canadaims.site Open in urlscan Pro
2606:4700:3035::ac43:a5f4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://trailer.web-view.net/Links/0X91F34741D8EE9984FB229A49ABB4870ED96DD7A4A8C4EBB92BCF9F135F46D8DC03C12EAED7E7C60A604BD2D1...
Effective URL:
https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_me...
Submission: On May 15 via manual (May 15th 2023, 8:19:14 pm UTC) from IN — Scanned from DE

Summary HTTP 47 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 11 domains to perform 47 HTTP transactions. The main IP is 2606:4700:3035::ac43:a5f4, located in United States and belongs to CLOUDFLARENET, US. The main domain is canadaims.site.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 17th 2022. Valid for: a year.

This is the only time canadaims.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	45.60.47.135 45.60.47.135	19551 (INCAPSULA) (INCAPSULA)
2 4	2606:4700:303... 2606:4700:3035::ac43:a5f4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2606:4700:303... 2606:4700:3033::6815:456f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	107.154.114.122 107.154.114.122	19551 (INCAPSULA) (INCAPSULA)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	23.32.185.60 23.32.185.60	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
17	45.223.128.234 45.223.128.234	19551 (INCAPSULA) (INCAPSULA)
2	64.202.112.95 64.202.112.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
47	12

1 45.60.47.135 (United States) 1 redirects

ASN19551 (INCAPSULA, US)

trailer.web-view.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3035::ac43:a5f4 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

canadaims.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:3033::6815:456f (United States)

ASN13335 (CLOUDFLARENET, US)

canadaims.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.154.114.122 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.114.122.ip.incapdns.net

atsc.activetrail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.185.60 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-60.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 45.223.128.234 (United States)

ASN19551 (INCAPSULA, US)

direct.tranzila.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.95 (Chicago, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	tranzila.com direct.tranzila.com — Cisco Umbrella Rank: 923361	177 KB
16	canadaims.org canadaims.org	265 KB
4	canadaims.site 2 redirects canadaims.site	9 KB
3	gstatic.com fonts.gstatic.com	52 KB
3	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 3121 tr.outbrain.com — Cisco Umbrella Rank: 2937	8 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 161	115 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	21 KB
1	activetrail.com atsc.activetrail.com — Cisco Umbrella Rank: 117119	25 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2649	22 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 50	1 KB
1	web-view.net 1 redirects trailer.web-view.net — Cisco Umbrella Rank: 215059	1 KB
47	11

	Domain	Requested by
17	direct.tranzila.com	canadaims.org direct.tranzila.com
16	canadaims.org	canadaims.site canadaims.org
4	canadaims.site	2 redirects canadaims.site
3	fonts.gstatic.com	fonts.googleapis.com
2	tr.outbrain.com	amplify.outbrain.com canadaims.site
2	connect.facebook.net	canadaims.site connect.facebook.net
1	www.google-analytics.com	direct.tranzila.com
1	amplify.outbrain.com	canadaims.site
1	atsc.activetrail.com	canadaims.site
1	stackpath.bootstrapcdn.com	canadaims.site
1	fonts.googleapis.com	canadaims.site
1	trailer.web-view.net	1 redirects
47	12

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-07-17` - `2023-07-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.canadaims.org E1	`2023-04-11` - `2023-07-10`	3 months	crt.sh
imperva.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-05-10` - `2023-11-06`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-22` - `2023-05-23`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
Frame ID: 6BDFE4B54DF28DF9660ABBD3A58CAE3C
Requests: 30 HTTP requests in this frame

Frame: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
Frame ID: FABD943B807A0E47268A1F8C2D8A54EF
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Canadian Visa Assessment - Payment

Page URL History Show full URLs

https://trailer.web-view.net/Links/0X91F34741D8EE9984FB229A49ABB4870ED96DD7A4A8C4EBB92BCF9F135F46D8DC03C1... HTTP 302
http://canadaims.site/login?autologin&key=$2y$10$rV6dAtIaqAMU9BG2Z6ngeOaqD1HO7J65zRVL2oQIzcSN/EV13... HTTP 301
https://canadaims.site/login?autologin&key=$2y$10$rV6dAtIaqAMU9BG2Z6ngeOaqD1HO7J65zRVL2oQIzcSN/EV13... HTTP 302
https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Ionicons (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+ionicons(?:\.min)?\.css

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

47
Requests

100 %
HTTPS

58 %
IPv6

11
Domains

12
Subdomains

12
IPs

2
Countries

692 kB
Transfer

2004 kB
Size

18
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://trailer.web-view.net/Links/0X91F34741D8EE9984FB229A49ABB4870ED96DD7A4A8C4EBB92BCF9F135F46D8DC03C12EAED7E7C60A604BD2D104FB0F70C70F70B068DEA737D5F32C5D725077BBF598CD369566B7DD.htm HTTP 302
http://canadaims.site/login?autologin&key=$2y$10$rV6dAtIaqAMU9BG2Z6ngeOaqD1HO7J65zRVL2oQIzcSN/EV13YYmG&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A HTTP 301
https://canadaims.site/login?autologin&key=$2y$10$rV6dAtIaqAMU9BG2Z6ngeOaqD1HO7J65zRVL2oQIzcSN/EV13YYmG&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A HTTP 302
https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request online Show response
canadaims.site/payment/
Redirect Chain

https://trailer.web-view.net/Links/0X91F34741D8EE9984FB229A49ABB4870ED96DD7A4A8C4EBB92BCF9F135F46D8DC03C12EAED7E7C60A604BD2D104FB0F70C70F70B068DEA737D5F32C5D725077BBF598CD369566B7DD.htm
http://canadaims.site/login?autologin&key=$2y$10$rV6dAtIaqAMU9BG2Z6ngeOaqD1HO7J65zRVL2oQIzcSN/EV13YYmG&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
https://canadaims.site/login?autologin&key=$2y$10$rV6dAtIaqAMU9BG2Z6ngeOaqD1HO7J65zRVL2oQIzcSN/EV13YYmG&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A

18 KB
6 KB

1303ms
1302ms

Document
text/html

2606:4700:3035::ac43:a5f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:a5f4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4bd9f1c4fd0e455bd93dc6b4453c2c30b79d6c5796f04851385baeeec3526d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7c7e12f77ceebbe9-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 15 May 2023 20:19:09 GMT
expires: -1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8a5FtJ8WZr22zkdrp6wCTRjVXgpG6VKcOxKwhCfz5n6CiAfGpEeWhrsvezGY2dJ8PQotUZ6cf7pHm5z2pMLt5ykn%2BquFnRotYgy%2FR4oCgjX8NUUB9X1ZGh6gOI4sCkwbOQ5YzteJqHyB209uog%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7c7e12e03a5dbbe9-FRA
content-type: text/html; charset=UTF-8
date: Mon, 15 May 2023 20:19:08 GMT
expires: -1
location: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ukb%2FlrZjjjHy0AtbkDVsSg5IbzvneDsVMA69GlRSMrGO0IgAVQSbcFcNsdTgOyOxddxkcut63MtssCVMQz%2Foxb98QI0C0kRqNM6cTShw8yqEMGF0y%2F5NFjvPqJ5W6B%2B44L4c4Z1WlX2GoAWUNg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 97ms
37ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C300italic%2C400italic%7CQuestrial%7CLora%3A400%2C700%2C400italic&ver=4.4.2&mod=1&num=1516616507

Requested by

Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ef777bd0809ca54263eacc7b8b456a7c5fc90589d6843b1a56b9a9f03c1b5bd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 May 2023 20:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 May 2023 20:19:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 May 2023 20:19:09 GMT

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/ 138 KB
22 KB 88ms
36ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://canadaims.site/
Origin: https://canadaims.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:19:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 723
age: 27671
cdn-cachedat: 05/03/2023 13:34:43
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"04aca1f4cd3ec3c05a75a879f3be75a3"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: d2b281ed88bcdae1be2fdc5a8e0684cf
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7c7e1300affb383d-FRA
cdn-requestpullsuccess: True

GET
H2 200 izi_modal.min.css
canadaims.org/assets/payment_pages/register-39-new/css/ 84 KB
16 KB 338ms
34ms Stylesheet
text/css 2606:4700:3033::6815:456f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://canadaims.org/assets/payment_pages/register-39-new/css/izi_modal.min.css?rev=1daabd51d277cdc2b2712434d88f3c06
Requested by: Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e952979610647fcb810a38cb3d660b5df164a531f4cf24555ceaa9f4edc4f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:19:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18115
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 05 Aug 2021 07:30:16 GMT
server: cloudflare
etag: W/"610b9388-14f6e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w9a%2BgnLLTNyQFSgGdE54ip9uvmBEUHJBiLiUA3qqkX6JkuFNkHiJd1rfskafzdeHKIId%2Fs%2BQTDDOYwOo47zQMsXyVX5A0g5UYF%2BfmR9GtqGDs0YIMjhyYiZdFWww2UWTChwbKKD%2F%2BaPFA0h1"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7c7e130239963a79-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ionicons.min.css
canadaims.org/assets/payment_pages/register-39-new/css/ 42 KB
7 KB 335ms
32ms Stylesheet
text/css 2606:4700:3033::6815:456f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://canadaims.org/assets/payment_pages/register-39-new/css/ionicons.min.css?rev=1daabd51d277cdc2b2712434d88f3c06
Requested by: Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 268ecf688828cfdce59659a476ab0913b4e92556395ec549f12cf8194a6f8669

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:19:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18115
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 05 Aug 2021 07:30:16 GMT
server: cloudflare
etag: W/"610b9388-a7f6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2Fxud4VOyaP%2Bb1aai7vpOiKWR5VXa0tVF7FdxDYGrl04z1ixb49Mi7uUelebPy%2B5uDQAa0ogcPw8RLaq531Jug4cxUwMNFDusJA9KjuxMsihgMJTZxdgxkOyXbnc9v1%2FVT%2FxSOlWjrfBPdPJ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7c7e1302399c3a79-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
canadaims.org/assets/payment_pages/register-39-new/css/ 15 KB
5 KB 334ms
31ms Stylesheet
text/css 2606:4700:3033::6815:456f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://canadaims.org/assets/payment_pages/register-39-new/css/style.css?rev=1daabd51d277cdc2b2712434d88f3c06
Requested by: Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0adb446c46bfb04eb747f952342d757469cf29733a3e5a124a28e0d94c2e03d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:19:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18115
cf-polished: origSize=47226
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 11 May 2023 07:52:14 GMT
server: cloudflare
etag: W/"645c9eae-b87a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=luyHRO0WMOzzcOuPVqsobNeLfORgIRaFw%2F0RHpjwst9H%2FlMamnojdR0GuUMgmB0xBn7BKIz0jqoHI3OghpyeHAzWH0MbbXG1G27S8iE4bG8G60go%2FCUrSjJivkADmaBncE86E1YUUf0ogGoi"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7c7e1302399f3a79-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo-white.png
canadaims.org/assets/img/ 17 KB
17 KB 46ms
42ms Image
image/png 2606:4700:3033::6815:456f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canadaims.org/assets/img/logo-white.png?rev=1daabd51d277cdc2b2712434d88f3c06
Requested by: Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c49f381b5efb66e5c5cd15453336a9963f527a68d5f71ee091a910999e093ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:19:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18114
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17179
last-modified: Wed, 04 Aug 2021 07:22:14 GMT
server: cloudflare
etag: "610a4026-431b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nXNThgXCtW5XZ7VBE35KC4KF26izt2NvG3ZXZ60tGJjzXbTaBBwNGGx5XycVLV8YhfrZo%2BCwJWumch5xXXOEUc6bD12lITL49DQCPk9WarI8SqAjb4Imnt%2FTLUZ7JTblSYqvb%2FKaxpKyrfXe"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7c7e13029a503a79-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 flag-canada.svg
canadaims.org/assets/img/ 1 KB
1 KB 36ms
32ms Image
image/svg+xml 2606:4700:3033::6815:456f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canadaims.org/assets/img/flag-canada.svg?rev=1daabd51d277cdc2b2712434d88f3c06
Requested by: Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aee034d31571969a8134d9e6afd5cfca4ee3a95a3111326f9170be403a66b3f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:19:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29288
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 13 Jun 2021 06:26:07 GMT
server: cloudflare
etag: W/"60c5a4ff-58f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dvfWizAJFgY2kr%2Ff00EWvUm7MxFbYxoCZ5JD81KpqM%2BgTFd63aNlQAMyM%2F%2Ba4%2Fx0yB%2Be8%2B7gu36SCb5mD%2FOAgi9zzbU%2FYxMx8AOAFlBK%2BpMCimIu%2FhhBfSQUDRCcAhQxdrOnOONSorIR9mrV"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7c7e13029a523a79-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 secure-payment.jpg
canadaims.org/assets/payment_pages/register-39-new/img/ 45 KB
45 KB 39ms
35ms Image
image/jpeg 2606:4700:3033::6815:456f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canadaims.org/assets/payment_pages/register-39-new/img/secure-payment.jpg?rev=1daabd51d277cdc2b2712434d88f3c06
Requested by: Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 464a3e62ca0ac77ca4070d5a5cd1bdc7346ee6c9459e037a8e0f612609bac8cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:19:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18114
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45832
last-modified: Thu, 23 Dec 2021 09:20:51 GMT
server: cloudflare
etag: "61c43f73-b308"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9I6PBoqsaN0YjZDQEtoqdMO1is0c7h4isWsHXwhLTnSfgwVeuJBGJqeET61KKCPL9SRY5NXXx6RhxONnkV0CirnGRU3q1agUFLlIoyryaOjN5DbGukZhFZfWvZelcAExKQtVpFT4Sb7Mf0m9"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7c7e13029a533a79-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 visa.svg
canadaims.org/assets/payment_pages/register-39-new/img/ 1 KB
1 KB 45ms
41ms Image
image/svg+xml 2606:4700:3033::6815:456f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canadaims.org/assets/payment_pages/register-39-new/img/visa.svg?rev=1daabd51d277cdc2b2712434d88f3c06
Requested by: Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c63a22d1299d8cf6a4a6e9cabf3ca03bac10f335b24fcd28899e8dd892d80af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:19:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18114
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 05 Aug 2021 07:30:16 GMT
server: cloudflare
etag: W/"610b9388-439"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zcfSKeJQYZqy%2BrcwfblVZgh0ftAtnWKBTpgleqcwg4oHz%2BDd6QvQpoiJML%2FteA38pLLUZB5x4q3NGVVY9sT4CPco%2FcZRXiLODTjdYmRZNmqwxfI7Fn8XCDDJodhmyhmu44rLiudVS97OYZHU"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7c7e13029a553a79-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mastercard.svg
canadaims.org/assets/payment_pages/register-39-new/img/ 941 B
730 B 46ms
43ms Image
image/svg+xml 2606:4700:3033::6815:456f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canadaims.org/assets/payment_pages/register-39-new/img/mastercard.svg?rev=1daabd51d277cdc2b2712434d88f3c06
Requested by: Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28ff9e3d6d2b1b4f2339912792253e58abdac2af4a1757a646b496b6d8b7aa92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:19:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18114
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 05 Aug 2021 07:30:16 GMT
server: cloudflare
etag: W/"610b9388-3ad"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ufiAsw3obyKbkYKqux3A9Hx%2FiMGCSlhOXAaUcIemIOgWdOvOQgVxYnjtEvqpNRI844%2BGYk0xtIQEdoA3AH4wPKI6LsEup9Nol5s5CV94tBIP9%2Bo5coycswJAGbc7cHNuLYkcUI2KxhF6yrT5"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7c7e13029a563a79-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 amex.svg
canadaims.org/assets/payment_pages/register-39-new/img/ 4 KB
2 KB 37ms
34ms Image
image/svg+xml 2606:4700:3033::6815:456f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canadaims.org/assets/payment_pages/register-39-new/img/amex.svg?rev=1daabd51d277cdc2b2712434d88f3c06
Requested by: Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e361fc4bbcf94c8347f03dad30ca336a35e5af07d9ea5c120b1316ed0be793e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:19:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18114
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 05 Aug 2021 07:30:16 GMT
server: cloudflare
etag: W/"610b9388-e2c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=byqkDekp%2F78%2F8C4dLUjkxU6w08IJACXnh1g%2FKBkSYpJ27ZrkSCucU8Roku66k5Tn5cFGMLvebLwIgB4%2BWa7w1AQK5DUfB4y%2Bx1gvQ9YdLO6ri57WkMR6Oq6Q%2BEMHPJg2q7p5SOQb9i0iy0CC"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7c7e13029a573a79-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ajax-loader.gif
canadaims.org/assets/payment_pages/register-39/img/ 404 B
711 B 45ms
43ms Image
image/gif 2606:4700:3033::6815:456f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canadaims.org/assets/payment_pages/register-39/img/ajax-loader.gif?rev=1daabd51d277cdc2b2712434d88f3c06
Requested by: Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5eb15c4e0aaf1b869522e71e5cf270931f273ad48a9e5067c9d46c4891e1850

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:19:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18114
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 404
last-modified: Sun, 13 Jun 2021 06:26:07 GMT
server: cloudflare
etag: "60c5a4ff-194"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=28IDrYxcEJ%2BJ1kNJKP4EskjoAxRnNtT1lOqFJiG1fVxwhsWwZfznrsP11FFIkDDBi%2FKYVgEodSj7RNPlVdZuFlnJAPSZ%2FNq5CpNNcxeHK7D0P8jL1n6%2FnjpmenV0kAoQHoK%2B4lDP3oeUmmbt"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7c7e13029a593a79-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 visa_mastercard_icon.jpg
canadaims.org/assets/payment_pages/register-39-new/img/ 21 KB
22 KB 45ms
43ms Image
image/jpeg 2606:4700:3033::6815:456f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canadaims.org/assets/payment_pages/register-39-new/img/visa_mastercard_icon.jpg?rev=1daabd51d277cdc2b2712434d88f3c06
Requested by: Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df5f2e0d7b97c6d81194c82bb415b3d9c9b89cab747dfb8192d034bd538acc10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:19:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18114
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21865
last-modified: Thu, 05 Aug 2021 07:30:16 GMT
server: cloudflare
etag: "610b9388-5569"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FdZy2ECgIgLlMe5XMQb%2FEOljJNZBf4%2BBllTDuz%2FT6otKKGGwfViodqUgcFVeLfQ%2FARofUczOKesjDW3e1nabQaVD5YlImXehcyDDrFxB82eiaBDoiP6e7a1PoecPrO%2FdkhVA6FC%2FrthYhbPJ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7c7e13029a5b3a79-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 email-decode.min.js Show response
canadaims.site/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 28ms
28ms Script
application/javascript 2606:4700:3035::ac43:a5f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://canadaims.site/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a5f4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 May 2023 12:05:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"645e2b95-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pGbFve719uOmB%2BmXEx4CWjjPHlG2cCse4tZPSS9sh8ZJup00jZA%2B6H3j9ELOgG1q0fhWVDGIB%2B9ssThRHulhn3MlmKozPHbImscqu0lx7Lrf7ixFjP8y2o6l8auLoNA%2F%2F95yTt%2FljN7ZVxRscw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7c7e13026bde2c41-FRA
expires: Wed, 17 May 2023 20:19:09 GMT

GET
H2 200 app.js Show response
canadaims.org/assets/payment_pages/register-39-new/js/ 118 KB
40 KB 33ms
33ms Script
application/javascript 2606:4700:3033::6815:456f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://canadaims.org/assets/payment_pages/register-39-new/js/app.js?rev=1daabd51d277cdc2b2712434d88f3c06
Requested by: Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19f7915b03f0e23ea7c65a34999f887348c820013397aa6cc627562db02305d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:19:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18114
cf-polished: origSize=121206
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 05 Aug 2021 07:30:16 GMT
server: cloudflare
etag: W/"610b9388-1d976"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kZdlXuiqSebUAhsEYxk6MqkuDACGKEFmFTfryIr5WKdLVldcIwpDohZOF9qR1Xl0IC%2BBzeT1V3k1l6QDEX040srUG2ja31mucqAlzBU%2BqzX2prISarx5pXyBxdPT%2BmRqJygSisqPci0B4wWn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7c7e13027a043a79-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 payment.js Show response
canadaims.org/assets/promo/ 282 KB
100 KB 48ms
44ms Script
application/javascript 2606:4700:3033::6815:456f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://canadaims.org/assets/promo/payment.js?id=801f1a719a7f2ad99a56
Requested by: Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c54f26d6d13c08760021f5fed17abef51c2dc66886fcb51f2efe52a450c2c399

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:19:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1134258
cf-polished: origSize=288332
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 06 Sep 2022 09:10:58 GMT
server: cloudflare
etag: W/"63170ea2-4664c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gBjtOcDOJOGEuTPHjRGL%2BYA2wn2Xsk29nQQIJ1jqZzG4DA6YY9mZx0kd3Gqa1el%2Bp26rDz4Hy3HBG06flJi9%2F1S1GdndLD492lbPAWpR%2Bfmeq9jA8BD0rDNXLDdabXI9E3CSIRLxOh1Lgzqh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7c7e13029a4e3a79-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK Atsc.js Show response
atsc.activetrail.com/Scripts/ 100 KB
25 KB 108ms
27ms Script
application/javascript 107.154.114.122
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://atsc.activetrail.com/Scripts/Atsc.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.154.114.122 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.114.122.ip.incapdns.net

Software

Resource Hash

eaeb4358a9dc8f778d59a6fd3ff160a1572f8eddb9b36ff45b253f4c19b5aace

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 20:19:09 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
Last-Modified: Wed, 07 Dec 2022 18:00:14 GMT
X-CDN: Imperva
Etag: "a3c99cc165ad91:0"
Content-Type: application/javascript
X-Iinfo: 14-98046713-0 0CNN RT(1684181949584 32) q(0 -1 -1 1) r(0 -1)
Cache-Control: max-age=8133, public
Content-Length: 25021
Expires: Mon, 15 May 2023 22:34:42 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 93ms
21ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 15 May 2023 20:19:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27538
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: QuCnAQuAa7uQLCIG1vggz4eZst47kEuSAuAnlq78nMSfqa41HbzX97eOUpLZvJazjML0xErNFNlsiOS+iGGuhQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), gyroscope=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 22 KB
7 KB 105ms
24ms Script
application/x-javascript 23.32.185.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-60.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4ad5f5e1be2bfad0b36f324d134a09956a3bb0c2c6b824b20a237a1f8c96cfd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 20:19:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 May 2023 06:28:15 GMT
Server: AkamaiNetStorage
ETag: "5eb6cb81dec36b8e936c154fb603efbb:1683181933.901167"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: EU
Cache-Control: max-age=1200
X-CC: DE
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6835
Expires: Mon, 15 May 2023 20:39:09 GMT

GET
H2 200 ic_check-blue.png
canadaims.org/assets/payment_pages/register-39-new/img/ 356 B
662 B 43ms
43ms Image
image/png 2606:4700:3033::6815:456f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canadaims.org/assets/payment_pages/register-39-new/img/ic_check-blue.png
Requested by: Host: canadaims.org
URL: https://canadaims.org/assets/payment_pages/register-39-new/css/style.css?rev=1daabd51d277cdc2b2712434d88f3c06
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5495d496be9c71d1c741d8aca0f6751cc1085b2fef0d5fc83facfcbb49d402cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.org/assets/payment_pages/register-39-new/css/style.css?rev=1daabd51d277cdc2b2712434d88f3c06
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:19:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 320674
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 356
last-modified: Thu, 05 Aug 2021 07:30:16 GMT
server: cloudflare
etag: "610b9388-164"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=soFQi710UDEwgJ3QcxJ3I38KHlms%2FB5PuFGh9qdfbkRbx7JKUqOhpSEW6qS6SJQ%2BRyur%2Bbqe52LxNfHqt9KMNO%2B73tjTfkN1vARkZFzO7iEPZJ2BUvWrulH8z88hbNqKHGtvl4bL6C8P2FuX"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7c7e1302aa5d3a79-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sale-get-67.png
canadaims.org/assets/payment_pages/register-39-new/img/ 7 KB
7 KB 58ms
57ms Image
image/png 2606:4700:3033::6815:456f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canadaims.org/assets/payment_pages/register-39-new/img/sale-get-67.png
Requested by: Host: canadaims.org
URL: https://canadaims.org/assets/payment_pages/register-39-new/css/style.css?rev=1daabd51d277cdc2b2712434d88f3c06
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99574ca4c4e1a9479820b30d2f193cca2a3c65e6ec6433f23403a53e07c3b249

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.org/assets/payment_pages/register-39-new/css/style.css?rev=1daabd51d277cdc2b2712434d88f3c06
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:19:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1764704
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7177
last-modified: Thu, 05 Aug 2021 07:30:16 GMT
server: cloudflare
etag: "610b9388-1c09"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nGGlL5Po0GEfzxDjAzHscVmyExfLYel1lR6p8cxcK9go4o01efgvfRKeVW%2Bn8gMwLPdMQHLj19tPYSGD%2FTKPelDhOG4vtGwInWWxAZvwcXXP5wFlTwuWScr2TyqacBBZW04pxFpnpUTSZq9p"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7c7e1302ca863a79-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ic_check.png
canadaims.org/assets/payment_pages/register-39-new/img/ 301 B
613 B 58ms
58ms Image
image/png 2606:4700:3033::6815:456f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canadaims.org/assets/payment_pages/register-39-new/img/ic_check.png
Requested by: Host: canadaims.org
URL: https://canadaims.org/assets/payment_pages/register-39-new/css/style.css?rev=1daabd51d277cdc2b2712434d88f3c06
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91c255abf46f0cbba8d277092947f14ff53d81e8f7a0c8894987260967c30f89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.org/assets/payment_pages/register-39-new/css/style.css?rev=1daabd51d277cdc2b2712434d88f3c06
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:19:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1764704
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 301
last-modified: Thu, 05 Aug 2021 07:30:16 GMT
server: cloudflare
etag: "610b9388-12d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mm65SVFzoS%2F13ou%2BnRSPCXPJS445EcigaeD8%2Bl48vOa9SJIPzfIxLaIkpnzumU8U5vdP%2FMGdH2Nr62Q%2B%2FZ%2B%2F0UaSoehRMx2DdypSM0EWE%2F9ucBOhE%2Bli3nTmySg80uAaKdaVIn4KYApM5eUu"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7c7e1302ca883a79-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 84ms
23ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C300italic%2C400italic%7CQuestrial%7CLora%3A400%2C700%2C400italic&ver=4.4.2&mod=1&num=1516616507

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://canadaims.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 13:31:10 GMT
x-content-type-options: nosniff
age: 197279
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 13:31:10 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 103ms
42ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://canadaims.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:41:45 GMT
x-content-type-options: nosniff
age: 189444
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 15:41:45 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58fae867d4233278b416681e54d0b2c8635d938cc7d86f99c790bc64f02aaa3e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 S6uyw4BMUTPHjxAwXjeu.woff2
fonts.gstatic.com/s/lato/v24/ 5 KB
5 KB 80ms
53ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjxAwXjeu.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c2fc265baaeba4f3f5b8c7285b93343aead25590f08be73d3056718b376c5d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://canadaims.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:22:55 GMT
x-content-type-options: nosniff
age: 269774
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5472
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 May 2024 17:22:55 GMT

GET
H2 200 iframenew.php Show response
direct.tranzila.com/indigoims/ Frame FABD 10 KB
3 KB 233ms
134ms Document
text/html 45.223.128.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2

Requested by

Host: canadaims.org
URL: https://canadaims.org/assets/promo/payment.js?id=801f1a719a7f2ad99a56

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.128.234 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

6a880051af7bbc87b910949fe45c65e65968fbb117a6dec3b8fd53f9e2642fb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	0

Request headers

Referer: https://canadaims.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 15 May 2023 20:19:10 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
p3p: CP="HONK IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma: no-cache
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
x-iinfo: 13-106681099-106444535 pNYN RT(1684181949665 50) q(0 0 0 2) r(1 1) U24
x-xss-protection: 0

GET
H2 200 736982827679314 Show response
connect.facebook.net/signals/config/ 300 KB
87 KB 25ms
24ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/736982827679314?v=2.9.104&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a5b504f73bda2bfe1c75e5008e4dd2eb300f61fba18e54c2787a2b5991ece7b5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 15 May 2023 20:19:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87985
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: a6HYtAKfmRUn92VVkCszuN3XCtEOpbngbNpMPlnz8n88YEoMKzo92x5UQr7gSGOx410EWfkwdXvkd4ruvYO0Cg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), idle-detection=(), magnetometer=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
194 B 439ms
108ms Script
application/javascript 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=004d85522db67f9ac2c7ad5cf4dfc36731
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 Chicago, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 20:19:10 GMT
X-TraceId: a86a4e7fce2986430d310c33e915a879
Content-Length: 35
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
225 B 436ms
105ms Image
image/gif 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?optOut=false&bust=09454303473110715&referrer=&marketerId=004d85522db67f9ac2c7ad5cf4dfc36731&name=PAGE_VIEW&dl=https%3A%2F%2Fcanadaims.site%2Fpayment%2Fonline%3Ft%3Dyo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB%26lang%3Den%26utm_source%3DAT%26utm_medium%3Dactivetrail%26utm_campaign%3D15.5A%26utm_mail%3D15.5A&g=0&obApiVersion=1.1&obtpVersion=2.0.5
Requested by: Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 Chicago, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 20:19:10 GMT
Cache-Control: no-cache
X-TraceId: 6b70f5b090ef73f5cdc07c3646fb754a
Content-Length: 53
Content-Type: image/gif;

GET
H2 200 jquery-3.6.0.min.js Show response
direct.tranzila.com/Tranzila_files/ Frame FABD 87 KB
31 KB 95ms
92ms Script
application/javascript 45.223.128.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://direct.tranzila.com/Tranzila_files/jquery-3.6.0.min.js

Requested by

Host: direct.tranzila.com
URL: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.128.234 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

6c5553217c782b518e313cb40a8de37438437a417df3f61e0cf020eadfd64f15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:19:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Tue, 27 Jul 2021 04:17:22 GMT
server: Apache
x-cdn: Imperva
etag: "15d9e-5c81325765880"
content-type: application/javascript
x-iinfo: 13-106681099-106444535 pNYN RT(1684181949665 175) q(0 0 0 -1) r(1 1) U24
accept-ranges: bytes

GET
H2 200 paypage.js Show response
direct.tranzila.com/Tranzila_files/ Frame FABD 28 KB
6 KB 266ms
263ms Script
application/javascript 45.223.128.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://direct.tranzila.com/Tranzila_files/paypage.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.128.234 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

1e6190e853d76f902e8508db1dc5160719dcb367aa39652f8e508a7e1793966c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:19:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Sun, 01 Nov 2020 09:32:54 GMT
server: Apache
x-cdn: Imperva
etag: "6ee4-5b308507a525b"
content-type: application/javascript
x-iinfo: 13-106681099-106681144 nNYN RT(1684181949665 195) q(0 0 1 -1) r(2 2) U24
accept-ranges: bytes

GET
H2 200 bootstrap.js Show response
direct.tranzila.com/Tranzila_files/ Frame FABD 36 KB
10 KB 251ms
249ms Script
application/javascript 45.223.128.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://direct.tranzila.com/Tranzila_files/bootstrap.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.128.234 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:19:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 31 May 2018 05:37:10 GMT
server: Apache
x-cdn: Imperva
etag: "90bb-56d79dbd63d6f"
content-type: application/javascript
x-iinfo: 13-106681099-106681146 nNYN RT(1684181949665 198) q(0 0 1 -1) r(2 2) U24
accept-ranges: bytes

GET
H2 200 swiperead.js Show response
direct.tranzila.com/Tranzila_files/ Frame FABD 3 KB
957 B 98ms
98ms Script
application/javascript 45.223.128.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://direct.tranzila.com/Tranzila_files/swiperead.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.128.234 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

0d9015f3ce1fa9101ab5f71c72ef162f49c2f7c4c8ee4031ce4861fbdb8d22ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:19:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 28 Nov 2019 07:01:25 GMT
server: Apache
x-cdn: Imperva
etag: "a58-59862ae852c2b"
content-type: application/javascript
x-iinfo: 13-106681099-106681144 pNYN RT(1684181949665 526) q(0 0 0 -1) r(1 1) U24
accept-ranges: bytes

GET
H2 200 bootstrap-select.js Show response
direct.tranzila.com/Tranzila_files/ Frame FABD 33 KB
10 KB 179ms
177ms Script
application/javascript 45.223.128.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://direct.tranzila.com/Tranzila_files/bootstrap-select.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.128.234 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

a0d767503b35050c0e0c0dfece0083131e7b74ea8d37cc734aa9d01fd7be2225

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:19:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 31 May 2018 05:37:10 GMT
server: Apache
x-cdn: Imperva
etag: "826b-56d79dbd63d6f"
content-type: application/javascript
x-iinfo: 13-106681099-106444535 pNYN RT(1684181949665 201) q(0 1 1 -1) r(1 1) U24
accept-ranges: bytes

GET
H2 200 npay.js Show response
direct.tranzila.com/js/ Frame FABD 27 KB
6 KB 187ms
185ms Script
application/javascript 45.223.128.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://direct.tranzila.com/js/npay.js?V=NP4836

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.128.234 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

f19c9aabdf9c1baee0d664981765f525f5140e990a409193db96806b5c3e8782

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:19:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Sun, 29 Jan 2023 12:18:15 GMT
server: Apache
x-cdn: Imperva
etag: "6beb-5f36617d26505"
content-type: application/javascript
x-iinfo: 13-106681099-106405372 pNYN RT(1684181949665 208) q(0 1 1 -1) r(2 2) U24
accept-ranges: bytes

GET
H2 200 bootstrap-select.css
direct.tranzila.com/Tranzila_files/ Frame FABD 6 KB
2 KB 123ms
121ms Stylesheet
text/css 45.223.128.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://direct.tranzila.com/Tranzila_files/bootstrap-select.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.128.234 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

feeb377a08b6715a7498491547c727a8bb2e0d8e819ab0eebd33d4b84af51c94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:19:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 31 May 2018 05:37:10 GMT
server: Apache
x-cdn: Imperva
etag: "19ff-56d79dbd63d6f"
content-type: text/css
x-iinfo: 13-106681099-106405372 pNYN RT(1684181949665 179) q(0 0 0 -1) r(1 1) U24
accept-ranges: bytes

GET
H2 200 tranzila_ltr.css
direct.tranzila.com/Tranzila_files/ Frame FABD 16 KB
4 KB 140ms
138ms Stylesheet
text/css 45.223.128.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://direct.tranzila.com/Tranzila_files/tranzila_ltr.css?v=np5787

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.128.234 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

9fc53ceee48294497a4b31772e7f5c7f3b6674fcdcb829acba747dbcb4cbeb47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:19:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 11 Jan 2023 07:05:18 GMT
server: Apache
x-cdn: Imperva
etag: "40a0-5f1f79f81256f"
content-type: text/css
x-iinfo: 13-106681099-105770213 pNYN RT(1684181949665 186) q(0 0 0 -1) r(1 1) U24
accept-ranges: bytes

GET
H2 200 bootstrap.css
direct.tranzila.com/Tranzila_files/ Frame FABD 118 KB
20 KB 259ms
258ms Stylesheet
text/css 45.223.128.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://direct.tranzila.com/Tranzila_files/bootstrap.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.128.234 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

0670d6116476b903b1198d6521ae6684eb2b04b954b9cb06085170333a7f9477

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:19:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 31 May 2018 05:37:10 GMT
server: Apache
x-cdn: Imperva
etag: "1d973-56d79dbd63d6f"
content-type: text/css
x-iinfo: 13-106681099-106681142 nNYN RT(1684181949665 191) q(0 0 1 -1) r(2 2) U24
accept-ranges: bytes

GET
H2 200 global_card.png
direct.tranzila.com/Tranzila_files/ Frame FABD 972 B
1 KB 102ms
101ms Image
image/png 45.223.128.234
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://direct.tranzila.com/Tranzila_files/global_card.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.128.234 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

fab9750756035f2cd8da31a27c1baee63e797250e4d3152e086fee3df5f685dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:19:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 31 May 2018 05:37:10 GMT
server: Apache
x-cdn: Imperva
etag: "3cc-56d79dbd64157"
content-type: image/png
x-iinfo: 13-106681099-106681142 pNNN RT(1684181949665 625) q(0 0 0 -1) r(1 1) U24
accept-ranges: bytes
content-length: 972

GET
H2 200 visa_mastercard_cvv.png
direct.tranzila.com/Tranzila_files/ Frame FABD 24 KB
24 KB 105ms
104ms Image
image/png 45.223.128.234
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://direct.tranzila.com/Tranzila_files/visa_mastercard_cvv.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.128.234 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

d8dddf02754ec659f8409e1554e6b01aaf4b69a66d0eefe40aee860b8b1f0c38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:19:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Tue, 10 Dec 2019 08:08:25 GMT
server: Apache
x-cdn: Imperva
etag: "5f8a-59955042ed040"
content-type: image/png
x-iinfo: 13-106681099-106681144 pNNN RT(1684181949665 628) q(0 0 0 -1) r(1 1) U24
accept-ranges: bytes
content-length: 24458

GET
H2 200 amex_cvv.png
direct.tranzila.com/Tranzila_files/ Frame FABD 21 KB
22 KB 106ms
105ms Image
image/png 45.223.128.234
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://direct.tranzila.com/Tranzila_files/amex_cvv.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.128.234 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

a98c3bef1bd7c3042a1728fa62ccbb89c7d15726eac18870a34bdf02563690c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:19:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Tue, 10 Dec 2019 08:08:36 GMT
server: Apache
x-cdn: Imperva
etag: "55ad-5995504d6a900"
content-type: image/png
x-iinfo: 13-106681099-106681146 pNNN RT(1684181949665 630) q(0 0 0 -1) r(1 1) U24
accept-ranges: bytes
content-length: 21933

GET
H2 200 _Incapsula_Resource Show response
direct.tranzila.com/ Frame FABD 141 KB
20 KB 38ms
37ms Script
application/javascript 45.223.128.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://direct.tranzila.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=830788808

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.128.234 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

51028b3e8406129add79d2d4cff9d1829f80828853443a59953a1522b4337e2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 20334
content-type: application/javascript

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame FABD 51 KB
21 KB 76ms
21ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://direct.tranzila.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 15 May 2023 18:35:39 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 6211
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Mon, 15 May 2023 20:35:39 GMT

GET
H2 200 opensanshebrew-regular-webfont.woff
direct.tranzila.com/Tranzila_files/fonts/ Frame FABD 13 KB
14 KB 115ms
114ms Font
application/font-woff 45.223.128.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://direct.tranzila.com/Tranzila_files/fonts/opensanshebrew-regular-webfont.woff

Requested by

Host: direct.tranzila.com
URL: https://direct.tranzila.com/Tranzila_files/tranzila_ltr.css?v=np5787

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.128.234 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

636f52528d61a565f93b83ec8fa646435c1b64f67ba5f4db64314f1692214fa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://direct.tranzila.com/Tranzila_files/tranzila_ltr.css?v=np5787
Origin: https://direct.tranzila.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:19:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Tue, 03 Jul 2018 09:14:53 GMT
server: Apache
x-cdn: Imperva
etag: "35f0-57014bf38e6d1"
content-type: application/font-woff
x-iinfo: 13-106681099-106405372 pNYN RT(1684181949665 646) q(0 0 0 -1) r(0 0) U24
accept-ranges: bytes

GET
H2 200 question.png
direct.tranzila.com/Tranzila_files/ Frame FABD 3 KB
4 KB 110ms
110ms Image
image/png 45.223.128.234
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://direct.tranzila.com/Tranzila_files/question.png

Requested by

Host: direct.tranzila.com
URL: https://direct.tranzila.com/Tranzila_files/tranzila_ltr.css?v=np5787

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.128.234 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

d7b80047a07fff19686807114f70128253c0f5bc4414230554d491fe44c77626

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://direct.tranzila.com/Tranzila_files/tranzila_ltr.css?v=np5787
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:19:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 31 May 2018 05:37:10 GMT
server: Apache
x-cdn: Imperva
etag: "d88-56d79dbd64d0f"
content-type: image/png
x-iinfo: 13-106681099-106444535 pNNN RT(1684181949665 650) q(0 0 0 -1) r(0 0) U24
accept-ranges: bytes
content-length: 3464

GET
H2 200 _Incapsula_Resource
direct.tranzila.com/ Frame FABD 1 B
36 B 30ms
29ms Image
text/plain 45.223.128.234
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://direct.tranzila.com/_Incapsula_Resource?SWKMTFSR=1&e=0.07888741638842078

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.128.234 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.web-view.net/	1970-01-20 20:34:06	Name: visid_incap_82454 Value: YQDMqHAKSb+8fGzwtRTynbeTYmQAAAAAQUIPAAAAAADMVoGMIV5DX8gCqo5GarJx
.web-view.net/	1969-12-31 23:59:59	Name: nlbi_82454 Value: gQ9RcP7XwwzmiqXyNaaeAwAAAADRrtZGo+8FDm3yFZfFp1Vw
.web-view.net/	1969-12-31 23:59:59	Name: incap_ses_1288_82454 Value: a9+GZhOL7yn+lQi84uXfEbeTYmQAAAAA1zWYE3O0r4JHUF5F+nqt5Q==
canadaims.site/	1970-01-20 11:59:46	Name: last_seen Value: eyJpdiI6Ik9uMlJRTW9NTzYzSDZoXC91bGV2MkVnPT0iLCJ2YWx1ZSI6ImtycXR1NHJ5V1pNd2N3cXFrSVgyVWc9PSIsIm1hYyI6Ijk1ZDMxZTQ3YzYzYWI1OTBiMDUxMWQ1YzM1MTA2YTc5NTAyMWMyZWQ0ZjgwNjA3ODY1YjEwYWE2M2IyOTAwZTUifQ%3D%3D
canadaims.site/	1970-01-20 11:51:08	Name: XSRF-TOKEN Value: eyJpdiI6IlFcLzhucTdoSU12NFFseW50a0EwUExnPT0iLCJ2YWx1ZSI6ImJBQmw5ZDlcL2NcL1I5MEt6TXB3M2huamNCUFhwOE9hM2NQUlZ1SVhjeTl1Rlg0b2c3ekE4bHU1WHBRVlBnbjk2RiIsIm1hYyI6IjAyNTk2ZTQ5NDBmOTQyYzM2NTRkODdjNTM5Y2I5MTA4ZjY1YTk0ZmNjZWQzNjkyNTIzMmIyOTkxMjc0NDczMmQifQ%3D%3D
canadaims.site/	1970-01-20 11:51:08	Name: canadaimsorg_session Value: eyJpdiI6Ik9zUU5lNWI5RFB1SWtwR0U5VUl0aEE9PSIsInZhbHVlIjoicDg2cTRiU1dHTkV5Vjk4KzJmR1d2TFdnSE9TWXdTYnRBR2NhWWd5VTlmR3Fkb1lRYlpSTWVyREJTNkwycXBwaSIsIm1hYyI6ImRmMzQyNjNkZDhmMWZiYzIzNDVjOWEyZTc3N2I1OTg5ZjI3YjA5NTZjMWNhNzRmNDA4MGM0YjcwODZhNzU2ZDcifQ%3D%3D
canadaims.site/	1970-01-20 13:16:05	Name: utm Value: eyJpdiI6IktmQUhBRVVXZlRSNmdNektxdnduNEE9PSIsInZhbHVlIjoiNFlYQUJkRGYzWFhqYTdQUHF4YVFMVmNPU1pKMXBrdlhuYjF1eG1RVkhLUVBBcDNJNlBiT1ducDJhOVVvMWxTTE50cXMybkMycUxjZHhYdmNoMWgyWnAyU25uXC9wbFltUlZ3eVdHKzdPWVJUZm9iM2UwVUppTm9VUnVkVSsyb2h3YjZLaWRLMzZpSlpGTVFxRUJaOG0zQT09IiwibWFjIjoiYzc2MDQ0Y2I4OTM4YzE5ZmM2YjdmOWM4ZDdkNDg0NWY5NGFkNmFiMTUzOWU1NmU3ZDY3NDliMWE4YmEyN2YxMiJ9
canadaims.site/	1970-01-20 20:28:05	Name: lang Value: en
canadaims.site/	1970-01-20 13:59:17	Name: payment_token Value: eyJpdiI6IjVcL2p3bUZVaGpKXC8yUTJLTUF5bG9GZz09IiwidmFsdWUiOiJJZW1TVkV6ejVSRWhJbXhkMmZMV0JYTzFmclNOamQxemJQOGhCUDIrXC9WNXMySEQ1N1VZMDM0bGVKb09UV3VJemFYeHNNVnVkcDl1cXZWRHg1Ulk0N3c9PSIsIm1hYyI6IjVkNDNkMmQ5NTczYzRlN2I4YzliZDY3NWVhMGY2MDRmZGNjZmI0ZjkzYTc3YjEwYjY2YjRkNjhiNThhODFlMjkifQ%3D%3D
.activetrail.com/	1970-01-20 20:34:59	Name: visid_incap_885708 Value: AxcS11u2RGSCCbDm2GQnnL2TYmQAAAAAQUIPAAAAAAA319DRTmCF7d5KNFEmxe9l
.activetrail.com/	1969-12-31 23:59:59	Name: incap_ses_408_885708 Value: dNlqZMcoVW8kTaE8oYKpBb2TYmQAAAAAmGhVO3BFze/ucWjnMZlP/w==
canadaims.site/	1970-01-20 16:12:29	Name: _pk_ref.dd9d8ac6-3094-47f6-90d9-a8b59ab8149e.2a8d Value: %5B%2215.5A%22%2C%22%22%2C1684181950%2C%22%22%5D
canadaims.site/	1970-01-20 21:15:37	Name: _pk_id.dd9d8ac6-3094-47f6-90d9-a8b59ab8149e.2a8d Value: b6589fc6ab0dc82c.1684181950.1.1684181950.1684181950.
canadaims.site/	1970-01-20 11:49:43	Name: _pk_ses.dd9d8ac6-3094-47f6-90d9-a8b59ab8149e.2a8d Value: *
.direct.tranzila.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: liheub1n9vvlqvaovrr6up5116
.tranzila.com/	1970-01-20 20:34:38	Name: visid_incap_2533233 Value: kffTqNbKTsOwH6tDSWtW872TYmQAAAAAQUIPAAAAAAA4u09arGMGfP4Ln868psWr
.tranzila.com/	1969-12-31 23:59:59	Name: incap_ses_1368_2533233 Value: oIAQLj8gNTUeFBHTFh78Er2TYmQAAAAAFNN/Y6uIYVNhiLMxGCyKaA==
canadaims.site/	1970-01-20 11:49:42	Name: outbrain_cid_fetch Value: true

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amplify.outbrain.com
atsc.activetrail.com
canadaims.org
canadaims.site
connect.facebook.net
direct.tranzila.com
fonts.googleapis.com
fonts.gstatic.com
stackpath.bootstrapcdn.com
tr.outbrain.com
trailer.web-view.net
www.google-analytics.com
107.154.114.122
23.32.185.60
2606:4700:3033::6815:456f
2606:4700:3035::ac43:a5f4
2606:4700::6812:bcf
2a00:1450:4001:800::2003
2a00:1450:4001:811::200e
2a00:1450:4001:829::200a
2a03:2880:f083:9:face:b00c:0:3
45.223.128.234
45.60.47.135
64.202.112.95
0670d6116476b903b1198d6521ae6684eb2b04b954b9cb06085170333a7f9477
0adb446c46bfb04eb747f952342d757469cf29733a3e5a124a28e0d94c2e03d8
0c63a22d1299d8cf6a4a6e9cabf3ca03bac10f335b24fcd28899e8dd892d80af
0d9015f3ce1fa9101ab5f71c72ef162f49c2f7c4c8ee4031ce4861fbdb8d22ba
0e952979610647fcb810a38cb3d660b5df164a531f4cf24555ceaa9f4edc4f0e
19f7915b03f0e23ea7c65a34999f887348c820013397aa6cc627562db02305d3
1c2fc265baaeba4f3f5b8c7285b93343aead25590f08be73d3056718b376c5d7
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1e6190e853d76f902e8508db1dc5160719dcb367aa39652f8e508a7e1793966c
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
268ecf688828cfdce59659a476ab0913b4e92556395ec549f12cf8194a6f8669
28ff9e3d6d2b1b4f2339912792253e58abdac2af4a1757a646b496b6d8b7aa92
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64
464a3e62ca0ac77ca4070d5a5cd1bdc7346ee6c9459e037a8e0f612609bac8cb
4ad5f5e1be2bfad0b36f324d134a09956a3bb0c2c6b824b20a237a1f8c96cfd2
51028b3e8406129add79d2d4cff9d1829f80828853443a59953a1522b4337e2b
5495d496be9c71d1c741d8aca0f6751cc1085b2fef0d5fc83facfcbb49d402cb
58fae867d4233278b416681e54d0b2c8635d938cc7d86f99c790bc64f02aaa3e
636f52528d61a565f93b83ec8fa646435c1b64f67ba5f4db64314f1692214fa7
6a880051af7bbc87b910949fe45c65e65968fbb117a6dec3b8fd53f9e2642fb0
6c5553217c782b518e313cb40a8de37438437a417df3f61e0cf020eadfd64f15
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91c255abf46f0cbba8d277092947f14ff53d81e8f7a0c8894987260967c30f89
99574ca4c4e1a9479820b30d2f193cca2a3c65e6ec6433f23403a53e07c3b249
9c49f381b5efb66e5c5cd15453336a9963f527a68d5f71ee091a910999e093ec
9fc53ceee48294497a4b31772e7f5c7f3b6674fcdcb829acba747dbcb4cbeb47
a0d767503b35050c0e0c0dfece0083131e7b74ea8d37cc734aa9d01fd7be2225
a5b504f73bda2bfe1c75e5008e4dd2eb300f61fba18e54c2787a2b5991ece7b5
a98c3bef1bd7c3042a1728fa62ccbb89c7d15726eac18870a34bdf02563690c0
aee034d31571969a8134d9e6afd5cfca4ee3a95a3111326f9170be403a66b3f6
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c54f26d6d13c08760021f5fed17abef51c2dc66886fcb51f2efe52a450c2c399
d7b80047a07fff19686807114f70128253c0f5bc4414230554d491fe44c77626
d8dddf02754ec659f8409e1554e6b01aaf4b69a66d0eefe40aee860b8b1f0c38
df5f2e0d7b97c6d81194c82bb415b3d9c9b89cab747dfb8192d034bd538acc10
e361fc4bbcf94c8347f03dad30ca336a35e5af07d9ea5c120b1316ed0be793e8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5eb15c4e0aaf1b869522e71e5cf270931f273ad48a9e5067c9d46c4891e1850
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eaeb4358a9dc8f778d59a6fd3ff160a1572f8eddb9b36ff45b253f4c19b5aace
ef777bd0809ca54263eacc7b8b456a7c5fc90589d6843b1a56b9a9f03c1b5bd8
f19c9aabdf9c1baee0d664981765f525f5140e990a409193db96806b5c3e8782
f4bd9f1c4fd0e455bd93dc6b4453c2c30b79d6c5796f04851385baeeec3526d5
fab9750756035f2cd8da31a27c1baee63e797250e4d3152e086fee3df5f685dd
feeb377a08b6715a7498491547c727a8bb2e0d8e819ab0eebd33d4b84af51c94

canadaims.site Open in urlscan Pro 2606:4700:3035::ac43:a5f4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

47 Requests

100 %HTTPS

58 %IPv6

11 Domains

12 Subdomains

12 IPs

2 Countries

692 kBTransfer

2004 kBSize

18 Cookies

0 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

canadaims.site Open in urlscan Pro
2606:4700:3035::ac43:a5f4 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

100 %
HTTPS

58 %
IPv6

11
Domains

12
Subdomains

12
IPs

2
Countries

692 kB
Transfer

2004 kB
Size

18
Cookies

47 HTTP transactions
1 data transactions