apply.boroloans.ca Open in urlscan Pro
54.197.224.139 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://apply.boroloans.ca/
Submission Tags: @phishunt_io
Submission: On October 06 via api (October 6th 2022, 12:35:45 am UTC) from DE — Scanned from CA

Summary HTTP 106 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 49 IPs in 4 countries across 45 domains to perform 106 HTTP transactions. The main IP is 54.197.224.139, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is apply.boroloans.ca.
TLS certificate: Issued by R3 on October 5th 2022. Valid for: 3 months.

This is the only time apply.boroloans.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	54.197.224.139 54.197.224.139	14618 (AMAZON-AES) (AMAZON-AES)
8	52.85.61.124 52.85.61.124	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:20:... 2606:4700:20::681a:7ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	51.91.31.155 51.91.31.155	16276 (OVH) (OVH)
1	2606:4700:20:... 2606:4700:20::681a:3ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.156.184.54 108.156.184.54	16509 (AMAZON-02) (AMAZON-02)
3	2a04:4e42:200... 2a04:4e42:200::729	54113 (FASTLY) (FASTLY)
1	205.234.175.175 205.234.175.175	30081 (CACHENETW...) (CACHENETWORKS)
3	54.84.91.180 54.84.91.180	14618 (AMAZON-AES) (AMAZON-AES)
2	2607:f8b0:400... 2607:f8b0:4006:821::2008	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:821::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700:10:... 2606:4700:10::6816:225c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:821::2003	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:81e::200e	15169 (GOOGLE) (GOOGLE)
1	2600:141b:13:... 2600:141b:13::17d7:82d0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 8	2600:9000:23c... 2600:9000:23cb:3c00:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	142.250.65.226 142.250.65.226	15169 (GOOGLE) (GOOGLE)
3	2620:116:800b... 2620:116:800b:21:b08a:1dc5:659b:4055	14618 (AMAZON-AES) (AMAZON-AES)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	146.75.28.157 146.75.28.157	54113 (FASTLY) (FASTLY)
3	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	13.225.63.13 13.225.63.13	16509 (AMAZON-02) (AMAZON-02)
2	2600:141b:900... 2600:141b:9000:59d::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	108.138.113.246 108.138.113.246	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:24f... 2600:9000:24f0:f200:c:7d55:b3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::9a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:806::2002	15169 (GOOGLE) (GOOGLE)
2	2600:9000:21d... 2600:9000:21dd:ce00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	104.18.101.194 104.18.101.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.226.39.77 13.226.39.77	16509 (AMAZON-02) (AMAZON-02)
1	3.126.133.169 3.126.133.169	16509 (AMAZON-02) (AMAZON-02)
1 6	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:820::2004	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81e::2003	15169 (GOOGLE) (GOOGLE)
7 9	52.1.101.111 52.1.101.111	14618 (AMAZON-AES) (AMAZON-AES)
3	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
2	2600:9000:21d... 2600:9000:21dd:9600:11:615:7240:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:bdf::40 2620:1ec:bdf::40	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.45.33.138 52.45.33.138	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
1 2	68.67.160.75 68.67.160.75	29990 (ASN-APPNEX) (ASN-APPNEX)
2 3	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
2 2	107.178.254.65 107.178.254.65	15169 (GOOGLE) (GOOGLE)
2 2	142.250.80.98 142.250.80.98	15169 (GOOGLE) (GOOGLE)
1 1	34.98.67.3 34.98.67.3	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	173.223.56.237 173.223.56.237	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	107.178.246.49 107.178.246.49	15169 (GOOGLE) (GOOGLE)
2	104.45.184.134 104.45.184.134	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	20.110.81.91 20.110.81.91	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
106	49

1 54.197.224.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-224-139.compute-1.amazonaws.com

apply.boroloans.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.85.61.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-124.ewr53.r.cloudfront.net

static.leadshook.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:7ba (United States)

ASN13335 (CLOUDFLARENET, US)

www.amcharts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.91.31.155 (Paris, France)

ASN16276 (OVH, FR)
PTR: ns3151945.ip-51-91-31.eu

blitz-brands.user.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:3ba (United States)

ASN13335 (CLOUDFLARENET, US)

app.getbeamer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.184.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-184-54.cmh68.r.cloudfront.net

polyfill.leadshook.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:200::729 (United States)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.234.175.175 (Lovettsville, United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net

cdn.ckeditor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.84.91.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-91-180.compute-1.amazonaws.com

help.leadshook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:821::2008 (Rockville, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:821::200a (Rockville, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:225c (United States)

ASN13335 (CLOUDFLARENET, US)

widget.user.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:821::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:81e::200e (Rockville, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:13::17d7:82d0 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:23cb:3c00:6:9280:1080:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800b:21:b08a:1dc5:659b:4055 (United States)

ASN14618 (AMAZON-AES, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.28.157 (Ashburn, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.63.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-13.ewr53.r.cloudfront.net

tag.getdrip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:141b:9000:59d::1931 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.113.246 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-113-246.jfk50.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:24f0:f200:c:7d55:b3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::9a (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:806::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21dd:ce00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.101.194 (Shahr, Iran, Islamic Republic Of) 1 redirects

ASN13335 (CLOUDFLARENET, US)

p.adsymptotic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.226.39.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-39-77.ewr53.r.cloudfront.net

api.getdrip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.133.169 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-133-169.eu-central-1.compute.amazonaws.com

lhcom.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.190.43.134 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::2004 (Rockville, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81e::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.1.101.111 (Ashburn, United States) 7 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-101-111.compute-1.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21dd:9600:11:615:7240:93a1 (United States)

ASN16509 (AMAZON-02, US)

pxl.qccerttest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::40 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.33.138 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.160.75 (Newark, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.254.65 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.3 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com

tags.rd.linksynergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.223.56.237 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-56-237.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.246.49 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.45.184.134 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

a.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.81.91 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	adroll.com 9 redirects s.adroll.com — Cisco Umbrella Rank: 3652 d.adroll.com — Cisco Umbrella Rank: 2343	31 KB
9	leadshook.io static.leadshook.io — Cisco Umbrella Rank: 467807 polyfill.leadshook.io — Cisco Umbrella Rank: 551925	2 MB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 804 a.clarity.ms — Cisco Umbrella Rank: 6645 c.clarity.ms — Cisco Umbrella Rank: 1219	26 KB
6	snapchat.com 1 redirects tr.snapchat.com — Cisco Umbrella Rank: 990	2 KB
6	user.com blitz-brands.user.com widget.user.com — Cisco Umbrella Rank: 131911	79 KB
5	linkedin.com 5 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 850 www.linkedin.com — Cisco Umbrella Rank: 840 px4.ads.linkedin.com — Cisco Umbrella Rank: 6680	4 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	20 KB
5	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 358	52 KB
4	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 171 googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 cm.g.doubleclick.net — Cisco Umbrella Rank: 304	3 KB
4	getdrip.com tag.getdrip.com — Cisco Umbrella Rank: 33602 api.getdrip.com — Cisco Umbrella Rank: 29893	33 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 665 c.bing.com — Cisco Umbrella Rank: 426	13 KB
3	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 1035	2 KB
3	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 596	563 B
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 115	237 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 203	195 KB
3	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1449 pixel.quantserve.com — Cisco Umbrella Rank: 683	11 KB
3	leadshook.com help.leadshook.com	30 KB
3	sentry-cdn.com browser.sentry-cdn.com — Cisco Umbrella Rank: 4869	50 KB
3	amcharts.com www.amcharts.com — Cisco Umbrella Rank: 83546	288 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 732	557 B
2	openx.net 1 redirects us-u.openx.net — Cisco Umbrella Rank: 708	405 B
2	pippio.com 2 redirects pippio.com — Cisco Umbrella Rank: 1142	718 B
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 334	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 430	1 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 432	751 B
2	qccerttest.com pxl.qccerttest.com — Cisco Umbrella Rank: 1356	1 KB
2	google.ca www.google.ca — Cisco Umbrella Rank: 7572	565 B
2	google.com www.google.com — Cisco Umbrella Rank: 19	655 B
2	adsymptotic.com 1 redirects p.adsymptotic.com — Cisco Umbrella Rank: 926	465 B
2	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1200	1 KB
2	matomo.cloud cdn.matomo.cloud — Cisco Umbrella Rank: 38297 lhcom.matomo.cloud	39 KB
2	sc-static.net sc-static.net — Cisco Umbrella Rank: 1038	18 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 1008	21 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	8 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 129	159 KB
1	linksynergy.com 1 redirects tags.rd.linksynergy.com — Cisco Umbrella Rank: 6042	389 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 859	393 B
1	t.co t.co — Cisco Umbrella Rank: 550	374 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 967	15 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 154	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1571	3 KB
1	gstatic.com fonts.gstatic.com	17 KB
1	ckeditor.com cdn.ckeditor.com — Cisco Umbrella Rank: 39931	218 KB
1	getbeamer.com app.getbeamer.com — Cisco Umbrella Rank: 30029	20 KB
1	boroloans.ca apply.boroloans.ca	4 KB
106	45

	Domain	Requested by
9	d.adroll.com	7 redirects s.adroll.com apply.boroloans.ca
8	s.adroll.com	2 redirects www.googletagmanager.com apply.boroloans.ca s.adroll.com d.adroll.com
8	static.leadshook.io	apply.boroloans.ca
6	tr.snapchat.com	1 redirects browser.sentry-cdn.com apply.boroloans.ca sc-static.net
5	www.google-analytics.com	www.googletagmanager.com apply.boroloans.ca
5	cdnjs.cloudflare.com	apply.boroloans.ca
3	ct.pinterest.com	browser.sentry-cdn.com apply.boroloans.ca s.pinimg.com
3	idsync.rlcdn.com	2 redirects apply.boroloans.ca
3	www.facebook.com	apply.boroloans.ca
3	api.getdrip.com	tag.getdrip.com
3	px.ads.linkedin.com	3 redirects
3	connect.facebook.net	apply.boroloans.ca connect.facebook.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com apply.boroloans.ca
3	widget.user.com	blitz-brands.user.com
3	help.leadshook.com	apply.boroloans.ca static.leadshook.io browser.sentry-cdn.com
3	browser.sentry-cdn.com	apply.boroloans.ca
3	blitz-brands.user.com	apply.boroloans.ca browser.sentry-cdn.com
3	www.amcharts.com	apply.boroloans.ca
2	c.clarity.ms	1 redirects
2	a.clarity.ms	browser.sentry-cdn.com
2	pixel.tapad.com	2 redirects
2	us-u.openx.net	1 redirects apply.boroloans.ca
2	cm.g.doubleclick.net	2 redirects
2	pippio.com	2 redirects
2	ib.adnxs.com	1 redirects apply.boroloans.ca
2	x.bidswitch.net	1 redirects apply.boroloans.ca
2	ups.analytics.yahoo.com	1 redirects apply.boroloans.ca
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	pixel.quantserve.com	apply.boroloans.ca
2	pxl.qccerttest.com	apply.boroloans.ca
2	www.google.ca	apply.boroloans.ca
2	www.google.com	apply.boroloans.ca
2	p.adsymptotic.com	1 redirects apply.boroloans.ca
2	rules.quantcount.com	secure.quantserve.com
2	sc-static.net	apply.boroloans.ca tr.snapchat.com
2	s.pinimg.com	apply.boroloans.ca s.pinimg.com
2	fonts.googleapis.com	apply.boroloans.ca
2	www.googletagmanager.com	apply.boroloans.ca www.googletagmanager.com
1	c.bing.com	1 redirects
1	tags.rd.linksynergy.com	1 redirects
1	analytics.twitter.com	apply.boroloans.ca
1	t.co	apply.boroloans.ca
1	lhcom.matomo.cloud	cdn.matomo.cloud
1	px4.ads.linkedin.com	1 redirects
1	www.linkedin.com	1 redirects
1	googleads.g.doubleclick.net	www.googleadservices.com
1	stats.g.doubleclick.net	browser.sentry-cdn.com
1	cdn.matomo.cloud	apply.boroloans.ca
1	tag.getdrip.com	apply.boroloans.ca
1	static.ads-twitter.com	www.googletagmanager.com
1	secure.quantserve.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.ckeditor.com	apply.boroloans.ca
1	polyfill.leadshook.io	apply.boroloans.ca
1	app.getbeamer.com	apply.boroloans.ca
1	apply.boroloans.ca
106	58

This site contains links to these domains. Also see Links.

Domain
www.leadshook.com

Subject Issuer	Validity	Valid
apply.boroloans.ca R3	`2022-10-05` - `2023-01-03`	3 months	crt.sh
leadshook.io Amazon	`2021-12-06` - `2023-01-04`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.user.com Certum Domain Validation CA SHA2	`2021-10-25` - `2022-10-25`	a year	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
cdn.ckeditor.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-14` - `2023-04-14`	a year	crt.sh
*.leadshook.com Amazon	`2022-08-25` - `2023-09-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
s.adroll.com Amazon	`2022-07-03` - `2023-08-01`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-15` - `2022-10-13`	3 months	crt.sh
*.getdrip.com Amazon	`2022-01-28` - `2023-02-26`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-01-27`	a year	crt.sh
cdn.matomo.cloud Amazon	`2021-12-28` - `2023-01-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.matomo.cloud Amazon	`2022-07-21` - `2023-08-19`	a year	crt.sh
*.snap.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-16` - `2023-08-16`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
adroll.mgr.consensu.org Amazon	`2022-08-11` - `2023-09-09`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2022-02-22` - `2023-02-22`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-22` - `2023-02-22`	a year	crt.sh
qccerttest.com Amazon	`2022-04-04` - `2023-05-03`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://apply.boroloans.ca/
Frame ID: 98F3B6FA25F247B4B492CEB5040FC93F
Requests: 101 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=b43abd65-34a6-4097-a92e-d0f488acd807&u_scsid=ae85083f-9a17-4262-b719-092b5add40c9&u_sclid=6345f797-8006-40a2-9311-b0a1c11f3004
Frame ID: C1BC788C66146C2CA1646B1E1A6AB527
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/p?rand=1665012299033&pnid=140&pcid=49c896e3-6a9a-4f78-921b-5f9de30c216c
Frame ID: C5D93395D362202CCFCC3699190293E8
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 34F452B547513E1BCE3BE4EF2AF3E464
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Sentry (Issue Trackers) Expand

Overall confidence: 100%
Detected patterns

browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js

amCharts (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

amcharts.*\.js

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
\bangular.{0,32}\.js

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Highlight.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.])+/)?highlight(?:\.min)?\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Page Statistics

106
Requests

90 %
HTTPS

45 %
IPv6

45
Domains

58
Subdomains

49
IPs

4
Countries

2980 kB
Transfer

11731 kB
Size

68
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.leadshook.com/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.leadshook.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

https://s.adroll.com/j/exp/2C3ORQAMZFDTZFOJQIRR3E/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 51

https://s.adroll.com/j/pre/2C3ORQAMZFDTZFOJQIRR3E/HAZU6ALDTZAMBI43TRRXCZ/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 58

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=234948&time=1665016540540&url=https%3A%2F%2Fapply.boroloans.ca%2Flogin HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=234948&time=1665016540540&url=https%3A%2F%2Fapply.boroloans.ca%2Flogin&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D234948%26time%3D1665016540540%26url%3Dhttps%253A%252F%252Fapply.boroloans.ca%252Flogin%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=234948&time=1665016540540&url=https%3A%2F%2Fapply.boroloans.ca%2Flogin&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=234948&time=1665016540540&url=https%3A%2F%2Fapply.boroloans.ca%2Flogin&cookiesTest=true&liSync=true&e_ipv6=AQKmLL9Dudp0vgAAAYOquC6Br3Ak3S6Z8CCZmJe_bJ0qiMyWDN6kb0mmlvgPl5uXVEsH97Ps HTTP 302
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=cca3d569-d714-4628-9cdd-d494ff08c693 HTTP 302
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=cca3d569-d714-4628-9cdd-d494ff08c693&_expected_cookie=55558e0a12d4cc2e21f7d43614e90660

Request Chain 83

https://d.adroll.com/pixel/2C3ORQAMZFDTZFOJQIRR3E/HAZU6ALDTZAMBI43TRRXCZ?adroll_fpc=e59b18766ee7e862f089731df33684b7-1665016540736&arrfrr=https%3A%2F%2Fapply.boroloans.ca%2Flogin&pv=29101221676.925392&cookie=&adroll_s_ref=&keyw= HTTP 302
https://s.adroll.com/pixel/2C3ORQAMZFDTZFOJQIRR3E/HAZU6ALDTZAMBI43TRRXCZ/5TN47DMVVRB77B4NK3Y5LR.js

Request Chain 87

https://d.adroll.com/cm/r/out?adroll_fpc=e59b18766ee7e862f089731df33684b7-1665016540736&arrfrr=https%3A%2F%2Fapply.boroloans.ca%2Flogin&advertisable=2C3ORQAMZFDTZFOJQIRR3E HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=OWQ4YjBmZDFiZmVmYWYxODMwMDBkNzMwN2JlNjNjNTA&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=OWQ4YjBmZDFiZmVmYWYxODMwMDBkNzMwN2JlNjNjNTA&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

Request Chain 88

https://d.adroll.com/cm/b/out?adroll_fpc=e59b18766ee7e862f089731df33684b7-1665016540736&arrfrr=https%3A%2F%2Fapply.boroloans.ca%2Flogin&advertisable=2C3ORQAMZFDTZFOJQIRR3E HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=OWQ4YjBmZDFiZmVmYWYxODMwMDBkNzMwN2JlNjNjNTA HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OWQ4YjBmZDFiZmVmYWYxODMwMDBkNzMwN2JlNjNjNTA

Request Chain 89

https://d.adroll.com/cm/x/out?adroll_fpc=e59b18766ee7e862f089731df33684b7-1665016540736&arrfrr=https%3A%2F%2Fapply.boroloans.ca%2Flogin&advertisable=2C3ORQAMZFDTZFOJQIRR3E HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=OWQ4YjBmZDFiZmVmYWYxODMwMDBkNzMwN2JlNjNjNTA HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DOWQ4YjBmZDFiZmVmYWYxODMwMDBkNzMwN2JlNjNjNTA

Request Chain 90

https://d.adroll.com/cm/l/out?adroll_fpc=e59b18766ee7e862f089731df33684b7-1665016540736&arrfrr=https%3A%2F%2Fapply.boroloans.ca%2Flogin&advertisable=2C3ORQAMZFDTZFOJQIRR3E HTTP 302
https://idsync.rlcdn.com/377928.gif?partner_uid=9d8b0fd1bfefaf183000d7307be63c50 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogOWQ4YjBmZDFiZmVmYWYxODMwMDBkNzMwN2JlNjNjNTAQABoNCNzF-JkGEgUI6AcQAEIASgA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=885f4d84deb5e6072bee33986b3793ac1a721902bf0e4970642b88b0541faac1791426b5417dce21&_=2 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA4ODVmNGQ4NGRlYjVlNjA3MmJlZTMzOTg2YjM3OTNhYzFhNzIxOTAyYmYwZTQ5NzA2NDJiODhiMDU0MWZhYWMxNzkxNDI2YjU0MTdkY2UyMRAAGgwI3cX4mQYSBAgCEABCAEoA HTTP 302
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA4ODVmNGQ4NGRlYjVlNjA3MmJlZTMzOTg2YjM3OTNhYzFhNzIxOTAyYmYwZTQ5NzA2NDJiODhiMDU0MWZhYWMxNzkxNDI2YjU0MTdkY2UyMRAAGgwI3cX4mQYSBAgCEABCAEoA&google_gid=CAESEF0rRxuC4sdX8ZL4y1yA23Q&google_cver=1 HTTP 307
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
https://idsync.rlcdn.com/458249.gif?partner_uid=8a677327-c190-48db-beeb-ecceaabab9e9

Request Chain 91

https://d.adroll.com/cm/o/out?adroll_fpc=e59b18766ee7e862f089731df33684b7-1665016540736&arrfrr=https%3A%2F%2Fapply.boroloans.ca%2Flogin&advertisable=2C3ORQAMZFDTZFOJQIRR3E HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=9d8b0fd1bfefaf183000d7307be63c50&gdpr=0&gdpr_consent= HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=9d8b0fd1bfefaf183000d7307be63c50&gdpr=0&gdpr_consent=

Request Chain 92

https://d.adroll.com/cm/g/out?adroll_fpc=e59b18766ee7e862f089731df33684b7-1665016540736&arrfrr=https%3A%2F%2Fapply.boroloans.ca%2Flogin&advertisable=2C3ORQAMZFDTZFOJQIRR3E&google_nid=adroll5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=nYsP0b_vrxgwANcwe-Y8UA HTTP 302
https://d.adroll.com/cm/g/in

Request Chain 95

https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1665016540886&u_scsid=f0704758-4513-4fb7-b14b-193952c5f37c&u_sclid=53d95664-400b-4a65-a088-a8a7b5e4d744 HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1665012299033%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1665012299033%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://tr.snapchat.com/cm/p?rand=1665012299033&pnid=140&pcid=49c896e3-6a9a-4f78-921b-5f9de30c216c

Request Chain 100

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=606F7AB2696D4F5982F1C212D0E04481&RedC=c.clarity.ms&MXFR=07E2998AD8F866133A7A8BBFDCF86890 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=606F7AB2696D4F5982F1C212D0E04481&MUID=0D84661827E060573AB0742D26CA61FC

106 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
apply.boroloans.ca/ 12 KB
4 KB 117ms
27ms Document
text/html 54.197.224.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://apply.boroloans.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.197.224.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-197-224-139.compute-1.amazonaws.com
Software: Caddy / Express
Resource Hash: 74bb2f7c3fb9a441593722505df86699b110d97f090c4b416e46fa834ebe8c23

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 06 Oct 2022 00:35:39 GMT
etag: W/"2e40-hOREU/X5MCad94WFpR3wdl5jS3Y"
server: Caddy
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 d3fed649.frontend_vendor.css
static.leadshook.io/app/ 29 KB
5 KB 88ms
21ms Stylesheet
text/css 52.85.61.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadshook.io/app/d3fed649.frontend_vendor.css
Requested by: Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-124.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3715b504c68323affe436a0169f96fcccfff8f0632a7bce1ca2a762ff714fd17

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 07:41:44 GMT
content-encoding: gzip
via: 1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
last-modified: Mon, 03 Oct 2022 16:26:27 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-P1
age: 60836
etag: W/"d3fed6497d41e35427f8a3440db188fb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
x-amz-cf-id: hgoqWueYzPkPUmwPoPeA0-2J6cnnWc-3z6Plb4_OCIYyFxtIxYI3CQ==

GET
H2 200 68c42db8.vendor.css
static.leadshook.io/app/ 70 KB
20 KB 87ms
20ms Stylesheet
text/css 52.85.61.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadshook.io/app/68c42db8.vendor.css
Requested by: Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-124.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7fb5201761f6a4558eed23d12dad832422541f5ea4ed1dfce7ae1e3750bced9e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 18:30:29 GMT
content-encoding: gzip
via: 1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
last-modified: Tue, 04 Oct 2022 19:32:15 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-P1
age: 21911
etag: W/"68c42db8c7ee2d908d377222f1858992"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
x-amz-cf-id: 01z4gcXewT-PVBpkaYrEG1LmL5xW2ao7zgYI0vSm2NIGPU0HX6gj0Q==

GET
H2 200 default.min.css
cdnjs.cloudflare.com/ajax/libs/highlight.js/9.15.6/styles/ 775 B
1 KB 54ms
22ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.15.6/styles/default.min.css

Requested by

Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdcba7a929f59658000da20f172ceb43c5122235f6569bb11f3530622b0ec28f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 00:35:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 14524060
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 271
last-modified: Mon, 04 May 2020 16:10:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e7a-307"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3PRF9PbNTvDT8ZoJ%2Ff8ONP04G%2FqLz60Cyj%2Fq6g0BTQpe5bmAfTaRtSUsZAzTpBDkfjNiM3Gn9uwBkP5UGOlS85F4kTsAFm4r%2FYg2uoBaqOITIrMQkGw7lIA8f%2BEHUt7G2gGC%2FbCo6LKn30vZxaCF99ne"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 755a5179b9c84bb9-YUL
expires: Tue, 26 Sep 2023 00:35:39 GMT

GET
H2 200 1f0bcbdf.app.css
static.leadshook.io/app/ 247 KB
57 KB 91ms
25ms Stylesheet
text/css 52.85.61.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadshook.io/app/1f0bcbdf.app.css
Requested by: Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-124.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 807bf403ddd2ecc9a6f12b5922b739b6956b52643f557ffcf387a0c53226889e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 16:34:17 GMT
content-encoding: gzip
via: 1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
last-modified: Tue, 04 Oct 2022 19:32:15 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-P1
age: 28883
etag: "25ae4f0b7e867a5785d1e1af4d0fc636"
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
accept-ranges: bytes
content-length: 58045
x-amz-cf-id: 81j7Q3ft9S8-bGAwT6go3tyoujQr9r-LpsDPVlCwpgCDvcBx5VK2tg==

GET
H2 200 core.js Show response
www.amcharts.com/lib/4/ 1 MB
257 KB 110ms
69ms Script
application/x-javascript 2606:4700:20::681a:7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.amcharts.com/lib/4/core.js

Requested by

Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7ba , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f68e2818a376ada1e4274d96f349b3e6eb3dc4eda66dcb51b859b84b92b6352

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 00:35:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 120298
cf-polished: origSize=1055167
cf-bgj: minify
last-modified: Mon, 19 Sep 2022 08:43:09 GMT
server: cloudflare
etag: W/"1019bf-63282b9d-d86dbcd61b9e90dc;gz"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kSrM21kkkZ9LNKpAX1uIx45MuR%2BSYPlXT%2FrUlCG25PKimrbfk5Ksatn48g%2Bv37fyjSdd0QxZAUu6CK5Rx1UHn5CQvD8yEqADeWCIP5Ba4rbRgZReigd9K6Q4fWFsnYAMNgkdK5R0Ivrei%2FuMGOc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 755a5179c9d17139-YUL
expires: Thu, 13 Oct 2022 00:35:39 GMT

GET
H2 200 charts.js Show response
www.amcharts.com/lib/4/ 143 KB
31 KB 80ms
39ms Script
application/x-javascript 2606:4700:20::681a:7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.amcharts.com/lib/4/charts.js

Requested by

Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7ba , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b06a47c4d73da15b24a0da54eef13ef53ce4547c6baa2abb64ce64122ce5ac25

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 00:35:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 120298
cf-polished: origSize=146989
cf-bgj: minify
last-modified: Mon, 19 Sep 2022 08:43:06 GMT
server: cloudflare
etag: W/"23e2d-63282b9a-9b0feb79a133cb77;gz"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZsFFRsKcI6l6SdUNQuA1Zf07ij4UjDHxbjU%2BdX2vbpmQhoBu5VCSkW%2FRlGzpBWxtCXG8FJrr2xuJUaMQ9iAQuwdElz%2FmbjGrfuAiHdTFwcv6m%2F0%2FIXTlHAUeq%2BJ6N9C1G%2BbRfN2DIaEL6ep4VxA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 755a5179c9d37139-YUL
expires: Thu, 13 Oct 2022 00:35:39 GMT

GET
H2 200 animated.js Show response
www.amcharts.com/lib/4/themes/ 2 KB
806 B 83ms
42ms Script
application/x-javascript 2606:4700:20::681a:7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.amcharts.com/lib/4/themes/animated.js

Requested by

Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7ba , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77ae565eb8c054e6d7d1da8b47ee0d3dcacbced65719ad66a76d0dc71c37a589

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 00:35:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 120298
cf-polished: origSize=2247
cf-bgj: minify
last-modified: Fri, 07 Feb 2020 13:29:36 GMT
server: cloudflare
etag: W/"8c7-5e3d6640-4811a5f5e1d7c804;gz"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aCXmtDhmEAMMbV4ylCrtc%2FwmMi3ZfaeNJgZ5zJguVIu6djD0zqrBlUIZHvHaS2v3Y9O0BaHIt1HGSVcRUGTg8m8gqVYzKQWhKmtL9%2F1VvPEWLRk8hGQK7n7pUsDia3%2BCGrq6yEBXB0sKC0%2BT5N4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 755a5179c9d57139-YUL
expires: Thu, 13 Oct 2022 00:35:39 GMT

GET
H/1.1 200
OK widget.js Show response
blitz-brands.user.com/ 149 KB
51 KB 480ms
195ms Script
application/javascript 51.91.31.155
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://blitz-brands.user.com/widget.js
Requested by: Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.91.31.155 Paris, France, ASN16276 (OVH, FR),
Reverse DNS: ns3151945.ip-51-91-31.eu
Software: nginx/1.19.4 /
Resource Hash: ed34b7cf47badd31666d6f91b4de19ab0abb60ac52d9bf01003f9ed6c6b67eb8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 00:35:39 GMT
content-encoding: gzip
last-modified: Mon, 19 Sep 2022 06:15:08 GMT
server: nginx/1.19.4
etag: W/"632808ec-25503"
transfer-encoding: chunked
vary: Accept-Encoding
content-type: application/javascript
ue-backend: widget
ue-node: widget4

GET
H2 200 beamer-embed.js Show response
app.getbeamer.com/js/ 84 KB
20 KB 77ms
38ms Script
application/javascript 2606:4700:20::681a:3ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.getbeamer.com/js/beamer-embed.js

Requested by

Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3ba , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b94fc29afaf066c90b8161d4a244b9867bcd6409e8f487de8f480ff1cacda1d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 00:35:39 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13665
cf-polished: origSize=85845
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 04 Oct 2022 20:24:00 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=em67xxjCQi1uTpvszSUzoWSOjWUoh%2BG7R1FU1iKPP2VraWBgyecATJiyqJ4kr5RMq34xIfUYwfa8YG%2B5989lyRfbE5OHOISZr9x5EDxPdGgJOddHYDaGIrZjs0hnvmQCPYH3DdjkKHXLhZl0X5dX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=14400
cf-ray: 755a517d5b377150-YUL
expires: Thu, 06 Oct 2022 04:35:39 GMT

GET
H2 200 pollyfill.js Show response
polyfill.leadshook.io/ 101 B
538 B 156ms
45ms Script
application/javascript 108.156.184.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.leadshook.io/pollyfill.js

Requested by

Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.184.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-184-54.cmh68.r.cloudfront.net

Software

CloudFront /

Resource Hash

d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 12:10:43 GMT
content-security-policy: default-src 'self'
via: 1.1 7c6d67660968d7bc9fe1773f0d83dce2.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: CMH68-P2
age: 131096
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=31536000
feature-policy: camera 'none'; microphone 'none'; speaker 'none'
content-length: 101
x-amz-cf-id: 4VYUJin9u1KAtJlvNWPHKptnQVcoWQ-JYkGHJAEJZkUdrXFVsKwHrQ==

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.9.1/ 63 KB
23 KB 57ms
27ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.9.1/gsap.min.js

Requested by

Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 00:35:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 19191
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22890
last-modified: Sat, 25 Dec 2021 03:05:32 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "61c68a7c-596a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nb6LNpzRLLH3Neq8Ro7qQsoYMeDIlMmvd8PZE0oW%2FOjLysG3UfGjkzUBP%2FsSic986Ymvo17HtS2J4zT1GjqGVH%2BxDJPZBpFAik7eVVziVAB%2B7HDqo2Jz2ng5TIxKxZBRfUIjyZS4OUHbQv1yyRpfpiL%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 755a5179b9ce4bb9-YUL
expires: Tue, 26 Sep 2023 00:35:39 GMT

GET
H2 200 80cc3c9e.frontend_vendor.js Show response
static.leadshook.io/app/ 2 MB
633 KB 88ms
23ms Script
application/javascript 52.85.61.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadshook.io/app/80cc3c9e.frontend_vendor.js
Requested by: Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-124.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a54e22a0aae25cbaf8a332e6ad6c574c313d734317426b2af1c3f6b5933b18b1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 03:05:41 GMT
content-encoding: gzip
via: 1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
last-modified: Mon, 03 Oct 2022 16:26:27 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-P1
age: 77399
etag: "3af304daf61ae4f3257b8240e6def942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
accept-ranges: bytes
content-length: 647356
x-amz-cf-id: NZbn58C7UCRoGe8vtj_1lCJoeAqvDpc1ybgOni1DoT9Z1dxE13VHAw==

GET
H2 200 highlight.min.js Show response
cdnjs.cloudflare.com/ajax/libs/highlight.js/9.15.6/ 48 KB
18 KB 54ms
25ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.15.6/highlight.min.js

Requested by

Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6984dd52b9fa3b0d430e08792537376831a79e3bb8f32ff573cb357609183d0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 00:35:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2908909
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17617
last-modified: Mon, 04 May 2020 16:10:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e7a-bec0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iw%2FKntsUdnjzZYBUyQR2fma2Sucn70PsIQu%2BLqDMSxalfh4Qpq%2BxDgSBu0piaLEToVegwG%2BkAs%2BfyDp0v6Ng4oH4OvjD9Yw19C3jKAlzVWPJNlXVV3e4A%2FdcmJk4b0v9MquWpv9TqIbiooPWad3AdNRq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 755a5179b9d04bb9-YUL
expires: Tue, 26 Sep 2023 00:35:39 GMT

GET
H2 200 435449c2.vendor.js Show response
static.leadshook.io/app/ 957 KB
285 KB 84ms
21ms Script
application/javascript 52.85.61.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadshook.io/app/435449c2.vendor.js
Requested by: Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-124.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4374cb23d4b393291075dfebd501b03b0704547311d23812e3737bf91d0b6f3e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 00:13:03 GMT
content-encoding: gzip
via: 1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
last-modified: Tue, 04 Oct 2022 19:32:15 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-P1
age: 1357
etag: W/"435449c24fae6a09426378e8f810e1a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: U-Cmqc5TlpybyyFDQomlv89ZF6Y4CJjijeENF-KnKNsuk2Zdy3vjaw==

GET
H2 200 bundle.min.js Show response
browser.sentry-cdn.com/6.17.4/ 63 KB
20 KB 45ms
13ms Script
application/javascript 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/6.17.4/bundle.min.js

Requested by

Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d4538b500dbad64b4c530857d7faf7d63bf921bcab573e94160c459ce859c90d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://apply.boroloans.ca/
Origin: https://apply.boroloans.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 00:35:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 02 Feb 2022 15:42:58 GMT
server: Fastly
age: 9819970
etag: "456782718f10c0d95baf1a859662a1e9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 20491
expires: Wed, 14 Jun 2023 08:49:28 GMT

GET
H2 200 bundle.tracing.min.js Show response
browser.sentry-cdn.com/6.17.4/ 89 KB
28 KB 45ms
13ms Script
application/javascript 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js

Requested by

Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ab75d2b0c8cc42eb0741c91c456679dd5fa0d6ea201ad0c7e50b06fe916f2c5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://apply.boroloans.ca/
Origin: https://apply.boroloans.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 00:35:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 02 Feb 2022 15:42:58 GMT
server: Fastly
age: 5830994
etag: "d79feee5fcf01c4d7aae920cbcbc5c06"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 28623
expires: Sun, 30 Jul 2023 12:52:24 GMT

GET
H2 200 angular.min.js Show response
browser.sentry-cdn.com/6.17.4/ 4 KB
2 KB 45ms
14ms Script
application/javascript 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/6.17.4/angular.min.js

Requested by

Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

4791f9629b2ab03e00aa962848b886d9d8e709d5185fa2517b1ce4e97027f636

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://apply.boroloans.ca/
Origin: https://apply.boroloans.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 00:35:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 02 Feb 2022 15:42:58 GMT
server: Fastly
age: 3148352
etag: "88a049ef735409b4f4e297d1b058b3ab"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1770
expires: Wed, 30 Aug 2023 14:03:07 GMT

GET
H2 200 ckeditor.js Show response
cdn.ckeditor.com/4.16.0/full-all/ 727 KB
218 KB 568ms
275ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ckeditor.com/4.16.0/full-all/ckeditor.js

Requested by

Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.234.175.175 Lovettsville, United States, ASN30081 (CACHENETWORKS, US),

Reverse DNS

vip1.G-anycast1.cachefly.net

Software

CFS 0215 /

Resource Hash

724b5f4c241ad87fdc5945eb8e3d617fff235bc2ad6cab258a5b2da6ffdf5360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 00:35:39 GMT
x-cf-tsc: 1665016540
x-content-type-options: nosniff
x-cf3: M
cf4ttl: 604800.000
content-encoding: gzip
x-cf1: 28810:dA.waw1:co:1663772073:cacheN.waw1-01:D
x-xss-protection: 1; mode=block
x-cf2: M
last-modified: Tue, 26 Jan 2021 13:33:23 GMT
server: CFS 0215
x-cff: B
x-frame-options: sameorigin
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800, public
cf4age: 0
accept-ranges: bytes
x-cf-rand: 60.780
expires: Thu, 13 Oct 2022 00:35:39 GMT

GET
H2 200 parser.min.js Show response
cdnjs.cloudflare.com/ajax/libs/fast-xml-parser/3.15.0/ 16 KB
5 KB 60ms
32ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/fast-xml-parser/3.15.0/parser.min.js

Requested by

Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

907ffe446b6382139ac05a8eb44154f5430954ab23f056fed39bcebcdf73015d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 00:35:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1771361
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4965
last-modified: Mon, 04 May 2020 16:10:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e58-40ef"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5jH7%2Fo41nCITaNEZOpCVxFBV7DJngMDpPnS9CQgrBNbafztz2%2BXkGlcG7IekiZTNeQT04RIopWU9emLuut%2FIrtVt3RMNe%2Bit3WIBqPtsFAjUyMpKXVKDNcnjLaMLP8if5cvBiVZkQHXCmK3Pvu948%2FxE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 755a5179b9cf4bb9-YUL
expires: Tue, 26 Sep 2023 00:35:39 GMT

GET
H2 200 91525828.app.js Show response
static.leadshook.io/app/ 4 MB
471 KB 100ms
38ms Script
application/javascript 52.85.61.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadshook.io/app/91525828.app.js
Requested by: Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-124.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 448b43bfedff44c9103a14d963d7f470d9bb88b7b437ab046a0058aba6e350a4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 22:35:04 GMT
content-encoding: gzip
via: 1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
last-modified: Tue, 04 Oct 2022 19:32:16 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-P1
age: 7236
etag: W/"3e23e6bd12f561eab3346417e9de00bf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: 9Y8lfWAuiZtOaQJpvY3LDB2ARLW8IKmircUIhUYgyOZsGvDiG7DdSQ==

GET
H2 200 form.js Show response
help.leadshook.com/assets/form/ 17 KB
17 KB 99ms
25ms Script
application/javascript 54.84.91.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://help.leadshook.com/assets/form/form.js
Requested by: Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.84.91.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-91-180.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 596c1f837665e46b78a7f0e38715a37ef6dff2ac9cb01c59da56bf5040332feb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 00:35:39 GMT
last-modified: Thu, 04 Aug 2022 05:42:24 GMT
server: nginx
etag: "62eb5c40-42ba"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 17082
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 241 KB
85 KB 101ms
49ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KSQMRC7

Requested by

Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

72ca1a8c43f51834ef6c92b65d659e7d08fe12c713558dbc1d1f4f9f9cafdcdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 00:35:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86819
x-xss-protection: 0
last-modified: Thu, 06 Oct 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 06 Oct 2022 00:35:39 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 88ms
37ms Stylesheet
text/css 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito+Sans:400,500,600,700&display=swap

Requested by

Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200a Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9f2556e4264118d0f45702575f35ca3ebdc6d7615d98b6e81a639e287cbfc3c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Oct 2022 00:35:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 06 Oct 2022 00:35:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Oct 2022 00:35:39 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 20ms
19ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 00:35:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2375515
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SWg1Ug8vuitCx0OC6GVN2bYD3txYBZIw5OK%2F7ezylki3xCFchP9c2%2FkiPbPNpbcJ9uM2J0n4LgyXZ3Pxpwa9c0QKuAs7fzew3oz4jE1dFO465x8Z7bvtRHs1gepz9e4CRdL0Uas589TgaCcnoy5pfVFi"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 755a517a4a8c4bb9-YUL
expires: Tue, 26 Sep 2023 00:35:39 GMT

GET
H3 200 css2
fonts.googleapis.com/ 223 KB
7 KB 98ms
56ms Stylesheet
text/css 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Abel:wght@100;300;400;500;700;900&family=Abril+Fatface:wght@100;300;400;500;700;900&family=Barlow:wght@100;300;400;500;700;900&family=Bitter:wght@100;300;400;500;700;900&family=Comforta:wght@100;300;400;500;700;900&family=Droid+Serif:wght@100;300;400;500;700;900&family=Inconsolata:wght@100;300;400;500;700;900&family=Josefin+Sans:wght@100;300;400;500;700;900&family=Josefin+Slab:wght@100;300;400;500;700;900&family=Lato:wght@100;300;400;500;700;900&family=Libre+Franklin:wght@100;300;400;500;700;900&family=Lobset+Two:wght@100;300;400;500;700;900&family=Lobster:wght@100;300;400;500;700;900&family=Lora:wght@100;300;400;500;700;900&family=Merriweather:wght@100;300;400;500;700;900&family=Montserrat:wght@100;300;400;500;700;900&family=Muli:wght@100;300;400;500;700;900&family=Noto+Sans:wght@100;300;400;500;700;900&family=Nunito:wght@100;300;400;500;700;900&family=Nunito+Sans:wght@100;300;400;500;700;900&family=Open+Sans:wght@100;300;400;500;700;900&family=Oswald:wght@100;300;400;500;700;900&family=Oxygen:wght@100;300;400;500;700;900&family=PT+Sans:wght@100;300;400;500;700;900&family=PT+Serif:wght@100;300;400;500;700;900&family=Patua+Online:wght@100;300;400;500;700;900&family=Playfair+Display:wght@100;300;400;500;700;900&family=Poppins:wght@100;300;400;500;700;900&family=Quicksand:wght@100;300;400;500;700;900&family=Raleway:wght@100;300;400;500;700;900&family=Roboto:wght@100;300;400;500;700;900&family=Roboto+Condensed:wght@100;300;400;500;700;900&family=Roboto+Mono:wght@100;300;400;500;700;900&family=Roboto+Slab:wght@100;300;400;500;700;900&family=Rubik:wght@100;300;400;500;700;900&family=Sigmar+One:wght@100;300;400;500;700;900&family=Source+Sans+Pro:wght@100;300;400;500;700;900&family=Special+Elite:wght@100;300;400;500;700;900&family=Titillium+Web:wght@100;300;400;500;700;900&family=Ubuntu:wght@100;300;400;500;700;900&family=Work+Sans&display=swap

Requested by

Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200a Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

410e2ee58ae8ade92b8e2065a9b6c303a3dcdd2bf4ddc382cf61f6c4c6d94667

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Oct 2022 00:35:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 06 Oct 2022 00:35:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Oct 2022 00:35:39 GMT

GET
H2 200 widget-app.43c90553edce66e5e406.js Show response
widget.user.com/ 92 KB
18 KB 93ms
39ms Script
application/javascript 2606:4700:10::6816:225c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.user.com/widget-app.43c90553edce66e5e406.js
Requested by: Host: blitz-brands.user.com
URL: https://blitz-brands.user.com/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1b194fb2c0dc9fa1d0c7b4959da8d76abc79f7db35251e6953dfbbae7d7d05b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 00:35:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Sep 2022 06:15:08 GMT
server: cloudflare
age: 4683
etag: W/"632808ec-17079"
vary: Accept-Encoding
content-type: application/javascript
ue-backend: widget
ue-node: widget2
cf-ray: 755a51805a7b4bd0-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 form.css
help.leadshook.com/assets/form/ 1 KB
1 KB 25ms
24ms Stylesheet
text/css 54.84.91.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://help.leadshook.com/assets/form/form.css
Requested by: Host: static.leadshook.io
URL: https://static.leadshook.io/app/80cc3c9e.frontend_vendor.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.84.91.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-91-180.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 1c3d711dc328e3084694c0707d195eb823279168cb507105f51ab7887a6e55ea

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 00:35:40 GMT
last-modified: Thu, 04 Aug 2022 05:42:24 GMT
server: nginx
etag: "62eb5c40-4b9"
content-type: text/css
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1209
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 form_config Show response
help.leadshook.com/api/v1/ 14 KB
12 KB 119ms
69ms XHR
application/json 54.84.91.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://help.leadshook.com/api/v1/form_config

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.84.91.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-84-91-180.compute-1.amazonaws.com

Software

nginx /

Resource Hash

5b1e8aa03398fb7b3888fb46db6aa28a6db06485a1e47399b43f9fa4b2ba6d01

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self' https://help.leadshook.com; default-src 'self' ws: wss: https://images.zammad.com; font-src 'self' data:; img-src * data:; object-src 'none'; script-src 'self' 'unsafe-eval' 'strict-dynamic' 'nonce-05hx2E+/BR7GuLQ3a3q0Kw=='; style-src 'self' 'unsafe-inline'; frame-src www.youtube.com player.vimeo.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://apply.boroloans.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 06 Oct 2022 00:35:40 GMT
content-security-policy: base-uri 'self' https://help.leadshook.com; default-src 'self' ws: wss: https://images.zammad.com; font-src 'self' data:; img-src * data:; object-src 'none'; script-src 'self' 'unsafe-eval' 'strict-dynamic' 'nonce-05hx2E+/BR7GuLQ3a3q0Kw=='; style-src 'self' 'unsafe-inline'; frame-src www.youtube.com player.vimeo.com
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 11460c1c-04c0-4cd6-a973-cd7d57330410
pragma: no-cache
x-runtime: 0.042155
referrer-policy: strict-origin-when-cross-origin
server: nginx
etag: W/"5b1e8aa03398fb7b3888fb46db6aa28a"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: POST, GET, PUT, DELETE, PATCH, OPTIONS
access-control-max-age: 1728000
csrf-token: dlhQ5Ec-ED48EM0_Pm6l1cGciakvcIMN09MEod6iXQh2pMMMDXHUoz2OnNAKhr-DAkn10yI56grobA7Z0uYn7g
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-headers: Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control, Accept-Language
expires: -1

GET
H2 200 f0620219.login-img.png
static.leadshook.io/assets/images/ 120 KB
121 KB 20ms
20ms Image
image/png 52.85.61.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.leadshook.io/assets/images/f0620219.login-img.png
Requested by: Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-124.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cc9dc21f983c2de7e3fe2723bbd25a547b831591f43603c7532b28b5960e2e78

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 01:03:17 GMT
via: 1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
last-modified: Sun, 18 Aug 2019 22:31:09 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-P1
age: 171143
etag: "90b665a8e3760d7b6f7a5f6908f04d25"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 123024
x-amz-cf-id: wrXkliuace75GvgptCNaSnG7-3a7yehyuSKbrGb-0e0RHdzIJANZIA==

GET
H2 200 56f2db52.leadshook-logo-notagline.png
static.leadshook.io/assets/images/ 14 KB
14 KB 22ms
21ms Image
image/png 52.85.61.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.leadshook.io/assets/images/56f2db52.leadshook-logo-notagline.png
Requested by: Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-124.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d8a9932951cc9de2f43c5f4d6efe1d12bc3f6867932d62645933845029c2f9c2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 01:03:17 GMT
via: 1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
last-modified: Sun, 18 Aug 2019 22:31:07 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-P1
age: 171143
etag: "1ecaba5d958124671b18ee8c99dbd787"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 14052
x-amz-cf-id: 2HRGdus9w2nzxW_NYroST8AcnwS-kuhioqcP4I376zB5KmwNZs24YQ==

GET
H2 200 pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 70ms
20ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://apply.boroloans.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 21:11:13 GMT
x-content-type-options: nosniff
age: 185067
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16980
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:33:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 21:11:13 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 70ms
20ms Script
text/javascript 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSQMRC7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Oct 2022 00:34:58 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 42
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 06 Oct 2022 02:34:58 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 191ms
57ms Script
application/x-javascript 2600:141b:13::17d7:82d0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSQMRC7
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82d0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 00:35:40 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 20:23:36 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=50192
accept-ranges: bytes
content-length: 3063

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 54 KB
17 KB 87ms
22ms Script
text/javascript 2600:9000:23cb:3c00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSQMRC7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:3c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 97f1830c06fe2215ccc2dc9468a64ca11e2725b785f42978dbb996e736bdbf53

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

X-Amz-Version-Id: _1pMdIg8ZKVWvWVsd.6_G47b4IRenbWR
Content-Encoding: gzip
Via: 1.1 3e7fb742ce78adbb687505d8440bf99c.cloudfront.net (CloudFront)
Date: Thu, 06 Oct 2022 00:27:55 GMT
Age: 465
X-Amz-Cf-Pop: JFK50-P1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 29 Sep 2022 16:19:02 GMT
Server: AmazonS3
Etag: W/"0cd31c666a232bba0fd6ab0fef962f75"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: NYzMVQvs4Vc8Gnw3yrW5di1-4-T4X-HX345CYYjSkYb7jtc7S4ROQQ==

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 116ms
59ms Script
text/javascript 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSQMRC7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 00:35:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15192
x-xss-protection: 0
server: cafe
etag: 699633608045481581
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 00:35:40 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 26 KB
10 KB 132ms
27ms Script
application/javascript 2620:116:800b:21:b08a:1dc5:659b:4055
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSQMRC7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: b719a446401c59e2784e7979101371a8a12f04139b37c8632682ea60a5720b21

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 00:35:40 GMT
content-encoding: gzip
etag: "+b0B6ncQDCugPb96DWf2QA=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 13 Oct 2022 00:35:40 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 161ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSQMRC7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 06 Oct 2022 00:35:39 GMT
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9A11D259DD8D4E52A92A076E430CD380 Ref B: YTO01EDGE0816 Ref C: 2022-10-06T00:35:40Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11367

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 254ms
23ms Script
application/javascript 146.75.28.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSQMRC7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 00:35:40 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 14:35:09 GMT
etag: "d4de8398858246712016031c834bb061+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15317
x-served-by: cache-iad-kiad7000082-IAD

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 77ms
24ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 06 Oct 2022 00:35:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26840
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 7kJ6uyiGls8ykMyQACZrBKitK2TnfUDb9xHoFV+2/PRAf5t1oJhWLAulViXsn1/7ne15UYnJY+Kmd9krhL6b/Q==
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1127703.js Show response
tag.getdrip.com/ 90 KB
30 KB 151ms
42ms Script
application/javascript 13.225.63.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.getdrip.com/1127703.js
Requested by: Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.63.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-13.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bdfc5b5257c6f9853bd2b7730832070912c436a891e466ee04ecc7012e37d02a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 00:35:41 GMT
content-encoding: gzip
via: 1.1 42d3518040c55e24793897f7f5d5f342.cloudfront.net (CloudFront)
last-modified: Thu, 06 Oct 2022 00:12:18 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C1
etag: W/"0703a87acf88e5f88bf7e1104129bd25"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: q_oDiPp3tL4yzyBfdvEkoNi6Bx7Uj6WIRDURbujrls7rYQunJVagLw==

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 339ms
115ms Script
application/javascript 2600:141b:9000:59d::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:9000:59d::1931 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c75d8bdd1d5498551294cf4551304e5c2158b9788ac1779d03a2edd611a6c93e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
x-cdn: akamai
etag: "ef33a337cb7aa4b4f9c294765d2176c0"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1146

GET
H2 200 scevent.min.js Show response
sc-static.net/ 25 KB
9 KB 113ms
54ms Script
application/javascript 108.138.113.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.113.246 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-113-246.jfk50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 67e294da2e0a5b863f5ca40c02eddd1fbb0a0dba124fec3747a1674fb8ede7ac

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 00:35:40 GMT
content-encoding: gzip
via: 1.1 836a4a85ed2221f76e2beedeab244eba.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK50-P3
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 8764
x-amz-cf-id: oWNnjZ-4sxr4lHGjOwSwE9LNx1PgLn_DL6r_IpzOIeF4bMQK89UUMA==

GET
H2 200 matomo.js Show response
cdn.matomo.cloud/lhcom.matomo.cloud/ 130 KB
39 KB 86ms
33ms Script
application/javascript 2600:9000:24f0:f200:c:7d55:b3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.matomo.cloud/lhcom.matomo.cloud/matomo.js
Requested by: Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:f200:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 65b0acb6696448a75af5d79f3b6d2facc8e1293f15ea7ef1aa021eb2e1f4c1a0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 00:01:08 GMT
x-amz-version-id: Wx80yL0fjegwsoaSAvRd_7lz23yjfYAH
content-encoding: gzip
via: 1.1 bce50d2cc476ede482a8048a0c124908.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
age: 2073
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 27 Sep 2022 00:00:38 GMT
server: AmazonS3
etag: W/"d83657630525938172fdbbe7bfb61da3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=691200
x-amz-cf-id: FcqME0Yek7spHVam7gv4POIPpGD7nn7pxxw3nQOHNTdeAmfTbOMG9A==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
73 KB 83ms
42ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Y2MD7KEREM&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSQMRC7

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8306235a3fb55ace3738c49d036e19a9d919023ba2b305c2fae6e0fbfe48fb3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 00:35:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74940
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 06 Oct 2022 00:35:40 GMT

GET
H3 200 widget-actionsStore.43c90553edce66e5e406.js Show response
widget.user.com/ 5 KB
2 KB 42ms
22ms Script
application/javascript 2606:4700:10::6816:225c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.user.com/widget-actionsStore.43c90553edce66e5e406.js
Requested by: Host: blitz-brands.user.com
URL: https://blitz-brands.user.com/widget.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b2eafec3675baf2a8d1570291500c6c027db6fced43bfc2698fbb76c050071d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 00:35:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Sep 2022 06:15:08 GMT
server: cloudflare
age: 419
etag: W/"632808ec-1469"
vary: Accept-Encoding
content-type: application/javascript
ue-backend: widget
ue-node: widget2
cf-ray: 755a51817f087145-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H/1.1 200
OK / Show response
blitz-brands.user.com/api/v2/user-chatping/ 3 KB
4 KB 167ms
167ms Fetch
application/json 51.91.31.155
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://blitz-brands.user.com/api/v2/user-chatping/

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.91.31.155 Paris, France, ASN16276 (OVH, FR),

Reverse DNS

ns3151945.ip-51-91-31.eu

Software

Resource Hash

aefcd59f2a5b7616e74034d73b761b7eee8fd4efbb025a7eab8f359f97ebffbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://apply.boroloans.ca/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/json

Response headers

x-content-type-options: nosniff
referrer-policy: same-origin
vary: Cookie, Origin
allow: POST, OPTIONS
content-type: application/json
x-frame-options: DENY
access-control-allow-origin: https://apply.boroloans.ca
ue-backend: tenants
access-control-allow-credentials: true
ue-node: apinode19
content-length: 3406

OPTIONS
H/1.1 200
OK /
blitz-brands.user.com/api/v2/user-chatping/ Frame 0
0 372ms
107ms Preflight
text/html 51.91.31.155
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://blitz-brands.user.com/api/v2/user-chatping/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.91.31.155 Paris, France, ASN16276 (OVH, FR),
Reverse DNS: ns3151945.ip-51-91-31.eu
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-requested-with
Access-Control-Request-Method: POST
Origin: https://apply.boroloans.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, set-cookie, clientuser-key, convo-id
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://apply.boroloans.ca
access-control-max-age: 86400
content-length: 0
content-type: text/html; charset=utf-8
ue-backend: tenants
ue-node: apinode21
vary: Origin

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 113ms
31ms XHR
text/plain 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-75159424-3&cid=1680921458.1665016540&jid=314466716&gjid=1495595216&_gid=1919783356.1665016540&_u=YGBAiEABBAAAAEABI~&z=661791962

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://apply.boroloans.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 06 Oct 2022 00:35:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://apply.boroloans.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 65ms
23ms Image
image/gif 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=602517867&t=pageview&_s=1&dl=https%3A%2F%2Fapply.boroloans.ca%2Flogin&dr=&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABBAAAAAABI~&jid=314466716&gjid=1495595216&cid=1680921458.1665016540&tid=UA-75159424-3&_gid=1919783356.1665016540&gtm=2wga50KSQMRC7&z=1093482567

Requested by

Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 17:15:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 26425
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 61ms
20ms Image
image/gif 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=602517867&t=pageview&_s=1&dl=https%3A%2F%2Fapply.boroloans.ca%2Flogin&dr=&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAiEABBAAAAEABI~&jid=&gjid=&cid=1680921458.1665016540&tid=UA-75159424-3&_gid=1919783356.1665016540&gtm=2wga50KSQMRC7&z=1673863381

Requested by

Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 17:15:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 26425
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/2C3ORQAMZFDTZFOJQIRR3E/index.js
https://s.adroll.com/j/exp/index.js

28 B
785 B

41ms
21ms

Script
application/javascript

2600:9000:23cb:3c00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/login
Protocol: HTTP/1.1
Server: 2600:9000:23cb:3c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

X-Amz-Version-Id: U3dsSGRYl2soVpEEAxBIaMUfj33DKRpK
Date: Wed, 05 Oct 2022 07:50:32 GMT
Via: 1.1 3e7fb742ce78adbb687505d8440bf99c.cloudfront.net (CloudFront)
Age: 60310
X-Amz-Cf-Pop: JFK50-P1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Wed, 21 Sep 2022 22:19:29 GMT
Server: AmazonS3
Etag: "5816cced8568d223aa09d889f300692b"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: hKRhQLHBNnsLb_jN6d4g2cUTchIdrlD1ZQccscfSdWg4QqPQYHTEKg==

Redirect headers

Date: Wed, 05 Oct 2022 20:09:49 GMT
Via: 1.1 3e7fb742ce78adbb687505d8440bf99c.cloudfront.net (CloudFront)
Age: 15951
X-Amz-Cf-Pop: JFK50-P1
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: G6LwcYEhDz1z5hYdmpHw2h6uF0qaYzvMaF0utCB2TCtOmEU2O7qiSA==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/2C3ORQAMZFDTZFOJQIRR3E/HAZU6ALDTZAMBI43TRRXCZ/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
756 B

23ms
21ms

Script
application/javascript

2600:9000:23cb:3c00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/login
Protocol: HTTP/1.1
Server: 2600:9000:23cb:3c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date: Wed, 05 Oct 2022 14:25:27 GMT
Via: 1.1 f5b36a6d650578e8cf7b1700c37caa00.cloudfront.net (CloudFront)
Age: 36644
X-Amz-Cf-Pop: JFK50-P1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: -pgT0VCMs2i4xbRs9JdRTqQa5veTMVhxNVXs0TRAI8VACGqFKetFew==

Redirect headers

Date: Wed, 05 Oct 2022 16:08:43 GMT
Via: 1.1 3e7fb742ce78adbb687505d8440bf99c.cloudfront.net (CloudFront)
Age: 30416
X-Amz-Cf-Pop: JFK50-P1
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: em1me2SMgP2WnhKzjkpJacFmnGm2evZSZW9JyILvs9bkB0ooEGDzUA==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/2C3ORQAMZFDTZFOJQIRR3E/HAZU6ALDTZAMBI43TRRXCZ/ 0
807 B 53ms
29ms Script
text/javascript 2600:9000:23cb:3c00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/2C3ORQAMZFDTZFOJQIRR3E/HAZU6ALDTZAMBI43TRRXCZ/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:3c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

X-Amz-Version-Id: reHCKVJnLOWggWlNiuHogsaNHPUmoP1n
Date: Thu, 06 Oct 2022 00:35:19 GMT
Via: 1.1 f5b36a6d650578e8cf7b1700c37caa00.cloudfront.net (CloudFront)
Age: 22
X-Amz-Cf-Pop: JFK50-P1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Mon, 03 Oct 2022 11:19:30 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: k-6jAqDvv2q8XdfyGg02KgsQx8nmjw_xupoTauymUc62Q2z_2mDG0A==

GET
H3 200 121729511775350 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 87ms
65ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/121729511775350?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8252c21268e8ad2d95133f4ec25dfa99beef3ed6fdb2eb9df341741ed2f91a0a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 06 Oct 2022 00:35:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Jg6SavuQEKjmsWM1vFSz9DuagZ9CY8bu+Xk1Bo6LfYImGujuVJ8Xam/5Zn2rwRbmTeLjxz9VxkGR+CZXigaQ1g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-867694671/ 2 KB
2 KB 138ms
69ms Script
text/javascript 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-867694671/?random=1665016540463&cv=9&fst=1665016540463&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga50&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fapply.boroloans.ca%2Flogin&auid=468709056.1665016540&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a9881e4cd502234f503d94ed720029a81232f23811c8110e623e9019292f2d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Oct 2022 00:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 995
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 33ms
33ms Ping
text/plain 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-Y2MD7KEREM&gtm=2oea50&_p=602517867&cid=1680921458.1665016540&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1665016540&sct=1&seg=0&dl=https%3A%2F%2Fapply.boroloans.ca%2Flogin&dt=&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y2MD7KEREM&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81e::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Oct 2022 00:35:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://apply.boroloans.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-pP9taKm6sy_8n.js Show response
rules.quantcount.com/ 209 B
692 B 93ms
26ms Script
application/javascript 2600:9000:21dd:ce00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-pP9taKm6sy_8n.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:ce00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b059eed69c80f1b3140756cbf74008f01592ebdba3347383355d1c720e97f3f4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 00:35:18 GMT
via: 1.1 8f53b5d73ff2f5f8cae7b49606b79bd4.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
age: 23
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 209
last-modified: Sat, 27 Aug 2022 19:04:36 GMT
server: AmazonS3
etag: "075004bf61e0c591a610aac49a857f0b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: pRJOKw3qRV4bKu5S31ssSwAZKFueBqAyC-Y-TUvliBpWNE3Vrz_KHg==

GET
H2 200 rules-p-4jbkCsV72asN8.js Show response
rules.quantcount.com/ 271 B
753 B 94ms
28ms Script
application/javascript 2600:9000:21dd:ce00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-4jbkCsV72asN8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:ce00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8001f30a6865a4d0a174642d213599964b0d21493404c833f36871da0c978d87

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 00:35:40 GMT
via: 1.1 8f53b5d73ff2f5f8cae7b49606b79bd4.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
age: 2292
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 271
last-modified: Sat, 27 Aug 2022 03:06:44 GMT
server: AmazonS3
etag: "c920bab51ce78e7032afbd7f90f327e2"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: wPcOngL5nFqMkeAUw3Xrn7ngt1EI9yIGfQeOxnnL1JdfcyeUSIhrBQ==

GET
H2

200

/
p.adsymptotic.com/d/px/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=234948&time=1665016540540&url=https%3A%2F%2Fapply.boroloans.ca%2Flogin
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=234948&time=1665016540540&url=https%3A%2F%2Fapply.boroloans.ca%2Flogin&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D234948%26time%3D1665016540540%26url%3Dhttps%253A%252F%252Fapply.boroloans.ca%252F...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=234948&time=1665016540540&url=https%3A%2F%2Fapply.boroloans.ca%2Flogin&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=234948&time=1665016540540&url=https%3A%2F%2Fapply.boroloans.ca%2Flogin&cookiesTest=true&liSync=true&e_ipv6=AQKmLL9Dudp0vgAAAYOquC6Br3Ak3S6Z8CCZmJ...
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=cca3d569-d714-4628-9cdd-d494ff08c693
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=cca3d569-d714-4628-9cdd-d494ff08c693&_expected_cookie=55558e0a12d4cc2e21f7d436...

43 B
141 B

64ms
63ms

Image
image/gif

104.18.101.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=cca3d569-d714-4628-9cdd-d494ff08c693&_expected_cookie=55558e0a12d4cc2e21f7d43614e90660
Requested by: Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/login
Protocol: H2
Server: 104.18.101.194 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

p3p: CP='NON DSP COR CONi OUR BUS CNT'
date: Thu, 06 Oct 2022 00:35:41 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 755a5185cfd7a246-YYZ
content-length: 43
content-type: image/gif

Redirect headers

location: https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=cca3d569-d714-4628-9cdd-d494ff08c693&_expected_cookie=55558e0a12d4cc2e21f7d43614e90660
date: Thu, 06 Oct 2022 00:35:41 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 755a51857f26a246-YYZ
content-length: 0

GET
H2 200 visit Show response
api.getdrip.com/client/events/ 83 B
1 KB 152ms
77ms Script
text/javascript 13.226.39.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.getdrip.com/client/events/visit?drip_account_id=1127703&referrer=&url=https%3A%2F%2Fapply.boroloans.ca%2Flogin&domain=apply.boroloans.ca&time_zone=UTC&enable_third_party_cookies=t&callback=Drip_33262622

Requested by

Host: tag.getdrip.com
URL: https://tag.getdrip.com/1127703.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.39.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-39-77.ewr53.r.cloudfront.net

Software

Resource Hash

4605c6c89108d40594ac850a89e1ef09f245a9b4bb57649f2a84a6319380e205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 00:35:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amzn-remapped-content-length: 83
x-amzn-remapped-server: nginx
x-permitted-cross-domain-policies: none
via: 1.1 da79f1e019da644d2a3fd9e73f79a700.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
x-amzn-requestid: 3c2c5f46-a06b-466b-bc9e-9d85798ed9a4
x-amzn-remapped-connection: keep-alive
x-cache: Miss from cloudfront
x-amz-apigw-id: ZjpigExroAMFQ3w=
content-length: 83
x-xss-protection: 1; mode=block
x-request-id: 8566a9a5-149b-4329-ac79-24167c5c1431
x-runtime: 0.032135
referrer-policy: strict-origin-when-cross-origin
etag: W/"4605c6c89108d40594ac850a89e1ef09"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-amzn-remapped-date: Thu, 06 Oct 2022 00:35:40 GMT
x-amz-cf-id: r99MApmI5vZYrniZ6rfwX0fwf6GlkBscEFTmjKVHkfeEsmItbevtzQ==

POST
H2 204 matomo.php
lhcom.matomo.cloud/ 0
177 B 343ms
136ms Ping
text/plain 3.126.133.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lhcom.matomo.cloud/matomo.php?action_name=apply.boroloans.ca%2F&idsite=1&rec=1&r=165470&h=0&m=35&s=40&url=https%3A%2F%2Fapply.boroloans.ca%2Flogin&_id=f5d8dc2067d52e09&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=fJY9rN&fa_pv=1&fa_fp[0][fa_vid]=2uHYZG&fa_fp[0][fa_name]=loginForm&fa_fp[0][fa_fv]=1&fa_fp[1][fa_vid]=bsvONV&fa_fp[1][fa_name]=mfaForm&fa_fp[1][fa_fv]=1&fa_fp[2][fa_vid]=Rh7uEp&fa_fp[2][fa_name]=resetPasswordForm&fa_fp[2][fa_fv]=1&pf_net=91&pf_srv=27&pf_tfr=1&pf_dm1=1032
Requested by: Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/lhcom.matomo.cloud/matomo.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.133.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-133-169.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://apply.boroloans.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://apply.boroloans.ca
date: Thu, 06 Oct 2022 00:35:40 GMT
access-control-allow-credentials: true
server: Apache
vary: Origin,X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent

GET
H2 200 26008299.js Show response
bat.bing.com/p/action/ 1 KB
846 B 68ms
68ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/26008299.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

51510eebe8a74d642709bbf7dd934586a142489105cfcfbd38c8ed9bef9819d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 06 Oct 2022 00:35:40 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1F386ECFAECB49499F86CDC91CB63DBB Ref B: YTO01EDGE0816 Ref C: 2022-10-06T00:35:40Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 667

GET
H2 204 0
bat.bing.com/action/ 0
175 B 36ms
36ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=26008299&tm=gtm002&Ver=2&mid=f47809b8-4c6c-4cc1-b2ca-d65cf43069c1&sid=cdf5dfd0450e11ed9a7df9a3be018556&vid=cdf5ccc0450e11eda3d4c959fa3a0888&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fapply.boroloans.ca%2Flogin&r=&lt=1275&evt=pageLoad&sv=1&rn=482700

Requested by

Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 06 Oct 2022 00:35:40 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1A1F427050A347B988BC028834788048 Ref B: YTO01EDGE0816 Ref C: 2022-10-06T00:35:40Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 init Show response
tr.snapchat.com/ 126 B
492 B 219ms
57ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/init?pids=b43abd65-34a6-4097-a92e-d0f488acd807

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

5dd7be681380468c0eb783f46594c212474e1fad63d78b6f3805b7a958f1783b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 00:35:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google, 1.1 google
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://apply.boroloans.ca
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ 79 B
164 B 220ms
58ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=b43abd65-34a6-4097-a92e-d0f488acd807&tld=ca

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

d7b7e5190742329254d6a2bc8e13c4fbc5cdf24436070a669a78018c0744825e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 00:35:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google, 1.1 google
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://apply.boroloans.ca
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 87ms
38ms Image
image/gif 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-75159424-3&cid=1680921458.1665016540&jid=314466716&_u=YGBAiEABBAAAAEABI~&z=909993360

Requested by

Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Oct 2022 00:35:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
501 B 97ms
39ms Image
image/gif 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-75159424-3&cid=1680921458.1665016540&jid=314466716&_u=YGBAiEABBAAAAEABI~&z=909993360

Requested by

Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Oct 2022 00:35:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2C3ORQAMZFDTZFOJQIRR3E Show response
d.adroll.com/consent/check/ 449 B
918 B 136ms
24ms Script
application/javascript 52.1.101.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/2C3ORQAMZFDTZFOJQIRR3E?arrfrr=https%3A%2F%2Fapply.boroloans.ca%2Flogin&_s=601720a168eaf29c8d961dfa85a72962&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.101.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-101-111.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 4e4081e5149035b2a3d959e9daa0f5998fd27fd38dd1123ae48c23a5a162c012

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: application/javascript
pragma: no-cache
date: Thu, 06 Oct 2022 00:35:40 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 449
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame C1BC 672 B
596 B 201ms
66ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=b43abd65-34a6-4097-a92e-d0f488acd807&u_scsid=ae85083f-9a17-4262-b719-092b5add40c9&u_sclid=6345f797-8006-40a2-9311-b0a1c11f3004

Requested by

Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://apply.boroloans.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: gzip
content-type: text/html
date: Thu, 06 Oct 2022 00:35:40 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 10

POST
H2 200 p
tr.snapchat.com/ 68 B
574 B 178ms
65ms Ping
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://apply.boroloans.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryGeKjyOVLeW9AXDFE

Response headers

date: Thu, 06 Oct 2022 00:35:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
content-type: text/html
access-control-allow-origin: https://apply.boroloans.ca
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 9
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68

GET
H2 200 /
www.facebook.com/tr/ 0
204 B 72ms
20ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=121729511775350&ev=PageView&dl=https%3A%2F%2Fapply.boroloans.ca%2Flogin&rl=&if=false&ts=1665016540615&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1665016540614.92478035&it=1665016540453&coo=false&rqm=GET

Requested by

Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 06 Oct 2022 00:35:40 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 adsct
t.co/i/ 43 B
374 B 120ms
43ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=09491357-8cbd-4ddc-8528-6e097f8b4be0&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=5d6cddfd-c12e-41b9-86ea-cd554d705aa4&tw_document_href=https%3A%2F%2Fapply.boroloans.ca%2Flogin&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzjib&type=javascript&version=2.3.27

Requested by

Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-response-time: 7
date: Thu, 06 Oct 2022 00:35:39 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: c99c718ce2685cfe
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 99b217be130911ca36cb4dca2dd30a6a0c7415823135715471a6ed21098ca074
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
393 B 257ms
50ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=09491357-8cbd-4ddc-8528-6e097f8b4be0&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=5d6cddfd-c12e-41b9-86ea-cd554d705aa4&tw_document_href=https%3A%2F%2Fapply.boroloans.ca%2Flogin&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzjib&type=javascript&version=2.3.27

Requested by

Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-response-time: 5
date: Thu, 06 Oct 2022 00:35:40 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 07b788fcd412c5a8
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 1875df4886c60c41f6f20065cb086928c28b6244bfad3fdd235e49c5be33a3a3
content-length: 43

GET
H2 200 pixel
pxl.qccerttest.com/ 35 B
550 B 96ms
18ms Image
image/gif 2600:9000:21dd:9600:11:615:7240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pxl.qccerttest.com/pixel?r=17238784;fpan=1;fpa=P0-698472026-1665016540627;pbc=;ns=0;ce=1;qjs=1;qv=39016d63-20220929161725;ref=;cm=;gdpr=0;d=boroloans.ca;dst=0;et=1665016540627;tzo=0;url=https%3A%2F%2Fapply.boroloans.ca%2Flogin;ogl=

Requested by

Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:9600:11:615:7240:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 10:14:35 GMT
via: 1.1 b759e26bde22770788987f2078515d9a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR53-C2
age: 51666
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 35
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 04 Aug 2022 16:01:04 GMT
server: AmazonS3
etag: "55d25e9dc950d5db4d53a3b195c046c6"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: image/gif
accept-ranges: bytes
x-amz-cf-id: okODj_bsegJeq5lEbHZQMa1SUHd7jRX35QbXH8O6iRZEss1VUPM0bw==

GET
H2 200 pixel
pxl.qccerttest.com/ 35 B
549 B 94ms
19ms Image
image/gif 2600:9000:21dd:9600:11:615:7240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pxl.qccerttest.com/pixel?r=1033776682;fpan=0;fpa=P0-698472026-1665016540627;pbc=;ns=0;ce=1;qjs=1;qv=39016d63-20220929161725;ref=;cm=;gdpr=0;d=boroloans.ca;dst=0;et=1665016540629;tzo=0;url=https%3A%2F%2Fapply.boroloans.ca%2Flogin;ogl=

Requested by

Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:9600:11:615:7240:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 10:14:35 GMT
via: 1.1 b759e26bde22770788987f2078515d9a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR53-C2
age: 51666
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 35
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 04 Aug 2022 16:01:04 GMT
server: AmazonS3
etag: "55d25e9dc950d5db4d53a3b195c046c6"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: image/gif
accept-ranges: bytes
x-amz-cf-id: NlLkydYCAK1jeDuU-IIRo6-v4glnG2MifqpJdEJZRdIkpUerh5764w==

GET
H2 200 pixel;r=1661832686;source=gtm;rf=0;a=p-pP9taKm6sy_8n;url=https%3A%2F%2Fapply.boroloans.ca%2Flogin;uht=2;fpan=0;fpa=P0-698472026-1665016540627;pbc=;ns=0;ce=1;qjs=1;qv=39016d63-20220929161725;cm=;gdp...
pixel.quantserve.com/ 35 B
371 B 100ms
25ms Image
image/gif 2620:116:800b:21:b08a:1dc5:659b:4055
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1661832686;source=gtm;rf=0;a=p-pP9taKm6sy_8n;url=https%3A%2F%2Fapply.boroloans.ca%2Flogin;uht=2;fpan=0;fpa=P0-698472026-1665016540627;pbc=;ns=0;ce=1;qjs=1;qv=39016d63-20220929161725;cm=;gdpr=0;ref=;d=boroloans.ca;dst=0;et=1665016540630;tzo=0;ogl=;ses=276473b1-cedb-4f9b-904b-8d21d37b9ad9

Requested by

Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Oct 2022 00:35:40 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 pixel;r=1153745204;labels=_fp.event.Default;rf=0;a=p-4jbkCsV72asN8;url=https%3A%2F%2Fapply.boroloans.ca%2Flogin;uht=2;fpan=0;fpa=P0-698472026-1665016540627;pbc=;ns=0;ce=1;qjs=1;qv=39016d63-20220929...
pixel.quantserve.com/ 35 B
372 B 92ms
26ms Image
image/gif 2620:116:800b:21:b08a:1dc5:659b:4055
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1153745204;labels=_fp.event.Default;rf=0;a=p-4jbkCsV72asN8;url=https%3A%2F%2Fapply.boroloans.ca%2Flogin;uht=2;fpan=0;fpa=P0-698472026-1665016540627;pbc=;ns=0;ce=1;qjs=1;qv=39016d63-20220929161725;cm=;gdpr=0;ref=;d=boroloans.ca;dst=0;et=1665016540633;tzo=0;ogl=;ses=276473b1-cedb-4f9b-904b-8d21d37b9ad9

Requested by

Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Oct 2022 00:35:40 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 26008299 Show response
www.clarity.ms/tag/uet/ 1 KB
2 KB 167ms
46ms Script
application/x-javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/26008299
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/26008299.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7ee70f362e4e74e5dcb1efd4893610db87872d33a184db8239bfea48b18e7f8e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: application/x-javascript
date: Thu, 06 Oct 2022 00:35:40 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 03CI+YwAAAACFLIHLIaLtQJ3wPTzBEtMHVEVCMzFFREdFMDcyMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 /
www.google.com/pagead/1p-user-list/AW-867694671/ 42 B
154 B 39ms
38ms Image
image/gif 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/AW-867694671/?random=1665016540463&cv=9&fst=1665014400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga50&sendb=1&frm=0&url=https%3A%2F%2Fapply.boroloans.ca%2Flogin&async=1&fmt=3&is_vtc=1&random=9758254&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Oct 2022 00:35:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/AW-867694671/ 42 B
64 B 80ms
38ms Image
image/gif 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/AW-867694671/?random=1665016540463&cv=9&fst=1665014400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga50&sendb=1&frm=0&url=https%3A%2F%2Fapply.boroloans.ca%2Flogin&async=1&fmt=3&is_vtc=1&random=9758254&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Oct 2022 00:35:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.3a217bc7.js Show response
s.pinimg.com/ct/lib/ 55 KB
19 KB 168ms
168ms Script
application/javascript 2600:141b:9000:59d::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.3a217bc7.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:9000:59d::1931 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3f29259501183f270ed9b30dc3569b0b69c8bafb46685a5790c793ec76c2c763

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: gzip
x-cdn: akamai
etag: "e07e047bcf076284d8d2680e8f0c262c"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 19398

GET
H2 200 track Show response
api.getdrip.com/client/ 101 B
856 B 58ms
57ms Script
text/javascript 13.226.39.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.getdrip.com/client/track?url=https%3A%2F%2Fapply.boroloans.ca%2Flogin&visitor_uuid=f8af1e7afec34ecaa422a7cde74d53b1&_action=Started%20a%20new%20session&source=drip&drip_account_id=1127703&callback=Drip_304517325

Requested by

Host: tag.getdrip.com
URL: https://tag.getdrip.com/1127703.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.39.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-39-77.ewr53.r.cloudfront.net

Software

Resource Hash

b0ade1af5c23964fcd177e760382ef95bcbec02a31d066fb10b01f6f0cbfd736

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 00:35:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amzn-remapped-content-length: 101
x-amzn-remapped-server: nginx
x-permitted-cross-domain-policies: none
via: 1.1 da79f1e019da644d2a3fd9e73f79a700.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
x-amzn-requestid: 243b378d-ed69-449a-bea6-21a117de5a4f
x-amzn-remapped-connection: keep-alive
x-cache: Miss from cloudfront
x-amz-apigw-id: ZjpihFZ_IAMFvzA=
content-length: 101
x-xss-protection: 1; mode=block
x-request-id: fae8f3f2-8882-4185-b9c6-ec9f1411f1dc
x-runtime: 0.025636
referrer-policy: strict-origin-when-cross-origin
etag: W/"b0ade1af5c23964fcd177e760382ef95"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-amzn-remapped-date: Thu, 06 Oct 2022 00:35:40 GMT
x-amz-cf-id: POLsqLDp_51SqFfMk-2CPam2W37OgmVI0CDIXXKo6lctPnp2ge7H6w==

GET
H2 200 track Show response
api.getdrip.com/client/ 101 B
854 B 104ms
103ms Script
text/javascript 13.226.39.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.getdrip.com/client/track?url=https%3A%2F%2Fapply.boroloans.ca%2Flogin&visitor_uuid=f8af1e7afec34ecaa422a7cde74d53b1&_action=Visited%20a%20page&source=drip&drip_account_id=1127703&callback=Drip_587478924

Requested by

Host: tag.getdrip.com
URL: https://tag.getdrip.com/1127703.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.39.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-39-77.ewr53.r.cloudfront.net

Software

Resource Hash

8c20cc0b4a1257d93f9ff03de3e95ee305d928f012312c78213d830a0c84ad46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 00:35:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amzn-remapped-content-length: 101
x-amzn-remapped-server: nginx
x-permitted-cross-domain-policies: none
via: 1.1 da79f1e019da644d2a3fd9e73f79a700.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
x-amzn-requestid: e2268bb1-43f7-42d4-9c41-2195e886b227
x-amzn-remapped-connection: keep-alive
x-cache: Miss from cloudfront
x-amz-apigw-id: ZjpihHaAoAMFv3w=
content-length: 101
x-xss-protection: 1; mode=block
x-request-id: 65b81c6b-2892-452f-a817-2dc28d98cc02
x-runtime: 0.070090
referrer-policy: strict-origin-when-cross-origin
etag: W/"8c20cc0b4a1257d93f9ff03de3e95ee3"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-amzn-remapped-date: Thu, 06 Oct 2022 00:35:40 GMT
x-amz-cf-id: 1DsdIdBtzRm7OmT1SoTCdnOrCyjek33nC4D3e9QTgh4IL-1jHYQg0A==

GET
H/1.1

200
OK

5TN47DMVVRB77B4NK3Y5LR.js Show response
s.adroll.com/pixel/2C3ORQAMZFDTZFOJQIRR3E/HAZU6ALDTZAMBI43TRRXCZ/
Redirect Chain

https://d.adroll.com/pixel/2C3ORQAMZFDTZFOJQIRR3E/HAZU6ALDTZAMBI43TRRXCZ?adroll_fpc=e59b18766ee7e862f089731df33684b7-1665016540736&arrfrr=https%3A%2F%2Fapply.boroloans.ca%2Flogin&pv=29101221676.925...
https://s.adroll.com/pixel/2C3ORQAMZFDTZFOJQIRR3E/HAZU6ALDTZAMBI43TRRXCZ/5TN47DMVVRB77B4NK3Y5LR.js

4 KB
2 KB

30ms
30ms

Script
text/javascript

2600:9000:23cb:3c00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/2C3ORQAMZFDTZFOJQIRR3E/HAZU6ALDTZAMBI43TRRXCZ/5TN47DMVVRB77B4NK3Y5LR.js
Requested by: Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/login
Protocol: HTTP/1.1
Server: 2600:9000:23cb:3c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3169b415764a35886ab1b6fc3029f525aedaaed3b7d92985ff4e9b5d53be92c2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

X-Amz-Version-Id: 3b1Z7aPKk5olTwtaOF5iYvWZf7nAdL5x
Content-Encoding: gzip
Via: 1.1 f5b36a6d650578e8cf7b1700c37caa00.cloudfront.net (CloudFront)
Date: Thu, 06 Oct 2022 00:35:40 GMT
Age: 21
X-Amz-Cf-Pop: JFK50-P1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 17 Aug 2022 19:56:24 GMT
Server: AmazonS3
Etag: W/"8b15cd9dca2a92ced6a89a9c7e3de219"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: aGoKNERxwg3Eg-pPsqGg2IT8Dwq_XmTROuisGmvO21bFblPIypiIEQ==

Redirect headers

date: Thu, 06 Oct 2022 00:35:40 GMT
x-segment-display-name: Visitors to Unsegmented Pages
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
x-rule-type: p
content-length: 0
pragma: no-cache
x-conversion-value: 0.00
server: nginx/1.20.0
x-rule: *
x-segment-eid: 5TN47DMVVRB77B4NK3Y5LR
location: https://s.adroll.com/pixel/2C3ORQAMZFDTZFOJQIRR3E/HAZU6ALDTZAMBI43TRRXCZ/5TN47DMVVRB77B4NK3Y5LR.js
cache-control: no-store, no-cache, must-revalidate
x-pixel-eid: HAZU6ALDTZAMBI43TRRXCZ
x-segment-name: *
x-advertisable-eid: 2C3ORQAMZFDTZFOJQIRR3E
x-conversion-currency

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame C1BC 25 KB
9 KB 20ms
20ms Script
application/javascript 108.138.113.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: tr.snapchat.com
URL: https://tr.snapchat.com/cm/i?pid=b43abd65-34a6-4097-a92e-d0f488acd807&u_scsid=ae85083f-9a17-4262-b719-092b5add40c9&u_sclid=6345f797-8006-40a2-9311-b0a1c11f3004
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.113.246 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-113-246.jfk50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 67e294da2e0a5b863f5ca40c02eddd1fbb0a0dba124fec3747a1674fb8ede7ac

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tr.snapchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 00:09:51 GMT
content-encoding: gzip
via: 1.1 836a4a85ed2221f76e2beedeab244eba.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK50-P3
age: 1549
etag: 0d6e407936704bd380072f5891d28b0e
x-cache: Hit from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=86400, max-age=600
access-control-allow-headers: Content-Type
content-length: 8764
x-amz-cf-id: j5WJC7YjDYb0dbZsdXLpaNAfAToiVFGiPOxS7_l4hGLnZfGBkl6JqA==

GET
H/1.1 200
OK sendrolling.js Show response
s.adroll.com/j/ 8 KB
3 KB 20ms
20ms Script
application/javascript 2600:9000:23cb:3c00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/sendrolling.js
Requested by: Host: d.adroll.com
URL: https://d.adroll.com/pixel/2C3ORQAMZFDTZFOJQIRR3E/HAZU6ALDTZAMBI43TRRXCZ?adroll_fpc=e59b18766ee7e862f089731df33684b7-1665016540736&arrfrr=https%3A%2F%2Fapply.boroloans.ca%2Flogin&pv=29101221676.925392&cookie=&adroll_s_ref=&keyw=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:3c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e5cf82e4a17e79c80c6f17c3fff873756de944e1301fa01c1d03aba1e359669

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

X-Amz-Version-Id: wG3UJevK_dyyBSOJeVU2_V1xC3jx_aLw
Content-Encoding: gzip
Via: 1.1 f5b36a6d650578e8cf7b1700c37caa00.cloudfront.net (CloudFront)
Date: Wed, 05 Oct 2022 10:39:24 GMT
Age: 50177
X-Amz-Cf-Pop: JFK50-P1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 30 Jun 2022 21:48:50 GMT
Server: AmazonS3
Etag: W/"9f2aa6ae991d93164d9512029d813cad"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: TjnzVspAhKzeXhoDIxSAwjdydMaVYdG2u0ON6bPG-LMpwq82qnKAkQ==

GET
H3 200 886352514865682 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 61ms
61ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/886352514865682?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d6a2f07e4cedd9535f8ae3659e717de202682a7b173607a86838d5dfef616bca

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 06 Oct 2022 00:35:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: stgXTocTS9BLoLMcwuf96KLLoXvHipMuHvPVGPLbmHpQkQE9Bdhs6Ze5aJxbga5OwYycxNSsqmbbbm5m5DBU+A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55980/
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=e59b18766ee7e862f089731df33684b7-1665016540736&arrfrr=https%3A%2F%2Fapply.boroloans.ca%2Flogin&advertisable=2C3ORQAMZFDTZFOJQIRR3E
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=OWQ4YjBmZDFiZmVmYWYxODMwMDBkNzMwN2JlNjNjNTA&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=OWQ4YjBmZDFiZmVmYWYxODMwMDBkNzMwN2JlNjNjNTA&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

0
312 B

26ms
25ms

Image
text/plain

52.45.33.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=OWQ4YjBmZDFiZmVmYWYxODMwMDBkNzMwN2JlNjNjNTA&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

Requested by

Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/login

Protocol

Server

52.45.33.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-33-138.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 00:35:41 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=OWQ4YjBmZDFiZmVmYWYxODMwMDBkNzMwN2JlNjNjNTA&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
date: Thu, 06 Oct 2022 00:35:40 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?adroll_fpc=e59b18766ee7e862f089731df33684b7-1665016540736&arrfrr=https%3A%2F%2Fapply.boroloans.ca%2Flogin&advertisable=2C3ORQAMZFDTZFOJQIRR3E
https://x.bidswitch.net/sync?dsp_id=44&user_id=OWQ4YjBmZDFiZmVmYWYxODMwMDBkNzMwN2JlNjNjNTA
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OWQ4YjBmZDFiZmVmYWYxODMwMDBkNzMwN2JlNjNjNTA

43 B
510 B

38ms
37ms

Image
image/gif

35.211.178.172
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OWQ4YjBmZDFiZmVmYWYxODMwMDBkNzMwN2JlNjNjNTA
Requested by: Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/login
Protocol: HTTP/1.1
Server: 35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Thu, 06 Oct 2022 00:35:41 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OWQ4YjBmZDFiZmVmYWYxODMwMDBkNzMwN2JlNjNjNTA
Date: Thu, 06 Oct 2022 00:35:41 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?adroll_fpc=e59b18766ee7e862f089731df33684b7-1665016540736&arrfrr=https%3A%2F%2Fapply.boroloans.ca%2Flogin&advertisable=2C3ORQAMZFDTZFOJQIRR3E
https://ib.adnxs.com/setuid?entity=172&code=OWQ4YjBmZDFiZmVmYWYxODMwMDBkNzMwN2JlNjNjNTA
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DOWQ4YjBmZDFiZmVmYWYxODMwMDBkNzMwN2JlNjNjNTA

43 B
1 KB

18ms
18ms

Image
image/gif

68.67.160.75
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DOWQ4YjBmZDFiZmVmYWYxODMwMDBkNzMwN2JlNjNjNTA

Requested by

Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/login

Protocol

HTTP/1.1

Server

68.67.160.75 Newark, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Oct 2022 00:35:40 GMT
AN-X-Request-Uuid: 8c9f0ec1-d146-4146-943d-e2600d483352
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 149.56.153.183; 149.56.153.183; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 06 Oct 2022 00:35:40 GMT
AN-X-Request-Uuid: 89be3297-5c21-4bfa-978e-de0acb70e9c3
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DOWQ4YjBmZDFiZmVmYWYxODMwMDBkNzMwN2JlNjNjNTA
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 149.56.153.183; 149.56.153.183; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

458249.gif
idsync.rlcdn.com/
Redirect Chain

https://d.adroll.com/cm/l/out?adroll_fpc=e59b18766ee7e862f089731df33684b7-1665016540736&arrfrr=https%3A%2F%2Fapply.boroloans.ca%2Flogin&advertisable=2C3ORQAMZFDTZFOJQIRR3E
https://idsync.rlcdn.com/377928.gif?partner_uid=9d8b0fd1bfefaf183000d7307be63c50
https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogOWQ4YjBmZDFiZmVmYWYxODMwMDBkNzMwN2JlNjNjNTAQABoNCNzF-JkGEgUI6AcQAEIASgA
https://pippio.com/api/sync?pid=5324&it=1&iv=885f4d84deb5e6072bee33986b3793ac1a721902bf0e4970642b88b0541faac1791426b5417dce21&_=2
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA4ODVmNGQ4NGRlYjVlNjA3MmJlZTMzOTg2YjM3OTNhYzFhNzIxOTAyYmYwZTQ5NzA2NDJiODhiMDU0MWZhYWMxNzkxNDI2YjU...
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA4ODVmNGQ4NGRlYjVlNjA3MmJlZTMzOTg2YjM3OTNhYzFhNzIxOTAyYmYwZTQ5NzA2NDJiODhiMDU0MWZhYWMxNzkxNDI2YjU0MTdkY2UyMRAAGgwI3cX4mQYSBAgCEABCAEoA&goog...
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
https://idsync.rlcdn.com/458249.gif?partner_uid=8a677327-c190-48db-beeb-ecceaabab9e9

42 B
60 B

45ms
45ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/458249.gif?partner_uid=8a677327-c190-48db-beeb-ecceaabab9e9
Requested by: Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/login
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 00:35:41 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/458249.gif?partner_uid=8a677327-c190-48db-beeb-ecceaabab9e9
date: Thu, 06 Oct 2022 00:35:41 GMT
via: 1.1 google
x-samesite: secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
content-type: text/html; charset=utf-8

GET
H3

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?adroll_fpc=e59b18766ee7e862f089731df33684b7-1665016540736&arrfrr=https%3A%2F%2Fapply.boroloans.ca%2Flogin&advertisable=2C3ORQAMZFDTZFOJQIRR3E
https://us-u.openx.net/w/1.0/sd?id=537103138&val=9d8b0fd1bfefaf183000d7307be63c50&gdpr=0&gdpr_consent=
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=9d8b0fd1bfefaf183000d7307be63c50&gdpr=0&gdpr_consent=

43 B
61 B

28ms
14ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=9d8b0fd1bfefaf183000d7307be63c50&gdpr=0&gdpr_consent=
Requested by: Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/login
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Oct 2022 00:35:40 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=9d8b0fd1bfefaf183000d7307be63c50&gdpr=0&gdpr_consent=
date: Thu, 06 Oct 2022 00:35:40 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?adroll_fpc=e59b18766ee7e862f089731df33684b7-1665016540736&arrfrr=https%3A%2F%2Fapply.boroloans.ca%2Flogin&advertisable=2C3ORQAMZFDTZFOJQIRR3E&google_nid=adroll5
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=nYsP0b_vrxgwANcwe-Y8UA
https://d.adroll.com/cm/g/in

42 B
537 B

25ms
25ms

Image
image/gif

52.1.101.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Requested by: Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/login
Protocol: H2
Server: 52.1.101.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-101-111.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Oct 2022 00:35:41 GMT
server: nginx/1.20.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate
content-length: 42
x-result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Thu, 06 Oct 2022 00:35:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://d.adroll.com/cm/g/in
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 540 B
862 B 237ms
60ms XHR
application/json 173.223.56.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2619172455801&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1665016540880

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.223.56.237 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a173-223-56-237.deploy.static.akamaitechnologies.com

Software

Resource Hash

379e7f98c1e80a7c67fa2fb417a78711ec0715013509d9eeda3bb0f63549d400

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 00:35:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.dc912f17.1665016541.4d915dc
x-envoy-upstream-service-time: 2
content-length: 378
x-pinterest-rid: 1525757991434457
pin-unauth: dWlkPU9UQTVNbVF3WVRJdE9XVTROUzAwTW1Jd0xUa3dOVFl0TVRNMk5XVmlObUU0WW1WbQ
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://apply.boroloans.ca
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
333 B 238ms
63ms Image
image/gif 173.223.56.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2619172455801&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fapply.boroloans.ca%2Flogin%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%223a217bc7%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1665016540882

Requested by

Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.223.56.237 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a173-223-56-237.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Oct 2022 00:35:41 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.dc912f17.1665016541.4d915e0
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 1015480540754941
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

p Show response
tr.snapchat.com/cm/ Frame C5D9
Redirect Chain

https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1665016540886&u_scsid=f0704758-4513-4fb7-b14b-193952c5f37c&u_sclid=53d95664-400b-4a65-a088-a8a7b5e4d744
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1665012299033%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1665012299033%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://tr.snapchat.com/cm/p?rand=1665012299033&pnid=140&pcid=49c896e3-6a9a-4f78-921b-5f9de30c216c

0
18 B

68ms
67ms

Document
text/html

35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/p?rand=1665012299033&pnid=140&pcid=49c896e3-6a9a-4f78-921b-5f9de30c216c

Requested by

Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/login

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://tr.snapchat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-transform
content-length: 0
content-type: text/html
date: Thu, 06 Oct 2022 00:35:41 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 10

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 06 Oct 2022 00:35:41 GMT
location: https://tr.snapchat.com/cm/p?rand=1665012299033&pnid=140&pcid=49c896e3-6a9a-4f78-921b-5f9de30c216c
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
strict-transport-security: max-age=31536000
via: 1.1 google

GET
H2 200 clarity.js Show response
www.clarity.ms/eus-d/s/0.6.42/ 53 KB
23 KB 41ms
41ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus-d/s/0.6.42/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/26008299
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d97ca913935c9897ac4e255d17e14c8a3f0d8513681fe5b6736c4921fc5dd078

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 00:35:40 GMT
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
etag: "1d8d8e58fdaa9d4"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
x-azure-ref: 03CI+YwAAAADV6m0WysPLT7jh4wGn75q2VEVCMzFFREdFMDcyMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H3 200 widget-chatStore.43c90553edce66e5e406.js Show response
widget.user.com/ 12 KB
4 KB 41ms
41ms Script
application/javascript 2606:4700:10::6816:225c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.user.com/widget-chatStore.43c90553edce66e5e406.js
Requested by: Host: blitz-brands.user.com
URL: https://blitz-brands.user.com/widget.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a34c36eba1fc5d92f556851778a8695936a52b8a63445aaee9863b2fc6b04e8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 00:35:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Sep 2022 06:15:08 GMT
server: cloudflare
age: 5377
etag: W/"632808ec-30cd"
vary: Accept-Encoding
content-type: application/javascript
ue-backend: widget
ue-node: widget2
cf-ray: 755a5184cd137145-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 41ms
19ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=886352514865682&ev=PageView&dl=https%3A%2F%2Fapply.boroloans.ca%2Flogin&rl=&if=false&ts=1665016540941&cd[segment_eid]=5TN47DMVVRB77B4NK3Y5LR&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=29&fbp=fb.1.1665016540614.92478035&it=1665016540453&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: apply.boroloans.ca
URL: https://apply.boroloans.ca/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 06 Oct 2022 00:35:40 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H2 204 collect Show response
a.clarity.ms/ 0
160 B 171ms
52ms XHR
text/plain 104.45.184.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clarity.ms/collect
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.45.184.134 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://apply.boroloans.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin: https://apply.boroloans.ca
date: Thu, 06 Oct 2022 00:35:40 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=606F7AB2696D4F5982F1C212D0E04481&RedC=c.clarity.ms&MXFR=07E2998AD8F866133A7A8BBFDCF86890
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=606F7AB2696D4F5982F1C212D0E04481&MUID=0D84661827E060573AB0742D26CA61FC

42 B
442 B

31ms
31ms

Image
image/gif

20.110.81.91
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=606F7AB2696D4F5982F1C212D0E04481&MUID=0D84661827E060573AB0742D26CA61FC
Protocol: H2
Server: 20.110.81.91 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Oct 2022 00:35:40 GMT
last-modified: Tue, 13 Sep 2022 19:53:42 GMT
server: Microsoft-IIS/10.0
etag: "b0f8d886aac7d81:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 06 Oct 2022 00:35:41 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 253541D215654945939BE62EBA520C5B Ref B: YTO01EDGE0816 Ref C: 2022-10-06T00:35:41Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=606F7AB2696D4F5982F1C212D0E04481&MUID=0D84661827E060573AB0742D26CA61FC
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 34F4 565 B
590 B 61ms
61ms Document
text/html 173.223.56.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.3a217bc7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.223.56.237 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a173-223-56-237.deploy.static.akamaitechnologies.com

Software

Resource Hash

f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://apply.boroloans.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

akamai-grn: 0.dc912f17.1665016541.4d917c5
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Thu, 06 Oct 2022 00:35:41 GMT
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1571869205028735

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 19ms
19ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=121729511775350&ev=Microdata&dl=https%3A%2F%2Fapply.boroloans.ca%2Flogin&rl=&if=false&ts=1665016542119&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.1.1665016540614.92478035&it=1665016540453&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 06 Oct 2022 00:35:42 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H2 204 collect Show response
a.clarity.ms/ 0
48 B 29ms
29ms XHR
text/plain 104.45.184.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clarity.ms/collect
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.45.184.134 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://apply.boroloans.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin: https://apply.boroloans.ca
date: Thu, 06 Oct 2022 00:35:41 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 33ms
33ms Ping
text/plain 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-Y2MD7KEREM&gtm=2oea50&_p=602517867&cid=1680921458.1665016540&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1665016540&sct=1&seg=0&dl=https%3A%2F%2Fapply.boroloans.ca%2Flogin&dt=&en=scroll&epn.percent_scrolled=90&_et=12
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y2MD7KEREM&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81e::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apply.boroloans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Oct 2022 00:35:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://apply.boroloans.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

301 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

68 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 06:31:42	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
.boroloans.ca/	1970-01-20 08:39:52	Name: _gcl_au Value: 1.1.468709056.1665016540
.boroloans.ca/	1970-01-20 06:31:42	Name: _gid Value: GA1.2.1919783356.1665016540
.boroloans.ca/	1970-01-20 06:30:16	Name: _dc_gtm_UA-75159424-3 Value: 1
.bing.com/	1970-01-20 15:51:52	Name: MUID Value: 0D84661827E060573AB0742D26CA61FC
.bat.bing.com/	1970-01-20 06:40:21	Name: MR Value: 0
.boroloans.ca/	1970-01-20 16:06:16	Name: _ga_Y2MD7KEREM Value: GS1.1.1665016540.1.0.1665016540.0.0.0
.boroloans.ca/	1970-01-20 16:06:16	Name: _ga Value: GA1.2.1680921458.1665016540
apply.boroloans.ca/	1970-01-20 15:56:11	Name: _pk_id.1.f488 Value: f5d8dc2067d52e09.1665016541.
apply.boroloans.ca/	1970-01-20 06:30:18	Name: _pk_ses.1.f488 Value: 1
.boroloans.ca/	1970-01-20 06:31:42	Name: _uetsid Value: cdf5dfd0450e11ed9a7df9a3be018556
.boroloans.ca/	1970-01-20 15:51:52	Name: _uetvid Value: cdf5ccc0450e11eda3d4c959fa3a0888
.boroloans.ca/	1970-01-20 16:00:03	Name: _scid Value: b9253ccd-ad80-4d33-a193-fdfa34174ee5
.boroloans.ca/	1970-01-20 08:39:52	Name: _fbp Value: fb.1.1665016540614.92478035
apply.boroloans.ca/	1970-01-20 15:54:45	Name: qcSxc Value: 1665016540631
.linkedin.com/	1970-01-20 08:39:52	Name: li_sugr Value: cca3d569-d714-4628-9cdd-d494ff08c693
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 15:15:52	Name: bcookie Value: "v=2&925747f2-0675-4c85-8ff7-33f102a50b12"
.linkedin.com/	1970-01-20 06:31:42	Name: lidc Value: "b=VGST01:s=V:r=V:a=V:p=V:g=2740:u=1:x=1:i=1665016540:t=1665102940:v=2:sig=AQH7PG4Y7HsICJviDYQR320IUWRGqms6"
.getdrip.com/	1970-01-20 16:06:16	Name: _drip_visitor_1127703 Value: eyJfcmFpbHMiOnsibWVzc2FnZSI6IkltWTRZV1l4WlRkaFptVmpNelJsWTJGaE5ESXlZVGRqWkdVM05HUTFNMkl4SWc9PSIsImV4cCI6IjIwMjQtMTAtMDZUMDA6MzU6NDAuNjg2WiIsInB1ciI6bnVsbH19--06bff3e63b79a2cfd7480d7ffe38a8907fb3e32d
.linkedin.com/	1970-01-20 07:13:28	Name: UserMatchHistory Value: AQJZ5mJOsnMAbQAAAYOquC4NR7Ix-Q-Gjr8v_UoloT1SPg20jOxMDgY0j7Md0Si5BuHxNR0Y5v0cYA
.linkedin.com/	1970-01-20 07:13:28	Name: AnalyticsSyncHistory Value: AQLsngpHI6ox_AAAAYOquC4N9b14BKF73DJ-RTJXNT4uIwtJlbmTDxygYhNjRvXzBSuuUijXfGpFATU5hBlojg
apply.boroloans.ca/	1970-01-20 16:06:16	Name: _drip_client_1127703 Value: vid%253Df8af1e7afec34ecaa422a7cde74d53b1%2526pageViews%253D1%2526sessionPageCount%253D1%2526lastVisitedAt%253D1665016540704%2526weeklySessionCount%253D1%2526lastSessionAt%253D1665016540704
.apply.boroloans.ca/	1970-01-20 15:16:14	Name: __adroll_fpc Value: e59b18766ee7e862f089731df33684b7-1665016540736
.t.co/	1970-01-20 16:06:16	Name: muc_ads Value: 8c90b2fc-fe89-4f43-a8f0-6296fb2607ed
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.www.linkedin.com/	1970-01-20 15:15:52	Name: bscookie Value: "v=1&20221006003540b32270b9-2084-4f74-8277-f539efa4b530AQHuscmj-lhf4StoreHpAKmZGbxe8XUw"
.quantserve.com/	1970-01-20 16:00:30	Name: mc Value: 633e22dc-bea5d-1b933-cf973
.boroloans.ca/	1970-01-20 15:54:45	Name: __qca Value: P0-698472026-1665016540627
.apply.boroloans.ca/	1970-01-20 15:15:52	Name: __ar_v4 Value: %7C2C3ORQAMZFDTZFOJQIRR3E%3A20221005%3A1%7CHAZU6ALDTZAMBI43TRRXCZ%3A20221005%3A1%7C5TN47DMVVRB77B4NK3Y5LR%3A20221005%3A1
www.clarity.ms/	1970-01-20 15:15:52	Name: CLID Value: 1b4572bfbd264bbeab27070a482a32a9.20221006.20231006
.user.com/	1970-01-20 16:06:16	Name: _ueuuid Value: bLz3aGGb_dd9YCT5
.boroloans.ca/	1970-01-20 15:15:52	Name: __ca__chat Value: c5v30qenrfjg
.twitter.com/	1970-01-20 16:06:16	Name: personalization_id Value: "v1_t4x/mpJm0gtlXciJrCTzSg=="
.boroloans.ca/	1970-01-20 15:15:52	Name: _clck Value: 1ofuikv\|1\|f5h\|0
.openx.net/	1970-01-20 15:15:52	Name: i Value: 225e0770-8e86-4915-a61b-589c5341bcf4\|1665016540
.adnxs.com/	1970-01-20 08:39:52	Name: uuid2 Value: 3585963062243359751
.yahoo.com/	1970-01-20 15:16:14	Name: A3 Value: d=AQABBNwiPmMCENWFu1vcCJLZEHN6XEs0Xm8FEgEBAQF0P2NIYwAAAAAA_eMAAA&S=AQAAAvBWtfrzvHUHxqzfyRU0nrI
.adnxs.com/	1970-01-20 08:39:52	Name: anj Value: dTM7k!M4/rD>6NRF']wIg2GU`vw?=3!@wnfH1Ya.O4]7Q=E?_shr4Fn19$Hl2Qjp<25tAL_KTQ@atXW1KQ(Oat@R2(x>R$]bV<rQz3`TB0[TN3FR@PsXH%!##q3[wR/#
.analytics.yahoo.com/	1970-01-20 15:15:52	Name: IDSYNC Value: 1770~27k0
.doubleclick.net/	1970-01-20 15:51:52	Name: IDE Value: AHWqTUnSFX5tMWs0QGbexPVHTnE95SpUtw9SE8Me2Mh03YQGSYwu01yZhhiUYA0Vl5g
.tapad.com/	1970-01-20 07:56:40	Name: TapAd_TS Value: 1665016541021
.tapad.com/	1970-01-20 07:56:40	Name: TapAd_DID Value: 49c896e3-6a9a-4f78-921b-5f9de30c216c
d.adroll.com/	1970-01-20 15:59:04	Name: __adroll Value: 9d8b0fd1bfefaf183000d7307be63c50-g_1665016541-a_1665016540
.adroll.com/	1970-01-20 15:59:04	Name: __adroll_shared Value: 9d8b0fd1bfefaf183000d7307be63c50-g_1665016541-a_1665016540
.rlcdn.com/	1970-01-20 15:15:52	Name: rlas3 Value: jOcY73fbUYL5f4o93JacFarxO+7ebdcsIL6IXNw8VnA=
.rlcdn.com/	1970-01-20 07:56:40	Name: pxrc Value: CN3F+JkGEgUI6AcQABIFCOhHEAA=
.adsymptotic.com/	1970-01-20 08:39:52	Name: U Value: 55558e0a12d4cc2e21f7d43614e90660
.tapad.com/	1970-01-20 07:56:40	Name: TapAd_3WAY_SYNCS Value:
.bidswitch.net/	1970-01-20 15:15:52	Name: tuuid Value: 05103b0e-c2ef-4ee8-937a-fb9fcc346b23
.bidswitch.net/	1970-01-20 15:15:52	Name: c Value: 1665016541
.bidswitch.net/	1970-01-20 15:15:52	Name: tuuid_lu Value: 1665016541
.apply.boroloans.ca/	1970-01-20 15:15:52	Name: _pin_unauth Value: dWlkPU9UQTVNbVF3WVRJdE9XVTROUzAwTW1Jd0xUa3dOVFl0TVRNMk5XVmlObUU0WW1WbQ
.snapchat.com/	1970-01-20 15:51:52	Name: sc_at Value: v2\|H4sIAAAAAAAAAE3GuQ3AMAwDwIkEkBDFPNvYVjKFh0+bq+4gVzpHnEsjpH7iwstIWUZN9uxN4aZdoEvcv+ID1sTWhEAAAAA=
.pippio.com/	1970-01-20 15:15:52	Name: did Value: lNikwOj9lzD-XyS-
.pippio.com/	1970-01-20 15:15:52	Name: didts Value: 1665016541
.pippio.com/	1970-01-20 07:56:40	Name: nnls Value:
.boroloans.ca/	1970-01-20 16:00:03	Name: _sctr Value: 1\|1665014400000
.boroloans.ca/	1970-01-20 06:31:42	Name: _clsk Value: vezznd\|1665016541231\|1\|1\|a.clarity.ms/collect
.pippio.com/	1970-01-20 07:56:40	Name: pxrc Value: CN3F+JkGEgQIAhAAEgYI7OsBEAA=
.linksynergy.com/	1970-01-20 15:15:52	Name: rmuid Value: 8a677327-c190-48db-beeb-ecceaabab9e9
.linksynergy.com/	1970-01-20 15:15:52	Name: icts Value: 2022-10-06T00:35:41Z
.c.bing.com/	1970-01-20 06:40:21	Name: MR Value: 0
.c.bing.com/	1970-01-20 15:51:52	Name: SRM_B Value: 0D84661827E060573AB0742D26CA61FC
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 15:51:52	Name: MUID Value: 0D84661827E060573AB0742D26CA61FC
.c.clarity.ms/	1970-01-20 06:40:21	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 06:30:17	Name: ANONCHK Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.clarity.ms
analytics.twitter.com
api.getdrip.com
app.getbeamer.com
apply.boroloans.ca
bat.bing.com
blitz-brands.user.com
browser.sentry-cdn.com
c.bing.com
c.clarity.ms
cdn.ckeditor.com
cdn.matomo.cloud
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
ct.pinterest.com
d.adroll.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
help.leadshook.com
ib.adnxs.com
idsync.rlcdn.com
lhcom.matomo.cloud
p.adsymptotic.com
pippio.com
pixel.quantserve.com
pixel.tapad.com
polyfill.leadshook.io
px.ads.linkedin.com
px4.ads.linkedin.com
pxl.qccerttest.com
rules.quantcount.com
s.adroll.com
s.pinimg.com
sc-static.net
secure.quantserve.com
snap.licdn.com
static.ads-twitter.com
static.leadshook.io
stats.g.doubleclick.net
t.co
tag.getdrip.com
tags.rd.linksynergy.com
tr.snapchat.com
ups.analytics.yahoo.com
us-u.openx.net
widget.user.com
www.amcharts.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
x.bidswitch.net
104.18.101.194
104.244.42.131
104.244.42.5
104.45.184.134
107.178.246.49
107.178.254.65
108.138.113.246
108.156.184.54
13.107.42.14
13.225.63.13
13.226.39.77
142.250.65.226
142.250.80.98
146.75.28.157
173.223.56.237
20.110.81.91
205.234.175.175
2600:141b:13::17d7:82d0
2600:141b:9000:59d::1931
2600:9000:21dd:9600:11:615:7240:93a1
2600:9000:21dd:ce00:6:44e3:f8c0:93a1
2600:9000:23cb:3c00:6:9280:1080:93a1
2600:9000:24f0:f200:c:7d55:b3c0:93a1
2606:4700:10::6816:225c
2606:4700:20::681a:3ba
2606:4700:20::681a:7ba
2606:4700::6811:190e
2607:f8b0:4004:c1b::9a
2607:f8b0:4006:806::2002
2607:f8b0:4006:81e::2003
2607:f8b0:4006:81e::200e
2607:f8b0:4006:820::2004
2607:f8b0:4006:821::2003
2607:f8b0:4006:821::2008
2607:f8b0:4006:821::200a
2620:116:800b:21:b08a:1dc5:659b:4055
2620:1ec:21::14
2620:1ec:bdf::40
2620:1ec:c11::200
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42:200::729
3.126.133.169
34.98.64.218
34.98.67.3
35.190.43.134
35.190.60.146
35.211.178.172
51.91.31.155
52.1.101.111
52.45.33.138
52.85.61.124
54.197.224.139
54.84.91.180
68.67.160.75
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
0e5cf82e4a17e79c80c6f17c3fff873756de944e1301fa01c1d03aba1e359669
1c3d711dc328e3084694c0707d195eb823279168cb507105f51ab7887a6e55ea
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
3169b415764a35886ab1b6fc3029f525aedaaed3b7d92985ff4e9b5d53be92c2
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
3715b504c68323affe436a0169f96fcccfff8f0632a7bce1ca2a762ff714fd17
379e7f98c1e80a7c67fa2fb417a78711ec0715013509d9eeda3bb0f63549d400
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3a9881e4cd502234f503d94ed720029a81232f23811c8110e623e9019292f2d5
3f29259501183f270ed9b30dc3569b0b69c8bafb46685a5790c793ec76c2c763
410e2ee58ae8ade92b8e2065a9b6c303a3dcdd2bf4ddc382cf61f6c4c6d94667
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d
4374cb23d4b393291075dfebd501b03b0704547311d23812e3737bf91d0b6f3e
448b43bfedff44c9103a14d963d7f470d9bb88b7b437ab046a0058aba6e350a4
4605c6c89108d40594ac850a89e1ef09f245a9b4bb57649f2a84a6319380e205
4791f9629b2ab03e00aa962848b886d9d8e709d5185fa2517b1ce4e97027f636
4a34c36eba1fc5d92f556851778a8695936a52b8a63445aaee9863b2fc6b04e8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e4081e5149035b2a3d959e9daa0f5998fd27fd38dd1123ae48c23a5a162c012
51510eebe8a74d642709bbf7dd934586a142489105cfcfbd38c8ed9bef9819d1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
596c1f837665e46b78a7f0e38715a37ef6dff2ac9cb01c59da56bf5040332feb
5b1e8aa03398fb7b3888fb46db6aa28a6db06485a1e47399b43f9fa4b2ba6d01
5dd7be681380468c0eb783f46594c212474e1fad63d78b6f3805b7a958f1783b
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
65b0acb6696448a75af5d79f3b6d2facc8e1293f15ea7ef1aa021eb2e1f4c1a0
67e294da2e0a5b863f5ca40c02eddd1fbb0a0dba124fec3747a1674fb8ede7ac
6984dd52b9fa3b0d430e08792537376831a79e3bb8f32ff573cb357609183d0f
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
724b5f4c241ad87fdc5945eb8e3d617fff235bc2ad6cab258a5b2da6ffdf5360
72ca1a8c43f51834ef6c92b65d659e7d08fe12c713558dbc1d1f4f9f9cafdcdd
74bb2f7c3fb9a441593722505df86699b110d97f090c4b416e46fa834ebe8c23
77ae565eb8c054e6d7d1da8b47ee0d3dcacbced65719ad66a76d0dc71c37a589
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ee70f362e4e74e5dcb1efd4893610db87872d33a184db8239bfea48b18e7f8e
7f68e2818a376ada1e4274d96f349b3e6eb3dc4eda66dcb51b859b84b92b6352
7fb5201761f6a4558eed23d12dad832422541f5ea4ed1dfce7ae1e3750bced9e
8001f30a6865a4d0a174642d213599964b0d21493404c833f36871da0c978d87
807bf403ddd2ecc9a6f12b5922b739b6956b52643f557ffcf387a0c53226889e
8252c21268e8ad2d95133f4ec25dfa99beef3ed6fdb2eb9df341741ed2f91a0a
8306235a3fb55ace3738c49d036e19a9d919023ba2b305c2fae6e0fbfe48fb3b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
8c20cc0b4a1257d93f9ff03de3e95ee305d928f012312c78213d830a0c84ad46
907ffe446b6382139ac05a8eb44154f5430954ab23f056fed39bcebcdf73015d
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
97f1830c06fe2215ccc2dc9468a64ca11e2725b785f42978dbb996e736bdbf53
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b2eafec3675baf2a8d1570291500c6c027db6fced43bfc2698fbb76c050071d
9f2556e4264118d0f45702575f35ca3ebdc6d7615d98b6e81a639e287cbfc3c6
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a54e22a0aae25cbaf8a332e6ad6c574c313d734317426b2af1c3f6b5933b18b1
ab75d2b0c8cc42eb0741c91c456679dd5fa0d6ea201ad0c7e50b06fe916f2c5d
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aefcd59f2a5b7616e74034d73b761b7eee8fd4efbb025a7eab8f359f97ebffbe
b059eed69c80f1b3140756cbf74008f01592ebdba3347383355d1c720e97f3f4
b06a47c4d73da15b24a0da54eef13ef53ce4547c6baa2abb64ce64122ce5ac25
b0ade1af5c23964fcd177e760382ef95bcbec02a31d066fb10b01f6f0cbfd736
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b719a446401c59e2784e7979101371a8a12f04139b37c8632682ea60a5720b21
b94fc29afaf066c90b8161d4a244b9867bcd6409e8f487de8f480ff1cacda1d9
bdfc5b5257c6f9853bd2b7730832070912c436a891e466ee04ecc7012e37d02a
c1b194fb2c0dc9fa1d0c7b4959da8d76abc79f7db35251e6953dfbbae7d7d05b
c75d8bdd1d5498551294cf4551304e5c2158b9788ac1779d03a2edd611a6c93e
cc9dc21f983c2de7e3fe2723bbd25a547b831591f43603c7532b28b5960e2e78
cdcba7a929f59658000da20f172ceb43c5122235f6569bb11f3530622b0ec28f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d4538b500dbad64b4c530857d7faf7d63bf921bcab573e94160c459ce859c90d
d6a2f07e4cedd9535f8ae3659e717de202682a7b173607a86838d5dfef616bca
d7b7e5190742329254d6a2bc8e13c4fbc5cdf24436070a669a78018c0744825e
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
d8a9932951cc9de2f43c5f4d6efe1d12bc3f6867932d62645933845029c2f9c2
d97ca913935c9897ac4e255d17e14c8a3f0d8513681fe5b6736c4921fc5dd078
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed34b7cf47badd31666d6f91b4de19ab0abb60ac52d9bf01003f9ed6c6b67eb8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

apply.boroloans.ca Open in urlscan Pro 54.197.224.139 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

106 Requests

90 %HTTPS

45 %IPv6

45 Domains

58 Subdomains

49 IPs

4 Countries

2980 kBTransfer

11731 kBSize

68 Cookies

2 Outgoing links

Redirected requests

106 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

apply.boroloans.ca Open in urlscan Pro
54.197.224.139 Public Scan

Screenshot
Live screenshot

Full Image

106
Requests

90 %
HTTPS

45 %
IPv6

45
Domains

58
Subdomains

49
IPs

4
Countries

2980 kB
Transfer

11731 kB
Size

68
Cookies

106 HTTP transactions
0 data transactions