30:16 GMT
server: cloudflare
etag: W/"610b9388-439"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hbvGLfPnydMweP2QhI10laG4xTKpsAknG5WFTwdpJeVulLORSO7%2FxEQIXcwZWBSMqcdqpd%2Fl2tfzGwpwqdt54rIeHz7b1rW4EUTbBAFH9U5HDTUXGaHQYWxsGc4Mtsq5OeXyIT9S2YM06WNh"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7c7e17aa18a33650-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mastercard.svg
canadaims.org/assets/payment_pages/register-39-new/img/ 941 B
748 B 23ms
21ms Image
image/svg+xml 2606:4700:3033::6815:456f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canadaims.org/assets/payment_pages/register-39-new/img/mastercard.svg?rev=1daabd51d277cdc2b2712434d88f3c06
Requested by: Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_me
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28ff9e3d6d2b1b4f2339912792253e58abdac2af4a1757a646b496b6d8b7aa92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:22:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29848
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 05 Aug 2021 07:30:16 GMT
server: cloudflare
etag: W/"610b9388-3ad"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=99j5QK2qpdakn8g3X4VqCyDkV%2F01DMSf9dZ4XB78hvnlXPXYLcPaORlhbMrEVLXmVLPWRffMynnhtpLRzl%2Fgq3S5%2BkI8Mc7zL9Nh0wVjsZKZMNR5VgP%2FE7HsayH3UTjQTtWIkuJYoxHJ%2Bx2g"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7c7e17aa18a43650-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 amex.svg
canadaims.org/assets/payment_pages/register-39-new/img/ 4 KB
2 KB 27ms
25ms Image
image/svg+xml 2606:4700:3033::6815:456f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canadaims.org/assets/payment_pages/register-39-new/img/amex.svg?rev=1daabd51d277cdc2b2712434d88f3c06
Requested by: Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_me
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e361fc4bbcf94c8347f03dad30ca336a35e5af07d9ea5c120b1316ed0be793e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:22:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29848
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 05 Aug 2021 07:30:16 GMT
server: cloudflare
etag: W/"610b9388-e2c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BNfWXYBwWPtGT5ApjRoodG4BAdyrfVBM5r8xxFP4GhAWficFsjf%2BpsmjSNzCbD9%2BmgeIw4YFt3oPU2uQ04uNcqWCLIyeOGNIGAk98ExTjB4AFM%2F2OJ6mLiLaLKjX4rxKCXCNFTddhMF1DGVv"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7c7e17aa18a53650-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ajax-loader.gif
canadaims.org/assets/payment_pages/register-39/img/ 404 B
713 B 21ms
19ms Image
image/gif 2606:4700:3033::6815:456f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canadaims.org/assets/payment_pages/register-39/img/ajax-loader.gif?rev=1daabd51d277cdc2b2712434d88f3c06
Requested by: Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_me
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5eb15c4e0aaf1b869522e71e5cf270931f273ad48a9e5067c9d46c4891e1850

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:22:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29848
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 404
last-modified: Sun, 13 Jun 2021 06:26:07 GMT
server: cloudflare
etag: "60c5a4ff-194"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tVJCQz72w%2B6CYteLfe81HpD9In9i5E4oWRM99Yp3YX3hvSoZLs65sqrwpsC19tixm3hjSOAcrG9bxgriWLp%2Bl%2Fny1domouQcN%2BpY0aTEY1RMAqLZV%2BZB8%2BRMvAaYk6TrrUb%2FqIas%2Be7v0niQ"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7c7e17aa18a63650-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 visa_mastercard_icon.jpg
canadaims.org/assets/payment_pages/register-39-new/img/ 21 KB
22 KB 35ms
34ms Image
image/jpeg 2606:4700:3033::6815:456f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canadaims.org/assets/payment_pages/register-39-new/img/visa_mastercard_icon.jpg?rev=1daabd51d277cdc2b2712434d88f3c06
Requested by: Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_me
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df5f2e0d7b97c6d81194c82bb415b3d9c9b89cab747dfb8192d034bd538acc10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:22:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29848
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21865
last-modified: Thu, 05 Aug 2021 07:30:16 GMT
server: cloudflare
etag: "610b9388-5569"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sNuqG7tkTVNgwyndRPrON5KLdqKImgLvwqZvyAt6c%2BKy5RXVgmwrZp5V4EnOkKKnmuqPG58ntZBHPH4Z8bCP3mRKM3Zqc9mQOpeWi94jsHHE5P%2F2xzpIEKOhFrs4bdKuzivioDYNmdxcWeOb"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7c7e17aa18a73650-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 email-decode.min.js Show response
canadaims.site/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 10ms
9ms Script
application/javascript 2606:4700:3036::6815:b73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://canadaims.site/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_me

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:b73 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:22:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 May 2023 12:05:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"645e2b95-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FTCtjieej3%2FGN1padCKL9WMiaBeLi3Q%2BI4uRoWg4SQKZAM4CzTaj21rT0Ak%2F6QccNU3fm2WY1GYlaKCk9nUARF6gXVTQdgusfUchwAOpibeaYCeOeMARtFj3sOhr9tAlwH3rgW2o7fk%2BV2Qb%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7c7e17a9ee4518f7-FRA
expires: Wed, 17 May 2023 20:22:20 GMT

GET
H2 200 app.js Show response
canadaims.org/assets/payment_pages/register-39-new/js/ 118 KB
40 KB 17ms
17ms Script
application/javascript 2606:4700:3033::6815:456f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://canadaims.org/assets/payment_pages/register-39-new/js/app.js?rev=1daabd51d277cdc2b2712434d88f3c06
Requested by: Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_me
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19f7915b03f0e23ea7c65a34999f887348c820013397aa6cc627562db02305d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:22:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29848
cf-polished: origSize=121206
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 05 Aug 2021 07:30:16 GMT
server: cloudflare
etag: W/"610b9388-1d976"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j3MBnErXZ9%2FuzhZw%2FP%2Fc6yD8F%2FIwsLAg42r77mh9QqTVnr%2FPB%2Be7uoprBARAxl%2B%2FQ7B%2FVw3PZoQTYB3giMG46IzFzUsyDDC19NDr63thWW0SmAomM4lRZbEnFLHT73GtYPIF1cUSnrdbGl8i"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7c7e17a9e8763650-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 payment.js Show response
canadaims.org/assets/promo/ 282 KB
100 KB 29ms
26ms Script
application/javascript 2606:4700:3033::6815:456f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://canadaims.org/assets/promo/payment.js?id=801f1a719a7f2ad99a56
Requested by: Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_me
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c54f26d6d13c08760021f5fed17abef51c2dc66886fcb51f2efe52a450c2c399

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:22:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1247513
cf-polished: origSize=288332
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 06 Sep 2022 09:10:58 GMT
server: cloudflare
etag: W/"63170ea2-4664c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BaULPNOKvvBPfT2XyorjcE5Z5EKA5iM0IQkBkGXcWg8hWSzcE%2BvKjCN%2F1f3e%2Fc2xIcVcUng35jV%2Fdzwj3C3kq1LUxSu0HEyn%2BEo%2FNPb73Polmwc7EEP5t64g2C6k3PyXxZ%2FkxLWwNpowN17d"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7c7e17aa189c3650-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK Atsc.js Show response
atsc.activetrail.com/Scripts/ 100 KB
25 KB 69ms
14ms Script
application/javascript 107.154.114.122
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://atsc.activetrail.com/Scripts/Atsc.js

Requested by

Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_me

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.154.114.122 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.114.122.ip.incapdns.net

Software

Resource Hash

eaeb4358a9dc8f778d59a6fd3ff160a1572f8eddb9b36ff45b253f4c19b5aace

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 20:22:20 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
Last-Modified: Wed, 07 Dec 2022 18:00:14 GMT
X-CDN: Imperva
Etag: "a3c99cc165ad91:0"
Content-Type: application/javascript
X-Iinfo: 13-210084443-0 0CNN RT(1684182140506 14) q(0 -1 -1 1) r(0 -1)
Cache-Control: max-age=7943, public
Content-Length: 25021
Expires: Mon, 15 May 2023 22:34:43 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 43ms
14ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_me

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 15 May 2023 20:22:20 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27538
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: hPw3aTPI4pFvNzqsSmv8cyW30InYayXuk0OKfPXM6Fd+RyVjc9p4Sa2bmZ1thAj8JU4rPNARxfDHAL6Gde/YMg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), gyroscope=(), idle-detection=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 22 KB
7 KB 43ms
12ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_me
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4ad5f5e1be2bfad0b36f324d134a09956a3bb0c2c6b824b20a237a1f8c96cfd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 20:22:20 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 May 2023 06:28:15 GMT
Server: AkamaiNetStorage
ETag: "5eb6cb81dec36b8e936c154fb603efbb:1683181933.901167"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: EU
Cache-Control: max-age=1200
X-CC: DE
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6835
Expires: Mon, 15 May 2023 20:42:20 GMT

GET
H2 200 ic_check-blue.png
canadaims.org/assets/payment_pages/register-39-new/img/ 356 B
659 B 22ms
21ms Image
image/png 2606:4700:3033::6815:456f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canadaims.org/assets/payment_pages/register-39-new/img/ic_check-blue.png
Requested by: Host: canadaims.org
URL: https://canadaims.org/assets/payment_pages/register-39-new/css/style.css?rev=1daabd51d277cdc2b2712434d88f3c06
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5495d496be9c71d1c741d8aca0f6751cc1085b2fef0d5fc83facfcbb49d402cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.org/assets/payment_pages/register-39-new/css/style.css?rev=1daabd51d277cdc2b2712434d88f3c06
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:22:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1247512
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 356
last-modified: Thu, 05 Aug 2021 07:30:16 GMT
server: cloudflare
etag: "610b9388-164"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X6sG8q0hQ%2B74YrcF%2F6NW9f4yDptMtYFF1ZX1arrunWcz8qahyYO3fED4pcZRQlgusK2iYdgznC1phlt3HQ8GEPabIFnzYij13Gpp4GeIDvXQvK6qRMWQoJqXaTJydd5Y3%2BTQc5xsyPvndIzv"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7c7e17aa18b43650-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sale-get-67.png
canadaims.org/assets/payment_pages/register-39-new/img/ 7 KB
8 KB 30ms
29ms Image
image/png 2606:4700:3033::6815:456f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canadaims.org/assets/payment_pages/register-39-new/img/sale-get-67.png
Requested by: Host: canadaims.org
URL: https://canadaims.org/assets/payment_pages/register-39-new/css/style.css?rev=1daabd51d277cdc2b2712434d88f3c06
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99574ca4c4e1a9479820b30d2f193cca2a3c65e6ec6433f23403a53e07c3b249

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.org/assets/payment_pages/register-39-new/css/style.css?rev=1daabd51d277cdc2b2712434d88f3c06
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:22:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 322749
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7177
last-modified: Thu, 05 Aug 2021 07:30:16 GMT
server: cloudflare
etag: "610b9388-1c09"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MdQ1jUPLt1bLev4QBPfJrbtdFi5PDbG50q4%2BDQXubvnNYzbIuhgpTQnSVuWNTDIgL1MA73jIXMTgMCTa0Ksp4wfQoqnfNSsJ3iWBBGjhEc0Cu3T3On%2FKvPVWAZzkxZ%2BLohxb8AkFiEw%2Fxlar"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7c7e17aa18bb3650-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ic_check.png
canadaims.org/assets/payment_pages/register-39-new/img/ 301 B
622 B 30ms
30ms Image
image/png 2606:4700:3033::6815:456f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canadaims.org/assets/payment_pages/register-39-new/img/ic_check.png
Requested by: Host: canadaims.org
URL: https://canadaims.org/assets/payment_pages/register-39-new/css/style.css?rev=1daabd51d277cdc2b2712434d88f3c06
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91c255abf46f0cbba8d277092947f14ff53d81e8f7a0c8894987260967c30f89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.org/assets/payment_pages/register-39-new/css/style.css?rev=1daabd51d277cdc2b2712434d88f3c06
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:22:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 917364
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 301
last-modified: Thu, 05 Aug 2021 07:30:16 GMT
server: cloudflare
etag: "610b9388-12d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cHRttGqT8SEfv8jcxXrXY1IpoL4nB26WgE1Ib9BJuzfwDRLBK5G8W4IxhSTIxtxlZOeD%2FoLLBP1KKs3doIcE4WWd6wJ9smniG2rx3qaO8rJrYibGLFpH3kIQf3wqKBpoP6iOWRjovc4mSl9N"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7c7e17aa18bf3650-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 48ms
17ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C300italic%2C400italic%7CQuestrial%7CLora%3A400%2C700%2C400italic&ver=4.4.2&mod=1&num=1516616507

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://canadaims.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 11:05:17 GMT
x-content-type-options: nosniff
age: 206223
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 11:05:17 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 44ms
13ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://canadaims.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 00:06:44 GMT
x-content-type-options: nosniff
age: 245736
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 00:06:44 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58fae867d4233278b416681e54d0b2c8635d938cc7d86f99c790bc64f02aaa3e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 S6uyw4BMUTPHjxAwXjeu.woff2
fonts.gstatic.com/s/lato/v24/ 5 KB
5 KB 30ms
23ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjxAwXjeu.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c2fc265baaeba4f3f5b8c7285b93343aead25590f08be73d3056718b376c5d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://canadaims.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 21:14:09 GMT
x-content-type-options: nosniff
age: 256091
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5472
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 May 2024 21:14:09 GMT

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
194 B 375ms
90ms Script
application/javascript 70.42.32.223
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=004d85522db67f9ac2c7ad5cf4dfc36731
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 20:22:20 GMT
X-TraceId: 0f5c110568650774bd9cac85ec6557fe
Content-Length: 35
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
225 B 376ms
90ms Image
image/gif 70.42.32.223
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?optOut=false&bust=09976149794126641&referrer=&marketerId=004d85522db67f9ac2c7ad5cf4dfc36731&name=PAGE_VIEW&dl=https%3A%2F%2Fcanadaims.site%2Fpayment%2Fonline%3Ft%3Dyo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB%26lang%3Den%26utm_source%3DAT%26utm_me&g=0&obApiVersion=1.1&obtpVersion=2.0.5
Requested by: Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_me
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 20:22:20 GMT
Cache-Control: no-cache
X-TraceId: 75231c3f8d3d411eaf5bce1e0ea34876
Content-Length: 53
Content-Type: image/gif;

GET
H2 200 736982827679314 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 10ms
10ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/736982827679314?v=2.9.104&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a5b504f73bda2bfe1c75e5008e4dd2eb300f61fba18e54c2787a2b5991ece7b5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
date: Mon, 15 May 2023 20:22:20 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87985
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: zv6G6Vtn4M7+xOPyypPKLxFYeyu5kPSKKw03fbmsVzqzzQw8Gsp7w0zgfX8C+bsrpXawuq0mduW/AscIpeMHdQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), idle-detection=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 iframenew.php Show response
direct.tranzila.com/indigoims/ Frame 8FE9 10 KB
3 KB 159ms
110ms Document
text/html 45.223.128.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2

Requested by

Host: canadaims.org
URL: https://canadaims.org/assets/promo/payment.js?id=801f1a719a7f2ad99a56

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.128.234 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

491363d9d36777de5d688772010427bd5ffce0b453b76aacc36aec140a2799df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	0

Request headers

Referer: https://canadaims.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 15 May 2023 20:22:20 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
p3p: CP="HONK IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma: no-cache
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
x-iinfo: 12-96772524-96311124 pNYN RT(1684182139794 13) q(0 0 0 1) r(1 1) U24
x-xss-protection: 0

GET
H2 200 jquery-3.6.0.min.js Show response
direct.tranzila.com/Tranzila_files/ Frame 8FE9 87 KB
31 KB 78ms
76ms Script
application/javascript 45.223.128.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://direct.tranzila.com/Tranzila_files/jquery-3.6.0.min.js

Requested by

Host: direct.tranzila.com
URL: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.128.234 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

6c5553217c782b518e313cb40a8de37438437a417df3f61e0cf020eadfd64f15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:22:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Tue, 27 Jul 2021 04:17:22 GMT
server: Apache
x-cdn: Imperva
etag: "15d9e-5c81325765880"
content-type: application/javascript
x-iinfo: 12-96772524-96311124 pNYN RT(1684182139794 127) q(0 0 0 -1) r(0 0) U24
accept-ranges: bytes

GET
H2 200 paypage.js Show response
direct.tranzila.com/Tranzila_files/ Frame 8FE9 28 KB
6 KB 237ms
235ms Script
application/javascript 45.223.128.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://direct.tranzila.com/Tranzila_files/paypage.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.128.234 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

1e6190e853d76f902e8508db1dc5160719dcb367aa39652f8e508a7e1793966c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:22:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Sun, 01 Nov 2020 09:32:54 GMT
server: Apache
x-cdn: Imperva
etag: "6ee4-5b308507a525b"
content-type: application/javascript
x-iinfo: 12-96772524-96772557 nNYN RT(1684182139794 146) q(0 0 1 -1) r(2 2) U24
accept-ranges: bytes

GET
H2 200 bootstrap.js Show response
direct.tranzila.com/Tranzila_files/ Frame 8FE9 36 KB
10 KB 295ms
293ms Script
application/javascript 45.223.128.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://direct.tranzila.com/Tranzila_files/bootstrap.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.128.234 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:22:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 31 May 2018 05:37:10 GMT
server: Apache
x-cdn: Imperva
etag: "90bb-56d79dbd63d6f"
content-type: application/javascript
x-iinfo: 12-96772524-96772559 NNYN CT(57 135 0) RT(1684182139794 151) q(0 0 2 -1) r(3 3) U24
accept-ranges: bytes

GET
H2 200 swiperead.js Show response
direct.tranzila.com/Tranzila_files/ Frame 8FE9 3 KB
956 B 82ms
82ms Script
application/javascript 45.223.128.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://direct.tranzila.com/Tranzila_files/swiperead.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.128.234 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

0d9015f3ce1fa9101ab5f71c72ef162f49c2f7c4c8ee4031ce4861fbdb8d22ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:22:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 28 Nov 2019 07:01:25 GMT
server: Apache
x-cdn: Imperva
etag: "a58-59862ae852c2b"
content-type: application/javascript
x-iinfo: 12-96772524-96772557 pNYN RT(1684182139794 489) q(0 0 0 -1) r(1 1) U24
accept-ranges: bytes

GET
H2 200 bootstrap-select.js Show response
direct.tranzila.com/Tranzila_files/ Frame 8FE9 33 KB
10 KB 176ms
173ms Script
application/javascript 45.223.128.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://direct.tranzila.com/Tranzila_files/bootstrap-select.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.128.234 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

a0d767503b35050c0e0c0dfece0083131e7b74ea8d37cc734aa9d01fd7be2225

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:22:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 31 May 2018 05:37:10 GMT
server: Apache
x-cdn: Imperva
etag: "826b-56d79dbd63d6f"
content-type: application/javascript
x-iinfo: 12-96772524-96311124 pNYN RT(1684182139794 154) q(0 1 1 -1) r(1 1) U24
accept-ranges: bytes

GET
H2 200 npay.js Show response
direct.tranzila.com/js/ Frame 8FE9 27 KB
6 KB 264ms
262ms Script
application/javascript 45.223.128.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://direct.tranzila.com/js/npay.js?V=NP4836

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.128.234 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

f19c9aabdf9c1baee0d664981765f525f5140e990a409193db96806b5c3e8782

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:22:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Sun, 29 Jan 2023 12:18:15 GMT
server: Apache
x-cdn: Imperva
etag: "6beb-5f36617d26505"
content-type: application/javascript
x-iinfo: 12-96772524-96311124 pNYN RT(1684182139794 161) q(0 2 2 -1) r(2 2) U24
accept-ranges: bytes

GET
H2 200 bootstrap-select.css
direct.tranzila.com/Tranzila_files/ Frame 8FE9 6 KB
2 KB 245ms
243ms Stylesheet
text/css 45.223.128.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://direct.tranzila.com/Tranzila_files/bootstrap-select.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.128.234 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

feeb377a08b6715a7498491547c727a8bb2e0d8e819ab0eebd33d4b84af51c94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:22:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 31 May 2018 05:37:10 GMT
server: Apache
x-cdn: Imperva
etag: "19ff-56d79dbd63d6f"
content-type: text/css
x-iinfo: 12-96772524-96772549 nNYN RT(1684182139794 134) q(0 0 1 -1) r(2 2) U24
accept-ranges: bytes

GET
H2 200 tranzila_ltr.css
direct.tranzila.com/Tranzila_files/ Frame 8FE9 16 KB
4 KB 207ms
205ms Stylesheet
text/css 45.223.128.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://direct.tranzila.com/Tranzila_files/tranzila_ltr.css?v=np5787

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.128.234 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

9fc53ceee48294497a4b31772e7f5c7f3b6674fcdcb829acba747dbcb4cbeb47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:22:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 11 Jan 2023 07:05:18 GMT
server: Apache
x-cdn: Imperva
etag: "40a0-5f1f79f81256f"
content-type: text/css
x-iinfo: 12-96772524-96772551 nNYN RT(1684182139794 138) q(0 0 1 -1) r(2 2) U24
accept-ranges: bytes

GET
H2 200 bootstrap.css
direct.tranzila.com/Tranzila_files/ Frame 8FE9 118 KB
20 KB 234ms
233ms Stylesheet
text/css 45.223.128.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://direct.tranzila.com/Tranzila_files/bootstrap.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.128.234 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

0670d6116476b903b1198d6521ae6684eb2b04b954b9cb06085170333a7f9477

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:22:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 31 May 2018 05:37:10 GMT
server: Apache
x-cdn: Imperva
etag: "1d973-56d79dbd63d6f"
content-type: text/css
x-iinfo: 12-96772524-96772554 nNYN RT(1684182139794 141) q(0 0 1 -1) r(2 2) U24
accept-ranges: bytes

GET
H2 200 global_card.png
direct.tranzila.com/Tranzila_files/ Frame 8FE9 972 B
1 KB 79ms
79ms Image
image/png 45.223.128.234
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://direct.tranzila.com/Tranzila_files/global_card.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.128.234 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

fab9750756035f2cd8da31a27c1baee63e797250e4d3152e086fee3df5f685dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:22:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 31 May 2018 05:37:10 GMT
server: Apache
x-cdn: Imperva
etag: "3cc-56d79dbd64157"
content-type: image/png
x-iinfo: 12-96772524-96772554 pNNN RT(1684182139794 547) q(0 0 0 -1) r(1 1) U24
accept-ranges: bytes
content-length: 972

GET
H2 200 visa_mastercard_cvv.png
direct.tranzila.com/Tranzila_files/ Frame 8FE9 24 KB
24 KB 76ms
75ms Image
image/png 45.223.128.234
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://direct.tranzila.com/Tranzila_files/visa_mastercard_cvv.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.128.234 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

d8dddf02754ec659f8409e1554e6b01aaf4b69a66d0eefe40aee860b8b1f0c38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:22:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Tue, 10 Dec 2019 08:08:25 GMT
server: Apache
x-cdn: Imperva
etag: "5f8a-59955042ed040"
content-type: image/png
x-iinfo: 12-96772524-96772551 pNNN RT(1684182139794 554) q(0 0 0 -1) r(1 1) U24
accept-ranges: bytes
content-length: 24458

GET
H2 200 amex_cvv.png
direct.tranzila.com/Tranzila_files/ Frame 8FE9 21 KB
22 KB 91ms
90ms Image
image/png 45.223.128.234
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://direct.tranzila.com/Tranzila_files/amex_cvv.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.128.234 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

a98c3bef1bd7c3042a1728fa62ccbb89c7d15726eac18870a34bdf02563690c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:22:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Tue, 10 Dec 2019 08:08:36 GMT
server: Apache
x-cdn: Imperva
etag: "55ad-5995504d6a900"
content-type: image/png
x-iinfo: 12-96772524-96311124 pNNN RT(1684182139794 558) q(0 0 0 -1) r(1 1) U24
accept-ranges: bytes
content-length: 21933

GET
H2 200 _Incapsula_Resource Show response
direct.tranzila.com/ Frame 8FE9 141 KB
20 KB 25ms
24ms Script
application/javascript 45.223.128.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://direct.tranzila.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1583873434

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.128.234 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ddea41b7db978bdbb89bf56f3dceb764b01c4e0bf99e51b83e0a9a2eceea119c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 20504
content-type: application/javascript

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 8FE9 51 KB
21 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://direct.tranzila.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 15 May 2023 19:05:00 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 4641
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Mon, 15 May 2023 21:05:00 GMT

GET
H2 200 opensanshebrew-regular-webfont.woff
direct.tranzila.com/Tranzila_files/fonts/ Frame 8FE9 13 KB
14 KB 95ms
95ms Font
application/font-woff 45.223.128.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://direct.tranzila.com/Tranzila_files/fonts/opensanshebrew-regular-webfont.woff

Requested by

Host: direct.tranzila.com
URL: https://direct.tranzila.com/Tranzila_files/tranzila_ltr.css?v=np5787

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.128.234 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

636f52528d61a565f93b83ec8fa646435c1b64f67ba5f4db64314f1692214fa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://direct.tranzila.com/Tranzila_files/tranzila_ltr.css?v=np5787
Origin: https://direct.tranzila.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:22:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Tue, 03 Jul 2018 09:14:53 GMT
server: Apache
x-cdn: Imperva
etag: "35f0-57014bf38e6d1"
content-type: application/font-woff
x-iinfo: 12-96772524-96772549 pNYN RT(1684182139794 571) q(0 0 0 -1) r(1 1) U24
accept-ranges: bytes

GET
H2 200 question.png
direct.tranzila.com/Tranzila_files/ Frame 8FE9 3 KB
4 KB 103ms
103ms Image
image/png 45.223.128.234
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://direct.tranzila.com/Tranzila_files/question.png

Requested by

Host: direct.tranzila.com
URL: https://direct.tranzila.com/Tranzila_files/tranzila_ltr.css?v=np5787

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.128.234 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

d7b80047a07fff19686807114f70128253c0f5bc4414230554d491fe44c77626

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://direct.tranzila.com/Tranzila_files/tranzila_ltr.css?v=np5787
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:22:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 31 May 2018 05:37:10 GMT
server: Apache
x-cdn: Imperva
etag: "d88-56d79dbd64d0f"
content-type: image/png
x-iinfo: 12-96772524-96772557 pNNN RT(1684182139794 585) q(0 0 0 -1) r(1 1) U24
accept-ranges: bytes
content-length: 3464

GET
H2 200 _Incapsula_Resource
direct.tranzila.com/ Frame 8FE9 1 B
36 B 13ms
8ms Image
text/plain 45.223.128.234
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://direct.tranzila.com/_Incapsula_Resource?SWKMTFSR=1&e=0.7863331430352465

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.128.234 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
canadaims.site/	1970-01-20 11:59:46	Name: last_seen Value: eyJpdiI6IjZQU1NQOFwvOVdJS0NUVW1sQ2pYVytRPT0iLCJ2YWx1ZSI6IlNsZnBsUmhjNDFySTJ1OTJIOW5XeHc9PSIsIm1hYyI6IjA1NDllZDgzN2I1ZTNlM2MzODQwMGZlMTQ4ZjY1NGRhYTI2M2Y3OWQ4ZTY4OWRkODA0NzRjZjQzZjZiNDQxNjAifQ%3D%3D
canadaims.site/	1970-01-20 11:51:08	Name: XSRF-TOKEN Value: eyJpdiI6IkhqMTRBSWJORVVhbnlWY3NKYUJOa1E9PSIsInZhbHVlIjoiRGFSOFowT3FyYXlRekVqajg3STFQbTBZdXpqZFVsUnkzTzFvTE85MjFhcDZ0YnF2WHozQnp4YzBBQytzTG1idCIsIm1hYyI6IjEwMGMxMWJlODEzNWFiNmJiOTczY2FjYWNjNDMyODAyYzk5NTAzZGVlZDIyZTU1MGMwMTc2ODE0ZmQ0MmNjNWIifQ%3D%3D
canadaims.site/	1970-01-20 11:51:08	Name: canadaimsorg_session Value: eyJpdiI6IlIzVWF3YkdZOEluKytKYjlrc3RBZ0E9PSIsInZhbHVlIjoibGZ6eUs1RmJsS08xQ2Y2Y3g1Z3NqT09KOVlyWEllUWpcL0dUYW1UY3NONUNoQ01wZWd2R2JHNmV1WWcxeEVOWWoiLCJtYWMiOiI2YjU1MGEwN2NmZWZjMmNmNmRkNjRiNmM1ZTdkMjVlNDBhNmQ1ODZjNzU4OWMzYTI5YzljMTlkNDQ2ZDE2MDM4In0%3D
canadaims.site/	1970-01-20 13:16:06	Name: utm Value: eyJpdiI6InVDZUdiaWpYNWw0NWwrWmJhRkN4bmc9PSIsInZhbHVlIjoic3MxR0FSNlc3Q2lXdEg0S1F5Y1g0UHZmc2xieEdNa1hYUWVHMDR3Z3MxTHBMVDg3Mnl5bXYybVM1Uk91OERlMTZnYlp2STNCUlZxazdyK1ZsRzV1SVE9PSIsIm1hYyI6ImMwMzMwYTEwNTgzOTRlMjQwMTA2NDA1OTgzMzJjY2E3YjM2MDlkODljMjNmMjhiNjIxN2NmYmFhODYxMjhjODAifQ%3D%3D
canadaims.site/	1970-01-20 20:28:06	Name: lang Value: en
canadaims.site/	1970-01-20 13:59:18	Name: payment_token Value: eyJpdiI6IjR2WlJcL0NFTWp0ZFNkM2dJckFyRnV3PT0iLCJ2YWx1ZSI6IldzbnNTZjZzT1VpZE9IMnR3eDNvYWtHOXRyUDBlc2pxZlJEY1wvRE5tdkkxSHFVa2ZcL3c3OXBJRVRWbG9uK21lbTVrMzREQVgrNDdSMUNqalR1QWliYnc9PSIsIm1hYyI6ImQ3M2ZhODk1MWY2MGE0Y2M5OTA5ZTZiYTJhYjE3NjhhZGM2MGM5NDkxZjU2MTA4NTE5YTI0N2RiNDAyODQxMzYifQ%3D%3D
.activetrail.com/	1970-01-20 20:34:00	Name: visid_incap_885708 Value: NeNGCPoOSfG8BNisqjb+onyUYmQAAAAAQUIPAAAAAADIH17kIolt2laoDqMGE9+T
.activetrail.com/	1969-12-31 23:59:59	Name: incap_ses_260_885708 Value: jnI7d1bpWQPhuVeEGLWbA3yUYmQAAAAATknj+UFRganUj8nbuuuJ3w==
canadaims.site/	1970-01-20 16:12:30	Name: _pk_ref.dd9d8ac6-3094-47f6-90d9-a8b59ab8149e.2a8d Value: %5B%22AT%22%2C%22%22%2C1684182141%2C%22%22%5D
canadaims.site/	1970-01-20 21:15:37	Name: _pk_id.dd9d8ac6-3094-47f6-90d9-a8b59ab8149e.2a8d Value: b6589fc6ab0dc82c.1684182141.1.1684182141.1684182141.
canadaims.site/	1970-01-20 11:49:43	Name: _pk_ses.dd9d8ac6-3094-47f6-90d9-a8b59ab8149e.2a8d Value: *
.direct.tranzila.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: qdni4722145r2mfcj62gihpfd6
.tranzila.com/	1970-01-20 20:34:38	Name: visid_incap_2533233 Value: cnInLTuZTU6nmdy4Ur7/1XuUYmQAAAAAQUIPAAAAAAD2NX3Am+1F8KcC+2h5te0V
.tranzila.com/	1969-12-31 23:59:59	Name: incap_ses_8219_2533233 Value: ni0/ObYwBkkR3wbqKcIPcnuUYmQAAAAATDQh1fgBt3Cs+OIiqpUy8A==
canadaims.site/	1970-01-20 11:49:42	Name: outbrain_cid_fetch Value: true
.tranzila.com/	1969-12-31 23:59:59	Name: nlbi_2533233 Value: tL/2LIPqNyTy7Em//LqpegAAAAAQBWcP99G49jKLiq48JsuD

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amplify.outbrain.com
atsc.activetrail.com
canadaims.org
canadaims.site
connect.facebook.net
direct.tranzila.com
fonts.googleapis.com
fonts.gstatic.com
stackpath.bootstrapcdn.com
tr.outbrain.com
www.google-analytics.com
107.154.114.122
23.35.237.86
2606:4700:3033::6815:456f
2606:4700:3036::6815:b73
2606:4700::6812:acf
2a00:1450:4001:828::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82a::200e
2a03:2880:f084:d:face:b00c:0:3
45.223.128.234
70.42.32.223
0670d6116476b903b1198d6521ae6684eb2b04b954b9cb06085170333a7f9477
0aaaded84d116d173c7469789122d7771d592bcf88078dd8506493dfe4206a92
0adb446c46bfb04eb747f952342d757469cf29733a3e5a124a28e0d94c2e03d8
0c63a22d1299d8cf6a4a6e9cabf3ca03bac10f335b24fcd28899e8dd892d80af
0d9015f3ce1fa9101ab5f71c72ef162f49c2f7c4c8ee4031ce4861fbdb8d22ba
0e952979610647fcb810a38cb3d660b5df164a531f4cf24555ceaa9f4edc4f0e
19f7915b03f0e23ea7c65a34999f887348c820013397aa6cc627562db02305d3
1c2fc265baaeba4f3f5b8c7285b93343aead25590f08be73d3056718b376c5d7
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1e6190e853d76f902e8508db1dc5160719dcb367aa39652f8e508a7e1793966c
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
268ecf688828cfdce59659a476ab0913b4e92556395ec549f12cf8194a6f8669
28ff9e3d6d2b1b4f2339912792253e58abdac2af4a1757a646b496b6d8b7aa92
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64
464a3e62ca0ac77ca4070d5a5cd1bdc7346ee6c9459e037a8e0f612609bac8cb
491363d9d36777de5d688772010427bd5ffce0b453b76aacc36aec140a2799df
4ad5f5e1be2bfad0b36f324d134a09956a3bb0c2c6b824b20a237a1f8c96cfd2
5495d496be9c71d1c741d8aca0f6751cc1085b2fef0d5fc83facfcbb49d402cb
58fae867d4233278b416681e54d0b2c8635d938cc7d86f99c790bc64f02aaa3e
636f52528d61a565f93b83ec8fa646435c1b64f67ba5f4db64314f1692214fa7
6c5553217c782b518e313cb40a8de37438437a417df3f61e0cf020eadfd64f15
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91c255abf46f0cbba8d277092947f14ff53d81e8f7a0c8894987260967c30f89
99574ca4c4e1a9479820b30d2f193cca2a3c65e6ec6433f23403a53e07c3b249
9c49f381b5efb66e5c5cd15453336a9963f527a68d5f71ee091a910999e093ec
9fc53ceee48294497a4b31772e7f5c7f3b6674fcdcb829acba747dbcb4cbeb47
a0d767503b35050c0e0c0dfece0083131e7b74ea8d37cc734aa9d01fd7be2225
a5b504f73bda2bfe1c75e5008e4dd2eb300f61fba18e54c2787a2b5991ece7b5
a98c3bef1bd7c3042a1728fa62ccbb89c7d15726eac18870a34bdf02563690c0
aee034d31571969a8134d9e6afd5cfca4ee3a95a3111326f9170be403a66b3f6
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c54f26d6d13c08760021f5fed17abef51c2dc66886fcb51f2efe52a450c2c399
d7b80047a07fff19686807114f70128253c0f5bc4414230554d491fe44c77626
d8dddf02754ec659f8409e1554e6b01aaf4b69a66d0eefe40aee860b8b1f0c38
ddea41b7db978bdbb89bf56f3dceb764b01c4e0bf99e51b83e0a9a2eceea119c
df5f2e0d7b97c6d81194c82bb415b3d9c9b89cab747dfb8192d034bd538acc10
e361fc4bbcf94c8347f03dad30ca336a35e5af07d9ea5c120b1316ed0be793e8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5eb15c4e0aaf1b869522e71e5cf270931f273ad48a9e5067c9d46c4891e1850
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eaeb4358a9dc8f778d59a6fd3ff160a1572f8eddb9b36ff45b253f4c19b5aace
ef777bd0809ca54263eacc7b8b456a7c5fc90589d6843b1a56b9a9f03c1b5bd8
f19c9aabdf9c1baee0d664981765f525f5140e990a409193db96806b5c3e8782
fab9750756035f2cd8da31a27c1baee63e797250e4d3152e086fee3df5f685dd
feeb377a08b6715a7498491547c727a8bb2e0d8e819ab0eebd33d4b84af51c94

canadaims.site Open in urlscan Pro 2606:4700:3036::6815:b73 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

47 Requests

100 %HTTPS

64 %IPv6

10 Domains

11 Subdomains

12 IPs

2 Countries

693 kBTransfer

2005 kBSize

16 Cookies

0 Outgoing links

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

canadaims.site Open in urlscan Pro
2606:4700:3036::6815:b73 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

100 %
HTTPS

64 %
IPv6

10
Domains

11
Subdomains

12
IPs

2
Countries

693 kB
Transfer

2005 kB
Size

16
Cookies

47 HTTP transactions
1 data transactions