urlscan.io logo urlscan.io
SecurityTrails logo

forms.mint.ca Open in urlscan Pro
2600:9000:2140:2a00:5:cadd:62c0:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://clicks.mint.ca/t/5527685/162971834/4125297/0/1004965/?b77777bc=NTUyNzY4NQ&8823dc38=MGMyMjA1OTctM2QzYi00YTY5LThh...
Effective URL: https://forms.mint.ca/Subscribe/Form.ashx?l=1004965&p=c579b411-5881-4660-84d9-776de3a19a5b&mailid=5527685&m=0c220597-3...
Submission Tags: phishing
Submission: On July 05 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 5 domains to perform 27 HTTP transactions. The main IP is 2600:9000:2140:2a00:5:cadd:62c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is forms.mint.ca.
TLS certificate: Issued by R3 on June 14th 2023. Valid for: 3 months.
This is the only time forms.mint.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    54.215.244.243 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-215-244-243.us-west-1.compute.amazonaws.com
clicks.mint.ca
1    2600:9000:2140:2a00:5:cadd:62c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
forms.mint.ca
2    2607:f8b0:4006:81c::200a (Flushing, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2600:9000:2514:ea00:1b:350b:3f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
editor.ne16.com
6    2607:f8b0:4006:81c::2004 (Flushing, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2606:4700::6812:4c1 (United States)

ASN13335 (CLOUDFLARENET, US)
www.mint.ca
15    2607:f8b0:4006:820::2003 (Flushing, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
15 gstatic.com
www.gstatic.com
fonts.gstatic.com
669 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 10
99 KB
3 mint.ca
clicks.mint.ca
forms.mint.ca
www.mint.ca
16 KB
2 ne16.com
editor.ne16.com — Cisco Umbrella Rank: 119959
26 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 88
2 KB
27 5
Domain Requested by
9 www.gstatic.com www.google.com
www.gstatic.com
6 fonts.gstatic.com fonts.googleapis.com
www.google.com
6 www.google.com forms.mint.ca
www.gstatic.com
www.google.com
2 editor.ne16.com forms.mint.ca
editor.ne16.com
2 fonts.googleapis.com forms.mint.ca
1 www.mint.ca forms.mint.ca
1 forms.mint.ca
1 clicks.mint.ca 1 redirects
27 8

This site contains links to these domains. Also see Links.

Domain
www.mint.ca
Subject Issuer Validity Valid
forms.mint.ca
R3		 2023-06-14 -
2023-09-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
editor.ne16.com
Amazon RSA 2048 M02		 2023-02-22 -
2023-09-06		 6 months crt.sh
www.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
www.mint.ca
Entrust Certification Authority - L1M		 2023-05-08 -
2024-05-08		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://forms.mint.ca/Subscribe/Form.ashx?l=1004965&p=c579b411-5881-4660-84d9-776de3a19a5b&mailid=5527685&m=0c220597-3d3b-4a69-8adf-21624d6991d0&dlv-emuid=0c220597-3d3b-4a69-8adf-21624d6991d0&dlv-mlid=5527685
Frame ID: 5325B828BFB40DD375FA90558206E261
Requests: 9 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LezXvYZAAAAAAT6mRWdmveMtaRM5iXK1YNFjBW5&co=aHR0cHM6Ly9mb3Jtcy5taW50LmNhOjQ0Mw..&hl=en&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=8nridtlqp7qx
Frame ID: 1B730D33D3C4C8BCC327F4990A58EA82
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=khH7Ei3klcvfRI74FvDcfuOo&k=6LezXvYZAAAAAAT6mRWdmveMtaRM5iXK1YNFjBW5
Frame ID: 030648F42BD6B370C42BC40E592EEE40
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://clicks.mint.ca/t/5527685/162971834/4125297/0/1004965/?b77777bc=NTUyNzY4NQ&8823dc38=MGMyMjA1... HTTP 302
    https://forms.mint.ca/Subscribe/Form.ashx?l=1004965&p=c579b411-5881-4660-84d9-776de3a19a5b&mailid=... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

27
Requests

100 %
HTTPS

86 %
IPv6

5
Domains

8
Subdomains

6
IPs

1
Countries

812 kB
Transfer

1704 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://clicks.mint.ca/t/5527685/162971834/4125297/0/1004965/?b77777bc=NTUyNzY4NQ&8823dc38=MGMyMjA1OTctM2QzYi00YTY5LThhZGYtMjE2MjRkNjk5MWQw&b44ed14b=MGMyMjA1OTctM2QzYi00YTY5LThhZGYtMjE2MjRkNjk5MWQw&x=d097646e HTTP 302
    https://forms.mint.ca/Subscribe/Form.ashx?l=1004965&p=c579b411-5881-4660-84d9-776de3a19a5b&mailid=5527685&m=0c220597-3d3b-4a69-8adf-21624d6991d0&dlv-emuid=0c220597-3d3b-4a69-8adf-21624d6991d0&dlv-mlid=5527685 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Form.ashx
forms.mint.ca/Subscribe/
Redirect Chain
  • https://clicks.mint.ca/t/5527685/162971834/4125297/0/1004965/?b77777bc=NTUyNzY4NQ&8823dc38=MGMyMjA1OTctM2QzYi00YTY5LThhZGYtMjE2MjRkNjk5MWQw&b44ed14b=MGMyMjA1OTctM2QzYi00YTY5LThhZGYtMjE2MjRkNjk5MWQw...
  • https://forms.mint.ca/Subscribe/Form.ashx?l=1004965&p=c579b411-5881-4660-84d9-776de3a19a5b&mailid=5527685&m=0c220597-3d3b-4a69-8adf-21624d6991d0&dlv-emuid=0c220597-3d3b-4a69-8adf-21624d6991d0&dlv-m...
9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.mint.ca/Subscribe/Form.ashx?l=1004965&p=c579b411-5881-4660-84d9-776de3a19a5b&mailid=5527685&m=0c220597-3d3b-4a69-8adf-21624d6991d0&dlv-emuid=0c220597-3d3b-4a69-8adf-21624d6991d0&dlv-mlid=5527685
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2140:2a00:5:cadd:62c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2f26f29a0739109af2179aefce32abc39ccfbf902305a51e05459c3855306837

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private
content-length
9246
content-type
text/html; charset=utf-8
date
Wed, 05 Jul 2023 17:11:55 GMT
server
Microsoft-IIS/10.0
via
1.1 5a7cb2ecf8796fdcba2be8ec618e67a8.cloudfront.net (CloudFront)
x-amz-cf-id
JGQSvleqNlGm43orn9c22TU08fbBTUGp8HpLxgzNsgyVaW36xQpwUg==
x-amz-cf-pop
EWR52-C1
x-aspnet-version
4.0.30319
x-cache
Miss from cloudfront
x-powered-by
ASP.NET

Redirect headers

cache-control
private
content-length
345
content-type
text/html; charset=utf-8
date
Wed, 05 Jul 2023 17:11:55 GMT
location
https://forms.mint.ca/Subscribe/Form.ashx?l=1004965&p=c579b411-5881-4660-84d9-776de3a19a5b&mailid=5527685&m=0c220597-3d3b-4a69-8adf-21624d6991d0&dlv-emuid=0c220597-3d3b-4a69-8adf-21624d6991d0&dlv-mlid=5527685
server
nginx/1.16.1
x-aspnet-version
4.0.30319
x-cache
BYPASS
x-powered-by
ASP.NET
css2
fonts.googleapis.com/ 		3 KB
518 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Urbanist:ital,wght@0,400;0,700;1,400;1,700
Requested by
Host: forms.mint.ca
URL: https://forms.mint.ca/Subscribe/Form.ashx?l=1004965&p=c579b411-5881-4660-84d9-776de3a19a5b&mailid=5527685&m=0c220597-3d3b-4a69-8adf-21624d6991d0&dlv-emuid=0c220597-3d3b-4a69-8adf-21624d6991d0&dlv-mlid=5527685
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d2924a736d3e4c3ad2bfd6e24ca8bb058fc078ea002be3dce5ae8653844f73a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://forms.mint.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 05 Jul 2023 17:11:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 05 Jul 2023 17:11:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Jul 2023 17:11:55 GMT
css2
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Playfair+Display:ital,wght@0,400;0,700;1,400;1,700
Requested by
Host: forms.mint.ca
URL: https://forms.mint.ca/Subscribe/Form.ashx?l=1004965&p=c579b411-5881-4660-84d9-776de3a19a5b&mailid=5527685&m=0c220597-3d3b-4a69-8adf-21624d6991d0&dlv-emuid=0c220597-3d3b-4a69-8adf-21624d6991d0&dlv-mlid=5527685
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9b4934b8f7eb81eb46f299b072584e01dc7e9c205caee05a4962e31fa7aac96a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://forms.mint.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 05 Jul 2023 17:11:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 05 Jul 2023 17:07:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Jul 2023 17:11:55 GMT
Subscribe.js
editor.ne16.com/Subscribe/ 		25 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://editor.ne16.com/Subscribe/Subscribe.js
Requested by
Host: forms.mint.ca
URL: https://forms.mint.ca/Subscribe/Form.ashx?l=1004965&p=c579b411-5881-4660-84d9-776de3a19a5b&mailid=5527685&m=0c220597-3d3b-4a69-8adf-21624d6991d0&dlv-emuid=0c220597-3d3b-4a69-8adf-21624d6991d0&dlv-mlid=5527685
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2514:ea00:1b:350b:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2b4b6ff31b01cd89b4cd5fe69717dddb3fbd05aefe56ba57b4592e7e4ac1890b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://forms.mint.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 16:35:30 GMT
via
1.1 4bb97c894b41a52a86ef7d6744e0e642.cloudfront.net (CloudFront)
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-amz-cf-pop
JFK50-P8
age
2184
x-powered-by
ASP.NET
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public
content-length
25363
x-amz-cf-id
Yr2GELUjycBiEm53cA1aMy8yZzkEK12WNiecLiTQOjM3ggNyFLKeDg==
expires
Wed, 05 Jul 2023 17:29:29 GMT
api.js
www.google.com/recaptcha/ 		852 B
874 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=explicit
Requested by
Host: forms.mint.ca
URL: https://forms.mint.ca/Subscribe/Form.ashx?l=1004965&p=c579b411-5881-4660-84d9-776de3a19a5b&mailid=5527685&m=0c220597-3d3b-4a69-8adf-21624d6991d0&dlv-emuid=0c220597-3d3b-4a69-8adf-21624d6991d0&dlv-mlid=5527685
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8c2d03a6d705b3101e0f65467a134a4537ea38e5d9d46d2a254f11fd6abc64e1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://forms.mint.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 17:11:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
554
x-xss-protection
1; mode=block
expires
Wed, 05 Jul 2023 17:11:55 GMT
logo-en-dark.svg
www.mint.ca/globalassets/template/ 		20 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mint.ca/globalassets/template/logo-en-dark.svg?hash=637840734590000000&width=160&format=png&quality=80
Requested by
Host: forms.mint.ca
URL: https://forms.mint.ca/Subscribe/Form.ashx?l=1004965&p=c579b411-5881-4660-84d9-776de3a19a5b&mailid=5527685&m=0c220597-3d3b-4a69-8adf-21624d6991d0&dlv-emuid=0c220597-3d3b-4a69-8adf-21624d6991d0&dlv-mlid=5527685
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c0e2bf1280c19d1959804f670bedca3227bc5937a1d40eff415f526c65d4aaa
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://forms.mint.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 17:11:55 GMT
content-security-policy
frame-ancestors 'self';
content-encoding
br
cf-cache-status
HIT
age
25509
request-context
appId=cid-v1:85d9958e-0edb-43c2-b2f0-bea81a25c70a
last-modified
Mon, 28 Mar 2022 18:10:59 GMT
server
cloudflare
etag
W/"1D842CF2D1D7B80"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
https://rcam01mstrmf40oprod.dxcloud.episerver.net/;https://mint.ca/;https://monnaie.ca/;https://proddep.mint.ca/
access-control-expose-headers
Request-Context
cache-control
public, max-age=17691
cf-ray
7e213add5fa0ecf2-YUL
expires
Wed, 05 Jul 2023 22:06:46 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ 		427 KB
172 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
237f4a5b7b8e81b7ad01c54cbb6205368aa9d55e1d6fd1ef38454facdc01353c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forms.mint.ca/
Origin
https://forms.mint.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 10:40:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23507
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
175692
x-xss-protection
0
last-modified
Sat, 24 Jun 2023 15:59:54 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 Jul 2024 10:40:08 GMT
L0x-DF02iFML4hGCyMqlbS0.woff2
fonts.gstatic.com/s/urbanist/v10/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/urbanist/v10/L0x-DF02iFML4hGCyMqlbS0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Urbanist:ital,wght@0,400;0,700;1,400;1,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f104eed8b52040a090afd81b3f24fe7d1c6449bf0083868748c73a24833a59e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://forms.mint.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 01 Jul 2023 11:21:41 GMT
x-content-type-options
nosniff
age
366614
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26204
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 18:30:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Jun 2024 11:21:41 GMT
SubscribeData.ashx
editor.ne16.com/Subscribe/ 		423 B
761 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://editor.ne16.com/Subscribe/SubscribeData.ashx?p=c579b411-5881-4660-84d9-776de3a19a5b&l=1004965&m=0c220597-3d3b-4a69-8adf-21624d6991d0&mailid=5527685&c=%5B%5D&d=%5B%22emailaddr_%22%2C%22unsubreason_%22%2C%22Source_%22%2C%22demographics%22%2C%22list%22%2C%22DlvFormType%22%2C%22DlvProgressiveProfiling%22%5D&a=%5B%22rcm-mktg%22%5D&keyword=&u=https%3A%2F%2Fforms.mint.ca%2FSubscribe%2FForm.ashx%3Fl%3D1004965%26p%3Dc579b411-5881-4660-84d9-776de3a19a5b%26mailid%3D5527685%26m%3D0c220597-3d3b-4a69-8adf-21624d6991d0%26dlv-emuid%3D0c220597-3d3b-4a69-8adf-21624d6991d0%26dlv-mlid%3D5527685
Requested by
Host: editor.ne16.com
URL: https://editor.ne16.com/Subscribe/Subscribe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2514:ea00:1b:350b:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ef9b10a8e4be1f2ab6ff41de2438d1847258fd4981ebc2e7328ea3f597551521

Request headers

Accept
application/json
Referer
https://forms.mint.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 17:11:56 GMT
via
1.1 7082f41e4415fb7199f3ca9b16b5849a.cloudfront.net (CloudFront)
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-amz-cf-pop
JFK50-P8
x-powered-by
ASP.NET
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private
content-length
423
x-amz-cf-id
86yMlf4M46RotiQaWU8dDVS2j4etlPVBajueM47lXdo7lg6WtBZmng==
anchor
www.google.com/recaptcha/api2/ Frame 1B73 		51 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LezXvYZAAAAAAT6mRWdmveMtaRM5iXK1YNFjBW5&co=aHR0cHM6Ly9mb3Jtcy5taW50LmNhOjQ0Mw..&hl=en&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=8nridtlqp7qx
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
246d456c9778b6a4be33ccde2d431883393703bf35a37ebcf4e86f1f1b04cc8e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-m086JJRbt1GcDAwW7eJOgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://forms.mint.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
28517
content-security-policy
script-src 'report-sample' 'nonce-m086JJRbt1GcDAwW7eJOgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 05 Jul 2023 17:11:56 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ Frame 1B73 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LezXvYZAAAAAAT6mRWdmveMtaRM5iXK1YNFjBW5&co=aHR0cHM6Ly9mb3Jtcy5taW50LmNhOjQ0Mw..&hl=en&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=8nridtlqp7qx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 04 Jul 2023 17:41:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84606
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Sat, 24 Jun 2023 15:59:54 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 03 Jul 2024 17:41:50 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ Frame 1B73 		427 KB
172 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LezXvYZAAAAAAT6mRWdmveMtaRM5iXK1YNFjBW5&co=aHR0cHM6Ly9mb3Jtcy5taW50LmNhOjQ0Mw..&hl=en&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=8nridtlqp7qx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
237f4a5b7b8e81b7ad01c54cbb6205368aa9d55e1d6fd1ef38454facdc01353c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 10:40:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23508
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
175692
x-xss-protection
0
last-modified
Sat, 24 Jun 2023 15:59:54 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 Jul 2024 10:40:08 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 1B73 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 01 Jul 2023 10:27:06 GMT
x-content-type-options
nosniff
age
369890
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Sat, 08 Jul 2023 10:27:06 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1B73 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LezXvYZAAAAAAT6mRWdmveMtaRM5iXK1YNFjBW5&co=aHR0cHM6Ly9mb3Jtcy5taW50LmNhOjQ0Mw..&hl=en&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=8nridtlqp7qx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 01 Jul 2023 10:06:54 GMT
x-content-type-options
nosniff
age
371102
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Jun 2024 10:06:54 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1B73 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LezXvYZAAAAAAT6mRWdmveMtaRM5iXK1YNFjBW5&co=aHR0cHM6Ly9mb3Jtcy5taW50LmNhOjQ0Mw..&hl=en&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=8nridtlqp7qx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 01 Jul 2023 10:07:50 GMT
x-content-type-options
nosniff
age
371046
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Jun 2024 10:07:50 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 1B73 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=khH7Ei3klcvfRI74FvDcfuOo
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LezXvYZAAAAAAT6mRWdmveMtaRM5iXK1YNFjBW5&co=aHR0cHM6Ly9mb3Jtcy5taW50LmNhOjQ0Mw..&hl=en&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=8nridtlqp7qx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
48de7787b8ff87abeca3c8661dfac7d508d596a95f74df6e568d664a1f5600cf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LezXvYZAAAAAAT6mRWdmveMtaRM5iXK1YNFjBW5&co=aHR0cHM6Ly9mb3Jtcy5taW50LmNhOjQ0Mw..&hl=en&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=8nridtlqp7qx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 17:11:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
1; mode=block
expires
Wed, 05 Jul 2023 17:11:56 GMT
bframe
www.google.com/recaptcha/api2/ Frame 0306 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=khH7Ei3klcvfRI74FvDcfuOo&k=6LezXvYZAAAAAAT6mRWdmveMtaRM5iXK1YNFjBW5
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
431c9954d596a233e4dcf03e3613122a491d1c6ccdb8f1e9cfe1656117b2ef79
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2ZtHoyebkOr3jy3ON12cIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://forms.mint.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1154
content-security-policy
script-src 'report-sample' 'nonce-2ZtHoyebkOr3jy3ON12cIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 05 Jul 2023 17:11:56 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ Frame 0306 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=khH7Ei3klcvfRI74FvDcfuOo&k=6LezXvYZAAAAAAT6mRWdmveMtaRM5iXK1YNFjBW5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 04 Jul 2023 17:41:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84606
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Sat, 24 Jun 2023 15:59:54 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 03 Jul 2024 17:41:50 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ Frame 0306 		427 KB
172 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=khH7Ei3klcvfRI74FvDcfuOo&k=6LezXvYZAAAAAAT6mRWdmveMtaRM5iXK1YNFjBW5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
237f4a5b7b8e81b7ad01c54cbb6205368aa9d55e1d6fd1ef38454facdc01353c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 10:40:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23508
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
175692
x-xss-protection
0
last-modified
Sat, 24 Jun 2023 15:59:54 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 Jul 2024 10:40:08 GMT
reload
www.google.com/recaptcha/api2/ Frame 0306 		40 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LezXvYZAAAAAAT6mRWdmveMtaRM5iXK1YNFjBW5
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
46b45a989c9b97b864be3f61f5321ecbf0c5c6c0791045eb3289cf1a3263ebd4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/bframe?hl=en&v=khH7Ei3klcvfRI74FvDcfuOo&k=6LezXvYZAAAAAAT6mRWdmveMtaRM5iXK1YNFjBW5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Wed, 05 Jul 2023 17:11:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24930
x-xss-protection
1; mode=block
expires
Wed, 05 Jul 2023 17:11:56 GMT
refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 0306 		600 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/refresh_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 01 Jul 2023 14:20:22 GMT
x-content-type-options
nosniff
age
355894
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
600
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Sat, 08 Jul 2023 14:20:22 GMT
audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 0306 		530 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/audio_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 01 Jul 2023 17:03:04 GMT
x-content-type-options
nosniff
age
346132
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
530
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Sat, 08 Jul 2023 17:03:04 GMT
info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 0306 		665 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/info_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 01 Jul 2023 14:11:26 GMT
x-content-type-options
nosniff
age
356430
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
665
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Sat, 08 Jul 2023 14:11:26 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0306 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 01 Jul 2023 10:06:54 GMT
x-content-type-options
nosniff
age
371102
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Jun 2024 10:06:54 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0306 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 01 Jul 2023 21:41:21 GMT
x-content-type-options
nosniff
age
329435
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15340
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Jun 2024 21:41:21 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0306 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 01 Jul 2023 10:07:50 GMT
x-content-type-options
nosniff
age
371046
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Jun 2024 10:07:50 GMT
payload
www.google.com/recaptcha/api2/ Frame 0306 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/recaptcha/api2/payload?p=06AAYGu2QDLfLkmZVnmjgFCOAmgPm1MU2TnNVUjbozsrhSvtwQpZDY0NSho5tzQBCOYfZuhZIXxtsC_yQKtQeCXdM8LDPEKobeAazagygb1fRxZ7slV21LghvIXE0IGDiM7QN4QMe-EVYbcdHz9DPawAgSkzmqn_JhptMj_98XHsNiYuamqpfkmG7_-dXBUkv_mU2w3JNtKOndV5MFlm74G-hfy_BlQSwwWw&k=6LezXvYZAAAAAAT6mRWdmveMtaRM5iXK1YNFjBW5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6e3c7470276755089b018237a6940bfc9a147f9511dcc0f7aa74925be8adac01
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/bframe?hl=en&v=khH7Ei3klcvfRI74FvDcfuOo&k=6LezXvYZAAAAAAT6mRWdmveMtaRM5iXK1YNFjBW5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 17:11:56 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
private, max-age=30
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45636
x-xss-protection
1; mode=block
expires
Wed, 05 Jul 2023 17:11:56 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| credentialless object| onbeforetoggle object| onscrollend object| dlvra object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha function| hiddenCaptchaVerified object| closure_lm_420476

1 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AHwPDlLtBOrKJ0mfK7AxTSBOlYx-6lfx3Hk_MHIJOYjhJGqtnxJzNGV9iLfqgx6-pkihrinZCkiwvVGRD73JOkU

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

clicks.mint.ca
editor.ne16.com
fonts.googleapis.com
fonts.gstatic.com
forms.mint.ca
www.google.com
www.gstatic.com
www.mint.ca
2600:9000:2140:2a00:5:cadd:62c0:93a1
2600:9000:2514:ea00:1b:350b:3f00:93a1
2606:4700::6812:4c1
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81c::200a
2607:f8b0:4006:820::2003
54.215.244.243
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
237f4a5b7b8e81b7ad01c54cbb6205368aa9d55e1d6fd1ef38454facdc01353c
246d456c9778b6a4be33ccde2d431883393703bf35a37ebcf4e86f1f1b04cc8e
2b4b6ff31b01cd89b4cd5fe69717dddb3fbd05aefe56ba57b4592e7e4ac1890b
2f26f29a0739109af2179aefce32abc39ccfbf902305a51e05459c3855306837
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
431c9954d596a233e4dcf03e3613122a491d1c6ccdb8f1e9cfe1656117b2ef79
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
46b45a989c9b97b864be3f61f5321ecbf0c5c6c0791045eb3289cf1a3263ebd4
48de7787b8ff87abeca3c8661dfac7d508d596a95f74df6e568d664a1f5600cf
4c0e2bf1280c19d1959804f670bedca3227bc5937a1d40eff415f526c65d4aaa
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6e3c7470276755089b018237a6940bfc9a147f9511dcc0f7aa74925be8adac01
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8c2d03a6d705b3101e0f65467a134a4537ea38e5d9d46d2a254f11fd6abc64e1
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9b4934b8f7eb81eb46f299b072584e01dc7e9c205caee05a4962e31fa7aac96a
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
d2924a736d3e4c3ad2bfd6e24ca8bb058fc078ea002be3dce5ae8653844f73a4
ef9b10a8e4be1f2ab6ff41de2438d1847258fd4981ebc2e7328ea3f597551521
f104eed8b52040a090afd81b3f24fe7d1c6449bf0083868748c73a24833a59e0