sliceyourbills.ca Open in urlscan Pro
35.185.3.114 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sliceyourbills.ca/
Effective URL:
https://sliceyourbills.ca/
Submission: On March 06 via api (March 6th 2023, 6:08:39 pm UTC) from US — Scanned from CA

Summary HTTP 51 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 13 domains to perform 51 HTTP transactions. The main IP is 35.185.3.114, located in North Charleston, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is sliceyourbills.ca.
TLS certificate: Issued by R3 on January 28th 2023. Valid for: 3 months.

This is the only time sliceyourbills.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	35.185.3.114 35.185.3.114	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
2	2607:f8b0:400... 2607:f8b0:4006:80c::2008	15169 (GOOGLE) (GOOGLE)
12	2607:f8b0:400... 2607:f8b0:4006:81f::2003	15169 (GOOGLE) (GOOGLE)
9	35.168.77.57 35.168.77.57	14618 (AMAZON-AES) (AMAZON-AES)
5	2400:52e0:1a0... 2400:52e0:1a00::1070:1	200325 (BUNNYCDN) (BUNNYCDN)
2	2607:f8b0:400... 2607:f8b0:4006:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	108.156.172.37 108.156.172.37	16509 (AMAZON-02) (AMAZON-02)
1	108.156.184.32 108.156.184.32	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a04:4e42:200... 2a04:4e42:200::729	54113 (FASTLY) (FASTLY)
3	2607:f8b0:400... 2607:f8b0:4006:80f::200a	15169 (GOOGLE) (GOOGLE)
1	34.226.33.228 34.226.33.228	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4006:816::200e	15169 (GOOGLE) (GOOGLE)
1	108.156.171.155 108.156.171.155	16509 (AMAZON-02) (AMAZON-02)
51	16

2 35.185.3.114 (North Charleston, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 114.3.185.35.bc.googleusercontent.com

sliceyourbills.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80c::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4006:81f::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.168.77.57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-77-57.compute-1.amazonaws.com

digital-hopr.leadshook.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2400:52e0:1a00::1070:1 (Slovenia)

ASN200325 (BUNNYCDN, SI)

cdn.convertri.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80b::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.156.172.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-172-37.cmh68.r.cloudfront.net

static.leadshook.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.184.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-184-32.cmh68.r.cloudfront.net

polyfill.leadshook.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:200::729 (United States)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80f::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.226.33.228 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-33-228.compute-1.amazonaws.com

snowplow.convertri.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.171.155 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-171-155.cmh68.r.cloudfront.net

d2zdr2rqflfo3.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	leadshook.io digital-hopr.leadshook.io static.leadshook.io — Cisco Umbrella Rank: 541048 polyfill.leadshook.io — Cisco Umbrella Rank: 645554	1 MB
12	gstatic.com fonts.gstatic.com	179 KB
6	convertri.com cdn.convertri.com — Cisco Umbrella Rank: 163996 snowplow.convertri.com — Cisco Umbrella Rank: 190856	173 KB
3	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 354 fonts.googleapis.com — Cisco Umbrella Rank: 36	64 KB
3	sentry-cdn.com browser.sentry-cdn.com — Cisco Umbrella Rank: 4041	50 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 195	29 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 105	216 B
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 87	63 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	118 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	136 KB
2	sliceyourbills.ca 1 redirects sliceyourbills.ca	27 KB
1	cloudfront.net d2zdr2rqflfo3.cloudfront.net	412 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	246 B
51	13

	Domain	Requested by
12	fonts.gstatic.com	sliceyourbills.ca fonts.googleapis.com
9	digital-hopr.leadshook.io	sliceyourbills.ca digital-hopr.leadshook.io browser.sentry-cdn.com
5	cdn.convertri.com	sliceyourbills.ca
4	static.leadshook.io	digital-hopr.leadshook.io
3	browser.sentry-cdn.com	digital-hopr.leadshook.io
2	maps.googleapis.com	digital-hopr.leadshook.io browser.sentry-cdn.com
2	cdnjs.cloudflare.com	digital-hopr.leadshook.io
2	www.facebook.com	sliceyourbills.ca
2	www.youtube.com	digital-hopr.leadshook.io www.youtube.com
2	www.googletagmanager.com	sliceyourbills.ca www.googletagmanager.com
2	connect.facebook.net	sliceyourbills.ca connect.facebook.net
2	sliceyourbills.ca	1 redirects
1	d2zdr2rqflfo3.cloudfront.net	digital-hopr.leadshook.io
1	fonts.googleapis.com	digital-hopr.leadshook.io
1	www.google-analytics.com	www.googletagmanager.com
1	snowplow.convertri.com	sliceyourbills.ca
1	polyfill.leadshook.io	digital-hopr.leadshook.io
51	17

This site contains links to these domains. Also see Links.

Domain
www.debtsupportcanada.com

Subject Issuer	Validity	Valid
sliceyourbills.ca R3	`2023-01-28` - `2023-04-28`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-15`	2 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
leadshook.io Amazon RSA 2048 M01	`2023-02-24` - `2023-12-06`	9 months	crt.sh
cdn.convertri.com R3	`2023-03-01` - `2023-05-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
snowplow.convertri.com Amazon RSA 2048 M01	`2023-01-25` - `2024-02-24`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://sliceyourbills.ca/
Frame ID: E1E0C929F42674044876ED85069763C4
Requests: 27 HTTP requests in this frame

Frame: https://digital-hopr.leadshook.io/survey/MzefpsxiSUdNQrfmy2gtPvJrY72BtytMUhtKlLc8?embed=true&index=0
Frame ID: 3153ADED58AC397D6E21D625850E736A
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home | Reduce Your Debt

Page URL History Show full URLs

http://sliceyourbills.ca/ HTTP 307
https://sliceyourbills.ca/ Page URL

Detected technologies

Sentry (Issue Trackers) Expand

Overall confidence: 100%
Detected patterns

browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
\bangular.{0,32}\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

51
Requests

100 %
HTTPS

63 %
IPv6

13
Domains

17
Subdomains

16
IPs

2
Countries

1983 kB
Transfer

7759 kB
Size

10
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.debtsupportcanada.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sliceyourbills.ca/ HTTP 307
https://sliceyourbills.ca/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

51 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
sliceyourbills.ca/
Redirect Chain

http://sliceyourbills.ca/
https://sliceyourbills.ca/

178 KB
27 KB

115ms
39ms

Document
text/html

35.185.3.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sliceyourbills.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.3.114 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 114.3.185.35.bc.googleusercontent.com
Software: /
Resource Hash: 460d48215c8b8377ca94e1fe78d33df63f3e566ea11d78ed221923b5c5c9072a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 06 Mar 2023 18:08:33 GMT
vary: Accept-Encoding

Redirect headers

Content-Length: 62
Content-Type: text/html; charset=utf-8
Date: Mon, 06 Mar 2023 18:08:33 GMT
Location: https://sliceyourbills.ca/
Vary: Accept-Encoding

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 62ms
21ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: sliceyourbills.ca
URL: https://sliceyourbills.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sliceyourbills.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 06 Mar 2023 18:08:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27907
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: W30lXzsvc+9kO4HzR9vicZuAnt3qmwIpn70I+BNvbNYqjTgPafgar6smXlnqfXnrW1LIO6ZSt2nMwv1HI4/d8w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 107 KB
42 KB 104ms
54ms Script
application/javascript 2607:f8b0:4006:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TSZBQDM

Requested by

Host: sliceyourbills.ca
URL: https://sliceyourbills.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ca444026ee727e04ca5d902386d8ebb9f5e74884425f1527726e680ad0cfd0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sliceyourbills.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 18:08:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 42201
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 06 Mar 2023 18:08:34 GMT

GET
H2 200 pxiDyp8kv8JHgFVrJJLmy15VF9eL.ttf
fonts.gstatic.com/s/poppins/v20/ 17 KB
12 KB 76ms
21ms Font
font/ttf 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiDyp8kv8JHgFVrJJLmy15VF9eL.ttf

Requested by

Host: sliceyourbills.ca
URL: https://sliceyourbills.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c602bcfada1346de5ac228744c06aed3d4c08158d446f13b97ee5edebb7b934

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sliceyourbills.ca/
Origin: https://sliceyourbills.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 22:09:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 331164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11429
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:03:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 22:09:10 GMT

GET
H2 200 pxiGyp8kv8JHgFVrJJLucHtF.ttf
fonts.gstatic.com/s/poppins/v20/ 17 KB
11 KB 101ms
47ms Font
font/ttf 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtF.ttf

Requested by

Host: sliceyourbills.ca
URL: https://sliceyourbills.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468ccd6567d7fcd1f11bc2479846fe367946a821a013c38d49190d329f8d6ac5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sliceyourbills.ca/
Origin: https://sliceyourbills.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:59:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 450565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11492
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:07:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 12:59:09 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlEA.ttf
fonts.gstatic.com/s/poppins/v20/ 16 KB
10 KB 96ms
43ms Font
font/ttf 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlEA.ttf

Requested by

Host: sliceyourbills.ca
URL: https://sliceyourbills.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53eaa58cf4e7fc8d68a3b557ad8f67b8b6613e7431e87a6ca896948c53ef2d35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sliceyourbills.ca/
Origin: https://sliceyourbills.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 22:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 331152
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10630
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 22:09:22 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlEA.ttf
fonts.gstatic.com/s/poppins/v20/ 15 KB
10 KB 78ms
25ms Font
font/ttf 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlEA.ttf

Requested by

Host: sliceyourbills.ca
URL: https://sliceyourbills.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

884d2cd5ba1b567924c3d174d5cb03f9ad49777bd3c4aa97ce01567acdcdf587

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sliceyourbills.ca/
Origin: https://sliceyourbills.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 03:53:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 310533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10455
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Mar 2024 03:53:01 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfedw.ttf
fonts.gstatic.com/s/poppins/v20/ 16 KB
10 KB 78ms
40ms Font
font/ttf 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfedw.ttf

Requested by

Host: sliceyourbills.ca
URL: https://sliceyourbills.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66807e8e108c648c970aeace0886706f8c95c616f036529a4b628525208f18e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sliceyourbills.ca/
Origin: https://sliceyourbills.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:07:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 345641
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10577
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 18:07:53 GMT

GET
H2 200 js_embed Show response
digital-hopr.leadshook.io/s/ 12 KB
5 KB 114ms
25ms Script
text/html 35.168.77.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://digital-hopr.leadshook.io/s/js_embed
Requested by: Host: sliceyourbills.ca
URL: https://sliceyourbills.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.77.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-77-57.compute-1.amazonaws.com
Software: nginx/1.19.9 / Express
Resource Hash: f37f6263ba4431cebb4b822daa827e3f2a6e419dd93508ee4a8fe9710093c4be

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sliceyourbills.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 18:08:34 GMT
content-encoding: gzip
server: nginx/1.19.9
x-powered-by: Express
x-cache-status: HIT
vary: Accept-Encoding
etag: W/"3060-+x5lkhQMtGW+ERp7IEiLRMDSfKU"
content-type: text/html; charset=utf-8

GET
H2 200 jquery-1.12.2.min.js Show response
cdn.convertri.com/ 382 KB
116 KB 133ms
30ms Script
text/javascript 2400:52e0:1a00::1070:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.convertri.com/jquery-1.12.2.min.js?v=2023-02-07-09-41-08
Requested by: Host: sliceyourbills.ca
URL: https://sliceyourbills.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1070:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1070 /
Resource Hash: 2bd8746c9641b9c1ec49b8972f313c64e94a011686f54f00214b29b577aeec48

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sliceyourbills.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 18:08:34 GMT
content-encoding: br
cdn-edgestorageid: 1068
x-amz-request-id: R328FPFG4XVPKA1N
x-amz-server-side-encryption: AES256
cdn-cachedat: 03/01/2023 10:19:34
cdn-pullzone: 408079
x-amz-id-2: vabjSObewb+562PBkPGyTETvkZ5ucr9IETgOAmDKFM3IyeuywDk2hzGJEibXxnjW0vZASKgGD0M=
last-modified: Wed, 01 Mar 2023 10:19:28 GMT
server: BunnyCDN-IL1-1070
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"c4cbe07d3b67b50d7092f2e853c50a49"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: aa1ac425-1b79-4cdb-bd61-f1990cecd40e
cache-control: max-age=604800
cdn-requestid: 5c49642e7931d20438ff3e14331b6047
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 279254524310798 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 65ms
64ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/279254524310798?v=2.9.98&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e7ee3bdfa68320f40559fa9c65361fe6c4e0dcdbf96d2065f8db10af56eb865e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sliceyourbills.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 06 Mar 2023 18:08:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 2MjKfpcLa+QdNNmDbnriPQ8kjWCv9O+wC/mMSG+zv+V1EgH2U+ZxCfR4wvenJR51Ldn/caKosTnGgkCDAupF0w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
76 KB 62ms
61ms Script
application/javascript 2607:f8b0:4006:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PBMG8CK47W&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSZBQDM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

559199ebe689566798ca19151a94da3b5c1a7bae2c06473eaf85d3cb3a4985ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sliceyourbills.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 18:08:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78137
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 06 Mar 2023 18:08:34 GMT

GET
H2 200 css_embed
digital-hopr.leadshook.io/s/ 10 KB
3 KB 24ms
24ms Stylesheet
text/css 35.168.77.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://digital-hopr.leadshook.io/s/css_embed
Requested by: Host: digital-hopr.leadshook.io
URL: https://digital-hopr.leadshook.io/s/js_embed
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.77.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-77-57.compute-1.amazonaws.com
Software: nginx/1.19.9 / Express
Resource Hash: be6550664edad3f0ebd90aa2756b4d2a98a9ffcb51ab6dcd4a8d1d043d7badd2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sliceyourbills.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 18:08:34 GMT
content-encoding: gzip
server: nginx/1.19.9
x-powered-by: Express
x-cache-status: HIT
vary: Accept-Encoding
etag: W/"29ea-0O33ZNIyos1goRPYQWdtYVr1Ve0"
content-type: text/css; charset=utf-8

GET
H2 200 MzefpsxiSUdNQrfmy2gtPvJrY72BtytMUhtKlLc8 Show response
digital-hopr.leadshook.io/survey/ Frame 3153 177 KB
26 KB 61ms
60ms Document
text/html 35.168.77.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://digital-hopr.leadshook.io/survey/MzefpsxiSUdNQrfmy2gtPvJrY72BtytMUhtKlLc8?embed=true&index=0
Requested by: Host: digital-hopr.leadshook.io
URL: https://digital-hopr.leadshook.io/s/js_embed
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.77.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-77-57.compute-1.amazonaws.com
Software: nginx/1.19.9 / Express
Resource Hash: 4bd72e0db73eedd7326355735eb3d71604601e6d1c6cdb03dae0a24ca5b2557c

Request headers

Referer: https://sliceyourbills.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 06 Mar 2023 18:08:34 GMT
etag: W/"2c24f-oPgVHiajLiV2TNbK8XnY2PMbJVI"
expires: 0
pragma: no-cache
server: nginx/1.19.9
vary: Accept-Encoding
x-cache-status: MISS
x-powered-by: Express
x-username: undefined

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
2 KB 100ms
48ms Script
text/javascript 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: digital-hopr.leadshook.io
URL: https://digital-hopr.leadshook.io/s/js_embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

581fc840c5c2a50fc743f48bd3bbc8341da1ce4489e790d16fa9f459070acf7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sliceyourbills.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 18:08:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Mon, 06 Mar 2023 18:08:34 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc9.ttf
fonts.gstatic.com/s/roboto/v30/ 35 KB
20 KB 31ms
28ms Font
font/ttf 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc9.ttf

Requested by

Host: sliceyourbills.ca
URL: https://sliceyourbills.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

361a50f8a6c816ba4306c5290b7e487a726e1b4dcc3d8d7e4acf1fc2dae9f551

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sliceyourbills.ca/
Origin: https://sliceyourbills.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 11:45:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282208
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20847
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Mar 2024 11:45:06 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc9.ttf
fonts.gstatic.com/s/roboto/v30/ 35 KB
35 KB 24ms
22ms Font
font/ttf 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc9.ttf

Requested by

Host: sliceyourbills.ca
URL: https://sliceyourbills.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a9a74f4455f392ec3e7499cfda6097b536bb4b7f1e529a079c3d953c08b54ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sliceyourbills.ca/
Origin: https://sliceyourbills.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 16:38:02 GMT
x-content-type-options: nosniff
age: 5432
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36052
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Mar 2024 16:38:02 GMT

GET
H2 200 pxiByp8kv8JHgFVrLDz8Z1xlEA.ttf
fonts.gstatic.com/s/poppins/v20/ 16 KB
10 KB 35ms
34ms Font
font/ttf 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlEA.ttf

Requested by

Host: sliceyourbills.ca
URL: https://sliceyourbills.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbeb32e5ae3eef3ded3cc187bc787c7c0fb8c59ddd49712400d16e77b450184b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sliceyourbills.ca/
Origin: https://sliceyourbills.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:05:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 345808
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10542
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 18:05:06 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxP.ttf
fonts.gstatic.com/s/roboto/v30/ 35 KB
35 KB 38ms
36ms Font
font/ttf 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxP.ttf

Requested by

Host: sliceyourbills.ca
URL: https://sliceyourbills.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9ef021078603005c0b08fba881f1a7eb62ef213238021f3e8a4a00daa60b9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sliceyourbills.ca/
Origin: https://sliceyourbills.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 16:38:02 GMT
x-content-type-options: nosniff
age: 5432
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36216
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Mar 2024 16:38:02 GMT

GET
H2 200 cdn.min.css
cdn.convertri.com/ 64 KB
9 KB 50ms
49ms Stylesheet
text/css 2400:52e0:1a00::1070:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.convertri.com/cdn.min.css?v=2023-02-07-09-41-08
Requested by: Host: sliceyourbills.ca
URL: https://sliceyourbills.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1070:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1070 /
Resource Hash: 59fe8ac9c8c9cd319fcdc14f91530aad33e7ad2cc421caaeccc9f1c1cf8ebf32

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sliceyourbills.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 18:08:34 GMT
content-encoding: br
cdn-edgestorageid: 940
x-amz-request-id: R323C98C663BFDTN
x-amz-server-side-encryption: AES256
cdn-cachedat: 03/01/2023 10:19:34
cdn-pullzone: 408079
x-amz-id-2: hJ+z70DDFtFrYqszAgkWdYdtuQXWX5AvLF5Z+euA3yMnMgLnDz+u+0GfhY/kyt29ZFFyC6amKbE=
last-modified: Wed, 01 Mar 2023 10:19:32 GMT
server: BunnyCDN-IL1-1070
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"b0d55c9bb284b269b2781a94102dffbf"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: aa1ac425-1b79-4cdb-bd61-f1990cecd40e
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=604800
cdn-requestid: 2738145fe8f20b9e7c72f20edd140b3e
cdn-requestcountrycode: CA
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 62ms
20ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=279254524310798&ev=PageView&dl=https%3A%2F%2Fsliceyourbills.ca%2F&rl=&if=false&ts=1678126114248&sw=1600&sh=1200&v=2.9.98&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1678126114245.1093561507&it=1678126114115&coo=false&rqm=GET

Requested by

Host: sliceyourbills.ca
URL: https://sliceyourbills.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sliceyourbills.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 06 Mar 2023 18:08:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 d3fed649.frontend_vendor.css
static.leadshook.io/app/ Frame 3153 29 KB
6 KB 304ms
87ms Stylesheet
text/css 108.156.172.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadshook.io/app/d3fed649.frontend_vendor.css
Requested by: Host: digital-hopr.leadshook.io
URL: https://digital-hopr.leadshook.io/survey/MzefpsxiSUdNQrfmy2gtPvJrY72BtytMUhtKlLc8?embed=true&index=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.172.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-172-37.cmh68.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3715b504c68323affe436a0169f96fcccfff8f0632a7bce1ca2a762ff714fd17

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://digital-hopr.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 07:28:43 GMT
content-encoding: gzip
via: 1.1 42d237d1f81f463793c0aa00a59a35aa.cloudfront.net (CloudFront)
last-modified: Wed, 01 Mar 2023 06:05:06 GMT
server: AmazonS3
x-amz-cf-pop: CMH68-P1
age: 38554
x-amz-server-side-encryption: AES256
etag: "2691bec10dfcb03933e154272b77dc57"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
accept-ranges: bytes
content-length: 5740
x-amz-cf-id: EKRD97I2Gk-tTjmo4nhYoBFbSWyLZHeRxQKbDvgHhujqKYp_P8RgOA==

GET
H2 200 9721ed50.app.css
static.leadshook.io/app/ Frame 3153 255 KB
58 KB 332ms
116ms Stylesheet
text/css 108.156.172.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadshook.io/app/9721ed50.app.css
Requested by: Host: digital-hopr.leadshook.io
URL: https://digital-hopr.leadshook.io/survey/MzefpsxiSUdNQrfmy2gtPvJrY72BtytMUhtKlLc8?embed=true&index=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.172.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-172-37.cmh68.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1061bc2b7156ef50111328b1c2514fb441169f5c9738172fd399af2484f820c3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://digital-hopr.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 10:59:45 GMT
content-encoding: gzip
via: 1.1 42d237d1f81f463793c0aa00a59a35aa.cloudfront.net (CloudFront)
last-modified: Wed, 01 Mar 2023 06:05:06 GMT
server: AmazonS3
x-amz-cf-pop: CMH68-P1
age: 25730
etag: "d1d414740f2fcf19a43275c687859504"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
accept-ranges: bytes
content-length: 58839
x-amz-cf-id: eueyUDI0CfcOWt89YWkY8V9Pl9tUra7Jtc791X4w6d3oknwjKDSqXg==

GET
H2 200 pollyfill.js Show response
polyfill.leadshook.io/ Frame 3153 101 B
542 B 395ms
183ms Script
application/javascript 108.156.184.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.leadshook.io/pollyfill.js

Requested by

Host: digital-hopr.leadshook.io
URL: https://digital-hopr.leadshook.io/survey/MzefpsxiSUdNQrfmy2gtPvJrY72BtytMUhtKlLc8?embed=true&index=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.184.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-184-32.cmh68.r.cloudfront.net

Software

CloudFront /

Resource Hash

d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://digital-hopr.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 18:08:34 GMT
content-security-policy: default-src 'self'
via: 1.1 74fa88947236efdd15ba1f4510868e00.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: CMH68-P2
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-cache: LambdaGeneratedResponse from cloudfront
cache-control: max-age=31536000
feature-policy: camera 'none'; microphone 'none'; speaker 'none'
content-length: 101
x-amz-cf-id: ycPboZMqBQK9s39RnwhkfdZNxn_TfLBYjFmqzxbDiPUWqIwdpurzzA==

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.9.1/ Frame 3153 63 KB
23 KB 53ms
21ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.9.1/gsap.min.js

Requested by

Host: digital-hopr.leadshook.io
URL: https://digital-hopr.leadshook.io/survey/MzefpsxiSUdNQrfmy2gtPvJrY72BtytMUhtKlLc8?embed=true&index=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://digital-hopr.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 18:08:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1543843
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22890
last-modified: Sat, 25 Dec 2021 03:05:32 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "61c68a7c-596a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2BxBMrODirMC0qKO%2FMG52pj2pUkTUWPYfR5Ryera3mI3fNkvo76lLj%2BcotzIP5gjk9BBic2qovBusCaKxx5S2CSTBqUq5I2YR4ZPW1h%2BwpirY%2Fxaq9ZCBxVn%2F51yu9yPRIMdvFEyU1w71dWBmSRJMg8S"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a3c8b768ffbca67-YUL
expires: Sat, 24 Feb 2024 18:08:34 GMT

GET
H2 200 221c1322.frontend_vendor.js Show response
static.leadshook.io/app/ Frame 3153 2 MB
614 KB 401ms
186ms Script
application/javascript 108.156.172.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadshook.io/app/221c1322.frontend_vendor.js
Requested by: Host: digital-hopr.leadshook.io
URL: https://digital-hopr.leadshook.io/survey/MzefpsxiSUdNQrfmy2gtPvJrY72BtytMUhtKlLc8?embed=true&index=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.172.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-172-37.cmh68.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 468c21cc98aa6f38ee440b7da445539f27b69b7d2e83d08ad0ff3216d534b1ee

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://digital-hopr.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 16:54:23 GMT
content-encoding: gzip
via: 1.1 42d237d1f81f463793c0aa00a59a35aa.cloudfront.net (CloudFront)
last-modified: Wed, 01 Mar 2023 06:05:05 GMT
server: AmazonS3
x-amz-cf-pop: CMH68-P1
age: 4595
x-amz-server-side-encryption: AES256
etag: "a5c159854adf26305bd4d29832c41bf7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
accept-ranges: bytes
content-length: 627359
x-amz-cf-id: LsRV5JSv3cWh2nxUC4P2jk9FOZG5NRrsTLnp1nwt_0sgRmgEnfaavw==

GET
H2 200 bundle.min.js Show response
browser.sentry-cdn.com/6.17.4/ Frame 3153 63 KB
20 KB 44ms
12ms Script
application/javascript 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/6.17.4/bundle.min.js

Requested by

Host: digital-hopr.leadshook.io
URL: https://digital-hopr.leadshook.io/survey/MzefpsxiSUdNQrfmy2gtPvJrY72BtytMUhtKlLc8?embed=true&index=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d4538b500dbad64b4c530857d7faf7d63bf921bcab573e94160c459ce859c90d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://digital-hopr.leadshook.io/
Origin: https://digital-hopr.leadshook.io
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 18:08:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 02 Feb 2022 15:42:58 GMT
server: Fastly
age: 2980463
etag: "456782718f10c0d95baf1a859662a1e9"
vary: X-Goog-Allowed-Resources, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 20491
expires: Wed, 31 Jan 2024 06:14:11 GMT

GET
H2 200 bundle.tracing.min.js Show response
browser.sentry-cdn.com/6.17.4/ Frame 3153 89 KB
28 KB 44ms
13ms Script
application/javascript 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js

Requested by

Host: digital-hopr.leadshook.io
URL: https://digital-hopr.leadshook.io/survey/MzefpsxiSUdNQrfmy2gtPvJrY72BtytMUhtKlLc8?embed=true&index=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ab75d2b0c8cc42eb0741c91c456679dd5fa0d6ea201ad0c7e50b06fe916f2c5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://digital-hopr.leadshook.io/
Origin: https://digital-hopr.leadshook.io
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 18:08:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 02 Feb 2022 15:42:58 GMT
server: Fastly
age: 2278644
etag: "d79feee5fcf01c4d7aae920cbcbc5c06"
vary: X-Goog-Allowed-Resources, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 28623
expires: Thu, 08 Feb 2024 09:11:09 GMT

GET
H2 200 angular.min.js Show response
browser.sentry-cdn.com/6.17.4/ Frame 3153 4 KB
2 KB 55ms
24ms Script
application/javascript 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/6.17.4/angular.min.js

Requested by

Host: digital-hopr.leadshook.io
URL: https://digital-hopr.leadshook.io/survey/MzefpsxiSUdNQrfmy2gtPvJrY72BtytMUhtKlLc8?embed=true&index=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

4791f9629b2ab03e00aa962848b886d9d8e709d5185fa2517b1ce4e97027f636

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://digital-hopr.leadshook.io/
Origin: https://digital-hopr.leadshook.io
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 18:08:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 02 Feb 2022 15:42:58 GMT
server: Fastly
age: 4153151
etag: "88a049ef735409b4f4e297d1b058b3ab"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1770
expires: Wed, 17 Jan 2024 16:29:23 GMT

GET
H2 200 00383f56.frontend_app.js Show response
static.leadshook.io/app/ Frame 3153 3 MB
429 KB 384ms
170ms Script
application/javascript 108.156.172.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadshook.io/app/00383f56.frontend_app.js
Requested by: Host: digital-hopr.leadshook.io
URL: https://digital-hopr.leadshook.io/survey/MzefpsxiSUdNQrfmy2gtPvJrY72BtytMUhtKlLc8?embed=true&index=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.172.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-172-37.cmh68.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90fd37023e25ca1e9387bd720b8873e414028838d6b24e6d0e5f205f6980b4c5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://digital-hopr.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 07:45:23 GMT
content-encoding: gzip
via: 1.1 42d237d1f81f463793c0aa00a59a35aa.cloudfront.net (CloudFront)
last-modified: Wed, 01 Mar 2023 06:05:05 GMT
server: AmazonS3
x-amz-cf-pop: CMH68-P1
age: 37659
x-amz-server-side-encryption: AES256
etag: "f510fb6da57729ff2c4b5c701307409e"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
accept-ranges: bytes
content-length: 438413
x-amz-cf-id: hEFohNVJQp4DlbvMUNYXLD7cCIbjQpk6y0qAnn5aSq9nfp5aWz6FSQ==

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ Frame 3153 170 KB
56 KB 172ms
84ms Script
text/javascript 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyAMNhdNamsXU3plz-WUAS-eW1aqPepRenE&libraries=places&callback=Function.prototype

Requested by

Host: digital-hopr.leadshook.io
URL: https://digital-hopr.leadshook.io/survey/MzefpsxiSUdNQrfmy2gtPvJrY72BtytMUhtKlLc8?embed=true&index=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

12650b88106458d6cc4e840504ec8db33c95bac82bbddfc1160eca3c4d28dd56

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://digital-hopr.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 18:08:35 GMT
content-encoding: gzip
server: mafe
vary: Accept-Language
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: l2gfet4t7; dur=43, gfet4t7; dur=52
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56917
x-xss-protection: 0
expires: Mon, 06 Mar 2023 18:38:35 GMT

GET
H2 200 i
snowplow.convertri.com/ 43 B
337 B 115ms
25ms Image
image/gif 34.226.33.228
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://snowplow.convertri.com/i?stm=1678126114351&e=pv&url=https%3A%2F%2Fsliceyourbills.ca%2F&page=Home%20%7C%20Reduce%20Your%20Debt&tv=js-2.7.0&tna=cvt-cookies-enabled&aid=cvt&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&eid=b65779fc-5a96-430a-93c9-869f782cfdba&dtm=1678126114350&vp=1600x1200&ds=1600x2818&vid=1&sid=c326b730-2d8c-4157-a418-30fc38259cd2&duid=db974c3b-9c34-4338-9c77-117ee494e73a&fp=1500665074
Requested by: Host: sliceyourbills.ca
URL: https://sliceyourbills.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.33.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-33-228.compute-1.amazonaws.com
Software: spray-can/1.3.3 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sliceyourbills.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 06 Mar 2023 18:08:34 GMT
access-control-allow-credentials: true
content-type: image/gif
server: spray-can/1.3.3
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ Frame 3153 30 KB
6 KB 26ms
25ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: digital-hopr.leadshook.io
URL: https://digital-hopr.leadshook.io/survey/MzefpsxiSUdNQrfmy2gtPvJrY72BtytMUhtKlLc8?embed=true&index=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://digital-hopr.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 18:08:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 520269
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z4cwssZvvlnv9WcOhLhn%2FsgZKDMQhi65GWsd7FuWM0q9Qu%2Bj0Eh0tFzyrSKQ4dDqj5%2FRNsvMqlhUzZh4JSH%2Bit2l5%2B9PcBjfO03%2BkfGAxzvVHVIl2Ov1Pjbk2OICfM8rc0UWMSVCJ9%2FSEP8r1Qgou%2FeV"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a3c8b76c839ca67-YUL
expires: Sat, 24 Feb 2024 18:08:34 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
246 B 83ms
33ms Ping
text/plain 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-PBMG8CK47W&gtm=45je3310&_p=833208029&cid=1879564833.1678126114&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1678126114&sct=1&seg=0&dl=https%3A%2F%2Fsliceyourbills.ca%2F&dt=Home%20%7C%20Reduce%20Your%20Debt&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PBMG8CK47W&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:816::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sliceyourbills.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 18:08:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sliceyourbills.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/7862ca1f/www-widgetapi.vflset/ 184 KB
62 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7862ca1f/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a76a5bd0ab18e32979a7204ad920b61558481a60ea0b763f63b3d781c6977c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sliceyourbills.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 13:51:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15410
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62942
x-xss-protection: 0
last-modified: Wed, 01 Mar 2023 01:18:28 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 05 Mar 2024 13:51:44 GMT

GET
H2 200 14jdo4l-secure-globalsign_0a003u000000000000001.png
cdn.convertri.com/199e9e9f-6d27-11e9-99fe-0697e5ca793e/1a6b6c87e8ca68d2c89e1b8d69f3dc2c58797d31/ 23 KB
24 KB 32ms
31ms Image
image/png 2400:52e0:1a00::1070:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.convertri.com/199e9e9f-6d27-11e9-99fe-0697e5ca793e/1a6b6c87e8ca68d2c89e1b8d69f3dc2c58797d31/14jdo4l-secure-globalsign_0a003u000000000000001.png
Requested by: Host: sliceyourbills.ca
URL: https://sliceyourbills.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1070:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1070 /
Resource Hash: 36f4cc619b030f1152dadd768e782f8694c94ce21b0eea9d295de2bc328d10b0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sliceyourbills.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 18:08:34 GMT
x-downloadsize: 23676
cdn-edgestorageid: 1070
x-bo-processingtime: 1
cdn-cachedat: 03/01/2023 10:21:16
cdn-pullzone: 408079
x-bo-server: ASB-192
last-modified: Wed, 01 Mar 2023 10:21:16 GMT
server: BunnyCDN-IL1-1070
cdn-requestpullcode: 200
cdn-proxyver: 1.03
x-bo-origindownloadtime: 70
content-type: image/png
cdn-cache: HIT
cdn-uid: aa1ac425-1b79-4cdb-bd61-f1990cecd40e
cache-control: public, max-age=2592000
cdn-requestid: 231ec3f05462ee49405b44ce532d358f
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 trustpilot-5stars.png
cdn.convertri.com/199e9e9f-6d27-11e9-99fe-0697e5ca793e/0699145a1fd61b6cd64cc2bd891c9f2ee7caa783/ 13 KB
13 KB 35ms
34ms Image
image/png 2400:52e0:1a00::1070:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.convertri.com/199e9e9f-6d27-11e9-99fe-0697e5ca793e/0699145a1fd61b6cd64cc2bd891c9f2ee7caa783/trustpilot-5stars.png
Requested by: Host: sliceyourbills.ca
URL: https://sliceyourbills.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1070:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1070 /
Resource Hash: 1d41e5f20117a67571708a066a6e1a9814b9b3474c787e938915cedfdc303439

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sliceyourbills.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 18:08:34 GMT
x-downloadsize: 13251
cdn-edgestorageid: 1070
x-bo-processingtime: 0
cdn-cachedat: 03/01/2023 10:21:16
cdn-pullzone: 408079
x-bo-server: ASB-193
last-modified: Wed, 01 Mar 2023 10:21:16 GMT
server: BunnyCDN-IL1-1070
cdn-requestpullcode: 200
cdn-proxyver: 1.03
x-bo-origindownloadtime: 90
content-type: image/png
cdn-cache: HIT
cdn-uid: aa1ac425-1b79-4cdb-bd61-f1990cecd40e
cache-control: public, max-age=2592000
cdn-requestid: 4cab81e18e288d8cc081fae4c27eef1b
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Debt%20support%20canada.png
cdn.convertri.com/199e9e9f-6d27-11e9-99fe-0697e5ca793e/a8c17573626f13c6442ac8aa6d3098bfeb056534/ 11 KB
11 KB 39ms
38ms Image
image/png 2400:52e0:1a00::1070:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.convertri.com/199e9e9f-6d27-11e9-99fe-0697e5ca793e/a8c17573626f13c6442ac8aa6d3098bfeb056534/Debt%20support%20canada.png
Requested by: Host: sliceyourbills.ca
URL: https://sliceyourbills.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1070:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1070 /
Resource Hash: cda16f5137ad9b10973551ca35c59e7d3325bcb9df6039d6493ce1f1d45f91d0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sliceyourbills.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 18:08:34 GMT
x-downloadsize: 10777
cdn-edgestorageid: 1067
x-bo-processingtime: 1
cdn-cachedat: 03/01/2023 11:19:15
cdn-pullzone: 408079
x-bo-server: ASB-207
last-modified: Wed, 01 Mar 2023 11:19:15 GMT
server: BunnyCDN-IL1-1070
cdn-requestpullcode: 200
cdn-proxyver: 1.03
x-bo-origindownloadtime: 77
content-type: image/png
cdn-cache: HIT
cdn-uid: aa1ac425-1b79-4cdb-bd61-f1990cecd40e
cache-control: public, max-age=2592000
cdn-requestid: 59578a251487c214d578a0b2d96e1e55
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 19ms
18ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=279254524310798&ev=Microdata&dl=https%3A%2F%2Fsliceyourbills.ca%2F&rl=&if=false&ts=1678126114752&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Home%20%7C%20Reduce%20Your%20Debt%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22article%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fsliceyourbills.ca%2F%22%2C%22og%3Atitle%22%3A%22Home%20%7C%20Reduce%20Your%20Debt%22%2C%22og%3Adescription%22%3A%22%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.98&r=stable&ec=1&o=30&fbp=fb.1.1678126114245.1093561507&it=1678126114115&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: sliceyourbills.ca
URL: https://sliceyourbills.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sliceyourbills.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 06 Mar 2023 18:08:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 3153 223 KB
8 KB 529ms
48ms Stylesheet
text/css 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Abel:wght@100;300;400;500;700;900&family=Abril+Fatface:wght@100;300;400;500;700;900&family=Barlow:wght@100;300;400;500;700;900&family=Bitter:wght@100;300;400;500;700;900&family=Comforta:wght@100;300;400;500;700;900&family=Droid+Serif:wght@100;300;400;500;700;900&family=Inconsolata:wght@100;300;400;500;700;900&family=Josefin+Sans:wght@100;300;400;500;700;900&family=Josefin+Slab:wght@100;300;400;500;700;900&family=Lato:wght@100;300;400;500;700;900&family=Libre+Franklin:wght@100;300;400;500;700;900&family=Lobset+Two:wght@100;300;400;500;700;900&family=Lobster:wght@100;300;400;500;700;900&family=Lora:wght@100;300;400;500;700;900&family=Merriweather:wght@100;300;400;500;700;900&family=Montserrat:wght@100;300;400;500;700;900&family=Muli:wght@100;300;400;500;700;900&family=Noto+Sans:wght@100;300;400;500;700;900&family=Nunito:wght@100;300;400;500;700;900&family=Nunito+Sans:wght@100;300;400;500;700;900&family=Open+Sans:wght@100;300;400;500;700;900&family=Oswald:wght@100;300;400;500;700;900&family=Oxygen:wght@100;300;400;500;700;900&family=PT+Sans:wght@100;300;400;500;700;900&family=PT+Serif:wght@100;300;400;500;700;900&family=Patua+Online:wght@100;300;400;500;700;900&family=Playfair+Display:wght@100;300;400;500;700;900&family=Poppins:wght@100;300;400;500;700;900&family=Quicksand:wght@100;300;400;500;700;900&family=Raleway:wght@100;300;400;500;700;900&family=Roboto:wght@100;300;400;500;700;900&family=Roboto+Condensed:wght@100;300;400;500;700;900&family=Roboto+Mono:wght@100;300;400;500;700;900&family=Roboto+Slab:wght@100;300;400;500;700;900&family=Rubik:wght@100;300;400;500;700;900&family=Sigmar+One:wght@100;300;400;500;700;900&family=Source+Sans+Pro:wght@100;300;400;500;700;900&family=Special+Elite:wght@100;300;400;500;700;900&family=Titillium+Web:wght@100;300;400;500;700;900&family=Ubuntu:wght@100;300;400;500;700;900&family=Work+Sans&display=swap

Requested by

Host: digital-hopr.leadshook.io
URL: https://digital-hopr.leadshook.io/survey/MzefpsxiSUdNQrfmy2gtPvJrY72BtytMUhtKlLc8?embed=true&index=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a2b5cd462999a5dd436ee027342d3849fa55f456dce4e1b9bfa0c4b5164a6ef2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://digital-hopr.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Mar 2023 18:08:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 17:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Mar 2023 18:08:35 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ Frame 3153 3 B
45 B 106ms
65ms XHR
application/json 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://digital-hopr.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 18:08:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://digital-hopr.leadshook.io
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

POST
H2 204 nodetracker Show response
digital-hopr.leadshook.io/api/ Frame 3153 0
191 B 39ms
39ms XHR
text/plain 35.168.77.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://digital-hopr.leadshook.io/api/nodetracker
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.77.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-77-57.compute-1.amazonaws.com
Software: nginx/1.19.9 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer: https://digital-hopr.leadshook.io/survey/MzefpsxiSUdNQrfmy2gtPvJrY72BtytMUhtKlLc8?embed=true&index=0
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: https://digital-hopr.leadshook.io
date: Mon, 06 Mar 2023 18:08:35 GMT
access-control-allow-credentials: true
server: nginx/1.19.9
x-username: undefined
x-powered-by: Express
vary: X-HTTP-Method-Override, Origin

GET
H2 200 pixel.png
d2zdr2rqflfo3.cloudfront.net/ Frame 3153 95 B
412 B 354ms
177ms Image
image/png 108.156.171.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2zdr2rqflfo3.cloudfront.net/pixel.png?host=digital-hopr.leadshook.io&subdomain=digital-hopr&accountId=1379&quizId=46619&leadId=359935334&quizVersionId=20
Requested by: Host: digital-hopr.leadshook.io
URL: https://digital-hopr.leadshook.io/survey/MzefpsxiSUdNQrfmy2gtPvJrY72BtytMUhtKlLc8?embed=true&index=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.171.155 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-171-155.cmh68.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://digital-hopr.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 18:08:37 GMT
via: 1.1 926b5281e2124486e0c9dadab33d1b9c.cloudfront.net (CloudFront)
last-modified: Sat, 28 Sep 2019 18:11:04 GMT
server: AmazonS3
x-amz-cf-pop: CMH68-P1
etag: "9591c410148e6883727c5339fd1c02cd"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 95
x-amz-cf-id: bbvauI2V8mOClnTBAjPwZtFQfSqV6btTgpPoUiIJ70hH4qB9LvG_2Q==

GET
H3 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ Frame 3153 8 KB
8 KB 22ms
21ms Font
font/woff2 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Abel:wght@100;300;400;500;700;900&family=Abril+Fatface:wght@100;300;400;500;700;900&family=Barlow:wght@100;300;400;500;700;900&family=Bitter:wght@100;300;400;500;700;900&family=Comforta:wght@100;300;400;500;700;900&family=Droid+Serif:wght@100;300;400;500;700;900&family=Inconsolata:wght@100;300;400;500;700;900&family=Josefin+Sans:wght@100;300;400;500;700;900&family=Josefin+Slab:wght@100;300;400;500;700;900&family=Lato:wght@100;300;400;500;700;900&family=Libre+Franklin:wght@100;300;400;500;700;900&family=Lobset+Two:wght@100;300;400;500;700;900&family=Lobster:wght@100;300;400;500;700;900&family=Lora:wght@100;300;400;500;700;900&family=Merriweather:wght@100;300;400;500;700;900&family=Montserrat:wght@100;300;400;500;700;900&family=Muli:wght@100;300;400;500;700;900&family=Noto+Sans:wght@100;300;400;500;700;900&family=Nunito:wght@100;300;400;500;700;900&family=Nunito+Sans:wght@100;300;400;500;700;900&family=Open+Sans:wght@100;300;400;500;700;900&family=Oswald:wght@100;300;400;500;700;900&family=Oxygen:wght@100;300;400;500;700;900&family=PT+Sans:wght@100;300;400;500;700;900&family=PT+Serif:wght@100;300;400;500;700;900&family=Patua+Online:wght@100;300;400;500;700;900&family=Playfair+Display:wght@100;300;400;500;700;900&family=Poppins:wght@100;300;400;500;700;900&family=Quicksand:wght@100;300;400;500;700;900&family=Raleway:wght@100;300;400;500;700;900&family=Roboto:wght@100;300;400;500;700;900&family=Roboto+Condensed:wght@100;300;400;500;700;900&family=Roboto+Mono:wght@100;300;400;500;700;900&family=Roboto+Slab:wght@100;300;400;500;700;900&family=Rubik:wght@100;300;400;500;700;900&family=Sigmar+One:wght@100;300;400;500;700;900&family=Source+Sans+Pro:wght@100;300;400;500;700;900&family=Special+Elite:wght@100;300;400;500;700;900&family=Titillium+Web:wght@100;300;400;500;700;900&family=Ubuntu:wght@100;300;400;500;700;900&family=Work+Sans&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://digital-hopr.leadshook.io
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 14:41:10 GMT
x-content-type-options: nosniff
age: 444445
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 14:41:10 GMT

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ Frame 3153 8 KB
8 KB 27ms
26ms Font
font/woff2 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://digital-hopr.leadshook.io
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 23:46:47 GMT
x-content-type-options: nosniff
age: 498108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Feb 2024 23:46:47 GMT

GET
H3 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ Frame 3153 8 KB
8 KB 22ms
22ms Font
font/woff2 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://digital-hopr.leadshook.io
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 21:24:01 GMT
x-content-type-options: nosniff
age: 333874
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 21:24:01 GMT

GET
H2 200 geoip Show response
digital-hopr.leadshook.io/api/ Frame 3153 2 KB
752 B 71ms
70ms XHR
application/json 35.168.77.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://digital-hopr.leadshook.io/api/geoip?leadId=359935334
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.77.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-77-57.compute-1.amazonaws.com
Software: nginx/1.19.9 / Express
Resource Hash: 85c5a4c50d541549763a7a6f0288ed80c40098919879c9086218d44c4a9380ea

Request headers

Accept: */*
Referer: https://digital-hopr.leadshook.io/survey/MzefpsxiSUdNQrfmy2gtPvJrY72BtytMUhtKlLc8?embed=true&index=0
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 18:08:36 GMT
content-encoding: gzip
server: nginx/1.19.9
x-username: undefined
x-powered-by: Express
etag: W/"7f3-PiTgbSutFwF/FVCGeDY1mdoIcWg"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
x-cache-status: MISS

GET
H2 200 leaddevice Show response
digital-hopr.leadshook.io/api/ Frame 3153 1 KB
665 B 31ms
31ms XHR
application/json 35.168.77.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://digital-hopr.leadshook.io/api/leaddevice?leadId=359935334&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F110.0.5481.177+Safari%2F537.36
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.77.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-77-57.compute-1.amazonaws.com
Software: nginx/1.19.9 / Express
Resource Hash: d08a81d76518fcdaea24e54d276fcdfca875b6c8399fa949ac0c6d6a977ab0a3

Request headers

Accept: */*
Referer: https://digital-hopr.leadshook.io/survey/MzefpsxiSUdNQrfmy2gtPvJrY72BtytMUhtKlLc8?embed=true&index=0
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 18:08:36 GMT
content-encoding: gzip
server: nginx/1.19.9
x-username: undefined
x-powered-by: Express
etag: W/"567-W9zKdjUXjQgQAzNYDbi8B1PGIlw"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
x-cache-status: MISS

POST
H2 204 fields Show response
digital-hopr.leadshook.io/api/leads/359935334/ Frame 3153 0
620 B 65ms
65ms XHR
text/plain 35.168.77.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://digital-hopr.leadshook.io/api/leads/359935334/fields
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.77.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-77-57.compute-1.amazonaws.com
Software: nginx/1.19.9 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer: https://digital-hopr.leadshook.io/survey/MzefpsxiSUdNQrfmy2gtPvJrY72BtytMUhtKlLc8?embed=true&index=0
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: https://digital-hopr.leadshook.io
date: Mon, 06 Mar 2023 18:08:36 GMT
access-control-allow-credentials: true
server: nginx/1.19.9
x-username: undefined
x-powered-by: Express
vary: X-HTTP-Method-Override, Origin

PUT
H2 200 359935334 Show response
digital-hopr.leadshook.io/api/leads/ Frame 3153 751 B
755 B 38ms
37ms XHR
application/json 35.168.77.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://digital-hopr.leadshook.io/api/leads/359935334
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.77.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-77-57.compute-1.amazonaws.com
Software: nginx/1.19.9 / Express
Resource Hash: f402673330221d9535ba2fba193123bb9963209fd465a72ed387332a8041347d

Request headers

Accept: application/json, text/plain, */*
Referer: https://digital-hopr.leadshook.io/survey/MzefpsxiSUdNQrfmy2gtPvJrY72BtytMUhtKlLc8?embed=true&index=0
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 06 Mar 2023 18:08:36 GMT
content-encoding: gzip
server: nginx/1.19.9
x-username: undefined
x-powered-by: Express
etag: W/"2ef-wLV9QB1bcER4TZi/VH2lv7M153k"
vary: Accept-Encoding, Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://digital-hopr.leadshook.io
access-control-allow-credentials: true

POST
H2 404 287601629 Show response
digital-hopr.leadshook.io/api/impressions/ Frame 3153 165 B
469 B 33ms
32ms XHR
text/html 35.168.77.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://digital-hopr.leadshook.io/api/impressions/287601629

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.168.77.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-168-77-57.compute-1.amazonaws.com

Software

nginx/1.19.9 / Express

Resource Hash

0f0668332ba943b0593a9a51e7442ac6f894ebd6cfe49d20e8880fd986017c52

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://digital-hopr.leadshook.io/survey/MzefpsxiSUdNQrfmy2gtPvJrY72BtytMUhtKlLc8?embed=true&index=0
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 06 Mar 2023 18:08:36 GMT
content-security-policy: default-src 'none'
x-content-type-options: nosniff
server: nginx/1.19.9
x-username: undefined
x-powered-by: Express
vary: X-HTTP-Method-Override, Origin, Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://digital-hopr.leadshook.io
access-control-allow-credentials: true
content-length: 165

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
digital-hopr.leadshook.io/	1970-01-20 10:18:50	Name: AWSALBTGCORS Value: NgRFEP9Abyms8YaiE8frI6bybSyVOsnk1Tz1Iy9IHwvE6ex9TPHWM/9mOSssJsgxzHkRQCwnwk1ORttvhGMR+iCIOvRGlF87QIMG5ceiIpZh2UAfyuDFDt3JoQz1T9H06bWFAu3F/9Ke4/1qn8PJS7v19ruVzGuiIwrGPllVvYo3LceXdUE=
digital-hopr.leadshook.io/	1970-01-20 10:51:58	Name: MzefpsxiSUdNQrfmy2gtPvJrY72BtytMUhtKlLc8.leadData Value: j%3A%7B%22leadId%22%3A359935334%2C%22leadToken%22%3A%22MzefpsxiSUdNQrfmy2gtPvJrY72BtytMUhtKlLc8WXrE3tqxNfN3xeXn0N9B%22%2C%22quizId%22%3A46619%7D
.sliceyourbills.ca/	1970-01-20 12:18:22	Name: _fbp Value: fb.1.1678126114245.1093561507
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: HPWX78TWjIA
.youtube.com/	1970-01-20 14:27:58	Name: VISITOR_INFO1_LIVE Value: Afp1iaGeILo
sliceyourbills.ca/	1970-01-20 10:08:47	Name: _sp_ses.fe87 Value: *
sliceyourbills.ca/	1970-01-20 19:44:46	Name: _sp_id.fe87 Value: db974c3b-9c34-4338-9c77-117ee494e73a.1678126114.1.1678126114.1678126114.c326b730-2d8c-4157-a418-30fc38259cd2
.sliceyourbills.ca/	1970-01-20 19:44:46	Name: _ga_PBMG8CK47W Value: GS1.1.1678126114.1.0.1678126114.0.0.0
.sliceyourbills.ca/	1970-01-20 19:44:46	Name: _ga Value: GA1.1.1879564833.1678126114
digital-hopr.leadshook.io/	1970-01-20 10:18:50	Name: AWSALBCORS Value: SamuBEqGnBq6A9YBAd3fUo7WuYi6vXmoiZPR0vr9/10eTCJl2Yd0VNFeB0LPu63/ZV4u/ohyzNxLkB5AWy9h9tpeEUtcuLHvspxtqhpZhpQg7HNNun/vCVfpzGp9Gh9eOGosBGt22D6s2Dm/1Eu5p+BKJFmsAhueA4aoVe8jTqaQ0jlYcy3VpQs++ftcxA==

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://digital-hopr.leadshook.io/api/impressions/287601629 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.sentry-cdn.com
cdn.convertri.com
cdnjs.cloudflare.com
connect.facebook.net
d2zdr2rqflfo3.cloudfront.net
digital-hopr.leadshook.io
fonts.googleapis.com
fonts.gstatic.com
maps.googleapis.com
polyfill.leadshook.io
sliceyourbills.ca
snowplow.convertri.com
static.leadshook.io
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.youtube.com
108.156.171.155
108.156.172.37
108.156.184.32
2400:52e0:1a00::1070:1
2606:4700::6811:180e
2607:f8b0:4006:80b::200e
2607:f8b0:4006:80c::2008
2607:f8b0:4006:80f::200a
2607:f8b0:4006:816::200e
2607:f8b0:4006:81f::2003
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:200::729
34.226.33.228
35.168.77.57
35.185.3.114
0f0668332ba943b0593a9a51e7442ac6f894ebd6cfe49d20e8880fd986017c52
0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363
1061bc2b7156ef50111328b1c2514fb441169f5c9738172fd399af2484f820c3
12650b88106458d6cc4e840504ec8db33c95bac82bbddfc1160eca3c4d28dd56
1d41e5f20117a67571708a066a6e1a9814b9b3474c787e938915cedfdc303439
2bd8746c9641b9c1ec49b8972f313c64e94a011686f54f00214b29b577aeec48
361a50f8a6c816ba4306c5290b7e487a726e1b4dcc3d8d7e4acf1fc2dae9f551
36f4cc619b030f1152dadd768e782f8694c94ce21b0eea9d295de2bc328d10b0
3715b504c68323affe436a0169f96fcccfff8f0632a7bce1ca2a762ff714fd17
460d48215c8b8377ca94e1fe78d33df63f3e566ea11d78ed221923b5c5c9072a
468c21cc98aa6f38ee440b7da445539f27b69b7d2e83d08ad0ff3216d534b1ee
468ccd6567d7fcd1f11bc2479846fe367946a821a013c38d49190d329f8d6ac5
4791f9629b2ab03e00aa962848b886d9d8e709d5185fa2517b1ce4e97027f636
4bd72e0db73eedd7326355735eb3d71604601e6d1c6cdb03dae0a24ca5b2557c
4c602bcfada1346de5ac228744c06aed3d4c08158d446f13b97ee5edebb7b934
53eaa58cf4e7fc8d68a3b557ad8f67b8b6613e7431e87a6ca896948c53ef2d35
559199ebe689566798ca19151a94da3b5c1a7bae2c06473eaf85d3cb3a4985ac
581fc840c5c2a50fc743f48bd3bbc8341da1ce4489e790d16fa9f459070acf7d
59fe8ac9c8c9cd319fcdc14f91530aad33e7ad2cc421caaeccc9f1c1cf8ebf32
66807e8e108c648c970aeace0886706f8c95c616f036529a4b628525208f18e8
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
85c5a4c50d541549763a7a6f0288ed80c40098919879c9086218d44c4a9380ea
884d2cd5ba1b567924c3d174d5cb03f9ad49777bd3c4aa97ce01567acdcdf587
8a9a74f4455f392ec3e7499cfda6097b536bb4b7f1e529a079c3d953c08b54ca
90fd37023e25ca1e9387bd720b8873e414028838d6b24e6d0e5f205f6980b4c5
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9ca444026ee727e04ca5d902386d8ebb9f5e74884425f1527726e680ad0cfd0b
a2b5cd462999a5dd436ee027342d3849fa55f456dce4e1b9bfa0c4b5164a6ef2
a9ef021078603005c0b08fba881f1a7eb62ef213238021f3e8a4a00daa60b9d6
ab75d2b0c8cc42eb0741c91c456679dd5fa0d6ea201ad0c7e50b06fe916f2c5d
b3a76a5bd0ab18e32979a7204ad920b61558481a60ea0b763f63b3d781c6977c
be6550664edad3f0ebd90aa2756b4d2a98a9ffcb51ab6dcd4a8d1d043d7badd2
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cda16f5137ad9b10973551ca35c59e7d3325bcb9df6039d6493ce1f1d45f91d0
d08a81d76518fcdaea24e54d276fcdfca875b6c8399fa949ac0c6d6a977ab0a3
d4538b500dbad64b4c530857d7faf7d63bf921bcab573e94160c459ce859c90d
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
dbeb32e5ae3eef3ded3cc187bc787c7c0fb8c59ddd49712400d16e77b450184b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ee3bdfa68320f40559fa9c65361fe6c4e0dcdbf96d2065f8db10af56eb865e
f37f6263ba4431cebb4b822daa827e3f2a6e419dd93508ee4a8fe9710093c4be
f402673330221d9535ba2fba193123bb9963209fd465a72ed387332a8041347d

sliceyourbills.ca Open in urlscan Pro 35.185.3.114 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

51 Requests

100 %HTTPS

63 %IPv6

13 Domains

17 Subdomains

16 IPs

2 Countries

1983 kBTransfer

7759 kBSize

10 Cookies

1 Outgoing links

Page URL History

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sliceyourbills.ca Open in urlscan Pro
35.185.3.114 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

100 %
HTTPS

63 %
IPv6

13
Domains

17
Subdomains

16
IPs

2
Countries

1983 kB
Transfer

7759 kB
Size

10
Cookies

51 HTTP transactions
0 data transactions