members-onstg.mdbilling-dev.ca Open in urlscan Pro
3.97.1.163 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://members-onstg.mdbilling-dev.ca/
Submission: On August 19 via automatic, source certstream-suspicious (August 19th 2024, 12:56:48 pm UTC) — Scanned from CA

Summary HTTP 69 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 25 IPs in 3 countries across 20 domains to perform 69 HTTP transactions. The main IP is 3.97.1.163, located in Montreal, Canada and belongs to AMAZON-02, US. The main domain is members-onstg.mdbilling-dev.ca.
TLS certificate: Issued by Amazon RSA 2048 M02 on August 19th 2024. Valid for: a year.

This is the only time members-onstg.mdbilling-dev.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	3.97.1.163 3.97.1.163	16509 (AMAZON-02) (AMAZON-02)
3	142.251.40.142 142.251.40.142	15169 (GOOGLE) (GOOGLE)
2	142.251.41.20 142.251.41.20	15169 (GOOGLE) (GOOGLE)
4	13.107.21.237 13.107.21.237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.64.110 142.250.64.110	15169 (GOOGLE) (GOOGLE)
2	104.17.73.14 104.17.73.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	23.209.72.200 23.209.72.200	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	142.250.65.232 142.250.65.232	15169 (GOOGLE) (GOOGLE)
2	23.57.90.111 23.57.90.111	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	108.138.106.124 108.138.106.124	16509 (AMAZON-02) (AMAZON-02)
2	31.13.71.7 31.13.71.7	32934 (FACEBOOK) (FACEBOOK)
4	23.206.172.78 23.206.172.78	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	216.239.38.181 216.239.38.181	15169 (GOOGLE) (GOOGLE)
1	142.251.111.154 142.251.111.154	15169 (GOOGLE) (GOOGLE)
2	142.251.41.3 142.251.41.3	15169 (GOOGLE) (GOOGLE)
1	142.251.40.162 142.251.40.162	15169 (GOOGLE) (GOOGLE)
2	18.164.96.46 18.164.96.46	16509 (AMAZON-02) (AMAZON-02)
8	173.222.142.162 173.222.142.162	16625 (AKAMAI-AS) (AKAMAI-AS)
2	31.13.71.36 31.13.71.36	32934 (FACEBOOK) (FACEBOOK)
1	142.250.65.164 142.250.65.164	15169 (GOOGLE) (GOOGLE)
1	3.168.122.75 3.168.122.75	16509 (AMAZON-02) (AMAZON-02)
3 6	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	34.254.23.84 34.254.23.84	() ()
69	25

19 3.97.1.163 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-97-1-163.ca-central-1.compute.amazonaws.com

members-onstg.mdbilling-dev.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.40.142 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.41.20 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f20.1e100.net

geotargetly-1a441.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.107.21.237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.64.110 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f14.1e100.net

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.73.14 (None, )

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.209.72.200 (Secaucus, United States) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-209-72-200.deploy.static.akamaitechnologies.com

img1.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.65.232 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.57.90.111 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-57-90-111.deploy.static.akamaitechnologies.com

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-124.jfk50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.71.7 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-lga3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.206.172.78 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-206-172-78.deploy.static.akamaitechnologies.com

events.api.secureserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.38.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.111.154 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.41.3 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f3.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.162 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.164.96.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-46.jfk50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 173.222.142.162 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a173-222-142-162.deploy.static.akamaitechnologies.com

csp.secureserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.71.36 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-lga3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.164 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.168.122.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-168-122-75.jfk52.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.107.42.14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.23.84 (None, )

ASN- ()

metrics.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	mdbilling-dev.ca members-onstg.mdbilling-dev.ca	746 KB
12	secureserver.net events.api.secureserver.net — Cisco Umbrella Rank: 20700 csp.secureserver.net — Cisco Umbrella Rank: 20670	1 KB
6	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 669 www.linkedin.com — Cisco Umbrella Rank: 914	3 KB
4	bing.com bat.bing.com — Cisco Umbrella Rank: 534	15 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1335 script.hotjar.com — Cisco Umbrella Rank: 2017	63 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	294 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	21 KB
2	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 4716 metrics.hotjar.io	312 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	3 KB
2	google.ca www.google.ca — Cisco Umbrella Rank: 9677	127 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 252 googleads.g.doubleclick.net — Cisco Umbrella Rank: 77	2 KB
2	google.com analytics.google.com — Cisco Umbrella Rank: 238 www.google.com — Cisco Umbrella Rank: 10	64 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	73 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1884	15 KB
2	wsimg.com 1 redirects img1.wsimg.com — Cisco Umbrella Rank: 15358	21 KB
2	cloudflare.com ajax.cloudflare.com — Cisco Umbrella Rank: 2266	5 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1832	84 KB
2	appspot.com geotargetly-1a441.appspot.com — Cisco Umbrella Rank: 689346	711 B
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 5561	66 KB
0	Failed function sub() { [native code] }. Failed
69	20

	Domain	Requested by
19	members-onstg.mdbilling-dev.ca	members-onstg.mdbilling-dev.ca ajax.cloudflare.com
8	csp.secureserver.net	img1.wsimg.com
5	px.ads.linkedin.com	2 redirects snap.licdn.com
4	events.api.secureserver.net	img1.wsimg.com
4	bat.bing.com	members-onstg.mdbilling-dev.ca bat.bing.com
3	www.googletagmanager.com	members-onstg.mdbilling-dev.ca www.googletagmanager.com
3	www.google-analytics.com	members-onstg.mdbilling-dev.ca www.google-analytics.com
2	www.facebook.com
2	script.hotjar.com	static.hotjar.com script.hotjar.com
2	www.google.ca
2	connect.facebook.net	members-onstg.mdbilling-dev.ca connect.facebook.net
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	img1.wsimg.com	1 redirects members-onstg.mdbilling-dev.ca
2	ajax.cloudflare.com	members-onstg.mdbilling-dev.ca
2	maxcdn.bootstrapcdn.com	members-onstg.mdbilling-dev.ca maxcdn.bootstrapcdn.com
2	geotargetly-1a441.appspot.com	members-onstg.mdbilling-dev.ca ajax.cloudflare.com
1	metrics.hotjar.io	static.hotjar.com
1	www.linkedin.com	1 redirects
1	vc.hotjar.io	script.hotjar.com
1	www.google.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	www.googleoptimize.com	members-onstg.mdbilling-dev.ca
0	truncated Failed	members-onstg.mdbilling-dev.ca
69	26

This site contains links to these domains. Also see Links.

Domain
www.dr-bill.ca
bc.mdbilling.ca
mdbilling.ca

Subject Issuer	Validity	Valid
members-onstg-r1.mdbilling-dev.ca Amazon RSA 2048 M02	`2024-08-19` - `2025-09-18`	a year	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.appspot.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
bootstrapcdn.com WE1	`2024-07-23` - `2024-10-21`	3 months	crt.sh
ajax.cloudflare.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-08-07` - `2025-08-06`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-28` - `2024-08-26`	3 months	crt.sh
*.api.secureserver.net Starfield Secure Certificate Authority - G2	`2024-07-15` - `2025-08-16`	a year	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google.ca WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.secureserver.net Starfield Secure Certificate Authority - G2	`2023-10-10` - `2024-11-10`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-02-07` - `2025-03-08`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-07-01` - `2025-01-01`	6 months	crt.sh

This page contains 1 frames:

Primary Page: https://members-onstg.mdbilling-dev.ca/
Frame ID: 8C8373D48DE52164B449A490B5DA63BE
Requests: 66 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MDBilling.ca Login - OHIP (ON)

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

wp-embed\.min\.js\?ver=([\d.]+)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

69
Requests

97 %
HTTPS

0 %
IPv6

20
Domains

26
Subdomains

25
IPs

3
Countries

1412 kB
Transfer

2950 kB
Size

26
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.dr-bill.ca/?mdbilling=1

Search URL Search Domain Scan URL

URL: https://www.dr-bill.ca/pricing-plans
Title: Sign Up Now

Search URL Search Domain Scan URL

URL: https://bc.mdbilling.ca/Account/Account/Logon
Title: BC

Search URL Search Domain Scan URL

URL: https://www.dr-bill.ca/privacy-policy
Title: Privacy & Security

Search URL Search Domain Scan URL

URL: https://mdbilling.ca/ontario/terms-of-service/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.dr-bill.ca/contact
Title: Contact Us

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js HTTP 301
https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js

Request Chain 66

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4161177&time=1724072204286&li_adsId=beb6a4e3-5210-4397-9ca0-83bcc1fdf29b&url=https%3A%2F%2Fmembers-onstg.mdbilling-dev.ca%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4161177&time=1724072204286&li_adsId=beb6a4e3-5210-4397-9ca0-83bcc1fdf29b&url=https%3A%2F%2Fmembers-onstg.mdbilling-dev.ca%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4161177%26time%3D1724072204286%26li_adsId%3Dbeb6a4e3-5210-4397-9ca0-83bcc1fdf29b%26url%3Dhttps%253A%252F%252Fmembers-onstg.mdbilling-dev.ca%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4161177&time=1724072204286&li_adsId=beb6a4e3-5210-4397-9ca0-83bcc1fdf29b&url=https%3A%2F%2Fmembers-onstg.mdbilling-dev.ca%2F&cookiesTest=true&liSync=true

69 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
members-onstg.mdbilling-dev.ca/ 18 KB
19 KB 149ms
51ms Document
text/html 3.97.1.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://members-onstg.mdbilling-dev.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.97.1.163 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-97-1-163.ca-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

774c511a0af576246c55047e59004433673782fa4018e60587d9201eb14bf33d

Security Headers

Name

Value

Content-Security-Policy

default-src 'self' https:; font-src 'self' https: maxcdn.bootstrapcdn.com; img-src 'self' https: data: blob: *.s3.ca-central-1.amazonaws.com *.google.com *.google-analytics.com *.facebook.com bat.bing.com; object-src 'none'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' maxcdn.bootstrapcdn.com *.cloudflare.com cdn.jsdelivr.net *.appspot.com *.oss.maxcdn.com *.telerik.com html5shim.googlecode.com *.datatables.net *.zdassets.com *.statuspage.io *.stonly.com cdn.polyfill.io *.doubleclick.net *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.googleoptimize.com bat.bing.com connect.facebook.net; style-src 'self' https: 'unsafe-inline' fonts.googleapis.com; connect-src 'self' https: *.doubleclick.net *.google-analytics.com maxcdn.bootstrapcdn.com *.cloudflare.com *.telerik.com *.datatables.net *.zdassets.com *.stonly.com wss://*.zopim.com; frame-ancestors 'self';

X-Frame-Options

SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store
content-security-policy: default-src 'self' https:; font-src 'self' https: maxcdn.bootstrapcdn.com; img-src 'self' https: data: blob: *.s3.ca-central-1.amazonaws.com *.google.com *.google-analytics.com *.facebook.com bat.bing.com; object-src 'none'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' maxcdn.bootstrapcdn.com *.cloudflare.com cdn.jsdelivr.net *.appspot.com *.oss.maxcdn.com *.telerik.com html5shim.googlecode.com *.datatables.net *.zdassets.com *.statuspage.io *.stonly.com cdn.polyfill.io *.doubleclick.net *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.googleoptimize.com bat.bing.com connect.facebook.net; style-src 'self' https: 'unsafe-inline' fonts.googleapis.com; connect-src 'self' https: *.doubleclick.net *.google-analytics.com maxcdn.bootstrapcdn.com *.cloudflare.com *.telerik.com *.datatables.net *.zdassets.com *.stonly.com wss://*.zopim.com; frame-ancestors 'self';
content-type: text/html; charset=utf-8
date: Mon, 19 Aug 2024 12:56:43 GMT
pragma: no-cache
server: nginx
x-frame-options: SAMEORIGIN

GET
H2 200 style.min.css
members-onstg.mdbilling-dev.ca/vendors/login-signup-new/includes/css/dist/block-library/ 54 KB
54 KB 86ms
84ms Stylesheet
text/css 3.97.1.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members-onstg.mdbilling-dev.ca/vendors/login-signup-new/includes/css/dist/block-library/style.min.css?ver=5.4&time=1586960080
Requested by: Host: members-onstg.mdbilling-dev.ca
URL: https://members-onstg.mdbilling-dev.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.97.1.163 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-97-1-163.ca-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ea018340e64612e075142189623291a6de2162d0be5c0116230bc4bb465374a0

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 12:56:43 GMT
last-modified: Tue, 04 Jun 2024 15:32:06 GMT
server: nginx
accept-ranges: bytes
etag: "1dab6945b0f88eb"
content-length: 55275
content-type: text/css

GET
H2 200 theme.min.css
members-onstg.mdbilling-dev.ca/vendors/login-signup-new/themes/mdbilling/css/ 346 KB
346 KB 88ms
86ms Stylesheet
text/css 3.97.1.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members-onstg.mdbilling-dev.ca/vendors/login-signup-new/themes/mdbilling/css/theme.min.css?ver=0.9.4.1586350375&time=1586960080
Requested by: Host: members-onstg.mdbilling-dev.ca
URL: https://members-onstg.mdbilling-dev.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.97.1.163 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-97-1-163.ca-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 559554b6b76823df6f9f1c6573729b19a1799ed9d38874d583ea964b01508787

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 12:56:43 GMT
last-modified: Tue, 04 Jun 2024 15:32:06 GMT
server: nginx
accept-ranges: bytes
etag: "1dab6945b0a3918"
content-length: 353816
content-type: text/css

GET
H2 200 theme-changes.css
members-onstg.mdbilling-dev.ca/vendors/login-signup-new/themes/mdbilling/css/ 443 B
590 B 86ms
84ms Stylesheet
text/css 3.97.1.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members-onstg.mdbilling-dev.ca/vendors/login-signup-new/themes/mdbilling/css/theme-changes.css?ver=1.0.0&time=1666580400
Requested by: Host: members-onstg.mdbilling-dev.ca
URL: https://members-onstg.mdbilling-dev.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.97.1.163 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-97-1-163.ca-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8f8f4276b45888ffef81b14e0ad2c1476079d3cbf2fa2d4d9a84dc801ba2986d

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 12:56:43 GMT
last-modified: Tue, 04 Jun 2024 15:32:06 GMT
server: nginx
accept-ranges: bytes
etag: "1dab6945b0f5ebb"
content-length: 443
content-type: text/css

GET
H2 200 jquery-3.6.0.min.js Show response
members-onstg.mdbilling-dev.ca/lib/jquery/js/ 87 KB
88 KB 45ms
43ms Script
text/javascript 3.97.1.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members-onstg.mdbilling-dev.ca/lib/jquery/js/jquery-3.6.0.min.js
Requested by: Host: members-onstg.mdbilling-dev.ca
URL: https://members-onstg.mdbilling-dev.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.97.1.163 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-97-1-163.ca-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 12:56:43 GMT
last-modified: Tue, 04 Jun 2024 15:32:06 GMT
server: nginx
accept-ranges: bytes
etag: "1dab6945b0e029d"
content-length: 89501
content-type: text/javascript

GET
H2 200 jquery-migrate-1.4.1.min.js Show response
members-onstg.mdbilling-dev.ca/lib/jquery-migrate/js/ 10 KB
10 KB 86ms
84ms Script
text/javascript 3.97.1.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members-onstg.mdbilling-dev.ca/lib/jquery-migrate/js/jquery-migrate-1.4.1.min.js
Requested by: Host: members-onstg.mdbilling-dev.ca
URL: https://members-onstg.mdbilling-dev.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.97.1.163 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-97-1-163.ca-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 12:56:43 GMT
last-modified: Tue, 04 Jun 2024 15:32:06 GMT
server: nginx
accept-ranges: bytes
etag: "1dab6945b0f7848"
content-length: 10056
content-type: text/javascript

GET
H2 200 purify.min.js Show response
members-onstg.mdbilling-dev.ca/lib/DOMPurify/ 21 KB
21 KB 85ms
84ms Script
text/javascript 3.97.1.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members-onstg.mdbilling-dev.ca/lib/DOMPurify/purify.min.js
Requested by: Host: members-onstg.mdbilling-dev.ca
URL: https://members-onstg.mdbilling-dev.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.97.1.163 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-97-1-163.ca-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ab4cfb31862e0144459d6c8472d658c42b0922cd9998ddc9608a093522fb2364

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 12:56:43 GMT
last-modified: Tue, 04 Jun 2024 15:32:06 GMT
server: nginx
accept-ranges: bytes
etag: "1dab6945b0f0c5f"
content-length: 21343
content-type: text/javascript

GET
H2 200 jquery.sanitize.js Show response
members-onstg.mdbilling-dev.ca/js/ 1 KB
1 KB 86ms
85ms Script
text/javascript 3.97.1.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members-onstg.mdbilling-dev.ca/js/jquery.sanitize.js
Requested by: Host: members-onstg.mdbilling-dev.ca
URL: https://members-onstg.mdbilling-dev.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.97.1.163 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-97-1-163.ca-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: fec4c06e176b414276cea55fd6c3b8d9769ca8ab9b4ebaf0c3a4d063d0d0ae57

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 12:56:43 GMT
last-modified: Tue, 04 Jun 2024 15:32:06 GMT
server: nginx
accept-ranges: bytes
etag: "1dab6945b0f5bc4"
content-length: 1220
content-type: text/javascript

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 105ms
32ms Script
text/javascript 142.251.40.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: members-onstg.mdbilling-dev.ca
URL: https://members-onstg.mdbilling-dev.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 19 Aug 2024 12:06:04 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3039
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 19 Aug 2024 14:06:04 GMT

GET
H2 200 georedirect Show response
geotargetly-1a441.appspot.com/ 352 B
452 B 162ms
78ms Script
application/javascript 142.251.41.20
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://geotargetly-1a441.appspot.com/georedirect?id=-M4vIEbydF9ytT3x6Kkn&refurl=&winurl=https%3A%2F%2Fmembers-onstg.mdbilling-dev.ca%2F
Requested by: Host: members-onstg.mdbilling-dev.ca
URL: https://members-onstg.mdbilling-dev.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.41.20 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s40-in-f20.1e100.net
Software: / Express
Resource Hash: 4561a3211a10994eb3c91bcfba72aa2ccba91a18930e68ffbb86046549844159

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 12:56:43 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: Express
etag: W/"160-QCesB9S18fgQfx4+HbABb808yhU"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-cloud-trace-context: 6dd63ba90b81e78ea364c71587e97995/15567953490342809387;o=0
cache-control: private, no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
14 KB 159ms
49ms Script
application/javascript 13.107.21.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: members-onstg.mdbilling-dev.ca
URL: https://members-onstg.mdbilling-dev.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.21.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 19 Aug 2024 12:56:42 GMT
last-modified: Sat, 13 Jul 2024 20:42:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D8D96D368FBA4D2BB43CD24ACA6006EA Ref B: YTO01EDGE0819 Ref C: 2024-08-19T12:56:43Z
etag: "044982565d5da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 14183

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
8 KB 56ms
31ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: members-onstg.mdbilling-dev.ca
URL: https://members-onstg.mdbilling-dev.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 12:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 14916163
cdn-cachedat: 10/31/2023 18:48:06
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 9e61a4e37a75208649ae6b63a0cb4f72
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 8b5a4e268bbe5407-YYZ
cdn-requestpullsuccess: True

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 184 KB
66 KB 150ms
71ms Script
application/javascript 142.250.64.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-M76JCT8

Requested by

Host: members-onstg.mdbilling-dev.ca
URL: https://members-onstg.mdbilling-dev.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f14.1e100.net

Software

Google Tag Manager /

Resource Hash

af2e98ee4434820965ea8e2896554acbdbd72307179590c0d8d8e30a018acb0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 12:56:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 67647
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 19 Aug 2024 12:56:43 GMT

GET
H2 200 logo-TM.png
members-onstg.mdbilling-dev.ca/vendors/login-signup-new/img/ 15 KB
15 KB 63ms
62ms Image
image/png 3.97.1.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://members-onstg.mdbilling-dev.ca/vendors/login-signup-new/img/logo-TM.png?time=1666580400
Requested by: Host: members-onstg.mdbilling-dev.ca
URL: https://members-onstg.mdbilling-dev.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.97.1.163 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-97-1-163.ca-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d5405c229abca93b64b39b89f6c250dce86c31103181f19832e5c5a455325b70

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 12:56:43 GMT
last-modified: Tue, 04 Jun 2024 15:32:06 GMT
server: nginx
accept-ranges: bytes
etag: "1dab6945b0f652e"
content-length: 14894
content-type: image/png

GET
H2 200 ontario-new-logo.png
members-onstg.mdbilling-dev.ca/vendors/login-signup-new/img/ 9 KB
9 KB 120ms
120ms Image
image/png 3.97.1.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://members-onstg.mdbilling-dev.ca/vendors/login-signup-new/img/ontario-new-logo.png
Requested by: Host: members-onstg.mdbilling-dev.ca
URL: https://members-onstg.mdbilling-dev.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.97.1.163 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-97-1-163.ca-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3e3729d2d6c4cf8cfd85de1589541ff1fe2f819e00892b75baf7a313be0ed763

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 12:56:43 GMT
last-modified: Tue, 04 Jun 2024 15:32:06 GMT
server: nginx
accept-ranges: bytes
etag: "1dab6945b0f7d3b"
content-length: 8763
content-type: image/png

GET
H3 200 email-decode.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 60ms
23ms Script
application/javascript 104.17.73.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: members-onstg.mdbilling-dev.ca
URL: https://members-onstg.mdbilling-dev.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.73.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 12:56:43 GMT
strict-transport-security: max-age=15780000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 13 Aug 2024 15:09:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: gzip
etag: W/"66bb771c-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WD7buHW8Ijdo1sxke2S19SB9Dz4iXQhv1%2BnhOOtaik4zB57GXWhZl6P%2FY1s8AdSVII6h30ifQ4vyankDYGpZZNG1c6Xy8YL0EkNTj0u%2FbWJhL9Ah8NshB3Q4bQ31EGlcmDM0evA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8b5a4e2779d4ac21-YYZ
expires: Wed, 21 Aug 2024 12:56:43 GMT

GET
H2 200 page-scroll-to-id.min.js Show response
members-onstg.mdbilling-dev.ca/vendors/login-signup-new/plugins/page-scroll-to-id/js/ 19 KB
19 KB 49ms
49ms Script
text/javascript 3.97.1.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members-onstg.mdbilling-dev.ca/vendors/login-signup-new/plugins/page-scroll-to-id/js/page-scroll-to-id.min.js?ver=1.6.7&time=1586960080
Requested by: Host: members-onstg.mdbilling-dev.ca
URL: https://members-onstg.mdbilling-dev.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.97.1.163 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-97-1-163.ca-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6dcf461401ade0e78607a91819df49a8bfd4b500126f219b00c35917149236f8

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 12:56:43 GMT
last-modified: Tue, 04 Jun 2024 15:32:06 GMT
server: nginx
accept-ranges: bytes
etag: "1dab6945b0f1346"
content-length: 19526
content-type: text/javascript

GET
H2 200 theme.min.js
members-onstg.mdbilling-dev.ca/vendors/login-signup-new/themes/mdbilling/js/ 136 KB
0 36ms
36ms Script
text/javascript 3.97.1.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members-onstg.mdbilling-dev.ca/vendors/login-signup-new/themes/mdbilling/js/theme.min.js?ver=0.9.4.1585910607&time=1586960080
Requested by: Host: members-onstg.mdbilling-dev.ca
URL: https://members-onstg.mdbilling-dev.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.97.1.163 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-97-1-163.ca-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 12:56:43 GMT
last-modified: Tue, 04 Jun 2024 15:32:06 GMT
server: nginx
accept-ranges: bytes
etag: "1dab6945b0c0883"
content-length: 219011
content-type: text/javascript

GET
H2 200 wp-embed.min.js Show response
members-onstg.mdbilling-dev.ca/vendors/login-signup-new/includes/js/ 1 KB
2 KB 53ms
52ms Script
text/javascript 3.97.1.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members-onstg.mdbilling-dev.ca/vendors/login-signup-new/includes/js/wp-embed.min.js?ver=5.4&time=1586960080
Requested by: Host: members-onstg.mdbilling-dev.ca
URL: https://members-onstg.mdbilling-dev.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.97.1.163 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-97-1-163.ca-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 12:56:43 GMT
last-modified: Tue, 04 Jun 2024 15:32:06 GMT
server: nginx
accept-ranges: bytes
etag: "1dab6945b0f5a9a"
content-length: 1434
content-type: text/javascript

GET
H2

200

scc-c2.min.js Show response
img1.wsimg.com/signals/js/clients/scc-c2/
Redirect Chain

https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js
https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js

105 KB
21 KB

43ms
43ms

Script
text/javascript

23.209.72.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
Requested by: Host: members-onstg.mdbilling-dev.ca
URL: https://members-onstg.mdbilling-dev.ca/
Protocol: H2
Server: 23.209.72.200 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-209-72-200.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8f7092c94ef904c57584706cdb5f1fd9fe1efce52ce3105e99b9a7def487f09f

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: VDVeY4oO8ClQrknn.k4OgPWK0heF1LAr
content-encoding: gzip
date: Mon, 19 Aug 2024 12:56:43 GMT
x-amz-request-id: ZZ61T8357W7XZ8MC
x-amz-server-side-encryption: AES256
x-amz-meta-version: 0.4.0
content-length: 20848
x-amz-id-2: FqNIz/O0qZ12+P+KyRikntM34DhCUEK6sCIC06BlyJ3qbJsvvBpOmLWA2mwoqgV/TF9VZwXnw8s=
last-modified: Fri, 17 May 2024 22:31:26 GMT
etag: "ace51bdb3b35a6b66c74fa115d4caa3f"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 19 Aug 2024 13:26:43 GMT

Redirect headers

location: https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
access-control-allow-origin: *
date: Mon, 19 Aug 2024 12:56:43 GMT
cache-control: max-age=31536000
timing-allow-origin: *
content-length: 0
expires: Tue, 19 Aug 2025 12:56:43 GMT

GET
H3 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
4 KB 23ms
22ms Script
application/javascript 104.17.73.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: members-onstg.mdbilling-dev.ca
URL: https://members-onstg.mdbilling-dev.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.73.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 12:56:43 GMT
strict-transport-security: max-age=15780000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 13 Aug 2024 15:09:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: gzip
etag: W/"66bb771c-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GGA6XuC2sCGbAmeK%2FK5wiWulTyaVttfjvGNc8LO8VfBPdfwY%2Fjg4Zhvdy3TGdCbYojs0sfHZ%2Byvzh6SJU%2BMWatyIVBmoLZs3DEiZsiNVBxOa%2FruuLebDgMQIJ0ROHeoo19az7fI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8b5a4e27da34ac21-YYZ
expires: Wed, 21 Aug 2024 12:56:43 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 326 KB
109 KB 166ms
89ms Script
application/javascript 142.250.65.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5W5ZHKC

Requested by

Host: members-onstg.mdbilling-dev.ca
URL: https://members-onstg.mdbilling-dev.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.232 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

5ce50a68000ffb96bc09738c3a253fbd68646c239a8615fa43b6264f73cd1a40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 12:56:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111029
x-xss-protection: 0
last-modified: Mon, 19 Aug 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 19 Aug 2024 12:56:43 GMT

GET truncated
/ 0
0

GET
H2 200 raleway-v14-latin-regular.woff2
members-onstg.mdbilling-dev.ca/vendors/login-signup-new/themes/mdbilling/fonts/ 20 KB
20 KB 38ms
36ms Font
font/woff2 3.97.1.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members-onstg.mdbilling-dev.ca/vendors/login-signup-new/themes/mdbilling/fonts/raleway-v14-latin-regular.woff2
Requested by: Host: members-onstg.mdbilling-dev.ca
URL: https://members-onstg.mdbilling-dev.ca/vendors/login-signup-new/themes/mdbilling/css/theme.min.css?ver=0.9.4.1586350375&time=1586960080
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.97.1.163 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-97-1-163.ca-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b3287a4018a220fe4a205c68bbb34a847fe5038c5dfbe575dd538df025b0497a

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/vendors/login-signup-new/themes/mdbilling/css/theme.min.css?ver=0.9.4.1586350375&time=1586960080
Origin: https://members-onstg.mdbilling-dev.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 12:56:43 GMT
last-modified: Tue, 04 Jun 2024 15:32:06 GMT
server: nginx
accept-ranges: bytes
etag: "1dab6945b0f0ff4"
content-length: 20724
content-type: font/woff2

GET
H2 200 raleway-v14-latin-500.woff2
members-onstg.mdbilling-dev.ca/vendors/login-signup-new/themes/mdbilling/fonts/ 21 KB
21 KB 38ms
36ms Font
font/woff2 3.97.1.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members-onstg.mdbilling-dev.ca/vendors/login-signup-new/themes/mdbilling/fonts/raleway-v14-latin-500.woff2
Requested by: Host: members-onstg.mdbilling-dev.ca
URL: https://members-onstg.mdbilling-dev.ca/vendors/login-signup-new/themes/mdbilling/css/theme.min.css?ver=0.9.4.1586350375&time=1586960080
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.97.1.163 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-97-1-163.ca-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ccffda12d4002d59565466849044e53ff6734de84baa233f12a725662d8f8681

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/vendors/login-signup-new/themes/mdbilling/css/theme.min.css?ver=0.9.4.1586350375&time=1586960080
Origin: https://members-onstg.mdbilling-dev.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 12:56:43 GMT
last-modified: Tue, 04 Jun 2024 15:32:06 GMT
server: nginx
accept-ranges: bytes
etag: "1dab6945b0f0dac"
content-length: 21164
content-type: font/woff2

GET
H2 200 raleway-v14-latin-700.woff2
members-onstg.mdbilling-dev.ca/vendors/login-signup-new/themes/mdbilling/fonts/ 20 KB
21 KB 36ms
35ms Font
font/woff2 3.97.1.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members-onstg.mdbilling-dev.ca/vendors/login-signup-new/themes/mdbilling/fonts/raleway-v14-latin-700.woff2
Requested by: Host: members-onstg.mdbilling-dev.ca
URL: https://members-onstg.mdbilling-dev.ca/vendors/login-signup-new/themes/mdbilling/css/theme.min.css?ver=0.9.4.1586350375&time=1586960080
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.97.1.163 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-97-1-163.ca-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0a654aef5d8378e00c1a8a8e6876a8e4246b41cf46a3cabf1bf495617ca4086e

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/vendors/login-signup-new/themes/mdbilling/css/theme.min.css?ver=0.9.4.1586350375&time=1586960080
Origin: https://members-onstg.mdbilling-dev.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 12:56:43 GMT
last-modified: Tue, 04 Jun 2024 15:32:06 GMT
server: nginx
accept-ranges: bytes
etag: "1dab6945b0f0e80"
content-length: 20864
content-type: font/woff2

GET
H2 200 raleway-v14-latin-600.woff2
members-onstg.mdbilling-dev.ca/vendors/login-signup-new/themes/mdbilling/fonts/ 20 KB
21 KB 37ms
35ms Font
font/woff2 3.97.1.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members-onstg.mdbilling-dev.ca/vendors/login-signup-new/themes/mdbilling/fonts/raleway-v14-latin-600.woff2
Requested by: Host: members-onstg.mdbilling-dev.ca
URL: https://members-onstg.mdbilling-dev.ca/vendors/login-signup-new/themes/mdbilling/css/theme.min.css?ver=0.9.4.1586350375&time=1586960080
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.97.1.163 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-97-1-163.ca-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7e088dcc1b0435ae26460f199b7362c41f885a5ec9ff8efc17d7e12ed053c123

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/vendors/login-signup-new/themes/mdbilling/css/theme.min.css?ver=0.9.4.1586350375&time=1586960080
Origin: https://members-onstg.mdbilling-dev.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 12:56:43 GMT
last-modified: Tue, 04 Jun 2024 15:32:06 GMT
server: nginx
accept-ranges: bytes
etag: "1dab6945b0f0e88"
content-length: 20872
content-type: font/woff2

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 71ms
50ms Font
font/woff2 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://members-onstg.mdbilling-dev.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 12:56:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 1029
cdn-cachedat: 10/31/2023 19:21:45
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: db78411274b84ad53a282aa0b9751524
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8b5a4e281f37ab4b-YYZ
cdn-requestpullsuccess: True

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
218 B 45ms
44ms XHR
text/plain 142.251.40.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=264140869&t=pageview&_s=1&dl=https%3A%2F%2Fmembers-onstg.mdbilling-dev.ca%2F&ul=en-ca&de=UTF-8&dt=MDBilling.ca%20Login%20-%20OHIP%20(ON)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=737984506&gjid=1208098520&cid=1960971795.1724072204&tid=UA-20732478-1&_gid=1506109721.1724072204&_r=1&_slc=1&z=995250651

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Aug 2024 12:56:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://members-onstg.mdbilling-dev.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 17304711.js Show response
bat.bing.com/p/action/ 334 B
406 B 51ms
50ms Script
application/javascript 13.107.21.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/17304711.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.21.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c64cddc349202defdca8bcf51d8a905d5f8810cc76f08c1e6561800f1dd5708a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Mon, 19 Aug 2024 12:56:42 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 01B4874D96B042DAB066D1C3C4557109 Ref B: YTO01EDGE0819 Ref C: 2024-08-19T12:56:43Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=1800

GET
H2 200 theme.min.js Show response
members-onstg.mdbilling-dev.ca/vendors/login-signup-new/themes/mdbilling/js/ 214 KB
78 KB 36ms
34ms Script
text/javascript 3.97.1.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members-onstg.mdbilling-dev.ca/vendors/login-signup-new/themes/mdbilling/js/theme.min.js?ver=0.9.4.1585910607&time=1586960080
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.97.1.163 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-97-1-163.ca-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 09bfc1afac7c88b9625b07de50b2338d4220de548102c6deacbd5ce309a09976

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 12:56:43 GMT
last-modified: Tue, 04 Jun 2024 15:32:06 GMT
server: nginx
accept-ranges: bytes
etag: "1dab6945b0c0883"
content-length: 219011
content-type: text/javascript

GET
H2 200 georedirect Show response
geotargetly-1a441.appspot.com/ 352 B
259 B 74ms
73ms Script
application/javascript 142.251.41.20
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://geotargetly-1a441.appspot.com/georedirect?id=-M4vIEbydF9ytT3x6Kkn&refurl=&winurl=https%3A%2F%2Fmembers-onstg.mdbilling-dev.ca%2F
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.41.20 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s40-in-f20.1e100.net
Software: / Express
Resource Hash: 4561a3211a10994eb3c91bcfba72aa2ccba91a18930e68ffbb86046549844159

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 12:56:43 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: Express
etag: W/"160-QCesB9S18fgQfx4+HbABb808yhU"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-cloud-trace-context: ed4a5c5fbee53e593f54938500328dcc/12208457208696680753;o=0
cache-control: private, no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 32ms
32ms Image
image/gif 142.251.40.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=264140869&t=pageview&_s=2&dl=https%3A%2F%2Fmembers-onstg.mdbilling-dev.ca%2F&ul=en-ca&de=UTF-8&dt=MDBilling.ca%20Login%20-%20OHIP%20(ON)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEABAAAAACAAI~&jid=&gjid=&cid=1960971795.1724072204&tid=UA-20732478-1&_gid=1506109721.1724072204&z=1670924048

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Aug 2024 22:50:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 50764
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 266 KB
92 KB 77ms
76ms Script
application/javascript 142.250.65.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-R775QW5QKS&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5W5ZHKC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.232 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

49395a47722685c8de5dd49205f272530b777a2db9843de8df452fdd9b1ed8a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 12:56:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94262
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 19 Aug 2024 12:56:43 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
970 B 412ms
54ms Script
application/javascript 23.57.90.111
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5W5ZHKC

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.57.90.111 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-57-90-111.deploy.static.akamaitechnologies.com

Software

Resource Hash

bf00e16f095545269680804a6cc08db746641285d4fc2a7525efc0c0b2ecb35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 12:56:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 18 Aug 2024 08:57:56 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=63716
accept-ranges: bytes
content-length: 759

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 269 KB
93 KB 95ms
95ms Script
application/javascript 142.250.65.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-730558466&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5W5ZHKC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.232 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

90fa922a39ca610297a08dcbefac07cb4e48114522bda17fce66d9be3e73b9f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 12:56:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95103
x-xss-protection: 0
last-modified: Mon, 19 Aug 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 19 Aug 2024 12:56:43 GMT

GET
H2 200 hotjar-2004690.js Show response
static.hotjar.com/c/ 11 KB
5 KB 195ms
114ms Script
application/javascript 108.138.106.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2004690.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5W5ZHKC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-124.jfk50.r.cloudfront.net

Software

Resource Hash

9984954ec9812ef48da3f0cc87cca8025f1603064fd671679981420c258dec46

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 19 Aug 2024 12:56:43 GMT
via: 1.1 ed8dbde89917eaa6ca93ba7fad809c48.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
etag: W/98ac12417881b39ee87e9cb4c04ff932
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: v58uaUMU56O86Qd4cx6RkJLIKBRyOgP2OuZBSH0TV475X0MzRzKR3w==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
60 KB 107ms
34ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: members-onstg.mdbilling-dev.ca
URL: https://members-onstg.mdbilling-dev.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Resource Hash

4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 19 Aug 2024 12:56:43 GMT
document-policy: force-load-at-top
x-fb-server-load: 31
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58865
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=31, rtx=0, c=12, mss=1316, tbw=2776, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: IM/yD+5pCkLzYGaHbymjXp9PbmAfHXG/8IiByVApuFLiklet/a0EuhDIoV5zfhLWAE8golVnD/5nBUQu24bENg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 event Show response
events.api.secureserver.net/t/1/tl/ 43 B
292 B 188ms
57ms Fetch
image/gif 23.206.172.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.206.172.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-206-172-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
date: Mon, 19 Aug 2024 12:56:43 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/gif
access-control-allow-origin: https://members-onstg.mdbilling-dev.ca
cache-control: private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 43
x-xss-protection: 1; mode=block

POST
H2 204 0
bat.bing.com/actionp/ 0
360 B 51ms
50ms Ping
text/plain 13.107.21.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/actionp/0?ti=17304711&Ver=2&mid=627bcc68-4673-47c9-b163-3e649a864c5b&evt=dedup

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.21.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 19 Aug 2024 12:56:42 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DA31B65057234270B7ABF04036F4E09E Ref B: YTO01EDGE0819 Ref C: 2024-08-19T12:56:43Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 event Show response
events.api.secureserver.net/t/1/tl/ 43 B
292 B 154ms
55ms Fetch
image/gif 23.206.172.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://events.api.secureserver.net/t/1/tl/event?dh=members-onstg.mdbilling-dev.ca&dr=&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F127.0.0.0%20Safari%2F537.36&client_name=scc-c2&cv=0.4.0&vg=f20c6cf9-2b9a-4cb8-8e52-01fa991dbed6&vtg=f20c6cf9-2b9a-4cb8-8e52-01fa991dbed6&dp=%2F&trace_id=d82ca15d71e24706a74e9090ba0d7818&cts=2024-08-19T12%3A56%3A43.790Z&hit_id=009e916a-5aa5-457d-88b0-5014d3a3f4b0&ea=pageperf&ht=perf&eid=traffic.tcc.instrumentation.navigation.timing&trfd=%7B%22ap%22%3A%22wpaas%22%2C%22server%22%3A%22a2nlwpweb245.prod.iad2.secureserver.net%22%2C%22xid%22%3A%2243253129%22%2C%22wp%22%3A%225.4%22%2C%22php%22%3A%227.3.12%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%221%22%2C%22builder%22%3A%22%22%2C%22theme%22%3A%22mdbilling%22%7D&ap=wpaas&vci=1644848569&z=542916234&tce=1724072203171&tcs=1724072203104&tdc=1724072203752&tdclee=1724072203752&tdcles=1724072203751&tdi=1724072203749&tdl=1724072203228&tdle=1724072203104&tdls=1724072203104&tfs=1724072203073&tns=1724072203072&trqs=1724072203171&tre=1724072203256&trps=1724072203222&tles=1724072203752&tlee=0&nt=navigate&LCP=595&nav_type=hard

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.206.172.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-206-172-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
date: Mon, 19 Aug 2024 12:56:43 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/gif
access-control-allow-origin: https://members-onstg.mdbilling-dev.ca
cache-control: private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 43
x-xss-protection: 1; mode=block

GET
H2 200 mdlogosm.png
members-onstg.mdbilling-dev.ca/vendors/login-signup-new/img/ 324 B
472 B 37ms
36ms Other
image/png 3.97.1.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members-onstg.mdbilling-dev.ca/vendors/login-signup-new/img/mdlogosm.png?time=1586960080
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.97.1.163 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-97-1-163.ca-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d4412d8c71e73294ee2aeced585a36ee330c7307545a22d63e33e23b5b1a226c

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 12:56:43 GMT
last-modified: Tue, 04 Jun 2024 15:32:06 GMT
server: nginx
accept-ranges: bytes
etag: "1dab6945b0f5e44"
content-length: 324
content-type: image/png

GET
H2 200 event Show response
events.api.secureserver.net/t/1/tl/ 43 B
292 B 100ms
58ms Fetch
image/gif 23.206.172.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.206.172.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-206-172-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
date: Mon, 19 Aug 2024 12:56:43 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/gif
access-control-allow-origin: https://members-onstg.mdbilling-dev.ca
cache-control: private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 43
x-xss-protection: 1; mode=block

GET
H2 200 event Show response
events.api.secureserver.net/t/1/tl/ 43 B
292 B 107ms
65ms Fetch
image/gif 23.206.172.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://events.api.secureserver.net/t/1/tl/event?dh=members-onstg.mdbilling-dev.ca&dr=&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F127.0.0.0%20Safari%2F537.36&client_name=scc-c2&cv=0.4.0&vg=f20c6cf9-2b9a-4cb8-8e52-01fa991dbed6&vtg=f20c6cf9-2b9a-4cb8-8e52-01fa991dbed6&dp=%2F&trace_id=d82ca15d71e24706a74e9090ba0d7818&cts=2024-08-19T12%3A56%3A43.790Z&hit_id=009e916a-5aa5-457d-88b0-5014d3a3f4b0&ea=pageperf&ht=perf&eid=traffic.tcc.instrumentation.navigation.timing&trfd=%7B%22ap%22%3A%22wpaas%22%2C%22server%22%3A%22a2nlwpweb245.prod.iad2.secureserver.net%22%2C%22xid%22%3A%2243253129%22%2C%22wp%22%3A%225.4%22%2C%22php%22%3A%227.3.12%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%221%22%2C%22builder%22%3A%22%22%2C%22theme%22%3A%22mdbilling%22%7D&ap=wpaas&vci=1644848569&z=440675830&tce=1724072203171&tcs=1724072203104&tdc=1724072203752&tdclee=1724072203752&tdcles=1724072203751&tdi=1724072203749&tdl=1724072203228&tdle=1724072203104&tdls=1724072203104&tfs=1724072203073&tns=1724072203072&trqs=1724072203171&tre=1724072203256&trps=1724072203222&tles=1724072203752&tlee=0&nt=navigate&LCP=595&nav_type=hard

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.206.172.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-206-172-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
date: Mon, 19 Aug 2024 12:56:43 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/gif
access-control-allow-origin: https://members-onstg.mdbilling-dev.ca
cache-control: private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 43
x-xss-protection: 1; mode=block

GET
H2 204 0
bat.bing.com/action/ 0
237 B 51ms
50ms Image
text/plain 13.107.21.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=17304711&Ver=2&mid=627bcc68-4673-47c9-b163-3e649a864c5b&sid=7c4cd3205e2a11ef91065bb371f2f19f&vid=7c4cd4005e2a11efb65de9f69d2d719b&vids=1&msclkid=N&pi=918639831&lg=en-CA&sw=1600&sh=1200&sc=24&tl=MDBilling.ca%20Login%20-%20OHIP%20(ON)&p=https%3A%2F%2Fmembers-onstg.mdbilling-dev.ca%2F&r=&lt=687&evt=pageLoad&sv=1&cdb=AQAQ&rn=510972

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.21.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 19 Aug 2024 12:56:42 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8792402F3C9440EE9E0C9E2140047A33 Ref B: YTO01EDGE0819 Ref C: 2024-08-19T12:56:43Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
0 107ms
42ms Fetch
text/plain 216.239.38.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-R775QW5QKS&gtm=45je48e0v880558447z8856493285za200zb856493285&_p=1724072203481&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1960971795.1724072204&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1724072203&sct=1&seg=0&dl=https%3A%2F%2Fmembers-onstg.mdbilling-dev.ca%2F&dt=MDBilling.ca%20Login%20-%20OHIP%20(ON)&en=page_view&_fv=1&_ss=1&ep.transport=beacon&tfd=850
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R775QW5QKS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Aug 2024 12:56:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://members-onstg.mdbilling-dev.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
264 B 127ms
46ms Ping
text/plain 142.251.111.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-R775QW5QKS&cid=1960971795.1724072204&gtm=45je48e0v880558447z8856493285za200zb856493285&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R775QW5QKS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.111.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: bk-in-f154.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Aug 2024 12:56:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://members-onstg.mdbilling-dev.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 153ms
105ms Image
image/gif 142.251.41.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-R775QW5QKS&cid=1960971795.1724072204&gtm=45je48e0v880558447z8856493285za200zb856493285&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&tag_exp=0&tag_exp=0&z=1444322650

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.3 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Aug 2024 12:56:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/730558466/ 3 KB
1 KB 124ms
58ms Script
text/javascript 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/730558466/?random=1724072203955&cv=11&fst=1724072203955&bg=ffffff&guid=ON&async=1&gtm=45be48e0v898332547z8856493285za201zb856493285&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmembers-onstg.mdbilling-dev.ca%2F&hn=www.googleadservices.com&frm=0&tiba=MDBilling.ca%20Login%20-%20OHIP%20(ON)&npa=0&pscdl=noapi&auid=1874807305.1724072204&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-730558466&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

a37bb80fb5dabef6dc57ade1a08a3c2b12e742834a0b021f3e2fb1d984c1ddc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Aug 2024 12:56:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1032450180180786 Show response
connect.facebook.net/signals/config/ 58 KB
13 KB 88ms
88ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1032450180180786?v=2.9.164&r=stable&domain=members-onstg.mdbilling-dev.ca&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Resource Hash

8acf2d88e9bfeae709326a89e47a3275bedfec7b8b158c7c48a896277f467b25

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 19 Aug 2024 12:56:44 GMT
document-policy: force-load-at-top
x-fb-server-load: 57
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=31, rtx=0, c=63, mss=1316, tbw=64423, tp=-1, tpl=-1, uplat=55, ullat=0
pragma: public
x-fb-debug: fmiDJzHPnwutCX8QcKh14r7irdHO2MGLQoJo228pXhhtjTZSRh2dVyN7kWD6/7kPiDV/pZbKzcP5SEY3WwlKEg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.8da33a8f469c3b5ffcec.js Show response
script.hotjar.com/ 223 KB
56 KB 117ms
37ms Script
application/javascript 18.164.96.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2004690.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.96.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-96-46.jfk50.r.cloudfront.net

Software

Resource Hash

76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 14:23:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 6ea9421ec132e3640100792ef9535494.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 1722818
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56385
last-modified: Tue, 30 Jul 2024 14:22:40 GMT
etag: "0728625a147ca79276a1790b9cf3175d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: d2EuwjjwQw1shb2bn4mEuCQ0M847TEMINWlDTW9DSOo9H8Pt3uFT_w==

OPTIONS
H/1.1 200
OK eventbus
csp.secureserver.net/ 0
0 162ms
64ms Preflight
application/json 173.222.142.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.secureserver.net/eventbus

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.222.142.162 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a173-222-142-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://members-onstg.mdbilling-dev.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type,authorization
Access-Control-Allow-Methods: OPTIONS,POST
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Content-Type: application/json
Date: Mon, 19 Aug 2024 12:56:44 GMT
Expires: Mon, 19 Aug 2024 12:56:44 GMT
Pragma: no-cache
Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload
x-amz-apigw-id: cwcZ8EPCIAMEkRA=
x-amzn-requestid: 1bc14dac-68a5-4389-9b98-94d478286fbc
x-amzn-trace-id: Root=1-66c3410c-13b53b54251cb9682ea75f4a
x-envoy-upstream-service-time: 5

POST
H/1.1 202
Accepted eventbus
csp.secureserver.net/ 0
0 170ms
142ms Fetch
application/json 173.222.142.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.secureserver.net/eventbus

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.222.142.162 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a173-222-142-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
Authorization: api-key b18ef4f046435b64a469b32c3c1c20a3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Mon, 19 Aug 2024 12:56:44 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload
x-amzn-trace-id: Root=1-66c3410c-501bb0b33b8f22f0392db3b4
x-amzn-requestid: 2d075b15-012e-4c33-a1e0-7f1059e36f51
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
x-envoy-upstream-service-time: 94
Connection: keep-alive
x-amz-apigw-id: cwcZ9HFpoAMEbOQ=
Content-Length: 0
Expires: Mon, 19 Aug 2024 12:56:44 GMT

OPTIONS
H/1.1 200
OK eventbus
csp.secureserver.net/ 0
0 180ms
82ms Preflight
application/json 173.222.142.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.secureserver.net/eventbus

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.222.142.162 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a173-222-142-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://members-onstg.mdbilling-dev.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type,authorization
Access-Control-Allow-Methods: OPTIONS,POST
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Content-Type: application/json
Date: Mon, 19 Aug 2024 12:56:44 GMT
Expires: Mon, 19 Aug 2024 12:56:44 GMT
Pragma: no-cache
Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload
x-amz-apigw-id: cwcZ8F4loAMEuJQ=
x-amzn-requestid: 5601d15f-650f-47c0-95c5-0c327e6e2704
x-amzn-trace-id: Root=1-66c3410c-33fad98f4af65b1001948337
x-envoy-upstream-service-time: 8

POST
H/1.1 202
Accepted eventbus
csp.secureserver.net/ 0
0 167ms
156ms Fetch
application/json 173.222.142.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.secureserver.net/eventbus

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.222.142.162 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a173-222-142-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
Authorization: api-key 8da2217409854bee82e12dc4ca0b39fb
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Mon, 19 Aug 2024 12:56:44 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload
x-amzn-trace-id: Root=1-66c3410c-73fde5bd5da26df21f7d9e2d
x-amzn-requestid: aad91996-3013-46a4-bd07-674f3b7cf77b
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
x-envoy-upstream-service-time: 90
Connection: keep-alive
x-amz-apigw-id: cwcZ9GW3IAMEvpQ=
Content-Length: 0
Expires: Mon, 19 Aug 2024 12:56:44 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 114ms
32ms Image
text/plain 31.13.71.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1032450180180786&ev=PageView&dl=https%3A%2F%2Fmembers-onstg.mdbilling-dev.ca&rl=&if=false&ts=1724072204086&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4124&fbp=fb.1.1724072204084.911263183243767445&pm=1&hrl=1f08b3&ler=empty&cdl=API_unavailable&it=1724072203978&coo=false&cs_cc=1&cas=3897010400405807&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-lga3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=33, rtx=0, c=10, mss=1316, tbw=2805, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 19 Aug 2024 12:56:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 175ms
93ms Image
image/png 31.13.71.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1032450180180786&ev=PageView&dl=https%3A%2F%2Fmembers-onstg.mdbilling-dev.ca&rl=&if=false&ts=1724072204086&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4124&fbp=fb.1.1724072204084.911263183243767445&pm=1&hrl=1f08b3&ler=empty&cdl=API_unavailable&it=1724072203978&coo=false&cs_cc=1&cas=3897010400405807&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-lga3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Mon, 19 Aug 2024 12:56:44 GMT
document-policy: force-load-at-top
x-fb-server-load: 32
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7404833732209229201", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=31, rtx=0, c=12, mss=1316, tbw=3123, tp=-1, tpl=-1, uplat=59, ullat=0
pragma: no-cache
x-fb-debug: gD2fnazt9Un4ZvSbHxmXEzL3zTGVWFHepiuHSPYO412+svyfgXhADHLmSgNdXD64BDz372AQopI+9st1W5XCXQ==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7404833732209229201"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/730558466/ 42 B
64 B 154ms
55ms Image
image/gif 142.250.65.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/730558466/?random=1724072203955&cv=11&fst=1724068800000&bg=ffffff&guid=ON&async=1&gtm=45be48e0v898332547z8856493285za201zb856493285&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmembers-onstg.mdbilling-dev.ca%2F&hn=www.googleadservices.com&frm=0&tiba=MDBilling.ca%20Login%20-%20OHIP%20(ON)&npa=0&pscdl=noapi&auid=1874807305.1724072204&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfDjP2WCLe02ebDFezbi__QvbR5p35aw&random=4031206906&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.164 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Aug 2024 12:56:44 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/730558466/ 42 B
64 B 73ms
72ms Image
image/gif 142.251.41.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/730558466/?random=1724072203955&cv=11&fst=1724068800000&bg=ffffff&guid=ON&async=1&gtm=45be48e0v898332547z8856493285za201zb856493285&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmembers-onstg.mdbilling-dev.ca%2F&hn=www.googleadservices.com&frm=0&tiba=MDBilling.ca%20Login%20-%20OHIP%20(ON)&npa=0&pscdl=noapi&auid=1874807305.1724072204&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfDjP2WCLe02ebDFezbi__QvbR5p35aw&random=4031206906&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.3 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Aug 2024 12:56:44 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK eventbus
csp.secureserver.net/ 0
0 128ms
82ms Preflight
application/json 173.222.142.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.secureserver.net/eventbus

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.222.142.162 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a173-222-142-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://members-onstg.mdbilling-dev.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type,authorization
Access-Control-Allow-Methods: OPTIONS,POST
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Content-Type: application/json
Date: Mon, 19 Aug 2024 12:56:44 GMT
Expires: Mon, 19 Aug 2024 12:56:44 GMT
Pragma: no-cache
Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload
x-amz-apigw-id: cwcZ9G0ioAMEe1Q=
x-amzn-requestid: 225eb382-7cbe-4bfc-a7c5-062424a95cd0
x-amzn-trace-id: Root=1-66c3410c-09d89d640c75c4a2131f0a50
x-envoy-upstream-service-time: 5

POST
H/1.1 202
Accepted eventbus
csp.secureserver.net/ 0
0 151ms
149ms Fetch
application/json 173.222.142.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.secureserver.net/eventbus

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.222.142.162 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a173-222-142-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
Authorization: api-key b18ef4f046435b64a469b32c3c1c20a3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Mon, 19 Aug 2024 12:56:44 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload
x-amzn-trace-id: Root=1-66c3410c-5b1899570b7b16ec725384e8
x-amzn-requestid: 2fd924c0-e151-414d-9641-4cc58c5e17b7
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
x-envoy-upstream-service-time: 94
Connection: keep-alive
x-amz-apigw-id: cwcZ9HTioAMECGg=
Content-Length: 0
Expires: Mon, 19 Aug 2024 12:56:44 GMT

POST
H/1.1 202
Accepted eventbus
csp.secureserver.net/ 0
0 192ms
191ms Fetch
application/json 173.222.142.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.secureserver.net/eventbus

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.222.142.162 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a173-222-142-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
Authorization: api-key 8da2217409854bee82e12dc4ca0b39fb
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Mon, 19 Aug 2024 12:56:44 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload
x-amzn-trace-id: Root=1-66c3410c-5d43bcbf1fac4e3567f7dde6
x-amzn-requestid: d46e80d5-ee51-4879-889c-875fbfd7d80a
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
x-envoy-upstream-service-time: 104
Connection: keep-alive
x-amz-apigw-id: cwcZ-GYxIAMENZA=
Content-Length: 0
Expires: Mon, 19 Aug 2024 12:56:44 GMT

OPTIONS
H/1.1 200
OK eventbus
csp.secureserver.net/ 0
0 159ms
96ms Preflight
application/json 173.222.142.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.secureserver.net/eventbus

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.222.142.162 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a173-222-142-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://members-onstg.mdbilling-dev.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type,authorization
Access-Control-Allow-Methods: OPTIONS,POST
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Content-Type: application/json
Date: Mon, 19 Aug 2024 12:56:44 GMT
Expires: Mon, 19 Aug 2024 12:56:44 GMT
Pragma: no-cache
Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload
x-amz-apigw-id: cwcZ9HVroAMEsEQ=
x-amzn-requestid: a4d47405-e2ec-467a-b7bf-7de7cba26249
x-amzn-trace-id: Root=1-66c3410c-1bdd47e019b8d8dd65965f78
x-envoy-upstream-service-time: 6

GET
H2 204 2004690 Show response
vc.hotjar.io/sessions/ 0
232 B 212ms
96ms XHR
text/plain 3.168.122.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2004690?s=0.25&r=0.08045952271407741
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.168.122.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-168-122-75.jfk52.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 19 Aug 2024 12:56:44 GMT
cache-control: no-store
via: 1.1 a68875d0f24bed2038b9d7b3529854bc.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P7
x-amz-cf-id: lT4lOSngdTycR3vTO96YFxfmKnlwt925zbn1GXfgkezg5kmA887qGA==
x-cache: Miss from cloudfront

GET
H2 200 browser-perf.8417c6bba72228fa2e29.js Show response
script.hotjar.com/ 5 KB
2 KB 33ms
33ms Script
application/javascript 18.164.96.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/browser-perf.8417c6bba72228fa2e29.js

Requested by

Host: script.hotjar.com
URL: https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.96.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-96-46.jfk50.r.cloudfront.net

Software

Resource Hash

70712c8650feecc46403b5801b9d5b72d5b2d6ba1d1cf0317e105603982321bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:32:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 6ea9421ec132e3640100792ef9535494.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 17965477
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1782
last-modified: Wed, 24 Jan 2024 14:31:37 GMT
etag: "b83b61bc5871e9a23a0434e2c539f4f3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: HC5sGU5Bd9ORDYIhL25WXA8aKf1kFco3_GzETukFKGW18S8vF8FXFw==

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 41ms
40ms Script
application/javascript 23.57.90.111
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.57.90.111 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-57-90-111.deploy.static.akamaitechnologies.com

Software

Resource Hash

d83ade905535c30206b5f3acf943a26f4eeaee4b398a63eaef990c3aeaacf3b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 12:56:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 18 Aug 2024 08:57:54 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=63686
accept-ranges: bytes
content-length: 14605

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
977 B 186ms
110ms XHR
application/json 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=4161177&time=1724072204286&url=https%3A%2F%2Fmembers-onstg.mdbilling-dev.ca%2F
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: *
Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 12:56:44 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-cache: CONFIG_NOCACHE
x-li-uuid: AAYgCNdPiy4ooqicMUq9BQ==
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: B4623901EAD348EBBC1FFA03AB9EA345 Ref B: YTO01EDGE0818 Ref C: 2024-08-19T12:56:44Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-lor1
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-fs-uuid: 00062008d74f8b2e28a2a89c314abd05

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4161177&time=1724072204286&li_adsId=beb6a4e3-5210-4397-9ca0-83bcc1fdf29b&url=https%3A%2F%2Fmembers-onstg.mdbilling-dev.ca%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4161177&time=1724072204286&li_adsId=beb6a4e3-5210-4397-9ca0-83bcc1fdf29b&url=https%3A%2F%2Fmembers-onstg.mdbilling-dev.ca%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4161177%26time%3D1724072204286%26li_adsId%3Dbeb6a4e3-5210-4397-9ca0-83bcc1fdf29b%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4161177&time=1724072204286&li_adsId=beb6a4e3-5210-4397-9ca0-83bcc1fdf29b&url=https%3A%2F%2Fmembers-onstg.mdbilling-dev.ca%2F&cookiesTest=true&liSy...

0
165 B

81ms
80ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4161177&time=1724072204286&li_adsId=beb6a4e3-5210-4397-9ca0-83bcc1fdf29b&url=https%3A%2F%2Fmembers-onstg.mdbilling-dev.ca%2F&cookiesTest=true&liSync=true
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 12:56:44 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 4C8D94F1CDE84B0EBC90A243FCCEBDF6 Ref B: YTO01EDGE0821 Ref C: 2024-08-19T12:56:44Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYgCNdTrDHZCMDhVu7BZA==

Redirect headers

strict-transport-security: max-age=31536000
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
date: Mon, 19 Aug 2024 12:56:44 GMT
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAYgCNdSUn6IyABUBGTlVg==
pragma: no-cache
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 9EEA51ACE2B7424F9C0BFF9EAD63D109 Ref B: YTO01EDGE0821 Ref C: 2024-08-19T12:56:44Z
x-frame-options: sameorigin
x-li-fabric: prod-ltx1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4161177&time=1724072204286&li_adsId=beb6a4e3-5210-4397-9ca0-83bcc1fdf29b&url=https%3A%2F%2Fmembers-onstg.mdbilling-dev.ca%2F&cookiesTest=true&liSync=true
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
206 B 83ms
82ms XHR
text/plain 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 19 Aug 2024 12:56:44 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: F3B5A95B612E43CE86A8B492E7963413 Ref B: YTO01EDGE0821 Ref C: 2024-08-19T12:56:44Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
access-control-allow-origin: https://members-onstg.mdbilling-dev.ca
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYgCNdVAODbH2j4QsGs5w==

POST
H2 204 /
metrics.hotjar.io/ 0
80 B 564ms
110ms Ping
text/plain 34.254.23.84

General

Check archive.org

Show headers Download Go to

Full URL: https://metrics.hotjar.io/?v=6&site_id=2004690
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2004690.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.254.23.84 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://members-onstg.mdbilling-dev.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 19 Aug 2024 12:56:47 GMT
access-control-max-age: 86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: truncated
URL: data:truncated

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
members-onstg.mdbilling-dev.ca/	1969-12-31 23:59:59	Name: .AspNetCore.Antiforgery.S2lPvjo_ABM Value: CfDJ8JZdkUKlrbBFtqsnSmXfmK2LZB91a-JmjhATAcWELeo8FLBjok_K23HW4pyeUXqlC0aeI2LXuYTDmsmLzv5QVah5zcWnCdDITXeH67ouKSArzZuOx7Vym-bDwetoPnoQE3Z6nPBELNyyQdgVM7oTjOM
.mdbilling-dev.ca/	1970-01-20 22:55:58	Name: _gid Value: GA1.2.1506109721.1724072204
.mdbilling-dev.ca/	1970-01-20 22:54:32	Name: _gat Value: 1
.mdbilling-dev.ca/	1970-01-21 07:40:08	Name: _tccl_visitor Value: f20c6cf9-2b9a-4cb8-8e52-01fa991dbed6
.mdbilling-dev.ca/	1970-01-20 22:54:34	Name: _tccl_visit Value: f20c6cf9-2b9a-4cb8-8e52-01fa991dbed6
.mdbilling-dev.ca/	1970-01-20 22:54:33	Name: _scc_session Value: pc=1&C_TOUCH=2024-08-19T12:56:43.738Z
.mdbilling-dev.ca/	1970-01-21 01:04:08	Name: _gcl_au Value: 1.1.1874807305.1724072204
.mdbilling-dev.ca/	1970-01-21 03:13:44	Name: __utmzz Value: utmcsr=(direct)\|utmcmd=(none)\|utmccn=(not set)
.mdbilling-dev.ca/	1969-12-31 23:59:59	Name: __utmzzses Value: 1
.bing.com/	1970-01-21 08:16:08	Name: MUID Value: 27CC00835C406158191614635D6A605B
.bat.bing.com/	1970-01-20 23:04:37	Name: MR Value: 0
.mdbilling-dev.ca/	1970-01-20 22:55:58	Name: _uetsid Value: 7c4cd3205e2a11ef91065bb371f2f19f
.mdbilling-dev.ca/	1970-01-21 08:16:08	Name: _uetvid Value: 7c4cd4005e2a11efb65de9f69d2d719b
.mdbilling-dev.ca/	1970-01-21 08:30:32	Name: _ga Value: GA1.1.1960971795.1724072204
.mdbilling-dev.ca/	1970-01-21 08:30:32	Name: _ga_R775QW5QKS Value: GS1.1.1724072203.1.0.1724072203.60.0.0
.bing.com/	1970-01-21 08:16:08	Name: MSPTC Value: d6qbJIs4v9lmEQJ6v6MBXqQY02XjoBfJ1mHP_WeP2a0
.mdbilling-dev.ca/	1970-01-21 01:04:08	Name: _fbp Value: fb.1.1724072204084.911263183243767445
.doubleclick.net/	1970-01-20 22:54:33	Name: test_cookie Value: CheckForPermission
.mdbilling-dev.ca/	1970-01-21 07:40:08	Name: _hjSessionUser_2004690 Value: eyJpZCI6IjU2MzdhMjZlLWMyMzYtNTM3My05NjEyLWFkMjRkOTllMzQ2NyIsImNyZWF0ZWQiOjE3MjQwNzIyMDQyMjUsImV4aXN0aW5nIjp0cnVlfQ==
.mdbilling-dev.ca/	1970-01-20 22:54:34	Name: _hjSession_2004690 Value: eyJpZCI6ImQxYmMzODUxLTMxOTQtNDQ4NS1iMmM5LTExOTE5ZmYyMGY2MSIsImMiOjE3MjQwNzIyMDQyMjYsInMiOjEsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
.linkedin.com/	1970-01-21 01:04:08	Name: li_sugr Value: cbbdc4cd-c251-45d2-95b6-0242de946f6a
.linkedin.com/	1970-01-21 07:40:08	Name: bcookie Value: "v=2&215e24be-3526-4d61-815a-00b7984ab50e"
.linkedin.com/	1970-01-20 22:55:58	Name: lidc Value: "b=TGST06:s=T:r=T:a=T:p=T:g=2978:u=1:x=1:i=1724072204:t=1724158604:v=2:sig=AQHxb1XcOxBg8Si90plynajMfAGoIy1z"
.linkedin.com/	1970-01-20 23:37:44	Name: UserMatchHistory Value: AQI17YAirAROowAAAZFqthjdvOJ-mg9mp8N4Ol5_SwTIlOXqcE8UTl1Fh5Le0UU7KIoL1LvVwqr3cg
.linkedin.com/	1970-01-20 23:37:44	Name: AnalyticsSyncHistory Value: AQJ3pf2o38hIugAAAZFqthjdqCQ1C85I41ACL46_5EDPyLDdgUuatEc4jIZQlar9HqHM5ywwZoWdS61Q-wrZxw
.www.linkedin.com/	1970-01-21 07:40:08	Name: bscookie Value: "v=1&2024081912564489f73803-7fda-4580-8a04-0a81fab83cf0AQFWKzvC2MJDub7x4HALB6Ki5D8rtIjh"

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://members-onstg.mdbilling-dev.ca/ Message: Refused to load the font 'data:application/font-woff;charset=utf-8;base64, d09GRgABAAAAAAZgABAAAAAADAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABGRlRNAAAGRAAAABoAAAAci6qHkUdERUYAAAWgAAAAIwAAACQAYABXR1BPUwAABhQAAAAuAAAANuAY7+xHU1VCAAAFxAAAAFAAAABm2fPczU9TLzIAAAHcAAAASgAAAGBP9V5RY21hcAAAAkQAAACIAAABYt6F0cBjdnQgAAACzAAAAAQAAAAEABEBRGdhc3AAAAWYAAAACAAAAAj//wADZ2x5ZgAAAywAAADMAAAD2MHtryVoZWFkAAABbAAAADAAAAA2E2+eoWhoZWEAAAGcAAAAHwAAACQC9gDzaG10eAAAAigAAAAZAAAArgJkABFsb2NhAAAC0AAAAFoAAABaFQAUGG1heHAAAAG8AAAAHwAAACAAcABAbmFtZQAAA/gAAAE5AAACXvFdBwlwb3...OnYercZg2YVmLN/d/gczfEimrE/fs/bOuq29Zmn8tloORaXgZgGa78yO9/cnXm2BpaGvq25Dv9S4E9+5SIc9PqupJKhYFSSl47+Qcr1mYNAAAAeNptw0cKwkAAAMDZJA8Q7OUJvkLsPfZ6zFVERPy8qHh2YER+3i/BP83vIBLLySsoKimrqKqpa2hp6+jq6RsYGhmbmJqZSy0sraxtbO3sHRydnEMU4uR6yx7JJXveP7WrDycAAAAAAAH//wACeNpjYGRgYOABYhkgZgJCZgZNBkYGLQZtIJsFLMYAAAw3ALgAeNolizEKgDAQBCchRbC2sFER0YD6qVQiBCv/H9ezGI6Z5XBAw8CBK/m5iQQVauVbXLnOrMZv2oLdKFa8Pjuru2hJzGabmOSLzNMzvutpB3N42mNgZGBg4GKQYzBhYMxJLMlj4GBgAYow/P/PAJJhLM6sSoWKfWCAAwDAjgbRAAB42mNgYGBkAIIbCZo5IPrmUn0hGA0AO8EFTQAA' because it violates the following Content Security Policy directive: "font-src 'self' https: maxcdn.bootstrapcdn.com".
network	error	URL: https://members-onstg.mdbilling-dev.ca/vendors/login-signup-new/themes/mdbilling/js/theme.min.js?ver=0.9.4.1585910607&time=1586960080 Message: Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.cloudflare.com
analytics.google.com
bat.bing.com
connect.facebook.net
csp.secureserver.net
events.api.secureserver.net
geotargetly-1a441.appspot.com
googleads.g.doubleclick.net
img1.wsimg.com
maxcdn.bootstrapcdn.com
members-onstg.mdbilling-dev.ca
metrics.hotjar.io
px.ads.linkedin.com
script.hotjar.com
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
truncated
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleoptimize.com
www.googletagmanager.com
www.linkedin.com
truncated
104.17.73.14
104.18.11.207
108.138.106.124
13.107.21.237
13.107.42.14
142.250.64.110
142.250.65.164
142.250.65.232
142.251.111.154
142.251.40.142
142.251.40.162
142.251.41.20
142.251.41.3
173.222.142.162
18.164.96.46
216.239.38.181
23.206.172.78
23.209.72.200
23.57.90.111
3.168.122.75
3.97.1.163
31.13.71.36
31.13.71.7
34.254.23.84
09bfc1afac7c88b9625b07de50b2338d4220de548102c6deacbd5ce309a09976
0a654aef5d8378e00c1a8a8e6876a8e4246b41cf46a3cabf1bf495617ca4086e
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3e3729d2d6c4cf8cfd85de1589541ff1fe2f819e00892b75baf7a313be0ed763
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4561a3211a10994eb3c91bcfba72aa2ccba91a18930e68ffbb86046549844159
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
49395a47722685c8de5dd49205f272530b777a2db9843de8df452fdd9b1ed8a8
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
559554b6b76823df6f9f1c6573729b19a1799ed9d38874d583ea964b01508787
5ce50a68000ffb96bc09738c3a253fbd68646c239a8615fa43b6264f73cd1a40
6dcf461401ade0e78607a91819df49a8bfd4b500126f219b00c35917149236f8
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
70712c8650feecc46403b5801b9d5b72d5b2d6ba1d1cf0317e105603982321bf
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
774c511a0af576246c55047e59004433673782fa4018e60587d9201eb14bf33d
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7e088dcc1b0435ae26460f199b7362c41f885a5ec9ff8efc17d7e12ed053c123
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8acf2d88e9bfeae709326a89e47a3275bedfec7b8b158c7c48a896277f467b25
8f7092c94ef904c57584706cdb5f1fd9fe1efce52ce3105e99b9a7def487f09f
8f8f4276b45888ffef81b14e0ad2c1476079d3cbf2fa2d4d9a84dc801ba2986d
90fa922a39ca610297a08dcbefac07cb4e48114522bda17fce66d9be3e73b9f9
9984954ec9812ef48da3f0cc87cca8025f1603064fd671679981420c258dec46
a37bb80fb5dabef6dc57ade1a08a3c2b12e742834a0b021f3e2fb1d984c1ddc5
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab4cfb31862e0144459d6c8472d658c42b0922cd9998ddc9608a093522fb2364
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
af2e98ee4434820965ea8e2896554acbdbd72307179590c0d8d8e30a018acb0b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3287a4018a220fe4a205c68bbb34a847fe5038c5dfbe575dd538df025b0497a
bf00e16f095545269680804a6cc08db746641285d4fc2a7525efc0c0b2ecb35c
c64cddc349202defdca8bcf51d8a905d5f8810cc76f08c1e6561800f1dd5708a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ccffda12d4002d59565466849044e53ff6734de84baa233f12a725662d8f8681
d4412d8c71e73294ee2aeced585a36ee330c7307545a22d63e33e23b5b1a226c
d5405c229abca93b64b39b89f6c250dce86c31103181f19832e5c5a455325b70
d83ade905535c30206b5f3acf943a26f4eeaee4b398a63eaef990c3aeaacf3b2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea018340e64612e075142189623291a6de2162d0be5c0116230bc4bb465374a0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fec4c06e176b414276cea55fd6c3b8d9769ca8ab9b4ebaf0c3a4d063d0d0ae57
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

members-onstg.mdbilling-dev.ca Open in urlscan Pro 3.97.1.163 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

69 Requests

97 %HTTPS

0 %IPv6

20 Domains

26 Subdomains

25 IPs

3 Countries

1412 kBTransfer

2950 kBSize

26 Cookies

6 Outgoing links

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

members-onstg.mdbilling-dev.ca Open in urlscan Pro
3.97.1.163 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

97 %
HTTPS

0 %
IPv6

20
Domains

26
Subdomains

25
IPs

3
Countries

1412 kB
Transfer

2950 kB
Size

26
Cookies

69 HTTP transactions
1 data transactions