affinitycredit.ca Open in urlscan Pro
199.180.29.50 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://affinitycredit.ca/
Submission: On April 06 via automatic, source certstream-suspicious (April 6th 2021, 6:54:36 pm UTC)

Summary HTTP 83 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 16 domains to perform 83 HTTP transactions. The main IP is 199.180.29.50, located in Canada and belongs to 4WEB-, CA. The main domain is affinitycredit.ca.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 26th 2019. Valid for: 2 years.

This is the only time affinitycredit.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	199.180.29.50 199.180.29.50	32536 (4WEB-) (4WEB-)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:b649	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:d5cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5505	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1b::9d	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:47b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:efcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6811:5d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
83	21

23 199.180.29.50 (Canada)

ASN32536 (4WEB-, CA)
PTR: 050-029-180-199-av1.4web.net

affinitycredit.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b649 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d5cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5505 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
perf.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:47b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:efcc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:5d2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	affinitycredit.ca affinitycredit.ca	1 MB
20	gstatic.com fonts.gstatic.com www.gstatic.com	2 MB
13	google.com www.google.com	102 KB
7	hubspot.com api.hubspot.com app.hubspot.com track.hubspot.com	21 KB
6	hsappstatic.net static.hsappstatic.net	229 KB
2	hsforms.com forms.hsforms.com perf.hsforms.com	2 KB
2	google-analytics.com www.google-analytics.com	17 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com	35 KB
1	hs-banner.com js.hs-banner.com	15 KB
1	usemessages.com js.usemessages.com	20 KB
1	hs-analytics.net js.hs-analytics.net	19 KB
1	doubleclick.net stats.g.doubleclick.net	86 B
1	hs-scripts.com js.hs-scripts.com	964 B
1	cloudflare.com cdnjs.cloudflare.com	7 KB
1	hsforms.net js.hsforms.net	129 KB
1	googleapis.com fonts.googleapis.com	850 B
83	16

	Domain	Requested by
23	affinitycredit.ca	affinitycredit.ca
13	www.google.com	affinitycredit.ca js.hsforms.net www.gstatic.com www.google.com
11	www.gstatic.com	www.google.com www.gstatic.com
9	fonts.gstatic.com	fonts.googleapis.com www.google.com
6	static.hsappstatic.net	app.hubspot.com static.hsappstatic.net
4	api.hubspot.com	js.usemessages.com static.hsappstatic.net
2	track.hubspot.com
2	www.google-analytics.com	affinitycredit.ca www.google-analytics.com
2	stackpath.bootstrapcdn.com	affinitycredit.ca
1	app.hubspot.com	js.usemessages.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	perf.hsforms.com	affinitycredit.ca
1	stats.g.doubleclick.net	www.google-analytics.com
1	forms.hsforms.com	js.hsforms.net
1	js.hs-scripts.com	affinitycredit.ca
1	cdnjs.cloudflare.com	affinitycredit.ca
1	js.hsforms.net	affinitycredit.ca
1	fonts.googleapis.com	affinitycredit.ca
83	20

This site contains links to these domains. Also see Links.

Domain
www.hrblock.com
pages.affinitycredit.ca
www.albertalandlord.org
crra.site-ym.com
collaboraterealestate.ca
metcredit.com
graphos.ca
www.facebook.com
twitter.com
www.instagram.com
www.linkedin.com

Subject Issuer	Validity	Valid
*.affinitycredit.ca DigiCert SHA2 Secure Server CA	`2019-02-26` - `2021-04-30`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2020-07-27` - `2021-07-27`	a year	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2020-07-05` - `2021-07-05`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://affinitycredit.ca/
Frame ID: 63313EEBB3117CFC1468AF798A94D1FB
Requests: 50 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LefG5MUAAAAABQqDb6xvwZsrGuK2Rs6Iki8xAdN&co=aHR0cHM6Ly9hZmZpbml0eWNyZWRpdC5jYTo0NDM.&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=invisible&cb=lnz8r52t1fqk
Frame ID: 2C219A25E5FD458445509CE4920DC12F
Requests: 6 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9hZmZpbml0eWNyZWRpdC5jYTo0NDM.&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=invisible&badge=inline&cb=f2lfffqjphau
Frame ID: 5C1E311AE033103090E0BEA72F4265C3
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=5mNs27FP3uLBP3KBPib88r1g&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&cb=4ypxldqx9upi
Frame ID: 95F93C6DAD443BA18387CE5A930346DA
Requests: 13 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/6685552/threads/utk/074d8cf7b43d4d03907d3c674e289df8?uuid=7c4a3b7eaa4d4c80901f43571fc660c6&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=affinitycredit.ca&inApp53=false&messagesUtk=074d8cf7b43d4d03907d3c674e289df8&url=https%3A%2F%2Faffinitycredit.ca%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: F3E4682719586F70BB0381C6B7756650
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

83
Requests

100 %
HTTPS

95 %
IPv6

16
Domains

20
Subdomains

21
IPs

4
Countries

3338 kB
Transfer

4858 kB
Size

8
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.hrblock.com/
Title: File a return

Search URL Search Domain Scan URL

URL: https://pages.affinitycredit.ca/start-collecting-now
Title: Start Collecting Now!

Search URL Search Domain Scan URL

URL: http://www.albertalandlord.org/
Title:

Search URL Search Domain Scan URL

URL: https://crra.site-ym.com/
Title:

Search URL Search Domain Scan URL

URL: https://collaboraterealestate.ca/
Title:

Search URL Search Domain Scan URL

URL: https://metcredit.com/
Title: A MetCredit Company

Search URL Search Domain Scan URL

URL: https://graphos.ca/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/affinitycreditsolutions/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/AffinityCredit
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/affinitycreditsolutions/
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/affinity-credit-solutions-inc-/
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

83 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
affinitycredit.ca/ 32 KB
33 KB 1347ms
794ms Document
text/html 199.180.29.50
4WEB-

General

Check archive.org

Show headers Download Go to

Full URL: https://affinitycredit.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.180.29.50 , Canada, ASN32536 (4WEB-, CA),
Reverse DNS: 050-029-180-199-av1.4web.net
Software: nginx / PHP/7.3.27 PleskLin
Resource Hash: 2e8ceb42658f961f2decd3f93bc7567766e8883c88d7e170b0f4ce807ff629dd

Request headers

Host: affinitycredit.ca
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Tue, 06 Apr 2021 18:54:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.27 PleskLin
Link: <https://affinitycredit.ca/>; rel=shortlink
Referrer-Policy: no-referrer-when-downgrade

GET
H/1.1 200
OK style.min.css
affinitycredit.ca/wp-includes/css/dist/block-library/ 53 KB
53 KB 187ms
185ms Stylesheet
text/css 199.180.29.50
4WEB-

General

Check archive.org

Show headers Download Go to

Full URL: https://affinitycredit.ca/wp-includes/css/dist/block-library/style.min.css?ver=5.5.3
Requested by: Host: affinitycredit.ca
URL: https://affinitycredit.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.180.29.50 , Canada, ASN32536 (4WEB-, CA),
Reverse DNS: 050-029-180-199-av1.4web.net
Software: nginx / PleskLin
Resource Hash: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

Referer: https://affinitycredit.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:54:16 GMT
Last-Modified: Wed, 02 Sep 2020 06:24:52 GMT
Server: nginx
X-Powered-By: PleskLin
ETag: "5f4f3ab4-d293"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 53907

GET
H/1.1 200
OK styles.css
affinitycredit.ca/assets/plugins/contact-form-7/includes/css/ 2 KB
2 KB 531ms
187ms Stylesheet
text/css 199.180.29.50
4WEB-

General

Check archive.org

Show headers Download Go to

Full URL: https://affinitycredit.ca/assets/plugins/contact-form-7/includes/css/styles.css?ver=5.2.2
Requested by: Host: affinitycredit.ca
URL: https://affinitycredit.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.180.29.50 , Canada, ASN32536 (4WEB-, CA),
Reverse DNS: 050-029-180-199-av1.4web.net
Software: nginx / PleskLin
Resource Hash: 892af9f95c881cde5c6c1810e0f45e4687174a1171504c96b36218dd54bb1486

Request headers

Referer: https://affinitycredit.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:54:16 GMT
Last-Modified: Tue, 15 Sep 2020 03:01:35 GMT
Server: nginx
X-Powered-By: PleskLin
ETag: "5f602e8f-780"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1920

GET
H3-Q050 200 css
fonts.googleapis.com/ 11 KB
850 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800,900|Aleo:400,700

Requested by

Host: affinitycredit.ca
URL: https://affinitycredit.ca/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c8e0d279d65b660f778eedd79a54e61d9658f92e540e6d560b45e655f590452b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://affinitycredit.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 06 Apr 2021 18:54:16 GMT
server: ESF
date: Tue, 06 Apr 2021 18:54:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Apr 2021 18:54:16 GMT

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 152 KB
21 KB 23ms
20ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css

Requested by

Host: affinitycredit.ca
URL: https://affinitycredit.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://affinitycredit.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:54:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617, 617, 617, 718
age: 2330802
cdn-cachedat: 2021-03-10 20:26:22
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 094a2221b9000016ee673d2000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: f4f9e3fe6955bd5ea098d661a6546037
cf-ray: 63bd39492b2816ee-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H/1.1 200
OK style.css
affinitycredit.ca/assets/themes/affinity-graphos/ 35 KB
35 KB 682ms
337ms Stylesheet
text/css 199.180.29.50
4WEB-

General

Check archive.org

Show headers Download Go to

Full URL: https://affinitycredit.ca/assets/themes/affinity-graphos/style.css
Requested by: Host: affinitycredit.ca
URL: https://affinitycredit.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.180.29.50 , Canada, ASN32536 (4WEB-, CA),
Reverse DNS: 050-029-180-199-av1.4web.net
Software: nginx / PleskLin
Resource Hash: ff4f8a290039b5c5770f25ce9ff119aca012a690f2f3133f46ab011250b9c21d

Request headers

Referer: https://affinitycredit.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:54:16 GMT
Last-Modified: Fri, 28 Feb 2020 19:17:18 GMT
Server: nginx
X-Powered-By: PleskLin
ETag: "5e59673e-8c74"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35956

GET
H/1.1 200
OK style-additions.css
affinitycredit.ca/assets/themes/affinity-graphos/css/ 264 B
591 B 546ms
192ms Stylesheet
text/css 199.180.29.50
4WEB-

General

Check archive.org

Show headers Download Go to

Full URL: https://affinitycredit.ca/assets/themes/affinity-graphos/css/style-additions.css
Requested by: Host: affinitycredit.ca
URL: https://affinitycredit.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.180.29.50 , Canada, ASN32536 (4WEB-, CA),
Reverse DNS: 050-029-180-199-av1.4web.net
Software: nginx / PleskLin
Resource Hash: b67e11b4277f7389520dba49a7c509c9d33070cd09d4351743e59fee356378a4

Request headers

Referer: https://affinitycredit.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:54:16 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 08 Mar 2021 20:54:41 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: text/css
X-Accel-Version: 0.01
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 264
ETag: "108-5bd0ca48ed8e2"

GET
H/1.1 200
OK frontend.min.js Show response
affinitycredit.ca/assets/plugins/google-analytics-dashboard-for-wp/assets/js/ 9 KB
9 KB 546ms
192ms Script
application/javascript 199.180.29.50
4WEB-

General

Check archive.org

Show headers Download Go to

Full URL: https://affinitycredit.ca/assets/plugins/google-analytics-dashboard-for-wp/assets/js/frontend.min.js?ver=6.2.2
Requested by: Host: affinitycredit.ca
URL: https://affinitycredit.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.180.29.50 , Canada, ASN32536 (4WEB-, CA),
Reverse DNS: 050-029-180-199-av1.4web.net
Software: nginx / PleskLin
Resource Hash: dab98b1d5558dd15c7db5ada4438fe03a424a7c1f5e0f29567d39a0a892bcc41

Request headers

Referer: https://affinitycredit.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:54:16 GMT
Last-Modified: Wed, 12 Aug 2020 15:46:33 GMT
Server: nginx
X-Powered-By: PleskLin
ETag: "5f340ed9-2431"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9265

GET
H/1.1 200
OK jquery.js Show response
affinitycredit.ca/wp-includes/js/jquery/ 95 KB
95 KB 716ms
359ms Script
application/javascript 199.180.29.50
4WEB-

General

Check archive.org

Show headers Download Go to

Full URL: https://affinitycredit.ca/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: affinitycredit.ca
URL: https://affinitycredit.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.180.29.50 , Canada, ASN32536 (4WEB-, CA),
Reverse DNS: 050-029-180-199-av1.4web.net
Software: nginx / PleskLin
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://affinitycredit.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:54:16 GMT
Last-Modified: Wed, 22 May 2019 06:48:49 GMT
Server: nginx
X-Powered-By: PleskLin
ETag: "5ce4f0d1-17a69"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 96873

GET
H/1.1 200
OK affinity-logo.png
affinitycredit.ca/assets/themes/affinity-graphos/img/ 2 KB
3 KB 187ms
180ms Image
image/png 199.180.29.50
4WEB-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://affinitycredit.ca/assets/themes/affinity-graphos/img/affinity-logo.png
Requested by: Host: affinitycredit.ca
URL: https://affinitycredit.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.180.29.50 , Canada, ASN32536 (4WEB-, CA),
Reverse DNS: 050-029-180-199-av1.4web.net
Software: nginx / PleskLin
Resource Hash: 736271105b4de76fcac43fb4d180ed77de129a0eab0247102b9454db3e0ca7af

Request headers

Referer: https://affinitycredit.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:54:17 GMT
Last-Modified: Thu, 21 Feb 2019 18:13:02 GMT
Server: nginx
X-Powered-By: PleskLin
ETag: "5c6eea2e-931"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2353

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
17 KB 73ms
66ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: affinitycredit.ca
URL: https://affinitycredit.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://affinitycredit.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
date: Tue, 06 Apr 2021 18:54:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17432
expires: Tue, 06 Apr 2021 20:54:17 GMT

GET
H/1.1 200
OK money-weights.png
affinitycredit.ca/assets/themes/affinity-graphos/img/ 138 KB
138 KB 373ms
367ms Image
image/png 199.180.29.50
4WEB-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://affinitycredit.ca/assets/themes/affinity-graphos/img/money-weights.png
Requested by: Host: affinitycredit.ca
URL: https://affinitycredit.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.180.29.50 , Canada, ASN32536 (4WEB-, CA),
Reverse DNS: 050-029-180-199-av1.4web.net
Software: nginx / PleskLin
Resource Hash: 060eb0f2fb8557cf8d29c6ea834af336443a8e80baff54c9dd978a89bc3e679e

Request headers

Referer: https://affinitycredit.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:54:17 GMT
Last-Modified: Thu, 21 Feb 2019 18:13:02 GMT
Server: nginx
X-Powered-By: PleskLin
ETag: "5c6eea2e-228cd"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 141517

GET
H/1.1 200
OK money-talks.png
affinitycredit.ca/assets/themes/affinity-graphos/img/ 43 KB
43 KB 183ms
183ms Image
image/png 199.180.29.50
4WEB-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://affinitycredit.ca/assets/themes/affinity-graphos/img/money-talks.png
Requested by: Host: affinitycredit.ca
URL: https://affinitycredit.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.180.29.50 , Canada, ASN32536 (4WEB-, CA),
Reverse DNS: 050-029-180-199-av1.4web.net
Software: nginx / PleskLin
Resource Hash: eabb6e97dee4f5e9936b3c834832927e125526f63a3eb47a4b3d7a25a618aab8

Request headers

Referer: https://affinitycredit.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:54:17 GMT
Last-Modified: Thu, 21 Feb 2019 18:13:02 GMT
Server: nginx
X-Powered-By: PleskLin
ETag: "5c6eea2e-abc4"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43972

GET
H/1.1 200
OK money-easy.png
affinitycredit.ca/assets/themes/affinity-graphos/img/ 53 KB
53 KB 192ms
192ms Image
image/png 199.180.29.50
4WEB-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://affinitycredit.ca/assets/themes/affinity-graphos/img/money-easy.png
Requested by: Host: affinitycredit.ca
URL: https://affinitycredit.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.180.29.50 , Canada, ASN32536 (4WEB-, CA),
Reverse DNS: 050-029-180-199-av1.4web.net
Software: nginx / PleskLin
Resource Hash: b2794936ac9f34d860b0c4b646c769f8baa309363e134b353ebb517fc67b289b

Request headers

Referer: https://affinitycredit.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:54:17 GMT
Last-Modified: Thu, 21 Feb 2019 18:13:02 GMT
Server: nginx
X-Powered-By: PleskLin
ETag: "5c6eea2e-d241"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 53825

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 528 KB
129 KB 96ms
44ms Script
application/javascript 2606:4700::6811:b649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: affinitycredit.ca
URL: https://affinitycredit.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b649 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f05d9f452ae2ccd04636c044c0ec94c4f9816ed99ecdf92d60ed19f935b9bdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://affinitycredit.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:54:17 GMT
via: 1.1 613faec4b883bfe2ebdd8a74d5006f4c.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 094a2224ad000005b315160000000001
last-modified: Fri, 26 Mar 2021 10:36:09 UTC
server: cloudflare
etag: W/"63331a62eca734989c8849eaffe022e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=95JwaqnY698H5%2BPKKYUR9AAjbrTkolL3gGd5GD5ds3M8t57mHiidkcn3DPFWG0HsWU%2BsxpS5gH8TaANf7tdcwOJo2mCruLkt4hCjb6wRq6yOapBpPzdqmvA6sg%3D%3D"}],"max_age":604800}
x-amz-version-id: M5RwkbeiQGm2N3cfIFqKB6JW6xCXyOAo
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 63bd394dd9e005b3-FRA
x-amz-cf-id: DCF8D99izKTekh7C0LKkKoGy3OC7sdakCmPRMuS2FbsfLV59Lq2OKA==

GET
H/1.1 200
OK gaining-success.png
affinitycredit.ca/assets/themes/affinity-graphos/img/ 107 KB
107 KB 185ms
184ms Image
image/png 199.180.29.50
4WEB-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://affinitycredit.ca/assets/themes/affinity-graphos/img/gaining-success.png
Requested by: Host: affinitycredit.ca
URL: https://affinitycredit.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.180.29.50 , Canada, ASN32536 (4WEB-, CA),
Reverse DNS: 050-029-180-199-av1.4web.net
Software: nginx / PleskLin
Resource Hash: b0d0b118beb27af2d29ee8b3432df02728002576c3bc4a25bff398ae57fa1bfd

Request headers

Referer: https://affinitycredit.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:54:17 GMT
Last-Modified: Thu, 21 Feb 2019 18:13:02 GMT
Server: nginx
X-Powered-By: PleskLin
ETag: "5c6eea2e-1aa28"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 109096

GET
H/1.1 200
OK arla-alberta-residential-landlord-association.png
affinitycredit.ca/assets/themes/affinity-graphos/img/ 3 KB
3 KB 196ms
187ms Image
image/png 199.180.29.50
4WEB-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://affinitycredit.ca/assets/themes/affinity-graphos/img/arla-alberta-residential-landlord-association.png
Requested by: Host: affinitycredit.ca
URL: https://affinitycredit.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.180.29.50 , Canada, ASN32536 (4WEB-, CA),
Reverse DNS: 050-029-180-199-av1.4web.net
Software: nginx / PleskLin
Resource Hash: ee93dc5a3dfd983a9dc566b52accf4d734137212608ca9ce5d69bf087d6889dc

Request headers

Referer: https://affinitycredit.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:54:17 GMT
Last-Modified: Thu, 21 Feb 2019 18:13:02 GMT
Server: nginx
X-Powered-By: PleskLin
ETag: "5c6eea2e-b2c"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2860

GET
H/1.1 200
OK crra-calgary-residential-rental-association.png
affinitycredit.ca/assets/themes/affinity-graphos/img/ 4 KB
4 KB 185ms
185ms Image
image/png 199.180.29.50
4WEB-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://affinitycredit.ca/assets/themes/affinity-graphos/img/crra-calgary-residential-rental-association.png
Requested by: Host: affinitycredit.ca
URL: https://affinitycredit.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.180.29.50 , Canada, ASN32536 (4WEB-, CA),
Reverse DNS: 050-029-180-199-av1.4web.net
Software: nginx / PleskLin
Resource Hash: 2a2e256b3c03ffc7c7786358be80bfdcff7788325a6f86f9ef0230952dc55e91

Request headers

Referer: https://affinitycredit.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:54:17 GMT
Last-Modified: Thu, 21 Feb 2019 18:13:02 GMT
Server: nginx
X-Powered-By: PleskLin
ETag: "5c6eea2e-10f6"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4342

GET
H/1.1 200
OK collaborate-real-estate.png
affinitycredit.ca/assets/themes/affinity-graphos/img/ 3 KB
3 KB 189ms
188ms Image
image/png 199.180.29.50
4WEB-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://affinitycredit.ca/assets/themes/affinity-graphos/img/collaborate-real-estate.png
Requested by: Host: affinitycredit.ca
URL: https://affinitycredit.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.180.29.50 , Canada, ASN32536 (4WEB-, CA),
Reverse DNS: 050-029-180-199-av1.4web.net
Software: nginx / PleskLin
Resource Hash: d961cd40e6d8fe3ce2becb6f6559cc9e858e63846633defc7883564a20217909

Request headers

Referer: https://affinitycredit.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:54:17 GMT
Last-Modified: Thu, 21 Feb 2019 18:13:02 GMT
Server: nginx
X-Powered-By: PleskLin
ETag: "5c6eea2e-b36"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2870

GET
H/1.1 200
OK graphos-logo-teal.png
affinitycredit.ca/assets/themes/affinity-graphos/img/ 979 B
1 KB 191ms
190ms Image
image/png 199.180.29.50
4WEB-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://affinitycredit.ca/assets/themes/affinity-graphos/img/graphos-logo-teal.png
Requested by: Host: affinitycredit.ca
URL: https://affinitycredit.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.180.29.50 , Canada, ASN32536 (4WEB-, CA),
Reverse DNS: 050-029-180-199-av1.4web.net
Software: nginx / PleskLin
Resource Hash: ca99322cf8da79c9a6c4a77a6b6779001821815ae5dbc00d5900d312557ebaa8

Request headers

Referer: https://affinitycredit.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:54:17 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 21 Feb 2019 18:13:02 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: image/png
X-Accel-Version: 0.01
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 979
ETag: "3d3-5826b6cd52539"

GET
H/1.1 200
OK scripts.js Show response
affinitycredit.ca/assets/plugins/contact-form-7/includes/js/ 14 KB
14 KB 185ms
184ms Script
application/javascript 199.180.29.50
4WEB-

General

Check archive.org

Show headers Download Go to

Full URL: https://affinitycredit.ca/assets/plugins/contact-form-7/includes/js/scripts.js?ver=5.2.2
Requested by: Host: affinitycredit.ca
URL: https://affinitycredit.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.180.29.50 , Canada, ASN32536 (4WEB-, CA),
Reverse DNS: 050-029-180-199-av1.4web.net
Software: nginx / PleskLin
Resource Hash: a0ea735f765d5bc1230beb63bcb701b69c80d77c48572a61bb159a8915903278

Request headers

Referer: https://affinitycredit.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:54:17 GMT
Last-Modified: Tue, 15 Sep 2020 03:01:35 GMT
Server: nginx
X-Powered-By: PleskLin
ETag: "5f602e8f-3719"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14105

GET
H/1.1 200
OK scripts.min.js Show response
affinitycredit.ca/assets/plugins/cf7-repeatable-fields/assets/js/ 2 KB
2 KB 189ms
186ms Script
application/javascript 199.180.29.50
4WEB-

General

Check archive.org

Show headers Download Go to

Full URL: https://affinitycredit.ca/assets/plugins/cf7-repeatable-fields/assets/js/scripts.min.js?ver=1.1.1
Requested by: Host: affinitycredit.ca
URL: https://affinitycredit.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.180.29.50 , Canada, ASN32536 (4WEB-, CA),
Reverse DNS: 050-029-180-199-av1.4web.net
Software: nginx / PleskLin
Resource Hash: f28083a17e788a3f11c1a846302827cf19f6b7d33ed9968200fdf60417b87dc7

Request headers

Referer: https://affinitycredit.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:54:17 GMT
Last-Modified: Wed, 08 Jan 2020 14:41:09 GMT
Server: nginx
X-Powered-By: PleskLin
ETag: "5e15ea05-66a"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1642

GET
H3-Q050 200 api.js Show response
www.google.com/recaptcha/ 884 B
659 B 46ms
43ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LefG5MUAAAAABQqDb6xvwZsrGuK2Rs6Iki8xAdN&ver=3.0

Requested by

Host: affinitycredit.ca
URL: https://affinitycredit.ca/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fae1c2a9d569291b4beac808bdda762df39b70902dfa4cdeb17ae8f6fefb6642

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://affinitycredit.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 586
x-xss-protection: 1; mode=block
expires: Tue, 06 Apr 2021 18:54:17 GMT

GET
H/1.1 200
OK script.js Show response
affinitycredit.ca/assets/plugins/contact-form-7/modules/recaptcha/ 1 KB
2 KB 187ms
184ms Script
application/javascript 199.180.29.50
4WEB-

General

Check archive.org

Show headers Download Go to

Full URL: https://affinitycredit.ca/assets/plugins/contact-form-7/modules/recaptcha/script.js?ver=5.2.2
Requested by: Host: affinitycredit.ca
URL: https://affinitycredit.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.180.29.50 , Canada, ASN32536 (4WEB-, CA),
Reverse DNS: 050-029-180-199-av1.4web.net
Software: nginx / PleskLin
Resource Hash: aef711d1643073ab593de1d958ee854d6f63339cb216eda43666fb9dfcebffd0

Request headers

Referer: https://affinitycredit.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:54:17 GMT
Last-Modified: Tue, 15 Sep 2020 03:01:35 GMT
Server: nginx
X-Powered-By: PleskLin
ETag: "5f602e8f-4f3"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1267

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ 21 KB
7 KB 37ms
29ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js

Requested by

Host: affinitycredit.ca
URL: https://affinitycredit.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://affinitycredit.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 604346
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6646
cf-request-id: 094a22254b00002b41ef8d9000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-520c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yAMuWsbd%2F%2BhH1G0K28pbZ9d%2FtvqigLi6ETCwrbEYBVbsFWJU94LTI1HILhoHqrdjzAmRkxXWyUOiUOOKLPSdR9Xx%2FsQ9EvsQY9Rv5W22Uem7E4iwzUcDLMQ4wF40usqGQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 63bd394edf6c2b41-FRA
expires: Sun, 27 Mar 2022 18:54:17 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 57 KB
15 KB 34ms
26ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js

Requested by

Host: affinitycredit.ca
URL: https://affinitycredit.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://affinitycredit.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617, 617, 617
age: 2330802
cdn-cachedat: 2021-03-10 20:26:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 094a22254e000016ee9da9a000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: df45ab8c58be34e9a30d61fab49a91ec
cf-ray: 63bd394eeed616ee-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H/1.1 200
OK main.js Show response
affinitycredit.ca/assets/themes/affinity-graphos/js/ 6 KB
7 KB 189ms
183ms Script
application/javascript 199.180.29.50
4WEB-

General

Check archive.org

Show headers Download Go to

Full URL: https://affinitycredit.ca/assets/themes/affinity-graphos/js/main.js
Requested by: Host: affinitycredit.ca
URL: https://affinitycredit.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.180.29.50 , Canada, ASN32536 (4WEB-, CA),
Reverse DNS: 050-029-180-199-av1.4web.net
Software: nginx / PleskLin
Resource Hash: fbd5b581a270fd79c18a41ca488e5fc78a64f0b7bbab42bca3cc86dc05022471

Request headers

Referer: https://affinitycredit.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:54:17 GMT
Last-Modified: Mon, 08 Mar 2021 20:54:50 GMT
Server: nginx
X-Powered-By: PleskLin
ETag: "60468f1a-192d"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6445

GET
H2 200 6685552.js Show response
js.hs-scripts.com/ 1 KB
964 B 653ms
431ms Script
application/javascript 2606:4700::6811:d5cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/6685552.js
Requested by: Host: affinitycredit.ca
URL: https://affinitycredit.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbbb025c55b8a53ae37e210fb44236710c756839470986d2d50207d54efe8908

Request headers

Referer: https://affinitycredit.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:54:18 GMT
content-encoding: br
cf-cache-status: MISS
server: cloudflare
x-trace: 2BE14E751ADD93D1FEEAF645688F0D3F5A8886AD1E000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://affinitycredit.ca
access-control-max-age: 3600
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 63bd395039c5d6e5-FRA
cf-request-id: 094a2226270000d6e5999b7000000001
expires: Tue, 06 Apr 2021 18:55:18 GMT

GET
H2 200 330d0ba1-882d-4794-84ad-50f2102da56e Show response
forms.hsforms.com/embed/v3/form/6685552/ 3 KB
2 KB 286ms
134ms Script
application/javascript 2606:4700::6810:5505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/6685552/330d0ba1-882d-4794-84ad-50f2102da56e?callback=hs_reqwest_0&hutk=

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70825f516e487ca49ac75389a9bc79df3e4b9f7ab9b8f666f82a6d2aa1645695

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://affinitycredit.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-disposition: attachment; filename=no-rfd.txt
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 094a2226280000d6e5eeaf5000000001
server: cloudflare
x-trace: 2BE049594BAD01D730660B0065F0CF69A397593125000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 63bd395039c9d6e5-FRA

GET
DATA 200
OK truncated
/ 415 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97aa2f482e2a39e7c50e17bc773e4308d80fd60b105d90fc031bb814571df945

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK affinity-money-search-illustration.png
affinitycredit.ca/assets/themes/affinity-graphos/img/ 389 KB
390 KB 247ms
194ms Image
image/png 199.180.29.50
4WEB-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://affinitycredit.ca/assets/themes/affinity-graphos/img/affinity-money-search-illustration.png
Requested by: Host: affinitycredit.ca
URL: https://affinitycredit.ca/assets/themes/affinity-graphos/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.180.29.50 , Canada, ASN32536 (4WEB-, CA),
Reverse DNS: 050-029-180-199-av1.4web.net
Software: nginx / PleskLin
Resource Hash: cf2b3f6b78ee5b3c386bebc02cd2fd3e2d1916253f60f1e5b7fc78edcf331ab1

Request headers

Referer: https://affinitycredit.ca/assets/themes/affinity-graphos/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:54:17 GMT
Last-Modified: Thu, 21 Feb 2019 18:13:02 GMT
Server: nginx
X-Powered-By: PleskLin
ETag: "5c6eea2e-6154e"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 398670

GET
H/1.1 200
OK debt-collector-money-hunting.png
affinitycredit.ca/assets/themes/affinity-graphos/img/ 98 KB
98 KB 363ms
362ms Image
image/png 199.180.29.50
4WEB-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://affinitycredit.ca/assets/themes/affinity-graphos/img/debt-collector-money-hunting.png
Requested by: Host: affinitycredit.ca
URL: https://affinitycredit.ca/assets/themes/affinity-graphos/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.180.29.50 , Canada, ASN32536 (4WEB-, CA),
Reverse DNS: 050-029-180-199-av1.4web.net
Software: nginx / PleskLin
Resource Hash: 956e441e437b6bfbe116e9f2625c8a9bf179bb976c425b4604b5df1a51e7059b

Request headers

Referer: https://affinitycredit.ca/assets/themes/affinity-graphos/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:54:17 GMT
Last-Modified: Thu, 21 Feb 2019 18:13:02 GMT
Server: nginx
X-Powered-By: PleskLin
ETag: "5c6eea2e-1868e"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 99982

GET
H/1.1 200
OK downloadable-offer.jpg
affinitycredit.ca/assets/themes/affinity-graphos/img/ 55 KB
55 KB 190ms
189ms Image
image/jpeg 199.180.29.50
4WEB-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://affinitycredit.ca/assets/themes/affinity-graphos/img/downloadable-offer.jpg
Requested by: Host: affinitycredit.ca
URL: https://affinitycredit.ca/assets/themes/affinity-graphos/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.180.29.50 , Canada, ASN32536 (4WEB-, CA),
Reverse DNS: 050-029-180-199-av1.4web.net
Software: nginx / PleskLin
Resource Hash: 59ebd0c93e8cb75328016ccebc5c364df6984eb7234ffec72b21028355953450

Request headers

Referer: https://affinitycredit.ca/assets/themes/affinity-graphos/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 18:54:18 GMT
Last-Modified: Tue, 09 Jul 2019 21:31:22 GMT
Server: nginx
X-Powered-By: PleskLin
ETag: "5d2507aa-db71"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 56177

GET
H2 200 c4mv1nF8G8_swA3J0Q.woff2
fonts.gstatic.com/s/aleo/v4/ 28 KB
28 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/aleo/v4/c4mv1nF8G8_swA3J0Q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800,900|Aleo:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c661089dddb9797c4617a25a50e392b2c04d3e25911d476e1d55a28e1559fe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://affinitycredit.ca
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 10:03:53 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Sep 2020 03:49:33 GMT
server: sffe
age: 377424
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
expires: Sat, 02 Apr 2022 10:03:53 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800,900|Aleo:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://affinitycredit.ca
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 10:03:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
age: 377440
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19480
x-xss-protection: 0
expires: Sat, 02 Apr 2022 10:03:37 GMT

GET
H2 200 c4mg1nF8G8_syLbsxDJJnw.woff2
fonts.gstatic.com/s/aleo/v4/ 25 KB
25 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/aleo/v4/c4mg1nF8G8_syLbsxDJJnw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800,900|Aleo:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f663b242fc066ab4ee3760a76816084c21560dbe757adbbe88955f794ce7b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://affinitycredit.ca
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 10:03:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Sep 2020 03:49:39 GMT
server: sffe
age: 377426
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25204
x-xss-protection: 0
expires: Sat, 02 Apr 2022 10:03:51 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_c5H3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_c5H3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800,900|Aleo:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c623b34dcf729895c3bc9b6e261796bbad69555a21ad6d2f9b4e7bc27b6e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://affinitycredit.ca
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 18:17:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:08 GMT
server: sffe
age: 520582
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19440
x-xss-protection: 0
expires: Thu, 31 Mar 2022 18:17:55 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800,900|Aleo:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://affinitycredit.ca
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 10:03:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:52 GMT
server: sffe
age: 377440
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19172
x-xss-protection: 0
expires: Sat, 02 Apr 2022 10:03:37 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_epG3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_epG3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800,900|Aleo:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2fca2ae6ff4ffea8690cb747cfb9237c873b227c4ad3425a1d84598c8bd0148

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://affinitycredit.ca
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 10:03:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:21 GMT
server: sffe
age: 377440
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19240
x-xss-protection: 0
expires: Sat, 02 Apr 2022 10:03:37 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/ 332 KB
332 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LefG5MUAAAAABQqDb6xvwZsrGuK2Rs6Iki8xAdN&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec361bce3349b6cbb5e414df65c58151bf4ad12078c6fc15ffd9dffcfbfa92d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://affinitycredit.ca
Referer: https://affinitycredit.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 17:14:08 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 04:06:11 GMT
server: sffe
age: 6009
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 340168
x-xss-protection: 0
expires: Wed, 06 Apr 2022 17:14:08 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
71 B 14ms
13ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=1378140389&t=pageview&_s=1&dl=https%3A%2F%2Faffinitycredit.ca%2F&ul=en-us&de=UTF-8&dt=Collection%20Agency%20%7C%20Affinity%20Credit%20Solutions%20%7C%20Alberta%20Debt%20Recovery%20Experts&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABCAAAAC~&jid=1643108429&gjid=729174065&cid=941549574.1617735258&tid=UA-19509260-87&_gid=417622732.1617735258&_r=1&_slc=1&z=290194955

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://affinitycredit.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 18:54:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://affinitycredit.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 enterprise.js Show response
www.google.com/recaptcha/ 1008 B
741 B 16ms
15ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8daee2641e414503c5efed7b4d0fd9966b8fa9a617d2faa00b2f62c0b8fcd51f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://affinitycredit.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 614
x-xss-protection: 1; mode=block
expires: Tue, 06 Apr 2021 18:54:17 GMT

GET
H3-Q050 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 2C21 19 KB
10 KB 29ms
29ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LefG5MUAAAAABQqDb6xvwZsrGuK2Rs6Iki8xAdN&co=aHR0cHM6Ly9hZmZpbml0eWNyZWRpdC5jYTo0NDM.&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=invisible&cb=lnz8r52t1fqk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

679e13a2d48b5e067f44eea2bc1a02c96c13f7a3d1e61d4ef68a82c47e329fdf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dmSytrH8IknrUrU7l+NWMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LefG5MUAAAAABQqDb6xvwZsrGuK2Rs6Iki8xAdN&co=aHR0cHM6Ly9hZmZpbml0eWNyZWRpdC5jYTo0NDM.&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=invisible&cb=lnz8r52t1fqk
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://affinitycredit.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://affinitycredit.ca/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 06 Apr 2021 18:54:17 GMT
content-security-policy: script-src 'report-sample' 'nonce-dmSytrH8IknrUrU7l+NWMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10042
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
86 B 37ms
37ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-19509260-87&cid=941549574.1617735258&jid=1643108429&gjid=729174065&_gid=417622732.1617735258&_u=YEBAAUAACAAAAC~&z=485586349

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://affinitycredit.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 06 Apr 2021 18:54:17 GMT
content-type: text/plain
access-control-allow-origin: https://affinitycredit.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame 5C1E 20 KB
11 KB 25ms
25ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9hZmZpbml0eWNyZWRpdC5jYTo0NDM.&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=invisible&badge=inline&cb=f2lfffqjphau

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4aab85cb78df64380606927490fdfbd65f951a74ed12e8a8371a8cc6c2bf952b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yf/2tvpDKKKsO2b1uHAJuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9hZmZpbml0eWNyZWRpdC5jYTo0NDM.&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=invisible&badge=inline&cb=f2lfffqjphau
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://affinitycredit.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://affinitycredit.ca/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 06 Apr 2021 18:54:18 GMT
content-security-policy: script-src 'report-sample' 'nonce-yf/2tvpDKKKsO2b1uHAJuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10704
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 counters.gif
perf.hsforms.com/embed/v3/ 35 B
322 B 156ms
155ms Image
image/gif 2606:4700::6810:5505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=forms-next-recaptcha-viewed&count=1&portalId=6685552

Requested by

Host: affinitycredit.ca
URL: https://affinitycredit.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://affinitycredit.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:54:18 GMT
cf-cache-status: MISS
server: cloudflare
x-trace: 2BF764A32858FCC606C161F725F5C623B6A95D0B4C000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 63bd3952bee5d6e5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35
cf-request-id: 094a2227b40000d6e5cbaed000000001

GET
H3-Q050 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/ Frame 2C21 50 KB
25 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LefG5MUAAAAABQqDb6xvwZsrGuK2Rs6Iki8xAdN&co=aHR0cHM6Ly9hZmZpbml0eWNyZWRpdC5jYTo0NDM.&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=invisible&cb=lnz8r52t1fqk

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 16:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 04:06:11 GMT
server: sffe
age: 8635
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25479
x-xss-protection: 0
expires: Wed, 06 Apr 2022 16:30:23 GMT

GET
H3-Q050 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/ Frame 2C21 332 KB
332 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__en.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec361bce3349b6cbb5e414df65c58151bf4ad12078c6fc15ffd9dffcfbfa92d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 17:14:08 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 04:06:11 GMT
server: sffe
age: 6010
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 340168
x-xss-protection: 0
expires: Wed, 06 Apr 2022 17:14:08 GMT

GET
H3-Q050 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/ Frame 5C1E 50 KB
25 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9hZmZpbml0eWNyZWRpdC5jYTo0NDM.&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=invisible&badge=inline&cb=f2lfffqjphau

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 16:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 04:06:11 GMT
server: sffe
age: 8635
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25479
x-xss-protection: 0
expires: Wed, 06 Apr 2022 16:30:23 GMT

GET
H3-Q050 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/ Frame 5C1E 332 KB
332 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__en.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec361bce3349b6cbb5e414df65c58151bf4ad12078c6fc15ffd9dffcfbfa92d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 17:14:08 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 04:06:11 GMT
server: sffe
age: 6010
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 340168
x-xss-protection: 0
expires: Wed, 06 Apr 2022 17:14:08 GMT

GET
H3-Q050 200 LwzEJkrqzuIpy5ZXdMyVZqsv4pxUDwC8wk7uiqYZWNw.js Show response
www.google.com/js/bg/ Frame 2C21 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/LwzEJkrqzuIpy5ZXdMyVZqsv4pxUDwC8wk7uiqYZWNw.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f0cc4264aeacee229cb965774cc9566ab2fe29c540f00bcc24eee8aa61958dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LefG5MUAAAAABQqDb6xvwZsrGuK2Rs6Iki8xAdN&co=aHR0cHM6Ly9hZmZpbml0eWNyZWRpdC5jYTo0NDM.&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=invisible&cb=lnz8r52t1fqk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 00:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:00:00 GMT
server: sffe
age: 584964
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5706
x-xss-protection: 0
expires: Thu, 31 Mar 2022 00:24:54 GMT

GET
H3-Q050 200 webworker.js
www.google.com/recaptcha/api2/ Frame 2C21 102 B
160 B 15ms
15ms Other
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=5mNs27FP3uLBP3KBPib88r1g

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

755fc16c048c7375eb92052140a46cdb3aeb33046799cb298a0c1e3292b23071

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LefG5MUAAAAABQqDb6xvwZsrGuK2Rs6Iki8xAdN&co=aHR0cHM6Ly9hZmZpbml0eWNyZWRpdC5jYTo0NDM.&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=invisible&cb=lnz8r52t1fqk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 06 Apr 2021 18:54:18 GMT

GET
H3-Q050 200 LwzEJkrqzuIpy5ZXdMyVZqsv4pxUDwC8wk7uiqYZWNw.js Show response
www.google.com/js/bg/ Frame 5C1E 14 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/LwzEJkrqzuIpy5ZXdMyVZqsv4pxUDwC8wk7uiqYZWNw.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f0cc4264aeacee229cb965774cc9566ab2fe29c540f00bcc24eee8aa61958dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9hZmZpbml0eWNyZWRpdC5jYTo0NDM.&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=invisible&badge=inline&cb=f2lfffqjphau
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 00:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:00:00 GMT
server: sffe
age: 584964
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5706
x-xss-protection: 0
expires: Thu, 31 Mar 2022 00:24:54 GMT

GET
H2 200 6685552.js Show response
js.hs-analytics.net/analytics/1617735000000/ 61 KB
19 KB 293ms
253ms Script
text/javascript 2606:4700::6811:47b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1617735000000/6685552.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6685552.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26087c06a8cffc2934fbdfe5291116a637c6c1e59e620c3bdce7890bb77826d6

Request headers

Referer: https://affinitycredit.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:54:18 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 8GKB9JTY29J4V8DG
x-amz-server-side-encryption: AES256
cf-ray: 63bd39547dd5d6c9-FRA
x-amz-id-2: xPbZiotUDHnP0vdOYb2Jgmur20LUtLT02lYKpc2H3b5fXA9jWVgcxvr6R6dBjXn4SMUWmrZqtyM=
last-modified: Tue, 23 Feb 2021 23:28:04 GMT
server: cloudflare
etag: W/"24bd4da7974ec1361fee264be5976ef1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-request-id: 094a2228c90000d6c917190000000001
content-type: text/javascript
expires: Tue, 06 Apr 2021 18:59:18 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 81 KB
20 KB 62ms
23ms Script
application/javascript 2606:4700::6811:efcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6685552.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:efcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe86c3e80a49679efffdda2cbf024daa762441eff8f2a08ac5d9fbd7f3435513

Request headers

Referer: https://affinitycredit.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:54:18 GMT
via: 1.1 c974a69619205281e0e6b8e73f95e4b5.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 352
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.8554/bundles/project.js&cfRay=63bd30ba1921d6d5-IAD
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 094a2228c80000d6d575a6d000000001
last-modified: Mon, 05 Apr 2021 05:25:40 UTC
server: cloudflare
etag: W/"7dd420619e402347bb0686b6b3b22dd5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: TFdFdkrbimDBqP4ettjuHiNcZ2E8L9gX
cache-control: max-age=600
x-hs-cache-status: EXPIRED
x-amz-cf-pop: IAD89-C3
cf-ray: 63bd39547e4bd6d5-FRA
x-amz-cf-id: oFu-KXuRw7qI2ayKPq_5fGtzRbz6BKGV_kErBI47wXqwd9YIFFYAnA==

GET
H2 200 6685552.js Show response
js.hs-banner.com/ 59 KB
15 KB 546ms
507ms Script
text/javascript 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/6685552.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6685552.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef2a98a9f497609a5c7910bc977dbebc6e508e3b1553c8cce730192795d5193e

Request headers

Referer: https://affinitycredit.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:54:18 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 8GK9A7GVE1313JQZ
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: kAe7qWF6sPqZY9R0Q3EWgksGpeoht0rx0iIZEhWdQ2ptbU6gVh96gABU/Bp4zLGav2kODkcIn5M=
timing-allow-origin: *
last-modified: Tue, 09 Mar 2021 22:25:54 GMT
server: cloudflare
etag: W/"894fe25a3f408532bf9c2396c73e5564"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: gTMrAigX4yV3RVp4SJahzDXW6M0nr_Gz
access-control-allow-origin: https://affinitycredit.ca
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-request-id: 094a2228c900000eafa90aa000000001
cf-ray: 63bd39547f160eaf-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Tue, 06 Apr 2021 18:59:18 GMT

GET
H3-Q050 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame 5C1E 102 B
134 B 26ms
25ms Other
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=5mNs27FP3uLBP3KBPib88r1g

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

755fc16c048c7375eb92052140a46cdb3aeb33046799cb298a0c1e3292b23071

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9hZmZpbml0eWNyZWRpdC5jYTo0NDM.&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=invisible&badge=inline&cb=f2lfffqjphau
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 06 Apr 2021 18:54:18 GMT

POST
H3-Q050 200 reload Show response
www.google.com/recaptcha/api2/ Frame 2C21 9 KB
7 KB 69ms
64ms XHR
application/json 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LefG5MUAAAAABQqDb6xvwZsrGuK2Rs6Iki8xAdN

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

53774392051d26d1e8a6f1a6e4d8d3050f1fdb200e4bd57e4d80783c90fca07e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LefG5MUAAAAABQqDb6xvwZsrGuK2Rs6Iki8xAdN&co=aHR0cHM6Ly9hZmZpbml0eWNyZWRpdC5jYTo0NDM.&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=invisible&cb=lnz8r52t1fqk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Tue, 06 Apr 2021 18:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6559
x-xss-protection: 1; mode=block
expires: Tue, 06 Apr 2021 18:54:18 GMT

GET
H3-Q050 200 bframe Show response
www.google.com/recaptcha/enterprise/ Frame 95F9 7 KB
1 KB 20ms
17ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=5mNs27FP3uLBP3KBPib88r1g&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&cb=4ypxldqx9upi

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

96fe5714f74a57f3179e0aa689a9d4e4ec44bfd424903b53d704248f5951d625

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xpLBSplPPvt4yWK5HYF4JA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/enterprise/bframe?hl=en&v=5mNs27FP3uLBP3KBPib88r1g&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&cb=4ypxldqx9upi
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://affinitycredit.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://affinitycredit.ca/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 06 Apr 2021 18:54:18 GMT
content-security-policy: script-src 'report-sample' 'nonce-xpLBSplPPvt4yWK5HYF4JA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1115
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 3 KB
2 KB 233ms
225ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=6685552&conversations-embed=static-1.8554&mobile=false&messagesUtk=074d8cf7b43d4d03907d3c674e289df8&traceId=074d8cf7b43d4d03907d3c674e289df8

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5956e3e21971e87735ee48022a6f705daba9c0e12a0e4b5a2ad6214cc849cc1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

X-HubSpot-Messages-Uri: https://affinitycredit.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://affinitycredit.ca/

Response headers

date: Tue, 06 Apr 2021 18:54:19 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1384
cf-request-id: 094a222ad300002b29080b2000000001
server: cloudflare
x-trace: 2B39364A0D6558ED4BAB7E0C97B734B7314E7D3CEC000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XDTagykVwi4br3rBBwv2DQ2NxHcM5oTgUeyIPhwvaxVfjV1%2BHcJT1gSy5evXSWa05smZY2M8vnlrEJy6Gjwpk4JZm%2BdMpmK8Go6oUTZUCd4pSvTCYT8ncQgEbSc%3D"}],"max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://affinitycredit.ca
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 63bd3957bfb72b29-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 192ms
117ms Preflight
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-hubspot-messages-uri
Origin: https://affinitycredit.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 06 Apr 2021 18:54:18 GMT
content-type: text/plain; charset=utf-8
content-length: 18
cf-ray: 63bd3956fe022b29-FRA
access-control-allow-origin: https://affinitycredit.ca
allow: HEAD,GET,OPTIONS
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
cf-request-id: 094a222a5800002b29f73a2000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-trace: 2B37C808CC22BEA9B75014BC1F1463D3A0F79963DD000000000000000000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CJmJEnD%2FAbDucwWcILFUtz2Mhmxn538wIgXejb87a4UMesOE1R76intLYVGkNlw6W%2BaAYx5BvaLR65t0a5b%2FoMFlF9GOIK33hUMoWEa%2FFsadpl%2BW8m8EqO4YIUs%3D"}],"max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 074d8cf7b43d4d03907d3c674e289df8 Show response
app.hubspot.com/conversations-visitor/6685552/threads/utk/ Frame F3E4 44 KB
15 KB 276ms
256ms Document
text/html 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/6685552/threads/utk/074d8cf7b43d4d03907d3c674e289df8?uuid=7c4a3b7eaa4d4c80901f43571fc660c6&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=affinitycredit.ca&inApp53=false&messagesUtk=074d8cf7b43d4d03907d3c674e289df8&url=https%3A%2F%2Faffinitycredit.ca%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1800f358d6c2d182bb425f9eeca006653f7e8c8848284495d4398acd468e17fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: GET
:authority: app.hubspot.com
:scheme: https
:path: /conversations-visitor/6685552/threads/utk/074d8cf7b43d4d03907d3c674e289df8?uuid=7c4a3b7eaa4d4c80901f43571fc660c6&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=affinitycredit.ca&inApp53=false&messagesUtk=074d8cf7b43d4d03907d3c674e289df8&url=https%3A%2F%2Faffinitycredit.ca%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://affinitycredit.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://affinitycredit.ca/

Response headers

date: Tue, 06 Apr 2021 18:54:19 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=db12e3ef199dca1d0039164bf4fe80a541617735259; expires=Thu, 06-May-21 18:54:19 GMT; path=/; domain=.hubspot.com; HttpOnly; SameSite=Lax; Secure
cf-ray: 63bd395ae909d6d9-FRA
age: 1715
cache-control: max-age=600
etag: W/"8552bbfbec7d811fd5f85712804dcbbc"
last-modified: Mon, 05 Apr 2021 05:25:40 UTC
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 f37f104903bda438e8b0547be6e0c193.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
cf-request-id: 094a222cd00000d6d9c53d3000000001
content-security-policy-report-only: script-src 'unsafe-inline' www.hubspot.com js.hs-analytics.net js.hsforms.net js.hsleadflows.net static.hsappstatic.net js.hs-banner.com *.hs-scripts.com js.hubspotfeedback.com js.usemessages.com js.hsforms.net js.hsleadflows.net js.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net www.google-analytics.com static.hotjar.com script.hotjar.com www.googletagmanager.com www.fullstory.com cdn-3.convertexperiments.com cdn.pdst.fm d.impactradius-event.com cdn.getambassador.com mbsy.co pixel.cdnwidget.com snap.licdn.com connect.facebook.net js.stripe.com checkout.stripe.com survey.survicate.com surveys-static.survicate.com sdk.canva.com www.dropbox.com www.google.com www.gstatic.com apis.google.com maps.googleapis.com static.ads-twitter.com analytics.twitter.com play.vidyard.com app.vidyard.com fast.wistia.com s.yimg.jp www.redditstatic.com 'unsafe-eval'; report-uri https://exceptions.hubspot.com/csp/report
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
x-amz-cf-id: Axz0sosiHX1I7hPGqJBn3NtUqlfi8rAVk3ql383XsjaC1nNesoGZNg==
x-amz-cf-pop: IAD89-C3
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: c6lk0ARUFg4IEL8GuWyIwBAvWmH0j.9_
x-cache: Hit from cloudfront
x-hs-cache-status: MISS
server: cloudflare
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3-Q050 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/ Frame 95F9 50 KB
25 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=5mNs27FP3uLBP3KBPib88r1g&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&cb=4ypxldqx9upi

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 16:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 04:06:11 GMT
server: sffe
age: 8636
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25479
x-xss-protection: 0
expires: Wed, 06 Apr 2022 16:30:23 GMT

GET
H3-Q050 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/ Frame 95F9 332 KB
332 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=5mNs27FP3uLBP3KBPib88r1g&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&cb=4ypxldqx9upi

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec361bce3349b6cbb5e414df65c58151bf4ad12078c6fc15ffd9dffcfbfa92d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 17:14:08 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 04:06:11 GMT
server: sffe
age: 6011
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 340168
x-xss-protection: 0
expires: Wed, 06 Apr 2022 17:14:08 GMT

POST
H3-Q050 200 reload Show response
www.google.com/recaptcha/enterprise/ Frame 95F9 16 KB
12 KB 56ms
55ms XHR
application/json 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5507a8041e853d5a357fed7b7a017500eca32fec59d26d77c6c4b7061fb63cee

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=5mNs27FP3uLBP3KBPib88r1g&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&cb=4ypxldqx9upi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Tue, 06 Apr 2021 18:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11894
x-xss-protection: 1; mode=block
expires: Tue, 06 Apr 2021 18:54:19 GMT

GET
H3-Q050 200 canonical_car.png
www.gstatic.com/recaptcha/api2/ Frame 95F9 11 KB
11 KB 8ms
7ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/canonical_car.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/styles__ltr.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9685b413894b0647b42edf9cac1fc0b2ed044c1fe238d843b9ca3d29db1b805

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Apr 2021 04:43:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 137473
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11174
x-xss-protection: 0
expires: Mon, 12 Apr 2021 04:43:06 GMT

GET
H3-Q050 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 95F9 600 B
678 B 11ms
8ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/styles__ltr.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 10:19:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 462882
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600
x-xss-protection: 0
expires: Thu, 08 Apr 2021 10:19:37 GMT

GET
H3-Q050 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 95F9 530 B
609 B 10ms
8ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/styles__ltr.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 10:03:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 377442
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 530
x-xss-protection: 0
expires: Fri, 09 Apr 2021 10:03:37 GMT

GET
H3-Q050 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 95F9 665 B
744 B 10ms
8ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/styles__ltr.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 11:29:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 372310
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 665
x-xss-protection: 0
expires: Fri, 09 Apr 2021 11:29:09 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 95F9 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=5mNs27FP3uLBP3KBPib88r1g&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&cb=4ypxldqx9upi

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 10:03:37 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 377442
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Sat, 02 Apr 2022 10:03:37 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 95F9 15 KB
15 KB 10ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=5mNs27FP3uLBP3KBPib88r1g&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&cb=4ypxldqx9upi

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 19:40:13 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
age: 515646
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15340
x-xss-protection: 0
expires: Thu, 31 Mar 2022 19:40:13 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 95F9 15 KB
15 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=5mNs27FP3uLBP3KBPib88r1g&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&cb=4ypxldqx9upi

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 19:40:13 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
age: 515646
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
expires: Thu, 31 Mar 2022 19:40:13 GMT

GET
H3-Q050 200 LwzEJkrqzuIpy5ZXdMyVZqsv4pxUDwC8wk7uiqYZWNw.js Show response
www.google.com/js/bg/ Frame 95F9 14 KB
6 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/LwzEJkrqzuIpy5ZXdMyVZqsv4pxUDwC8wk7uiqYZWNw.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f0cc4264aeacee229cb965774cc9566ab2fe29c540f00bcc24eee8aa61958dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=5mNs27FP3uLBP3KBPib88r1g&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&cb=4ypxldqx9upi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 00:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:00:00 GMT
server: sffe
age: 584965
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5706
x-xss-protection: 0
expires: Thu, 31 Mar 2022 00:24:54 GMT

GET
H3-Q050 200 payload
www.google.com/recaptcha/enterprise/ Frame 95F9 43 KB
43 KB 17ms
16ms Image
image/jpeg 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/enterprise/payload?p=06AGdBq25Li6JFs4d0Dvly1I1iftRa-bowAFjZqy8iDUT-ormcULmvbSct-XaJaTY7LPw5dD3fsKYAjLgxI7VP0XdmgjSVN07iOWObyxFW-720TCvSIZGbHZW7DACdTh5D0lKx7oKmAp-auVAjluSgTNExRiNrWybIR0Oza6HHTG7vqS_-eJ_MFr2x0wHj87D9hBNPNsbNT0JTNODcdsmmA_pMCCQRq8metg&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: affinitycredit.ca
URL: https://affinitycredit.ca/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bdd83cfa90ee09d3b125d6d271be23d97182b85d40fdd4d7a28d00c80be1007e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=5mNs27FP3uLBP3KBPib88r1g&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&cb=4ypxldqx9upi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:54:19 GMT
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43916
x-xss-protection: 1; mode=block
expires: Tue, 06 Apr 2021 18:54:19 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/head-dlb/static-1.112/ Frame F3E4 44 KB
15 KB 81ms
59ms Script
application/javascript 2606:4700::6811:5d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/head-dlb/static-1.112/bundle.production.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/6685552/threads/utk/074d8cf7b43d4d03907d3c674e289df8?uuid=7c4a3b7eaa4d4c80901f43571fc660c6&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=affinitycredit.ca&inApp53=false&messagesUtk=074d8cf7b43d4d03907d3c674e289df8&url=https%3A%2F%2Faffinitycredit.ca%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:5d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691fe879f5da0a20cd9355a4ede2aed294d0347422d04b51fefe2c0f7b196e43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Origin: https://app.hubspot.com
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:54:19 GMT
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2399881
x-amz-server-side-encryption: AES256
cf-ray: 63bd395e1ba2c2b8-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 094a222ecc0000c2b80319e000000001
last-modified: Tue, 09 Mar 2021 22:52:26 GMT
server: cloudflare
etag: W/"100c2ee2a6fba786133d9e8650ef359a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PDRnb6PlbfXptKZdfGg3cd1ih%2F2N4GoQLVGtxjHb7%2B5cOtjtWOs6hcZjpakFhFJGIVnq4Cldso%2B6kCsYe1w0jOtmsxHZdQ%2BRepnXSMMfcirYHAxyVUWN%2FqRSKxA%2BLFpBScOg"}],"max_age":604800}
x-amz-version-id: .jv.x0xq4z.UMbqGfudGvz8ikMDC6o1x
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C2
content-type: application/javascript
x-amz-cf-id: 1PPE8e-aBRJNZx6ztlbnDCyefzk3j3o-zHoLpra3rn9ysT_jS6sUaQ==
expires: Wed, 06 Apr 2022 18:54:19 GMT

GET
H2 200 visitor.css
static.hsappstatic.net/conversations-visitor-ui/static-1.10899/sass/ Frame F3E4 20 KB
4 KB 79ms
58ms Stylesheet
text/css 2606:4700::6811:5d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.10899/sass/visitor.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:5d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76e2bca54d321dfd4cebf8797b2c9a81ccb1c0619d4da3a7c53d4e6228c5a61d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:54:19 GMT
via: 1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 507396
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/css
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 094a222ecc0000dfd7cf014000000001
last-modified: Wed, 03 Mar 2021 21:09:00 GMT
server: cloudflare
etag: W/"370a89ea102d7b437eb549729472631f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Bmt9g1TqjNTiLDAEPQzApcoCYmM0EYKCui8Tdv2ngdJ67RsWcpMvruPxjkMmnVMlZW3NDABpOgiOf%2FQMmwojKN6EmY6kGtXSkx0pDtHCpEGq%2FXcm%2BsdZX9g3QtF5ajudr0Ah"}],"max_age":604800}
x-amz-version-id: 1rBCyHs_YjjDB1.HOpykpqteK2m6W_oL
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C2
cf-ray: 63bd395e180ddfd7-FRA
x-amz-cf-id: BaPc9jDBAKJhQvOb8wSH7Z7Gqc0HODdvaWe4UD5v05BBUqG0_I4tpg==
expires: Wed, 06 Apr 2022 18:54:19 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/hubspot-dlb/static-1.129/ Frame F3E4 285 KB
84 KB 80ms
59ms Script
application/javascript 2606:4700::6811:5d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/hubspot-dlb/static-1.129/bundle.production.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:5d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85a94aca9a3bb11143fc25e69f7cddee5e42619798aea0a4595e5b85af2db47e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Origin: https://app.hubspot.com
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:54:19 GMT
via: 1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1048183
x-amz-server-side-encryption: AES256
cf-ray: 63bd395e1ba5c2b8-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 094a222ecf0000c2b813ae6000000001
last-modified: Thu, 25 Feb 2021 03:06:13 GMT
server: cloudflare
etag: W/"4b0d6c4998d1c189b73bf24559a044d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NyaYRw8gNd2buPCgMwzwQWWJ5qEdWOfk37yescAyqBBAeFcuUvg302X6ZSCp4c9gWgD%2BJ4v0V6%2FbGeUefRihghk7d2tZy53nOkuFJ2YiRWHORcjWhBS9WNMXdVG6F7IH1vxL"}],"max_age":604800}
x-amz-version-id: tIgtiGaJ4EHx5PaVJ4NwnE5IaF3j9gQD
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: we7v7nYL5GxoZcXVBPDHPiMS-Rm1TQBv_j_YdM44GUHjzOf-Wp79Yw==
expires: Wed, 06 Apr 2022 18:54:19 GMT

GET
H2 200 visitor.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.11018/bundles/ Frame F3E4 467 KB
116 KB 79ms
59ms Script
application/javascript 2606:4700::6811:5d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.11018/bundles/visitor.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:5d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e5450ab1f8dbb7d9c71d67d88624351e7183dd95390a200da4c3976ded340c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Origin: https://app.hubspot.com
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:54:19 GMT
via: 1.1 a57d5819527c444e16b1875e3bd28970.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 91715
x-amz-server-side-encryption: AES256
cf-ray: 63bd395e1ba8c2b8-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 094a222ed00000c2b8d5937000000001
last-modified: Mon, 05 Apr 2021 16:22:43 GMT
server: cloudflare
etag: W/"a748b809bea5420bfce4d17b42c5c840"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3BonlOCNrSpjASfnV1yHyZo9UW%2B%2Bv5efqI1EU9shAbULYOFddpdqfP1L5vyZ1FYR7xpmqbqdMPGcZQculWbqs4aecKZOs9ZnrVezvfQd8d0aizWYx3HuD4sO2GUHjXlQDblf"}],"max_age":604800}
x-amz-version-id: OVGq3kqTY7AbNkJAvL6L7vzlEFswgbIq
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: TXL52-C1
content-type: application/javascript
x-amz-cf-id: sT7AYxML5h9uzIjpEhiKlvoPj5ZAhn2JExKwbEhx14IzUT7jD5cXRA==
expires: Wed, 06 Apr 2022 18:54:19 GMT

GET
H2 200 i18n-data-data-locales-en-us.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.10965/ Frame F3E4 778 B
1 KB 18ms
18ms Script
application/javascript 2606:4700::6811:5d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.10965/i18n-data-data-locales-en-us.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.11018/bundles/visitor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:5d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87f1ea9d5c9a43a28a481397411533df274aefa3c419cf835ce99183b15f8101

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Origin: https://app.hubspot.com
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:54:20 GMT
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1043803
x-amz-server-side-encryption: AES256
cf-ray: 63bd395f5e12c2b8-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 094a222f920000c2b8b222b000000001
last-modified: Mon, 22 Mar 2021 17:30:28 GMT
server: cloudflare
etag: W/"4b5b516600bb8ba82024ae41cac65432"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BeU0w8WDxS%2B9lPMurCTSaJ3cY6lqJ0wSI5LrGVy%2FLKVTUlHTlyXOWI3Gv6bvwqqCYeoLfG%2Ffu9bC4oxxrIfkW0CDIxyOf8wFNLixR4f6hmG1evyojZS%2BbfbhfA9kOr8T8fMd"}],"max_age":604800}
x-amz-version-id: t68OhIpBkMVOCk96_DvChDg7UY3yrSVg
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: VUbLJsBThi6g6ionIRmL0ExDQ0huG8qs7C0F3rErkaO1B5KvrrDkCQ==
expires: Wed, 06 Apr 2022 18:54:20 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
343 B 59ms
57ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=330d0ba1-882d-4794-84ad-50f2102da56e&fci=0cb2c5f0-ec25-4970-a8a0-26077e85234e&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=6685552&rcu=https%3A%2F%2Faffinitycredit.ca%2F&pu=https%3A%2F%2Faffinitycredit.ca%2F&t=Collection+Agency+%7C+Affinity+Credit+Solutions+%7C+Alberta+Debt+Recovery+Experts&cts=1617735260148&vi=ad2176b85467b235f46f24c0fc3551fa&nc=true&ce=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://affinitycredit.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:54:20 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 63bd395ffc39d6d9-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
cf-request-id: 094a222ffd0000d6d9ad2a9000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FXG8yV6lQofPoux1zo%2Br6hB%2F5BWO4cET0V6EI6X%2FNOUPj4igkxzOo%2FSvSuq4DuzHnM6UjBp1H1HAEE2qPlYbGWVPy%2BELMAe6hJ62qJCnqMQxi7qSys7YOTfWqOSQ%2Bw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
592 B 58ms
56ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=6685552&rcu=https%3A%2F%2Faffinitycredit.ca%2F&pu=https%3A%2F%2Faffinitycredit.ca%2F&t=Collection+Agency+%7C+Affinity+Credit+Solutions+%7C+Alberta+Debt+Recovery+Experts&cts=1617735260150&vi=ad2176b85467b235f46f24c0fc3551fa&nc=true&ce=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://affinitycredit.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:54:20 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 63bd395ffc3ad6d9-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
cf-request-id: 094a222ffa0000d6d9b5b7e000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KFQU5whCzqnr15RmRYZ0yaRPRjKIC5W43IOgPN%2FcyxSH9dzQpO06Q4t79POyCx%2FAf8WkNw3NNBGPQT0D9oD6M1R0LEK43FUch1Msn9%2BFn0mMthtMMO4cAuImfIMH1Q%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 welcomeMessages Show response
api.hubspot.com/livechat-public/v1/bots/public/bot/430806/ Frame F3E4 1 KB
1 KB 167ms
165ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/bots/public/bot/430806/welcomeMessages?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.11018&conversations-visitor-ui=static-1.11018&traceId=074d8cf7b43d4d03907d3c674e289df8&sessionId=AMOaWbLV0aQMLq9Mh9VQobfYlTZQZVn_iwkFN8rVJxw23vEWZt2GyLHqFSnBspdzz4fkVavvUSyq7XfPgtkiv25NPg56ynStgLGlMHVoy3UyZTpeN3YT4snO8aqKlylowmJ9zEnSCxjYSXjgMreUXcMz7aX6rXR98wIHjqkFshr8BhqXTN86TbE

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/head-dlb/static-1.112/bundle.production.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0c5dafc6ae340276505c6e04e76ddd4709c2d8ca0118e03bf125ffef258166c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:54:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 094a22305e0000d6d9c501c000000001
timing-allow-origin: *
server: cloudflare
x-trace: 2B924B1314E1D5947E5297A98804A01E95921B52DB000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ifhaIATR0WIZodK4ucqtSZR%2FfK2JU2CZpUFUZICVJO%2BrqS8hMoBwh7YCb1yHg%2BVLKLi%2B%2BfaulFTxhc4YClHviyHUCyZtfMfdM70WitMX%2Baaz2Otk7YNUSe6iyCc%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://app.hubspot.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
cf-ray: 63bd39609d65d6d9-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 bot-avatar.jpg
static.hsappstatic.net/bots-ui-app/ex/ Frame F3E4 7 KB
8 KB 21ms
21ms Image
image/webp 2606:4700::6811:5d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.hsappstatic.net/bots-ui-app/ex/bot-avatar.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:5d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dbd8839e93b466e313a02f402bfeb904b612302cf1cf012f5ea23714adc73d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:54:30 GMT
via: 1.1 78aa4ecfac2dbbed080d75d85f660486.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 0
x-amz-server-side-encryption: AES256
cf-ray: 63bd399f2cf3dfd7-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="bot-avatar.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7184
cf-request-id: 094a2257780000dfd76d12b000000001
last-modified: Tue, 30 Mar 2021 14:32:24 GMT
server: cloudflare
etag: "4eab947ead981017548d9e11926f0d5e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Y%2FtOZVEVL1WEVUeuJjK1ZY6ocJcZRxzhRFE%2BDwXB73t9I%2B3sPKxtpkzZlvhK2FwQ75LpSxhGs41UZiDrg42N6dxaquPviVLupB8xIk5IIVALafntBeZUawpIja%2FPsc69ESAw"}],"max_age":604800}
x-amz-version-id: GC6pnWpmpUUMslgFXGYUDReGc9WBFm34
cache-control: public, max-age=60
cf-polished: origFmt=png, origSize=11741
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
content-type: image/webp
x-amz-cf-id: U2VDlwMJ2Ks9RTx0rYelvvmH5UUWnhPa1R7hTO0IsmLhFw6eQCbXdA==
expires: Tue, 06 Apr 2021 18:55:30 GMT

POST
H2 204 send
api.hubspot.com/metrics/v1/frontend/ Frame F3E4 0
1 KB 149ms
148ms Other
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/metrics/v1/frontend/send

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/hubspot-dlb/static-1.129/bundle.production.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 06 Apr 2021 18:54:30 GMT
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 094a22584f0000d6d9c1998000000001
timing-allow-origin: *
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QRRxEQULqMRbPABgBnoDnt4mpOIsDJT%2F7DVmGJaCKaNP4UrkuiG65WA%2BXNCruy2lQOnkS28FVTNhwH%2B%2Fczn8ayhTqSWA9Oyg5VKFuY2L2JGCynMa9IYagixf2yc%3D"}],"max_age":604800,"group":"cf-nel"}
access-control-allow-origin: https://app.hubspot.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
cf-ray: 63bd39a07b56d6d9-FRA
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/recaptcha	1970-01-19 21:41:27	Name: _GRECAPTCHA Value: 09ANblmnhSu7MVkwCgPnglpOCPSj-dfd-hVomWIiZ_k2i0RWFVxerK3Llf66XD3_nxvkGVSohFt_7NQwTjOvOI204
.affinitycredit.ca/	1970-01-19 17:22:17	Name: __hssc Value: 70409295.1.1617735260143
.affinitycredit.ca/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.affinitycredit.ca/	1970-01-20 02:43:51	Name: __hstc Value: 70409295.ad2176b85467b235f46f24c0fc3551fa.1617735260142.1617735260142.1617735260142.1
.affinitycredit.ca/	1970-01-20 10:53:27	Name: _ga Value: GA1.2.941549574.1617735258
.affinitycredit.ca/	1970-01-19 17:22:15	Name: _gat Value: 1
.affinitycredit.ca/	1970-01-20 02:43:51	Name: hubspotutk Value: ad2176b85467b235f46f24c0fc3551fa
.affinitycredit.ca/	1970-01-19 17:23:41	Name: _gid Value: GA1.2.417622732.1617735258

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

affinitycredit.ca
api.hubspot.com
app.hubspot.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsforms.net
js.usemessages.com
perf.hsforms.com
stackpath.bootstrapcdn.com
static.hsappstatic.net
stats.g.doubleclick.net
track.hubspot.com
www.google-analytics.com
www.google.com
www.gstatic.com
199.180.29.50
2606:4700::6810:135e
2606:4700::6810:5505
2606:4700::6811:47b0
2606:4700::6811:5d2
2606:4700::6811:b649
2606:4700::6811:d5cc
2606:4700::6811:efcc
2606:4700::6812:15bf
2606:4700::6812:bcf
2606:4700::6813:9a53
2606:4700::6813:9b53
2a00:1450:4001:800::2003
2a00:1450:4001:800::200e
2a00:1450:4001:808::2004
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2003
2a00:1450:4001:812::200e
2a00:1450:4001:827::2003
2a00:1450:400c:c1b::9d
060eb0f2fb8557cf8d29c6ea834af336443a8e80baff54c9dd978a89bc3e679e
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
1800f358d6c2d182bb425f9eeca006653f7e8c8848284495d4398acd468e17fa
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1e5450ab1f8dbb7d9c71d67d88624351e7183dd95390a200da4c3976ded340c1
26087c06a8cffc2934fbdfe5291116a637c6c1e59e620c3bdce7890bb77826d6
2a2e256b3c03ffc7c7786358be80bfdcff7788325a6f86f9ef0230952dc55e91
2e8ceb42658f961f2decd3f93bc7567766e8883c88d7e170b0f4ce807ff629dd
2f0cc4264aeacee229cb965774cc9566ab2fe29c540f00bcc24eee8aa61958dc
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
4aab85cb78df64380606927490fdfbd65f951a74ed12e8a8371a8cc6c2bf952b
53774392051d26d1e8a6f1a6e4d8d3050f1fdb200e4bd57e4d80783c90fca07e
5507a8041e853d5a357fed7b7a017500eca32fec59d26d77c6c4b7061fb63cee
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5956e3e21971e87735ee48022a6f705daba9c0e12a0e4b5a2ad6214cc849cc1f
59ebd0c93e8cb75328016ccebc5c364df6984eb7234ffec72b21028355953450
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5a8c623b34dcf729895c3bc9b6e261796bbad69555a21ad6d2f9b4e7bc27b6e7
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
679e13a2d48b5e067f44eea2bc1a02c96c13f7a3d1e61d4ef68a82c47e329fdf
691fe879f5da0a20cd9355a4ede2aed294d0347422d04b51fefe2c0f7b196e43
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c661089dddb9797c4617a25a50e392b2c04d3e25911d476e1d55a28e1559fe0
70825f516e487ca49ac75389a9bc79df3e4b9f7ab9b8f666f82a6d2aa1645695
736271105b4de76fcac43fb4d180ed77de129a0eab0247102b9454db3e0ca7af
755fc16c048c7375eb92052140a46cdb3aeb33046799cb298a0c1e3292b23071
76e2bca54d321dfd4cebf8797b2c9a81ccb1c0619d4da3a7c53d4e6228c5a61d
7dbd8839e93b466e313a02f402bfeb904b612302cf1cf012f5ea23714adc73d8
85a94aca9a3bb11143fc25e69f7cddee5e42619798aea0a4595e5b85af2db47e
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
87f1ea9d5c9a43a28a481397411533df274aefa3c419cf835ce99183b15f8101
87f663b242fc066ab4ee3760a76816084c21560dbe757adbbe88955f794ce7b7
892af9f95c881cde5c6c1810e0f45e4687174a1171504c96b36218dd54bb1486
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8daee2641e414503c5efed7b4d0fd9966b8fa9a617d2faa00b2f62c0b8fcd51f
8f05d9f452ae2ccd04636c044c0ec94c4f9816ed99ecdf92d60ed19f935b9bdf
956e441e437b6bfbe116e9f2625c8a9bf179bb976c425b4604b5df1a51e7059b
96fe5714f74a57f3179e0aa689a9d4e4ec44bfd424903b53d704248f5951d625
97aa2f482e2a39e7c50e17bc773e4308d80fd60b105d90fc031bb814571df945
a0ea735f765d5bc1230beb63bcb701b69c80d77c48572a61bb159a8915903278
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef711d1643073ab593de1d958ee854d6f63339cb216eda43666fb9dfcebffd0
b0d0b118beb27af2d29ee8b3432df02728002576c3bc4a25bff398ae57fa1bfd
b2794936ac9f34d860b0c4b646c769f8baa309363e134b353ebb517fc67b289b
b67e11b4277f7389520dba49a7c509c9d33070cd09d4351743e59fee356378a4
bdd83cfa90ee09d3b125d6d271be23d97182b85d40fdd4d7a28d00c80be1007e
c8e0d279d65b660f778eedd79a54e61d9658f92e540e6d560b45e655f590452b
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c9685b413894b0647b42edf9cac1fc0b2ed044c1fe238d843b9ca3d29db1b805
ca99322cf8da79c9a6c4a77a6b6779001821815ae5dbc00d5900d312557ebaa8
cf2b3f6b78ee5b3c386bebc02cd2fd3e2d1916253f60f1e5b7fc78edcf331ab1
d2fca2ae6ff4ffea8690cb747cfb9237c873b227c4ad3425a1d84598c8bd0148
d961cd40e6d8fe3ce2becb6f6559cc9e858e63846633defc7883564a20217909
dab98b1d5558dd15c7db5ada4438fe03a424a7c1f5e0f29567d39a0a892bcc41
dbbb025c55b8a53ae37e210fb44236710c756839470986d2d50207d54efe8908
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e0c5dafc6ae340276505c6e04e76ddd4709c2d8ca0118e03bf125ffef258166c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eabb6e97dee4f5e9936b3c834832927e125526f63a3eb47a4b3d7a25a618aab8
ec361bce3349b6cbb5e414df65c58151bf4ad12078c6fc15ffd9dffcfbfa92d6
ee93dc5a3dfd983a9dc566b52accf4d734137212608ca9ce5d69bf087d6889dc
ef2a98a9f497609a5c7910bc977dbebc6e508e3b1553c8cce730192795d5193e
f28083a17e788a3f11c1a846302827cf19f6b7d33ed9968200fdf60417b87dc7
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
fae1c2a9d569291b4beac808bdda762df39b70902dfa4cdeb17ae8f6fefb6642
fbd5b581a270fd79c18a41ca488e5fc78a64f0b7bbab42bca3cc86dc05022471
fe86c3e80a49679efffdda2cbf024daa762441eff8f2a08ac5d9fbd7f3435513
ff4f8a290039b5c5770f25ce9ff119aca012a690f2f3133f46ab011250b9c21d

affinitycredit.ca Open in urlscan Pro 199.180.29.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

83 Requests

100 %HTTPS

95 %IPv6

16 Domains

20 Subdomains

21 IPs

4 Countries

3338 kBTransfer

4858 kBSize

8 Cookies

11 Outgoing links

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

affinitycredit.ca Open in urlscan Pro
199.180.29.50 Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

100 %
HTTPS

95 %
IPv6

16
Domains

20
Subdomains

21
IPs

4
Countries

3338 kB
Transfer

4858 kB
Size

8
Cookies

83 HTTP transactions
1 data transactions