mnpdebt.ca Open in urlscan Pro
2606:4700:20::ac43:6049 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bankruptcystjohn.ca/
Effective URL:
https://mnpdebt.ca/en
Submission: On April 12 via automatic, source certstream-suspicious (April 12th 2021, 10:01:42 pm UTC)

Summary HTTP 75 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 30 IPs in 6 countries across 23 domains to perform 75 HTTP transactions. The main IP is 2606:4700:20::ac43:6049, located in United States and belongs to CLOUDFLARENET, US. The main domain is mnpdebt.ca.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 4th 2020. Valid for: a year.

This is the only time mnpdebt.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3031::ac43:df0a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 19	2606:4700:20:... 2606:4700:20::ac43:6049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1 3	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	13.226.146.155 13.226.146.155	16509 (AMAZON-02) (AMAZON-02)
2 2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
5	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
1 4	52.30.2.3 52.30.2.3	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
3	93.184.220.42 93.184.220.42	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2600:9000:218... 2600:9000:2182:f400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0b::9a	15169 (GOOGLE) (GOOGLE)
2	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
6	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	13.226.154.171 13.226.154.171	16509 (AMAZON-02) (AMAZON-02)
2	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
4	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
75	30

1 2606:4700:3031::ac43:df0a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

bankruptcystjohn.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2606:4700:20::ac43:6049 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mnpdebt.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

4653320.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f012:10c:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.146.155 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-146-155.dus51.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States) 2 redirects

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.30.2.3 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-2-3.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 93.184.220.42 (London, United Kingdom)

ASN15133 (EDGECAST, US)

static.olark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2182:f400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f112:182:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.154.171 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-154-171.dus51.r.cloudfront.net

d1eoo1tco6rr5e.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	mnpdebt.ca 1 redirects mnpdebt.ca	450 KB
6	facebook.com www.facebook.com	902 B
6	google.com www.google.com adservice.google.com	18 KB
5	quantserve.com secure.quantserve.com pixel.quantserve.com	27 KB
5	adsrvr.org 1 redirects js.adsrvr.org insight.adsrvr.org	3 KB
5	facebook.net connect.facebook.net	265 KB
5	doubleclick.net 1 redirects 4653320.fls.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	5 KB
4	twitter.com 2 redirects platform.twitter.com analytics.twitter.com	1 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	385 KB
3	olark.com static.olark.com	36 KB
3	google-analytics.com www.google-analytics.com	20 KB
2	google.de 1 redirects adservice.google.de www.google.de	967 B
2	t.co t.co	623 B
2	quantcount.com rules.quantcount.com	2 KB
2	ads-twitter.com static.ads-twitter.com	4 KB
1	cloudfront.net d1eoo1tco6rr5e.cloudfront.net	595 B
1	googleadservices.com www.googleadservices.com	16 KB
1	yahoo.com sp.analytics.yahoo.com	964 B
1	yimg.com s.yimg.com	6 KB
1	jquery.com code.jquery.com	30 KB
1	googletagmanager.com www.googletagmanager.com	59 KB
1	googleapis.com fonts.googleapis.com	461 B
1	bankruptcystjohn.ca 1 redirects bankruptcystjohn.ca	560 B
75	23

	Domain	Requested by
19	mnpdebt.ca	1 redirects mnpdebt.ca code.jquery.com
6	www.facebook.com	mnpdebt.ca 4653320.fls.doubleclick.net
5	connect.facebook.net	mnpdebt.ca connect.facebook.net 4653320.fls.doubleclick.net
5	www.google.com	mnpdebt.ca 4653320.fls.doubleclick.net www.gstatic.com www.google.com
4	insight.adsrvr.org	1 redirects mnpdebt.ca d1eoo1tco6rr5e.cloudfront.net js.adsrvr.org
3	static.olark.com	mnpdebt.ca static.olark.com
3	www.gstatic.com	www.google.com
3	secure.quantserve.com	mnpdebt.ca 4653320.fls.doubleclick.net
3	4653320.fls.doubleclick.net	1 redirects www.googletagmanager.com adservice.google.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com mnpdebt.ca
2	analytics.twitter.com	platform.twitter.com
2	t.co	mnpdebt.ca 4653320.fls.doubleclick.net
2	pixel.quantserve.com	mnpdebt.ca 4653320.fls.doubleclick.net
2	rules.quantcount.com	secure.quantserve.com
2	static.ads-twitter.com	mnpdebt.ca 4653320.fls.doubleclick.net
2	platform.twitter.com	2 redirects
1	www.google.de	4653320.fls.doubleclick.net
1	d1eoo1tco6rr5e.cloudfront.net	4653320.fls.doubleclick.net
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	4653320.fls.doubleclick.net
1	sp.analytics.yahoo.com	4653320.fls.doubleclick.net
1	s.yimg.com	4653320.fls.doubleclick.net
1	adservice.google.de	1 redirects
1	adservice.google.com	4653320.fls.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	js.adsrvr.org	www.googletagmanager.com
1	code.jquery.com	mnpdebt.ca
1	fonts.gstatic.com	fonts.googleapis.com
1	www.googletagmanager.com	mnpdebt.ca
1	fonts.googleapis.com	mnpdebt.ca
1	bankruptcystjohn.ca	1 redirects
75	31

This site contains links to these domains. Also see Links.

Domain
mnpdettes.ca
lp.mnp.ca
dot.vu
www.youtube.com
www.facebook.com
www.instagram.com
www.linkedin.com
twitter.com
mnp.us1.list-manage.com
bankruptcy.mnpdebt.ca

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
s2.wac.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2020-11-17` - `2021-11-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-24` - `2021-05-12`	2 months	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-12-29` - `2021-06-22`	6 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
www.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://mnpdebt.ca/en
Frame ID: A1B7843C7A8E2CB98A30832975D226E4
Requests: 41 HTTP requests in this frame

Frame: https://4653320.fls.doubleclick.net/activityi;dc_pre=CKmBr7za-e8CFU_Luwgde0gKIg;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=7972566842160;gtm=2wg3v0;auiddc=159042558.1618264884;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen
Frame ID: 50B11092F4A1EF80D2EEE3D670D52B49
Requests: 1 HTTP requests in this frame

Frame: https://static.olark.com/jsclient/app.js
Frame ID: 34CEEB35B77F0FE2ADF0C450EFC2DA3C
Requests: 2 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CKmBr7za-e8CFU_Luwgde0gKIg;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=7972566842160;gtm=2wg3v0;auiddc=159042558.1618264884;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen
Frame ID: FEBD5EE0EACBEBA818173825DCDB7960
Requests: 1 HTTP requests in this frame

Frame: https://4653320.fls.doubleclick.net/ddm/fls/r/dc_pre=CKmBr7za-e8CFU_Luwgde0gKIg;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=7972566842160;gtm=2wg3v0;auiddc=159042558.1618264884;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen
Frame ID: 181D20529188A65B2CFEB104949DD67C
Requests: 21 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/v0a83xf/br3816j9/iframe
Frame ID: EE82A47814F981BB1C851A42C3BFDABB
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LchOswZAAAAAExqv__mYOvUeAutmKH1O2lM_u57&co=aHR0cHM6Ly9tbnBkZWJ0LmNhOjQ0Mw..&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=invisible&badge=inline&cb=ffv3bz1ncr5i
Frame ID: 66AC19C4C34B4A583737F17A8DE0B69F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LchOswZAAAAAExqv__mYOvUeAutmKH1O2lM_u57&co=aHR0cHM6Ly9tbnBkZWJ0LmNhOjQ0Mw..&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=invisible&badge=inline&cb=ef2l81q9c98i
Frame ID: 6E023451760A963639B299B02F943A9D
Requests: 5 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=i4v66ce&ref=https%3A%2F%2Fmnpdebt.ca%2Fen&upid=nfk090t&upv=1.1.0
Frame ID: 356487DB498F1AB95A1C21731E798FD4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://bankruptcystjohn.ca/ HTTP 301
https://mnpdebt.ca/ HTTP 301
https://mnpdebt.ca/en Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

75
Requests

99 %
HTTPS

69 %
IPv6

23
Domains

31
Subdomains

30
IPs

6
Countries

1330 kB
Transfer

3474 kB
Size

19
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://mnpdettes.ca/fr/
Title: Français

Search URL Search Domain Scan URL

URL: https://lp.mnp.ca/acton/media/25546/ltd-chinese?_ga=2.151299321.172093543.1583773453-701762848.1570555414
Title: 中文

Search URL Search Domain Scan URL

URL: https://dot.vu/p/_1133/debt-scale-tool
Title: MNP Debt Scale

Search URL Search Domain Scan URL

URL: https://lp.mnp.ca/acton/media/25546/debt-calculator
Title: MNP Debt Calculator

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/MNPLimited/playlists
Title: YouTube Video Library

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MNPDebt/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/mnpdebt/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/showcase/consumer-insolvency/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://twitter.com/mnpdebt
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/MNPLimited
Title: YouTube

Search URL Search Domain Scan URL

URL: https://mnp.us1.list-manage.com/subscribe?u=4b18c024f51870644334372bd&id=e95726ebb3
Title: Newsletter

Search URL Search Domain Scan URL

URL: https://bankruptcy.mnpdebt.ca/
Title: Local Bankruptcy LITs

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bankruptcystjohn.ca/ HTTP 301
https://mnpdebt.ca/ HTTP 301
https://mnpdebt.ca/en Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://4653320.fls.doubleclick.net/activityi;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=7972566842160;gtm=2wg3v0;auiddc=159042558.1618264884;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen HTTP 302
https://4653320.fls.doubleclick.net/activityi;dc_pre=CKmBr7za-e8CFU_Luwgde0gKIg;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=7972566842160;gtm=2wg3v0;auiddc=159042558.1618264884;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen

Request Chain 21

https://platform.twitter.com/oct.js HTTP 301
https://static.ads-twitter.com/oct.js

Request Chain 41

https://adservice.google.de/ddm/fls/i/dc_pre=CKmBr7za-e8CFU_Luwgde0gKIg;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=7972566842160;gtm=2wg3v0;auiddc=159042558.1618264884;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen HTTP 302
https://4653320.fls.doubleclick.net/ddm/fls/r/dc_pre=CKmBr7za-e8CFU_Luwgde0gKIg;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=7972566842160;gtm=2wg3v0;auiddc=159042558.1618264884;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen

Request Chain 42

https://platform.twitter.com/oct.js HTTP 301
https://static.ads-twitter.com/oct.js

Request Chain 53

https://insight.adsrvr.org/tags/v0a83xf/br3816j9/iframe HTTP 303
https://d1eoo1tco6rr5e.cloudfront.net/v0a83xf/br3816j9/iframe

75 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request en Show response
mnpdebt.ca/
Redirect Chain

https://bankruptcystjohn.ca/
https://mnpdebt.ca/
https://mnpdebt.ca/en

64 KB
14 KB

1332ms
1332ms

Document
text/html

2606:4700:20::ac43:6049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mnpdebt.ca/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:6049 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2482c8fc76f5fc2ca9681a1f860c803ef6f5af5621389c73232c96edb1c8d75c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: mnpdebt.ca
:scheme: https
:path: /en
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d40e56657e05719d668d2937b5b2274481618264881; TiPMix=13.3049218511697; x-ms-routing-name=self; ARRAffinity=4e1329e2917f4af6eaeb2e4884a2dacb16ea6715409a0064534275dfa8616b7d; ARRAffinitySameSite=4e1329e2917f4af6eaeb2e4884a2dacb16ea6715409a0064534275dfa8616b7d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:01:23 GMT
content-type: text/html; charset=utf-8
cache-control: private
vary: Accept-Encoding
set-cookie: website#lang=en; path=/ ASP.NET_SessionId=apkngkhoym3sybqt54zzhp4n; path=/; HttpOnly; SameSite=Lax website#lang=en; path=/ ASP.NET_SessionId=apkngkhoym3sybqt54zzhp4n; path=/; HttpOnly; SameSite=Lax SC_ANALYTICS_GLOBAL_COOKIE=3d6715d2fc624b3fa7de43e5a75a9eff|False; expires=Thu, 10-Apr-2031 22:01:22 GMT; path=/; HttpOnly __RequestVerificationToken=-F-w1VQwqeSW5RCNUCW_hk7nR4EZ5jkSL-qCf6gQ1pY97vzolWjLbzo1swKBOFO0CLlCBdF0FBlmN0V_8AknZj1LA5SSWQJoCRmwVLeO-7Q1; path=/; HttpOnly
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
cf-request-id: 0969b3937500002c0123ac4000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Nrms1yaBwsp5VZ7WnQ2i4aNkma6LyQON%2BiWTmGWQpPx%2FDll2fGkhIwWuw7qAKyVFnTUwBLEYtJEvAmmZZxC2iCPGZnpD4C9A5d9AzoCpTJGrN9Z3%2BMLP"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 63efbb98baf82c01-FRA
content-encoding: br

Redirect headers

date: Mon, 12 Apr 2021 22:01:22 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d40e56657e05719d668d2937b5b2274481618264881; expires=Wed, 12-May-21 22:01:21 GMT; path=/; domain=.mnpdebt.ca; HttpOnly; SameSite=Lax; Secure TiPMix=13.3049218511697; path=/; HttpOnly; Domain=mnpdebt.ca; Max-Age=3600; Secure x-ms-routing-name=self; path=/; HttpOnly; Domain=mnpdebt.ca; Max-Age=3600; Secure ARRAffinity=4e1329e2917f4af6eaeb2e4884a2dacb16ea6715409a0064534275dfa8616b7d;Path=/;HttpOnly;Secure;Domain=mnpdebt.ca ARRAffinitySameSite=4e1329e2917f4af6eaeb2e4884a2dacb16ea6715409a0064534275dfa8616b7d;Path=/;HttpOnly;SameSite=None;Secure;Domain=mnpdebt.ca
location: https://mnpdebt.ca/en
cf-cache-status: DYNAMIC
cf-request-id: 0969b391ac00002c010a297000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tVp%2BEEG9XNI4WHK6mtVkXUxktDUN0ke68qIQgrBvjYlJfU8p3J2JzVoFkgStGEvZcT2cRWKla5KIpnPUcMNPjDaqFSDSkNk3WeiDVhJ7%2BdenJ%2BDWnrof"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 63efbb95df392c01-FRA

GET
H2 200 VisitorIdentification.js Show response
mnpdebt.ca/layouts/system/ 2 KB
979 B 14ms
13ms Script
application/x-javascript 2606:4700:20::ac43:6049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mnpdebt.ca/layouts/system/VisitorIdentification.js
Requested by: Host: mnpdebt.ca
URL: https://mnpdebt.ca/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:6049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7941c043b215ecc58d18e696d42abbd225eb0baa075cb5e31027725cc5312fce

Request headers

Referer: https://mnpdebt.ca/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:01:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Nov 2019 01:16:17 GMT
server: cloudflare
age: 6441
etag: W/"85992271d2a0d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KFFMrzxZDnrD%2FisB0nl3hSlPF%2F%2Bejs32zYT8CreN93xMg6OH7R8vwbnO77lM%2BKFQZXFUT1JqRtGtPdEcwHjZuVdMemqDvGZ5hf1%2FWNWjQksdEoxNNr0T"}],"max_age":604800,"group":"cf-nel"}
content-type: application/x-javascript
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 63efbba11e4a2c01-FRA
cf-request-id: 0969b398b000002c0177a0f000000001

GET
H2 200 icon
fonts.googleapis.com/ 568 B
461 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1cf458acc26fd5be1cc1ad94b164e5a05f97af3ea6b2686c154fadd61a1219cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mnpdebt.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 12 Apr 2021 22:01:23 GMT
server: ESF
date: Mon, 12 Apr 2021 22:01:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Apr 2021 22:01:23 GMT

GET
H2 200 website.min.css
mnpdebt.ca/Assets/ 537 KB
65 KB 26ms
26ms Stylesheet
text/css 2606:4700:20::ac43:6049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mnpdebt.ca/Assets/website.min.css?v=oRQiKUcjHDRMjC0dAG9G4NWWHiYzG8KwQUYPK8LzUEQ1
Requested by: Host: mnpdebt.ca
URL: https://mnpdebt.ca/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:6049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27e9001a7511027e8f8fd223f360f1a694367cf4eb6c213cc171c0a88497944e

Request headers

Referer: https://mnpdebt.ca/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:01:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 02 Apr 2021 00:59:57 GMT
server: cloudflare
age: 939685
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ddpxw4hJlChy%2F%2Bfqhz54yHgIOXah1WccpTY6umHeuSdV9rk8vjZG63UbuPo8kSxw2JtFVINjTKscokqJgW%2BWX8A3C08fdrHHTNNavwIuui6jfMEyAwft"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css; charset=utf-8
cache-control: public, max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 63efbba11e4c2c01-FRA
cf-request-id: 0969b398b000002c0125b4f000000001
expires: Sat, 02 Apr 2022 00:59:57 GMT

GET
H2 200 mnp-310_logo_343-png.png
mnpdebt.ca/-/media/images/mnpdebt/branding/ 8 KB
8 KB 494ms
492ms Image
image/png 2606:4700:20::ac43:6049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mnpdebt.ca/-/media/images/mnpdebt/branding/mnp-310_logo_343-png.png?h=259&w=490&hash=4298041970DAA3BF90E29F6498AA67D2
Requested by: Host: mnpdebt.ca
URL: https://mnpdebt.ca/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:6049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2993c26dee73b35f7a11de5aa4c3252752ab0e002084cf85c351994fec4c9d4

Request headers

Referer: https://mnpdebt.ca/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:01:23 GMT
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
content-disposition: inline; filename="MNP-310_logo_343 png.png"
content-length: 8190
cf-request-id: 0969b398c100002c0149aae000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PlXKdh1WBtMsYhXUgu4ONZOiLPQ0pBdHXOUS66mZgQmUpxVBYQGUNBkl0jcmHYzpw%2FUrlU8aJf0y%2Ftq8n82Dg7gQUbM3EI2hkueA9knlb96%2BgDnthUoQ"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 63efbba13e702c01-FRA
expires: -1

GET
H2 200 consumer-mobile-logo.png
mnpdebt.ca/-/media/images/mnpdebt/branding/ 2 KB
3 KB 506ms
504ms Image
image/png 2606:4700:20::ac43:6049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mnpdebt.ca/-/media/images/mnpdebt/branding/consumer-mobile-logo.png?h=55&w=125&hash=9CCA7CA96776EF7F851B95A459513470
Requested by: Host: mnpdebt.ca
URL: https://mnpdebt.ca/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:6049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 067cc995531f1cb16875cc806d500fe69d91e059b67ce468aa8a5c3280bcafa1

Request headers

Referer: https://mnpdebt.ca/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:01:23 GMT
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
content-disposition: inline; filename="consumer mobile logo.png"
content-length: 2466
cf-request-id: 0969b398c200002c01400bd000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HSHyT3kqz85XQyyFd05E130GZ0JqknvtvSAuq%2BEVHKKIYUU%2FCiZLgynkPqO6yQ4zofoJNjUqkyuPOHOiyteeONSvyUIwBAy0dzyKgLD7pIcwWeIFAQI3"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 63efbba13e722c01-FRA
expires: -1

GET
H2 200 homepage-image_0013_10---asian-woman---shutterstock_104037125-png.png
mnpdebt.ca/-/media/images/mnpdebt/hero-banner-backgrounds/consumer/home-page/persona/ 209 KB
210 KB 794ms
792ms Image
image/png 2606:4700:20::ac43:6049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mnpdebt.ca/-/media/images/mnpdebt/hero-banner-backgrounds/consumer/home-page/persona/homepage-image_0013_10---asian-woman---shutterstock_104037125-png.png
Requested by: Host: mnpdebt.ca
URL: https://mnpdebt.ca/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:6049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb9185b7c83f7eaa5e493441f9acb59dea62954cee04030563f4c8bb7dff4518

Request headers

Referer: https://mnpdebt.ca/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:01:24 GMT
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
content-disposition: inline; filename="Homepage-image_0013_10---Asian-Woman---shutterstock_104037125 png.png"
content-length: 214503
cf-request-id: 0969b398c200002c014601c000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FcRGmqBHE0iKy44fyBRek%2BC%2BPPo4szKLVlInYiV1Q2%2FYHfLXuellFPI5ZunsyQHDI%2F9chdH4M7jbJ%2Fzt7itqOkzLz818NAcstH%2BGAK0k2UmECVadTujL"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 63efbba13e732c01-FRA
expires: -1

GET
H2 200 personal-bankruptcy-overview_video-thumbnail.jpg
mnpdebt.ca/-/media/images/mnpdebt/consumer/video-thumbnails/landing-pages/ 23 KB
23 KB 655ms
654ms Image
image/jpeg 2606:4700:20::ac43:6049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mnpdebt.ca/-/media/images/mnpdebt/consumer/video-thumbnails/landing-pages/personal-bankruptcy-overview_video-thumbnail.jpg?h=480&w=640&hash=44B45CD3ACEB6A28D2C8BB973B33030A
Requested by: Host: mnpdebt.ca
URL: https://mnpdebt.ca/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:6049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 976f29c8a8ee58439d74e1f1bb53120ad3092de25cc8cc1c5283f012dc906464

Request headers

Referer: https://mnpdebt.ca/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:01:24 GMT
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
content-disposition: inline; filename="Personal Bankruptcy Overview_video thumbnail.jpg"
content-length: 23055
cf-request-id: 0969b398c200002c011ba55000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XmUHOcIudh2xsj8x9%2B1QZ9BoHh1u0cLO3DlXIULpq8jVpzG5qK4Rzb8QUNz%2Bml1FijP5reV2UmqhmvNfhopC7zcuFwtGnmIUn1y4yy8P9M7onAuE4yG%2F"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 63efbba13e742c01-FRA
expires: -1

GET
H2 200 consumer-proposal-overview_video-thumbnail.jpg
mnpdebt.ca/-/media/images/mnpdebt/consumer/video-thumbnails/landing-pages/ 16 KB
16 KB 547ms
546ms Image
image/jpeg 2606:4700:20::ac43:6049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mnpdebt.ca/-/media/images/mnpdebt/consumer/video-thumbnails/landing-pages/consumer-proposal-overview_video-thumbnail.jpg?h=480&w=640&hash=6095214309BF4C985036FA12F16368F4
Requested by: Host: mnpdebt.ca
URL: https://mnpdebt.ca/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:6049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84d12b55467e8510c7e91b0c10109decd5bdd14881381252dbe13485e78d77cc

Request headers

Referer: https://mnpdebt.ca/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:01:23 GMT
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
content-disposition: inline; filename="Consumer Proposal Overview_video thumbnail.jpg"
content-length: 16109
cf-request-id: 0969b398c200002c0137394000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FG6%2BKel4cyXjgw4pjgqX%2Fyka%2F29eq1sSMRzcei4NOqfcwvOHLp%2BI02nXajKcex0Q3mAR%2BBu68TlpEAgDC%2B5BqFvIIUwTNO2ivJ94v7YIG1xgRnpwHEVP"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 63efbba13e762c01-FRA
expires: -1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 192 KB
59 KB 34ms
33ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KSKXSV

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

09731173b507497b6ed23a8ec5a47d4012d97cbc893826917cb4bc57aa3f28cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://mnpdebt.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:01:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60547
x-xss-protection: 0
last-modified: Mon, 12 Apr 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Apr 2021 22:01:23 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v84/ 100 KB
100 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v84/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

570ff0550f9c0a2c1a05c087ba47d3a9d7ff7de281367b28b811945396f2ed6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://mnpdebt.ca
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 20:24:29 GMT
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 20:10:46 GMT
server: sffe
age: 351414
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102396
x-xss-protection: 0
expires: Fri, 08 Apr 2022 20:24:29 GMT

GET
H2 200 mnp-businessexcellence-2021-540x271.png
mnpdebt.ca/-/media/images/mnpdebt/datasourceimages/consumer/ 65 KB
65 KB 693ms
691ms Image
image/png 2606:4700:20::ac43:6049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mnpdebt.ca/-/media/images/mnpdebt/datasourceimages/consumer/mnp-businessexcellence-2021-540x271.png?h=271&w=540&hash=7B43F91D98BA316382F8BCA6BB7BC6BD
Requested by: Host: mnpdebt.ca
URL: https://mnpdebt.ca/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:6049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62038998c1ec09d4cc2e746d08d3e16a417bb5697b90fa918ce56a820514c700

Request headers

Referer: https://mnpdebt.ca/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:01:24 GMT
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
content-disposition: inline; filename="MNP BusinessExcellence 2021 540x271.png"
content-length: 66167
cf-request-id: 0969b3995200002c010f14d000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JvsctLp%2FZa0LUOXOfb28QbsJ9tKYgUnnXnuEcBjXyja9e7qtah%2FVWOw%2BeXOpHW70Er6OEZn%2BFGZPrk0ICGvrqzeDFu7BP4Gz2ceZ%2BheLchLumPlZ0cih"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 63efbba21ff32c01-FRA
expires: -1

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
720 B 17ms
15ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2717dcc1ddd778f68223461ebd53610370e7617b6c74366bfc16a1e6e979cc58

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mnpdebt.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 555
x-xss-protection: 1; mode=block
expires: Mon, 12 Apr 2021 22:01:23 GMT

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ 86 KB
30 KB 10ms
9ms Script
application/javascript 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: mnpdebt.ca
URL: https://mnpdebt.ca/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Origin: https://mnpdebt.ca
Referer: https://mnpdebt.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:01:23 GMT
content-encoding: gzip
last-modified: Wed, 01 May 2019 21:14:27 GMT
server: nginx
etag: W/"5cca0c33-15851"
vary: Accept-Encoding
x-hw: 1618264883.dop206.fr8.t,1618264883.cds207.fr8.hc,1618264883.cds236.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30638

GET
H2 200 bootstrap.min.js Show response
mnpdebt.ca/Assets/Project/ 57 KB
15 KB 19ms
18ms Script
application/x-javascript 2606:4700:20::ac43:6049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mnpdebt.ca/Assets/Project/bootstrap.min.js
Requested by: Host: mnpdebt.ca
URL: https://mnpdebt.ca/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:6049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bcd802e9f77849e7c1e93c87279fbbb04d45949d2be79b03566ceacde29b158

Request headers

Referer: https://mnpdebt.ca/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:01:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 07 Apr 2021 12:04:27 GMT
server: cloudflare
age: 6441
etag: W/"5cf1ae28a62bd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DDseIZX0jKYStVxDObwKf20PiS1ej%2F2WUbJRcQjH5cg8gkT6v8Ym6lOGU2gT8eSkAfG8ZqNTOhYITUY0nup90V0RK%2Bo8QDBgGlkwXELSRWAVSvGQZU2p"}],"max_age":604800,"group":"cf-nel"}
content-type: application/x-javascript
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 63efbba21ff62c01-FRA
cf-request-id: 0969b3995300002c0163091000000001

GET
H2 200 website.min.js Show response
mnpdebt.ca/Assets/ 23 KB
4 KB 16ms
14ms Script
text/javascript 2606:4700:20::ac43:6049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mnpdebt.ca/Assets/website.min.js?v=NULeXPmG2flWLWWEFG0EdZuuYL97vLvH9Y3CEVRL5801
Requested by: Host: mnpdebt.ca
URL: https://mnpdebt.ca/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:6049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1874082bd99e6767417fe084a4f62d0069239ef923dfbaed3becdf8ac60fa5e

Request headers

Referer: https://mnpdebt.ca/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:01:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 27 Mar 2021 18:35:37 GMT
server: cloudflare
age: 1394746
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2BlClU2SBF8xgmX7cuwtB2s77zMeuzm7yHkWJzYu7VJGIKEQhhc%2FX2dmdPWv79y4sBQ%2BUtL9IyS3gdDq02m55FlEFoovX1WMzLV4Y6souuvmLCKD8qMw"}],"max_age":604800,"group":"cf-nel"}
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 63efbba21ff82c01-FRA
cf-request-id: 0969b3995300002c016890b000000001
expires: Sun, 27 Mar 2022 18:35:37 GMT

GET
H2 200 slick.min.js Show response
mnpdebt.ca/Assets/Project/ 42 KB
10 KB 22ms
21ms Script
application/x-javascript 2606:4700:20::ac43:6049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mnpdebt.ca/Assets/Project/slick.min.js
Requested by: Host: mnpdebt.ca
URL: https://mnpdebt.ca/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:6049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1a52c0a06fa9f65e015b02e7ec463fd621211a9d2ae44b6660597900e927fbb

Request headers

Referer: https://mnpdebt.ca/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:01:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 07 Apr 2021 12:04:28 GMT
server: cloudflare
age: 6441
etag: W/"fd81429a62bd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FLSls6X1CK8LpLzNNtE2OYUBGoW1i81Yd7gGyzeEKk8hkFbEPFrUGKZBWDEu9N0wKTSVullAnA2BTiDFi5tSKx0eOmeLujbWW2Hyw8iUpLbQ6ZwWdn42"}],"max_age":604800,"group":"cf-nel"}
content-type: application/x-javascript
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 63efbba21ff92c01-FRA
cf-request-id: 0969b3995300002c014ca09000000001

GET
H2 200 common.js Show response
mnpdebt.ca/Assets/ 27 KB
5 KB 17ms
17ms Script
text/javascript 2606:4700:20::ac43:6049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mnpdebt.ca/Assets/common.js?v=o2Lct9Ia7S38qJcKqYprlq5akPuZ-4MHKKzuXYctBrY1
Requested by: Host: mnpdebt.ca
URL: https://mnpdebt.ca/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:6049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ac1a4801e272ff65af96fd5d0be301dc4e26efb877a9777950dd42811f5ea45

Request headers

Referer: https://mnpdebt.ca/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:01:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 10 Apr 2021 22:13:27 GMT
server: cloudflare
age: 172076
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tktLpruVdAJgCfvE%2BGQymZ8IrJuQlDKUhRyAibABw3hPfmfccd2KYoDb3yBa%2Fj2bNGz22FDlr95RzqsIKE%2FVYpYihriBZ0tASxN3Dn%2FmKMVIxmvvfJ2e"}],"max_age":604800,"group":"cf-nel"}
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 63efbba21ffa2c01-FRA
cf-request-id: 0969b3995300002c01351ae000000001
expires: Sun, 10 Apr 2022 22:13:27 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSKXSV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mnpdebt.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 587
date: Mon, 12 Apr 2021 21:51:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Mon, 12 Apr 2021 23:51:36 GMT

GET
H3-Q050

200

activityi;dc_pre=CKmBr7za-e8CFU_Luwgde0gKIg;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=7972566842160;gtm=2wg3v0;auiddc=159042558.1618264884;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen Show response
4653320.fls.doubleclick.net/ Frame 50B1
Redirect Chain

https://4653320.fls.doubleclick.net/activityi;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=7972566842160;gtm=2wg3v0;auiddc=159042558.1618264884;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen?
https://4653320.fls.doubleclick.net/activityi;dc_pre=CKmBr7za-e8CFU_Luwgde0gKIg;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=7972566842160;gtm=2wg3v0;auiddc=159042558.1618264884;~oref=https%3A%2F...

484 B
988 B

115ms
65ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4653320.fls.doubleclick.net/activityi;dc_pre=CKmBr7za-e8CFU_Luwgde0gKIg;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=7972566842160;gtm=2wg3v0;auiddc=159042558.1618264884;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSKXSV

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

b78246a338923fe9f540a8f323afe62341029783d00e3352f0c84ccb455ff3c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4653320.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CKmBr7za-e8CFU_Luwgde0gKIg;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=7972566842160;gtm=2wg3v0;auiddc=159042558.1618264884;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mnpdebt.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 12 Apr 2021 22:01:23 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 386
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 12-Apr-2021 22:16:23 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 12 Apr 2021 22:01:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://4653320.fls.doubleclick.net/activityi;dc_pre=CKmBr7za-e8CFU_Luwgde0gKIg;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=7972566842160;gtm=2wg3v0;auiddc=159042558.1618264884;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 87ms
87ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a950b3e68d50d11d3f65c32089882d1ce80a3438e36565fb99e20cfc555b9584

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://mnpdebt.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23961
x-fb-rlafr: 0
pragma: public
x-fb-debug: J73ZZSdA6BaOv2DCp3npE10TULcsuybqbkSDeFZjp69ssuFQHmYLIox0Xgf5SgAlg1/PZTlUive29scPFGQbgg==
x-fb-trip-id: 1512268381
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 12 Apr 2021 22:01:23 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 170ms
55ms Script
application/x-javascript 13.226.146.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSKXSV
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.146.155 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-146-155.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer: https://mnpdebt.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 12 Apr 2021 18:22:36 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 13128
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: K-08YEFMJ5AjRmCJvB1WNnUZPPujxLkmndW4COom8IPd4ySLJO5q1Q==

GET
H2

200

oct.js Show response
static.ads-twitter.com/
Redirect Chain

https://platform.twitter.com/oct.js
https://static.ads-twitter.com/oct.js

5 KB
2 KB

125ms
41ms

Script
application/javascript

151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/oct.js
Requested by: Host: mnpdebt.ca
URL: https://mnpdebt.ca/en
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://mnpdebt.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:01:23 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 78634
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1618264884.748753,VS0,VE0
x-served-by: cache-fra19174-FRA

Redirect headers

x-tw-cdn: VZ
Date: Mon, 12 Apr 2021 22:01:23 GMT
Server: ECS (frb/67AA)
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Location: https://static.ads-twitter.com/oct.js
Content-Length: 0

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 23ms
7ms Script
application/javascript 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: mnpdebt.ca
URL: https://mnpdebt.ca/en
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 16d7d7227f6d8251224d32cd45c81633a3a9d63bf35cd84b1d99d389becb5030

Request headers

Referer: https://mnpdebt.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:01:23 GMT
content-encoding: gzip
etag: "YoFsxqR3BwPygbSjh02Dug=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 19 Apr 2021 22:01:23 GMT

GET
H2 200 /
insight.adsrvr.org/track/evnt/ 70 B
261 B 181ms
62ms Image
image/gif 52.30.2.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=i4v66ce&ct=0:8qk2i4k&fmt=3&gtmcb=1402351631
Requested by: Host: mnpdebt.ca
URL: https://mnpdebt.ca/en
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.2.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-2-3.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://mnpdebt.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Apr 2021 22:01:23 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/ 332 KB
130 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec361bce3349b6cbb5e414df65c58151bf4ad12078c6fc15ffd9dffcfbfa92d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://mnpdebt.ca
Referer: https://mnpdebt.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 11:15:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38729
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132755
x-xss-protection: 0
last-modified: Mon, 22 Mar 2021 04:06:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Apr 2022 11:15:54 GMT

GET
H2 200 loader.js Show response
static.olark.com/jsclient/ 9 KB
3 KB 175ms
44ms Script
application/javascript 93.184.220.42
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olark.com/jsclient/loader.js
Requested by: Host: mnpdebt.ca
URL: https://mnpdebt.ca/en
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB6) /
Resource Hash: 8c7f96ede157fa378f00cc1c6bf9f2ac8a7bbbd96c3d3a3a285c50b6711f9f9c

Request headers

Referer: https://mnpdebt.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:01:23 GMT
content-encoding: gzip
last-modified: Mon, 22 Mar 2021 19:59:42 GMT
server: ECS (amb/6BB6)
age: 5675
etag: W/"6058f72e-2347"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
content-length: 3178
via: 1.1 google
expires: Tue, 13 Apr 2021 01:01:23 GMT

GET
H3-Q050 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1002 B 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mnpdebt.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 21:05:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 3342
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Mon, 12 Apr 2021 22:05:41 GMT

GET
H2 200 regionsoffices Show response
mnpdebt.ca/api/feature/forms/ 11 KB
2 KB 538ms
538ms XHR
application/json 2606:4700:20::ac43:6049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mnpdebt.ca/api/feature/forms/regionsoffices
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:6049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e65bdc84055873eda29e2b5fd2e564fe07a75d425a95c163fa7da9f736b0b0c

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://mnpdebt.ca/en
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:01:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CEd26wq6XCSQTpYHPCtrL%2FXxAbjrQ8vGspOuE%2BK4qbaZXbcgWqzrtKx8qCwtWv2laM4Czkp6pkV3kzbDCPYlo5%2FyNe%2Fce0S5z24pgH9sNIlOXy7%2By6%2F8"}],"max_age":604800,"group":"cf-nel"}
content-type: application/json; charset=utf-8
cache-control: private
cf-ray: 63efbba2c8e42c01-FRA
cf-request-id: 0969b399ba00002c015fb35000000001

GET
H2 200 regionsoffices Show response
mnpdebt.ca/api/feature/forms/ 11 KB
2 KB 200ms
199ms XHR
application/json 2606:4700:20::ac43:6049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mnpdebt.ca/api/feature/forms/regionsoffices
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:6049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e65bdc84055873eda29e2b5fd2e564fe07a75d425a95c163fa7da9f736b0b0c

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://mnpdebt.ca/en
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:01:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TyLYILSV5NgZYIMrOcJTcxBp9IBi8iZiyDvYC3Hx2l%2BAW%2BrA4EjLF6%2F63CB1y6hgqhLgiNK%2F%2Fs7PsRoPVW5b%2FKL5GrtaOXut3wCRogOSk%2FqHrY5VHzXu"}],"max_age":604800,"group":"cf-nel"}
content-type: application/json; charset=utf-8
cache-control: private
cf-ray: 63efbba2c8e92c01-FRA
cf-request-id: 0969b399bb00002c01373a2000000001

GET
H2 200 testimonialratings Show response
mnpdebt.ca/api/feature/forms/ 331 B
450 B 997ms
997ms XHR
application/json 2606:4700:20::ac43:6049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mnpdebt.ca/api/feature/forms/testimonialratings
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:6049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddb7aa10eb158d87b05d5c3ad89d6dd5dc12fc61732277e22c9a8929b85bb96d

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://mnpdebt.ca/en
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:01:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s6eDyH8zloQ5iw1PODLDa21OTRVP8asB9mGj4TkVf9xgBdbRQWqtFyL82ZqKCMmgytRUY5IA4wb01VdgZ2p%2BdH96as%2BO6shP9n9CBVREy3pkRhFIjxHF"}],"max_age":604800,"group":"cf-nel"}
content-type: application/json; charset=utf-8
cache-control: private
cf-ray: 63efbba2c8ea2c01-FRA
cf-request-id: 0969b399bb00002c013417e000000001

GET
H2 200 rules-p-ZvkjxaQPZCZrY.js Show response
rules.quantcount.com/ 737 B
1 KB 38ms
10ms Script
application/x-javascript 2600:9000:2182:f400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-ZvkjxaQPZCZrY.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:f400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c12a1af7f1e9da6e33672c5aff3e74f631c174033fc65f5a50a04278fc57e880

Request headers

Referer: https://mnpdebt.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 12 Apr 2021 21:50:52 GMT
via: 1.1 58dd513f0a53b3e6851a071cb857a706.cloudfront.net (CloudFront)
last-modified: Mon, 05 Apr 2021 21:04:36 GMT
server: AmazonS3
age: 1763
etag: "ef1b91ec499fb398f399f42a66262250"
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=3600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 737
x-amz-cf-id: lgPjmlcj4C1K05csT0rsSLQs9sazppKmdCeJvNHXEVDHyA9BRz1ANA==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
81 B 13ms
13ms XHR
text/plain 2a00:1450:400c:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-2003895-43&cid=1278788673.1618264884&jid=2097590828&gjid=194130605&_gid=1227924336.1618264884&_u=aGBAgUAjAAAAAE~&z=1616737069

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mnpdebt.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 12 Apr 2021 22:01:23 GMT
content-type: text/plain
access-control-allow-origin: https://mnpdebt.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
63 B 7ms
6ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j89&a=537383242&t=pageview&_s=1&dl=https%3A%2F%2Fmnpdebt.ca%2Fen&ul=en-us&de=UTF-8&dt=MNP%20Debt%20%7C%20MNP%20LTD%20310-Debt&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgUAj~&jid=2097590828&gjid=194130605&cid=1278788673.1618264884&tid=UA-2003895-43&_gid=1227924336.1618264884&gtm=2wg3v0KSKXSV&cd1=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&cd3=0&z=1034513898

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mnpdebt.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43065
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=618927144;labels=_fp.event.PageView;rf=0;a=p-ZvkjxaQPZCZrY;url=https%3A%2F%2Fmnpdebt.ca%2Fen;uht=2;fpan=1;fpa=P0-983419463-1618264883713;ns=0;ce=1;qjs=1;qv=e576aef5-20210317211205;cm=;gdpr=...
pixel.quantserve.com/ 35 B
371 B 9ms
8ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=618927144;labels=_fp.event.PageView;rf=0;a=p-ZvkjxaQPZCZrY;url=https%3A%2F%2Fmnpdebt.ca%2Fen;uht=2;fpan=1;fpa=P0-983419463-1618264883713;ns=0;ce=1;qjs=1;qv=e576aef5-20210317211205;cm=;gdpr=0;ref=;d=mnpdebt.ca;je=0;sr=1600x1200x24;dst=1;et=1618264883712;tzo=-120;ogl=title.MNP%20Debt%2Cdescription.Consumer%20Proposals%20and%20Bankruptcy%20for%20Over%2050%20Years%20%7C%20MNP%20LTD%20301-DEBT%2Csite_name.MNPDebt%252Eca%2Curl.https%3A%2F%2Fmnpdebt%252Eca%2Fen%2Ctype.Page%2Clocale.en-CA%2Cauthor.https%3A%2F%2Fwww%252Efacebook%252Ecom%2FMNPDebt%2F%2Cimage.https%3A%2F%2Fmnpdebt%252Eca%2F-%2Fmedia%2Fimages%2Fmnpdebt%2Fbranding%2Fmnp_logoltd343c-png%252Epng%2Cimage%3Awidth.1011%2Cimage%3Aheight.327

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://mnpdebt.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Apr 2021 22:01:23 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 713135758770782 Show response
connect.facebook.net/signals/config/ 254 KB
73 KB 88ms
88ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/713135758770782?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ae09969294562f1b9ac8b328bd250611e3976a854fc8bad2b03de290fbedf6f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://mnpdebt.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74191
x-fb-rlafr: 0
pragma: public
x-fb-debug: MA/m1Jd08mYpOaJCRTEYSo0wc860B683waV9swAeqhQd9FdfHpi9Przwobv3MwKiVtpq0xyAbxQvkZy4PInCfQ==
x-fb-trip-id: 1512268381
x-frame-options: DENY
date: Mon, 12 Apr 2021 22:01:23 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
x-xss-protection: 0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
458 B 261ms
161ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nyul5&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fmnpdebt.ca%2Fen

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_devel /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mnpdebt.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Mon, 12 Apr 2021 22:01:23 GMT
server: tsa_devel
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: e650df9c5e99782a05b1ff49f0fe684dbddb2dc15ab757b10d32d6690d1ad236
x-transaction: 0b8835f53df75ce1
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 app.js Show response
static.olark.com/jsclient/ Frame 34CE 54 KB
18 KB 44ms
43ms Script
application/javascript 93.184.220.42
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olark.com/jsclient/app.js
Requested by: Host: static.olark.com
URL: https://static.olark.com/jsclient/loader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BAE) /
Resource Hash: 9735a5d3f4128ed051cdec18354519961f2d53d75931d88cd1018ec2ca2f9f1e

Request headers

Referer: https://mnpdebt.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:01:23 GMT
content-encoding: gzip
last-modified: Mon, 22 Mar 2021 19:59:42 GMT
server: ECS (amb/6BAE)
age: 5013
etag: W/"6058f72e-d957"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
content-length: 18468
via: 1.1 google
expires: Tue, 13 Apr 2021 01:01:23 GMT

GET
H2 200 regionsoffices Show response
mnpdebt.ca/api/feature/forms/ 11 KB
2 KB 534ms
533ms XHR
application/json 2606:4700:20::ac43:6049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mnpdebt.ca/api/feature/forms/regionsoffices
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:6049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e65bdc84055873eda29e2b5fd2e564fe07a75d425a95c163fa7da9f736b0b0c

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://mnpdebt.ca/en
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:01:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JKqk53QLYNTxDmP2v7AYXVI%2ForN%2FiLPFVhfqJt9Wn%2BaanS4Iz7dtokmzBKzNI6PzjqHT1OJ61ZtehGg4Gd3UT1s2233Kd4Ivuyogx%2Bn%2Fm4LG64dbF76g"}],"max_age":604800,"group":"cf-nel"}
content-type: application/json; charset=utf-8
cache-control: private
cf-ray: 63efbba40ac12c01-FRA
cf-request-id: 0969b39a8600002c0146035000000001

GET
H2 200 /
www.facebook.com/tr/ 44 B
259 B 87ms
86ms Image
image/gif 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=713135758770782&ev=PageView&dl=https%3A%2F%2Fmnpdebt.ca%2Fen&rl=&if=false&ts=1618264883863&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1618264883861.1610018647&it=1618264883724&coo=false&rqm=GET

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://mnpdebt.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:01:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 12 Apr 2021 22:01:23 GMT

GET
H2 200 3801-404-10-5377.js Show response
static.olark.com/a/assets/v0/site/ Frame 34CE 15 KB
15 KB 44ms
44ms Script
application/javascript 93.184.220.42
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olark.com/a/assets/v0/site/3801-404-10-5377.js?cb=1618264883885
Requested by: Host: static.olark.com
URL: https://static.olark.com/jsclient/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B72) /
Resource Hash: fcd9c866bfe575533162c0ef31f4d5477778165dc6489291f29319be5538aa57

Request headers

Referer: https://mnpdebt.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:01:23 GMT
via: 1.1 google
last-modified: Mon, 12 Apr 2021 21:50:52 GMT
server: ECS (amb/6B72)
age: 631
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 15305

GET
H2 200 dc_pre=CKmBr7za-e8CFU_Luwgde0gKIg;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=7972566842160;gtm=2wg3v0;auiddc=159042558.1618264884;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen Show response
adservice.google.com/ddm/fls/i/ Frame FEBD 483 B
859 B 60ms
41ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CKmBr7za-e8CFU_Luwgde0gKIg;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=7972566842160;gtm=2wg3v0;auiddc=159042558.1618264884;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen

Requested by

Host: 4653320.fls.doubleclick.net
URL: https://4653320.fls.doubleclick.net/activityi;dc_pre=CKmBr7za-e8CFU_Luwgde0gKIg;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=7972566842160;gtm=2wg3v0;auiddc=159042558.1618264884;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d30e929e6751d57bdb7eb5967cbb615a52d57f2f6de783823cf255ee13ddfc22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CKmBr7za-e8CFU_Luwgde0gKIg;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=7972566842160;gtm=2wg3v0;auiddc=159042558.1618264884;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4653320.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://4653320.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 12 Apr 2021 22:01:23 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 386
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050

200

dc_pre=CKmBr7za-e8CFU_Luwgde0gKIg;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=7972566842160;gtm=2wg3v0;auiddc=159042558.1618264884;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen Show response
4653320.fls.doubleclick.net/ddm/fls/r/ Frame 181D
Redirect Chain

https://adservice.google.de/ddm/fls/i/dc_pre=CKmBr7za-e8CFU_Luwgde0gKIg;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=7972566842160;gtm=2wg3v0;auiddc=159042558.1618264884;~oref=https%3A%2F%2Fmnpde...
https://4653320.fls.doubleclick.net/ddm/fls/r/dc_pre=CKmBr7za-e8CFU_Luwgde0gKIg;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=7972566842160;gtm=2wg3v0;auiddc=159042558.1618264884;~oref=https%3A%2F...

5 KB
2 KB

52ms
52ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4653320.fls.doubleclick.net/ddm/fls/r/dc_pre=CKmBr7za-e8CFU_Luwgde0gKIg;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=7972566842160;gtm=2wg3v0;auiddc=159042558.1618264884;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CKmBr7za-e8CFU_Luwgde0gKIg;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=7972566842160;gtm=2wg3v0;auiddc=159042558.1618264884;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

3a27f7f9b8e439e14b04e3346419308a0c2bb01fbd668e4a0f04027446511a45

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4653320.fls.doubleclick.net
:scheme: https
:path: /ddm/fls/r/dc_pre=CKmBr7za-e8CFU_Luwgde0gKIg;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=7972566842160;gtm=2wg3v0;auiddc=159042558.1618264884;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 12 Apr 2021 22:01:24 GMT
expires: Mon, 12 Apr 2021 22:01:24 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 1819
x-xss-protection: 0
set-cookie: IDE=AHWqTUm_6KceYW_Ru1mCpeq40NCceIC2CH7d-68QzBcrFvDt_7CjTzOf-U-85038tbI; expires=Sat, 07-May-2022 22:01:24 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 12 Apr 2021 22:01:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://4653320.fls.doubleclick.net/ddm/fls/r/dc_pre=CKmBr7za-e8CFU_Luwgde0gKIg;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=7972566842160;gtm=2wg3v0;auiddc=159042558.1618264884;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2

200

oct.js Show response
static.ads-twitter.com/ Frame 181D
Redirect Chain

https://platform.twitter.com/oct.js
https://static.ads-twitter.com/oct.js

5 KB
2 KB

41ms
41ms

Script
application/javascript

151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/oct.js
Requested by: Host: 4653320.fls.doubleclick.net
URL: https://4653320.fls.doubleclick.net/ddm/fls/r/dc_pre=CKmBr7za-e8CFU_Luwgde0gKIg;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=7972566842160;gtm=2wg3v0;auiddc=159042558.1618264884;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://4653320.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:01:24 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 78634
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1618264884.107121,VS0,VE0
x-served-by: cache-fra19174-FRA

Redirect headers

x-tw-cdn: VZ
Date: Mon, 12 Apr 2021 22:01:24 GMT
Server: ECS (frb/6738)
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Location: https://static.ads-twitter.com/oct.js
Content-Length: 0

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ Frame 181D 15 KB
6 KB 21ms
6ms Script
application/javascript 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: 4653320.fls.doubleclick.net
URL: https://4653320.fls.doubleclick.net/ddm/fls/r/dc_pre=CKmBr7za-e8CFU_Luwgde0gKIg;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=7972566842160;gtm=2wg3v0;auiddc=159042558.1618264884;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://4653320.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Mon, 12 Apr 2021 21:16:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2678
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5581
x-amz-id-2: XO4cIVZXcjXGdE5QQTXxmyhEUOWjowhksxik3cLarXG5+x1PWLnrSqAG4tB0stC3hoofekReH80=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 30 Oct 2021 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 24 Sep 2020 23:08:16 GMT
server: ATS
etag: "49db10c8315384e8dad2e92a6841ed81-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: T582QT5N0QC3V03V
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: swANRqp_TdPZf97XDKuCKoVnrp7c.h.0
accept-ranges: bytes
content-type: application/javascript

GET
H/1.1 200
OK spp.pl
sp.analytics.yahoo.com/ Frame 181D 43 B
964 B 188ms
63ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001994968666&.yp=419514&js=no

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://4653320.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 12 Apr 2021 22:01:24 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Mon, 12 Apr 2021 22:01:24 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame 181D 43 KB
16 KB 53ms
53ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

f8e03ff588e0a7e35bb5fb0f0916145174f696aa35d4d3b86001fca66b77d7a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4653320.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16557
x-xss-protection: 0
server: cafe
etag: 2199525623091866667
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 12 Apr 2021 22:01:24 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame 181D 23 KB
9 KB 8ms
8ms Script
application/javascript 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: 4653320.fls.doubleclick.net
URL: https://4653320.fls.doubleclick.net/ddm/fls/r/dc_pre=CKmBr7za-e8CFU_Luwgde0gKIg;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=7972566842160;gtm=2wg3v0;auiddc=159042558.1618264884;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 16d7d7227f6d8251224d32cd45c81633a3a9d63bf35cd84b1d99d389becb5030

Request headers

Referer: https://4653320.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:01:24 GMT
content-encoding: gzip
etag: "YoFsxqR3BwPygbSjh02Dug=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 19 Apr 2021 22:01:24 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 181D 92 KB
24 KB 87ms
87ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a950b3e68d50d11d3f65c32089882d1ce80a3438e36565fb99e20cfc555b9584

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://4653320.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23961
x-fb-rlafr: 0
pragma: public
x-fb-debug: J73ZZSdA6BaOv2DCp3npE10TULcsuybqbkSDeFZjp69ssuFQHmYLIox0Xgf5SgAlg1/PZTlUive29scPFGQbgg==
x-fb-trip-id: 1512268381
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 12 Apr 2021 22:01:24 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 aquant.js Show response
secure.quantserve.com/ Frame 181D 23 KB
9 KB 9ms
9ms Script
application/javascript 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/aquant.js?a=p-fh1NJZWEagV-u
Requested by: Host: 4653320.fls.doubleclick.net
URL: https://4653320.fls.doubleclick.net/ddm/fls/r/dc_pre=CKmBr7za-e8CFU_Luwgde0gKIg;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=7972566842160;gtm=2wg3v0;auiddc=159042558.1618264884;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 16d7d7227f6d8251224d32cd45c81633a3a9d63bf35cd84b1d99d389becb5030

Request headers

Referer: https://4653320.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:01:24 GMT
content-encoding: gzip
etag: "YoFsxqR3BwPygbSjh02Dug=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 19 Apr 2021 22:01:24 GMT

GET
H2 200 rules-p-fh1NJZWEagV-u.js Show response
rules.quantcount.com/ Frame 181D 1 KB
1022 B 9ms
9ms Script
application/x-javascript 2600:9000:2182:f400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-fh1NJZWEagV-u.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:f400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 925c82198edb5ac67c27430505b1610d8ff39c4e2dc660ad811ca2678ec0de99

Request headers

Referer: https://4653320.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 21:50:52 GMT
content-encoding: gzip
last-modified: Tue, 11 Apr 2017 00:07:07 GMT
server: AmazonS3
age: 1763
etag: W/"6150708d98a04c0c0a0553abdd997eb8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 58dd513f0a53b3e6851a071cb857a706.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: tuUKlGsRsBi2gBjuXFbLrjA1dLVYp5TxMvekfbMfy-qoMsHNATty7w==

GET
H2 200 pixel;r=769546444;labels=_fp.event.Default;rf=0;a=p-fh1NJZWEagV-u;url=https%3A%2F%2F4653320.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCKmBr7za-e8CFU_Luwgde0gKIg%3Bsrc%3D4653320%3Btype%3D412855...
pixel.quantserve.com/ Frame 181D 35 B
210 B 8ms
8ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=769546444;labels=_fp.event.Default;rf=0;a=p-fh1NJZWEagV-u;url=https%3A%2F%2F4653320.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCKmBr7za-e8CFU_Luwgde0gKIg%3Bsrc%3D4653320%3Btype%3D41285553%3Bcat%3Dmnp-r0%3Bord%3D1%3Bnum%3D7972566842160%3Bgtm%3D2wg3v0%3Bauiddc%3D159042558.1618264884%3B~oref%3Dhttps%253A%252F%252Fmnpdebt.ca%252Fen;ref=https%3A%2F%2Fadservice.google.com%2F;uht=2;fpan=1;fpa=P0-873587926-1618264884106;ns=1;ce=1;qjs=1;qv=e576aef5-20210317211205;cm=;gdpr=0;d=4653320.fls.doubleclick.net;je=0;sr=1600x1200x24;dst=1;et=1618264884106;tzo=-120;ogl=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://4653320.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Apr 2021 22:01:24 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 adsct
t.co/i/ Frame 181D 43 B
165 B 167ms
167ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=ntgdw&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_referrer=https%3A%2F%2Fadservice.google.com%2F&tw_document_href=https%3A%2F%2F4653320.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCKmBr7za-e8CFU_Luwgde0gKIg%3Bsrc%3D4653320%3Btype%3D41285553%3Bcat%3Dmnp-r0%3Bord%3D1%3Bnum%3D7972566842160%3Bgtm%3D2wg3v0%3Bauiddc%3D159042558.1618264884%3B~oref%3Dhttps%253A%252F%252Fmnpdebt.ca%252Fen

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_devel /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://4653320.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Mon, 12 Apr 2021 22:01:24 GMT
server: tsa_devel
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: e650df9c5e99782a05b1ff49f0fe684dbddb2dc15ab757b10d32d6690d1ad236
x-transaction: 29524dcf8442f92e
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/942746011/ Frame 181D 3 KB
1 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/942746011/?random=1618264884167&cv=9&fst=1618264884167&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F4653320.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCKmBr7za-e8CFU_Luwgde0gKIg%3Bsrc%3D4653320%3Btype%3D41285553%3Bcat%3Dmnp-r0%3Bord%3D1%3Bnum%3D7972566842160%3Bgtm%3D2wg3v0%3Bauiddc%3D159042558.1618264884%3B~oref%3Dhttps%253A%252F%252Fmnpdebt.ca%252Fen&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88ff2af7ac6068bf3ecd74be4a6a1de85357f9d182b6cdb65a5cf147cccf13b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4653320.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Apr 2021 22:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1138
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

iframe Show response
d1eoo1tco6rr5e.cloudfront.net/v0a83xf/br3816j9/ Frame EE82
Redirect Chain

https://insight.adsrvr.org/tags/v0a83xf/br3816j9/iframe
https://d1eoo1tco6rr5e.cloudfront.net/v0a83xf/br3816j9/iframe

134 B
595 B

173ms
56ms

Document
text/html

13.226.154.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/v0a83xf/br3816j9/iframe
Requested by: Host: 4653320.fls.doubleclick.net
URL: https://4653320.fls.doubleclick.net/ddm/fls/r/dc_pre=CKmBr7za-e8CFU_Luwgde0gKIg;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=7972566842160;gtm=2wg3v0;auiddc=159042558.1618264884;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.154.171 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-154-171.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 224487affd00bb07834524a7a37bd38f57d6353025e8df36428ff7a5a1a9f22c

Request headers

Host: d1eoo1tco6rr5e.cloudfront.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://4653320.fls.doubleclick.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://4653320.fls.doubleclick.net/

Response headers

Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Last-Modified: Wed, 03 Sep 2014 14:23:57 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Mon, 12 Apr 2021 21:50:53 GMT
ETag: "216976cfd71f47a78ac978ffa8fa33e9"
X-Cache: Hit from cloudfront
Via: 1.1 2395e6175733260a159a0b484ed8febd.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: UmXZQESi6Ys1R7vzm2XMBCUeEHQB9Av-akrqUrHgS6HbsCHss5TiFw==
Age: 5783

Redirect headers

date: Mon, 12 Apr 2021 22:01:24 GMT
content-type: text/html; charset=UTF-8
content-length: 184
location: https://d1eoo1tco6rr5e.cloudfront.net/v0a83xf/br3816j9/iframe
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 adsct Show response
analytics.twitter.com/i/ Frame 181D 31 B
651 B 257ms
168ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=ntgdw&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_referrer=https%3A%2F%2Fadservice.google.com%2F&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2F4653320.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCKmBr7za-e8CFU_Luwgde0gKIg%3Bsrc%3D4653320%3Btype%3D41285553%3Bcat%3Dmnp-r0%3Bord%3D1%3Bnum%3D7972566842160%3Bgtm%3D2wg3v0%3Bauiddc%3D159042558.1618264884%3B~oref%3Dhttps%253A%252F%252Fmnpdebt.ca%252Fen

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/oct.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://4653320.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 123
pragma: no-cache
last-modified: Mon, 12 Apr 2021 22:01:24 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 271c616c9b5b6e75a4c714e8e02678fd
x-transaction: 002f426f00272eeb
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 regionsoffices Show response
mnpdebt.ca/api/feature/forms/ 11 KB
2 KB 535ms
535ms XHR
application/json 2606:4700:20::ac43:6049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mnpdebt.ca/api/feature/forms/regionsoffices
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:6049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e65bdc84055873eda29e2b5fd2e564fe07a75d425a95c163fa7da9f736b0b0c

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://mnpdebt.ca/en
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:01:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wxE1U9hwGtuM%2BnFD%2FrXropJBe5NFwr4SWjCzUKO05h%2FoSLjEnXnOJ6DOww8JxH3nG21Vl6BiBtFOXfmfpzsGXfDjH1r2K2ySv1BGFFW4%2FDZGNyxvcBlW"}],"max_age":604800,"group":"cf-nel"}
content-type: application/json; charset=utf-8
cache-control: private
cf-ray: 63efbba62daf2c01-FRA
cf-request-id: 0969b39bd700002c013419e000000001

GET
H2 200 1649024585402369 Show response
connect.facebook.net/signals/config/ Frame 181D 254 KB
73 KB 88ms
87ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1649024585402369?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

79c2abd8216f1e46f2459906000380839d157dec007b0630681d13b1f2c5789d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://4653320.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74149
x-fb-rlafr: 0
pragma: public
x-fb-debug: l6tc/r6OKewdR3wZm7Ryb4oOaWxvhZTrxr1frHF4Fw0O+bKuz/a6FPnm63dptpg8b4bQLUw0A/jcirt7UuSUAQ==
x-fb-trip-id: 1512268381
x-frame-options: DENY
date: Mon, 12 Apr 2021 22:01:24 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
x-xss-protection: 0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/942746011/ Frame 181D 42 B
89 B 20ms
19ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/942746011/?random=1618264884167&cv=9&fst=1618264800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=2&url=https%3A%2F%2F4653320.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCKmBr7za-e8CFU_Luwgde0gKIg%3Bsrc%3D4653320%3Btype%3D41285553%3Bcat%3Dmnp-r0%3Bord%3D1%3Bnum%3D7972566842160%3Bgtm%3D2wg3v0%3Bauiddc%3D159042558.1618264884%3B~oref%3Dhttps%253A%252F%252Fmnpdebt.ca%252Fen&ref=https%3A%2F%2Fadservice.google.com%2F&fmt=3&is_vtc=1&random=3641502476&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4653320.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Apr 2021 22:01:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/942746011/ Frame 181D 42 B
108 B 18ms
18ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/942746011/?random=1618264884167&cv=9&fst=1618264800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=2&url=https%3A%2F%2F4653320.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCKmBr7za-e8CFU_Luwgde0gKIg%3Bsrc%3D4653320%3Btype%3D41285553%3Bcat%3Dmnp-r0%3Bord%3D1%3Bnum%3D7972566842160%3Bgtm%3D2wg3v0%3Bauiddc%3D159042558.1618264884%3B~oref%3Dhttps%253A%252F%252Fmnpdebt.ca%252Fen&ref=https%3A%2F%2Fadservice.google.com%2F&fmt=3&is_vtc=1&random=3641502476&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4653320.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Apr 2021 22:01:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 713135758770782 Show response
connect.facebook.net/signals/config/ Frame 181D 254 KB
73 KB 87ms
87ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/713135758770782?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ae09969294562f1b9ac8b328bd250611e3976a854fc8bad2b03de290fbedf6f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://4653320.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74191
x-fb-rlafr: 0
pragma: public
x-fb-debug: MA/m1Jd08mYpOaJCRTEYSo0wc860B683waV9swAeqhQd9FdfHpi9Przwobv3MwKiVtpq0xyAbxQvkZy4PInCfQ==
x-fb-trip-id: 1512268381
x-frame-options: DENY
date: Mon, 12 Apr 2021 22:01:24 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
x-xss-protection: 0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 181D 44 B
147 B 87ms
86ms Image
image/gif 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1649024585402369&ev=PageView&dl=https%3A%2F%2F4653320.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCKmBr7za-e8CFU_Luwgde0gKIg%3Bsrc%3D4653320%3Btype%3D41285553%3Bcat%3Dmnp-r0%3Bord%3D1%3Bnum%3D7972566842160%3Bgtm%3D2wg3v0%3Bauiddc%3D159042558.1618264884%3B~oref%3Dhttps%253A%252F%252Fmnpdebt.ca%252Fen&rl=https%3A%2F%2Fadservice.google.com%2F&if=true&ts=1618264884323&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&it=1618264884183&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://4653320.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:01:24 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 12 Apr 2021 22:01:24 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 87ms
86ms Image
image/gif 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=713135758770782&ev=Microdata&dl=https%3A%2F%2Fmnpdebt.ca%2Fen&rl=&if=false&ts=1618264884366&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22MNP%20Debt%20%7C%20MNP%20LTD%20310-Debt%22%2C%22meta%3Adescription%22%3A%22Consumer%20Proposals%20and%20Bankruptcy%20for%20Over%2050%20Years%20%7C%20MNP%20LTD%20301-DEBT%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22MNP%20Debt%22%2C%22og%3Adescription%22%3A%22Consumer%20Proposals%20and%20Bankruptcy%20for%20Over%2050%20Years%20%7C%20MNP%20LTD%20301-DEBT%22%2C%22og%3Asite_name%22%3A%22MNPDebt.ca%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fmnpdebt.ca%2Fen%22%2C%22og%3Atype%22%3A%22Page%22%2C%22og%3Alocale%22%3A%22en-CA%22%2C%22og%3Aauthor%22%3A%22https%3A%2F%2Fwww.facebook.com%2FMNPDebt%2F%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fmnpdebt.ca%2F-%2Fmedia%2Fimages%2Fmnpdebt%2Fbranding%2Fmnp_logoltd343c-png.png%22%2C%22og%3Aimage%3Awidth%22%3A%221011%22%2C%22og%3Aimage%3Aheight%22%3A%22327%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.39&r=stable&ec=1&o=30&fbp=fb.1.1618264883861.1610018647&it=1618264883724&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://mnpdebt.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:01:24 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 12 Apr 2021 22:01:24 GMT

GET
H2 200 /
insight.adsrvr.org/track/evnt/ Frame EE82 70 B
260 B 58ms
58ms Image
image/gif 52.30.2.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=v0a83xf&ct=0:br3816j9&fmt=3
Requested by: Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/v0a83xf/br3816j9/iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.2.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-2-3.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Apr 2021 22:01:24 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 /
www.facebook.com/tr/ Frame 181D 44 B
101 B 88ms
87ms Image
image/gif 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=713135758770782&ev=PageView&dl=https%3A%2F%2F4653320.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCKmBr7za-e8CFU_Luwgde0gKIg%3Bsrc%3D4653320%3Btype%3D41285553%3Bcat%3Dmnp-r0%3Bord%3D1%3Bnum%3D7972566842160%3Bgtm%3D2wg3v0%3Bauiddc%3D159042558.1618264884%3B~oref%3Dhttps%253A%252F%252Fmnpdebt.ca%252Fen&rl=https%3A%2F%2Fadservice.google.com%2F&if=true&ts=1618264884452&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&it=1618264884183&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://4653320.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:01:24 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 12 Apr 2021 22:01:24 GMT

GET anchor
www.google.com/recaptcha/api2/ Frame 66AC 0
0

GET
H3-Q050 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 6E02 19 KB
10 KB 37ms
37ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LchOswZAAAAAExqv__mYOvUeAutmKH1O2lM_u57&co=aHR0cHM6Ly9tbnBkZWJ0LmNhOjQ0Mw..&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=invisible&badge=inline&cb=ef2l81q9c98i

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ddcb09234ad857f5adfcc49beeb4704f3d40f261274f224005185f384ada8aee

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SoVl/TE3iXkOzHp8uExIfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LchOswZAAAAAExqv__mYOvUeAutmKH1O2lM_u57&co=aHR0cHM6Ly9tbnBkZWJ0LmNhOjQ0Mw..&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=invisible&badge=inline&cb=ef2l81q9c98i
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mnpdebt.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://mnpdebt.ca/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 12 Apr 2021 22:01:24 GMT
content-security-policy: script-src 'report-sample' 'nonce-SoVl/TE3iXkOzHp8uExIfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10164
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 3564 0
181 B 57ms
57ms Document
text/html 52.30.2.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=i4v66ce&ref=https%3A%2F%2Fmnpdebt.ca%2Fen&upid=nfk090t&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.2.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-2-3.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=i4v66ce&ref=https%3A%2F%2Fmnpdebt.ca%2Fen&upid=nfk090t&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mnpdebt.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://mnpdebt.ca/

Response headers

date: Mon, 12 Apr 2021 22:01:24 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
118 B 162ms
162ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nyul5&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fmnpdebt.ca%2Fen

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/oct.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mnpdebt.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 118
pragma: no-cache
last-modified: Mon, 12 Apr 2021 22:01:24 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 271c616c9b5b6e75a4c714e8e02678fd
x-transaction: 00fa45f800d48f90
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3-Q050 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/ Frame 6E02 50 KB
25 KB 26ms
13ms Stylesheet
text/css 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LchOswZAAAAAExqv__mYOvUeAutmKH1O2lM_u57&co=aHR0cHM6Ly9tbnBkZWJ0LmNhOjQ0Mw..&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=invisible&badge=inline&cb=ef2l81q9c98i

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 15:43:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 04:06:11 GMT
server: sffe
age: 22647
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25479
x-xss-protection: 0
expires: Tue, 12 Apr 2022 15:43:57 GMT

GET
H3-Q050 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/ Frame 6E02 332 KB
130 KB 28ms
15ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__en.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec361bce3349b6cbb5e414df65c58151bf4ad12078c6fc15ffd9dffcfbfa92d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 11:15:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38730
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132755
x-xss-protection: 0
last-modified: Mon, 22 Mar 2021 04:06:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Apr 2022 11:15:54 GMT

GET
H3-Q050 200 LwzEJkrqzuIpy5ZXdMyVZqsv4pxUDwC8wk7uiqYZWNw.js Show response
www.google.com/js/bg/ Frame 6E02 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/LwzEJkrqzuIpy5ZXdMyVZqsv4pxUDwC8wk7uiqYZWNw.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f0cc4264aeacee229cb965774cc9566ab2fe29c540f00bcc24eee8aa61958dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LchOswZAAAAAExqv__mYOvUeAutmKH1O2lM_u57&co=aHR0cHM6Ly9tbnBkZWJ0LmNhOjQ0Mw..&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=invisible&badge=inline&cb=ef2l81q9c98i
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 16:06:38 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:00:00 GMT
server: sffe
age: 21286
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5706
x-xss-protection: 0
expires: Tue, 12 Apr 2022 16:06:38 GMT

GET
H3-Q050 200 webworker.js
www.google.com/recaptcha/api2/ Frame 6E02 102 B
240 B 24ms
24ms Other
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=5mNs27FP3uLBP3KBPib88r1g

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

755fc16c048c7375eb92052140a46cdb3aeb33046799cb298a0c1e3292b23071

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LchOswZAAAAAExqv__mYOvUeAutmKH1O2lM_u57&co=aHR0cHM6Ly9tbnBkZWJ0LmNhOjQ0Mw..&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=invisible&badge=inline&cb=ef2l81q9c98i
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 12 Apr 2021 22:01:24 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 181D 44 B
147 B 87ms
86ms Image
image/gif 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1649024585402369&ev=Microdata&dl=https%3A%2F%2F4653320.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCKmBr7za-e8CFU_Luwgde0gKIg%3Bsrc%3D4653320%3Btype%3D41285553%3Bcat%3Dmnp-r0%3Bord%3D1%3Bnum%3D7972566842160%3Bgtm%3D2wg3v0%3Bauiddc%3D159042558.1618264884%3B~oref%3Dhttps%253A%252F%252Fmnpdebt.ca%252Fen&rl=https%3A%2F%2Fadservice.google.com%2F&if=true&ts=1618264885837&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.39&r=stable&ec=1&o=30&it=1618264884183&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://4653320.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:01:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 12 Apr 2021 22:01:25 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 181D 44 B
147 B 87ms
86ms Image
image/gif 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=713135758770782&ev=Microdata&dl=https%3A%2F%2F4653320.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCKmBr7za-e8CFU_Luwgde0gKIg%3Bsrc%3D4653320%3Btype%3D41285553%3Bcat%3Dmnp-r0%3Bord%3D1%3Bnum%3D7972566842160%3Bgtm%3D2wg3v0%3Bauiddc%3D159042558.1618264884%3B~oref%3Dhttps%253A%252F%252Fmnpdebt.ca%252Fen&rl=https%3A%2F%2Fadservice.google.com%2F&if=true&ts=1618264885955&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.39&r=stable&ec=1&o=30&it=1618264884183&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://4653320.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:01:26 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 12 Apr 2021 22:01:26 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LchOswZAAAAAExqv__mYOvUeAutmKH1O2lM_u57&co=aHR0cHM6Ly9tbnBkZWJ0LmNhOjQ0Mw..&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=invisible&badge=inline&cb=ffv3bz1ncr5i

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 02:52:40	Name: IDE Value: AHWqTUm_6KceYW_Ru1mCpeq40NCceIC2CH7d-68QzBcrFvDt_7CjTzOf-U-85038tbI
mnpdebt.ca/	1969-12-31 23:59:59	Name: wcsid Value: ON3uYYUq6qkLLfC77b5fe0N0oaPj4kZR
.mnpdebt.ca/	1970-01-19 17:32:31	Name: _gid Value: GA1.2.1227924336.1618264884
.mnpdebt.ca/	1970-01-19 19:40:40	Name: _gcl_au Value: 1.1.159042558.1618264884
mnpdebt.ca/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: -F-w1VQwqeSW5RCNUCW_hk7nR4EZ5jkSL-qCf6gQ1pY97vzolWjLbzo1swKBOFO0CLlCBdF0FBlmN0V_8AknZj1LA5SSWQJoCRmwVLeO-7Q1
mnpdebt.ca/	1970-01-23 09:07:04	Name: SC_ANALYTICS_GLOBAL_COOKIE Value: 3d6715d2fc624b3fa7de43e5a75a9eff\|False
mnpdebt.ca/	1969-12-31 23:59:59	Name: website#lang Value: en
mnpdebt.ca/	1969-12-31 23:59:59	Name: _oklv Value: 1618264883945%2CON3uYYUq6qkLLfC77b5fe0N0oaPj4kZR
.mnpdebt.ca/	1970-01-19 17:31:04	Name: _dc_gtm_UA-2003895-43 Value: 1
mnpdebt.ca/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: apkngkhoym3sybqt54zzhp4n
.mnpdebt.ca/	1969-12-31 23:59:59	Name: ARRAffinity Value: 4e1329e2917f4af6eaeb2e4884a2dacb16ea6715409a0064534275dfa8616b7d
.mnpdebt.ca/	1970-01-19 17:31:08	Name: TiPMix Value: 13.3049218511697
.mnpdebt.ca/	1970-01-19 17:31:08	Name: x-ms-routing-name Value: self
.mnpdebt.ca/	1970-01-20 11:02:16	Name: _ga Value: GA1.2.1278788673.1618264884
mnpdebt.ca/	1970-01-20 11:02:16	Name: hblid Value: jSDCrXgbaZOv1oXc7b5fe0N0A4bobcaR
.mnpdebt.ca/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 4e1329e2917f4af6eaeb2e4884a2dacb16ea6715409a0064534275dfa8616b7d
.mnpdebt.ca/	1970-01-19 19:40:40	Name: _fbp Value: fb.1.1618264883861.1610018647
.mnpdebt.ca/	1970-01-20 02:55:33	Name: __qca Value: P0-983419463-1618264883713
.mnpdebt.ca/	1970-01-19 18:14:16	Name: __cfduid Value: d40e56657e05719d668d2937b5b2274481618264881

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4653320.fls.doubleclick.net
adservice.google.com
adservice.google.de
analytics.twitter.com
bankruptcystjohn.ca
code.jquery.com
connect.facebook.net
d1eoo1tco6rr5e.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
insight.adsrvr.org
js.adsrvr.org
mnpdebt.ca
pixel.quantserve.com
platform.twitter.com
rules.quantcount.com
s.yimg.com
secure.quantserve.com
sp.analytics.yahoo.com
static.ads-twitter.com
static.olark.com
stats.g.doubleclick.net
t.co
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.google.com
104.244.42.197
104.244.42.3
13.226.146.155
13.226.154.171
142.250.186.102
142.250.186.66
151.101.12.157
2001:4de0:ac18::1:a:3a
212.82.100.181
2600:9000:2182:f400:6:44e3:f8c0:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::ac43:6049
2606:4700:3031::ac43:df0a
2620:116:800d:21:f916:5049:f87f:108e
2a00:1288:80:800::7001
2a00:1450:4001:800::200a
2a00:1450:4001:802::2003
2a00:1450:4001:808::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:828::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::200e
2a00:1450:400c:c0b::9a
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
52.30.2.3
93.184.220.42
067cc995531f1cb16875cc806d500fe69d91e059b67ce468aa8a5c3280bcafa1
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
09731173b507497b6ed23a8ec5a47d4012d97cbc893826917cb4bc57aa3f28cc
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
16d7d7227f6d8251224d32cd45c81633a3a9d63bf35cd84b1d99d389becb5030
1cf458acc26fd5be1cc1ad94b164e5a05f97af3ea6b2686c154fadd61a1219cf
224487affd00bb07834524a7a37bd38f57d6353025e8df36428ff7a5a1a9f22c
2482c8fc76f5fc2ca9681a1f860c803ef6f5af5621389c73232c96edb1c8d75c
2717dcc1ddd778f68223461ebd53610370e7617b6c74366bfc16a1e6e979cc58
27e9001a7511027e8f8fd223f360f1a694367cf4eb6c213cc171c0a88497944e
2ac1a4801e272ff65af96fd5d0be301dc4e26efb877a9777950dd42811f5ea45
2f0cc4264aeacee229cb965774cc9566ab2fe29c540f00bcc24eee8aa61958dc
3a27f7f9b8e439e14b04e3346419308a0c2bb01fbd668e4a0f04027446511a45
3bcd802e9f77849e7c1e93c87279fbbb04d45949d2be79b03566ceacde29b158
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
570ff0550f9c0a2c1a05c087ba47d3a9d7ff7de281367b28b811945396f2ed6c
5e65bdc84055873eda29e2b5fd2e564fe07a75d425a95c163fa7da9f736b0b0c
62038998c1ec09d4cc2e746d08d3e16a417bb5697b90fa918ce56a820514c700
63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478
6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
755fc16c048c7375eb92052140a46cdb3aeb33046799cb298a0c1e3292b23071
7941c043b215ecc58d18e696d42abbd225eb0baa075cb5e31027725cc5312fce
79c2abd8216f1e46f2459906000380839d157dec007b0630681d13b1f2c5789d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84d12b55467e8510c7e91b0c10109decd5bdd14881381252dbe13485e78d77cc
88ff2af7ac6068bf3ecd74be4a6a1de85357f9d182b6cdb65a5cf147cccf13b8
8c7f96ede157fa378f00cc1c6bf9f2ac8a7bbbd96c3d3a3a285c50b6711f9f9c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
925c82198edb5ac67c27430505b1610d8ff39c4e2dc660ad811ca2678ec0de99
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9735a5d3f4128ed051cdec18354519961f2d53d75931d88cd1018ec2ca2f9f1e
976f29c8a8ee58439d74e1f1bb53120ad3092de25cc8cc1c5283f012dc906464
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a950b3e68d50d11d3f65c32089882d1ce80a3438e36565fb99e20cfc555b9584
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae09969294562f1b9ac8b328bd250611e3976a854fc8bad2b03de290fbedf6f2
b2993c26dee73b35f7a11de5aa4c3252752ab0e002084cf85c351994fec4c9d4
b78246a338923fe9f540a8f323afe62341029783d00e3352f0c84ccb455ff3c0
bb9185b7c83f7eaa5e493441f9acb59dea62954cee04030563f4c8bb7dff4518
c12a1af7f1e9da6e33672c5aff3e74f631c174033fc65f5a50a04278fc57e880
d30e929e6751d57bdb7eb5967cbb615a52d57f2f6de783823cf255ee13ddfc22
ddb7aa10eb158d87b05d5c3ad89d6dd5dc12fc61732277e22c9a8929b85bb96d
ddcb09234ad857f5adfcc49beeb4704f3d40f261274f224005185f384ada8aee
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e1874082bd99e6767417fe084a4f62d0069239ef923dfbaed3becdf8ac60fa5e
e1a52c0a06fa9f65e015b02e7ec463fd621211a9d2ae44b6660597900e927fbb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec361bce3349b6cbb5e414df65c58151bf4ad12078c6fc15ffd9dffcfbfa92d6
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
f8e03ff588e0a7e35bb5fb0f0916145174f696aa35d4d3b86001fca66b77d7a0
fcd9c866bfe575533162c0ef31f4d5477778165dc6489291f29319be5538aa57

mnpdebt.ca Open in urlscan Pro 2606:4700:20::ac43:6049 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

75 Requests

99 %HTTPS

69 %IPv6

23 Domains

31 Subdomains

30 IPs

6 Countries

1330 kBTransfer

3474 kBSize

19 Cookies

12 Outgoing links

Page URL History

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mnpdebt.ca Open in urlscan Pro
2606:4700:20::ac43:6049 Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

99 %
HTTPS

69 %
IPv6

23
Domains

31
Subdomains

30
IPs

6
Countries

1330 kB
Transfer

3474 kB
Size

19
Cookies

75 HTTP transactions
0 data transactions