oam.fairstone.ca Open in urlscan Pro
18.245.60.102 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u18537296.ct.sendgrid.net/ls/click?upn=u001.SMbza-2FRUkGsnUodPLALnt4HF6mTxpWJx47f-2FNIfKnb0nrjC0q-2FYirx0H5KK2Falj-aoA_Eko...
Effective URL:
https://oam.fairstone.ca/en/login
Submission: On October 17 via api (October 17th 2024, 12:47:00 pm UTC) from CZ — Scanned from DE

Summary HTTP 138 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 60 IPs in 7 countries across 39 domains to perform 138 HTTP transactions. The main IP is 18.245.60.102, located in United States and belongs to AMAZON-02, US. The main domain is oam.fairstone.ca.
TLS certificate: Issued by Amazon RSA 2048 M02 on August 17th 2024. Valid for: a year.

This is the only time oam.fairstone.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.123.53 167.89.123.53	11377 (SENDGRID) (SENDGRID)
10	18.245.60.102 18.245.60.102	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.222.236.7 52.222.236.7	16509 (AMAZON-02) (AMAZON-02)
1	18.245.86.66 18.245.86.66	16509 (AMAZON-02) (AMAZON-02)
10	2606:4700::68... 2606:4700::6812:562a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	15.235.54.6 15.235.54.6	16276 (OVH) (OVH)
1	148.113.163.172 148.113.163.172	16276 (OVH) (OVH)
2	2620:1ec:33:3... 2620:1ec:33:3::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:26f0:350... 2a02:26f0:3500:10::210:a99	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a04:4e42:600... 2a04:4e42:600::84	54113 (FASTLY) (FASTLY)
1	3.163.248.4 3.163.248.4	16509 (AMAZON-02) (AMAZON-02)
1	13.224.186.120 13.224.186.120	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:7709	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2600:9000:272... 2600:9000:2724:3600:17:4c3f:1b80:93a1	16509 (AMAZON-02) (AMAZON-02)
8	184.86.103.219 184.86.103.219	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
1 2	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
1	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
1	18.172.103.101 18.172.103.101	16509 (AMAZON-02) (AMAZON-02)
1	13.32.99.18 13.32.99.18	16509 (AMAZON-02) (AMAZON-02)
1 3	2606:4700:440... 2606:4700:4400::ac40:963f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1 2	98.82.157.137 98.82.157.137	14618 (AMAZON-AES) (AMAZON-AES)
5	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
5	151.101.192.84 151.101.192.84	54113 (FASTLY) (FASTLY)
2	2606:4700:303... 2606:4700:3037::ac43:8ef5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.64.149.149 172.64.149.149	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	52.7.4.15 52.7.4.15	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:223... 2600:9000:223c:9a00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:272... 2600:9000:2724:1200:0:99b9:cd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.64.84 151.101.64.84	54113 (FASTLY) (FASTLY)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
3	54.246.144.89 54.246.144.89	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::15	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1 2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	162.159.153.247 162.159.153.247	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.159.152.17 162.159.152.17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	91.228.74.166 91.228.74.166	16509 (AMAZON-02) (AMAZON-02)
1 1	104.18.42.209 104.18.42.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:6a00:1a:6404:eb40:93a1	16509 (AMAZON-02) (AMAZON-02)
3	107.21.29.68 107.21.29.68	14618 (AMAZON-AES) (AMAZON-AES)
1 2	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
1	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
2	104.198.23.205 104.198.23.205	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.199.211.219 34.199.211.219	14618 (AMAZON-AES) (AMAZON-AES)
138	60

1 167.89.123.53 (Chicago, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789123x53.outbound-mail.sendgrid.net

u18537296.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 18.245.60.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-102.fra60.r.cloudfront.net

oam.fairstone.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.ingest-lr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.236.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-7.fra56.r.cloudfront.net

js-cdn.dynatrace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.86.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-66.fra60.r.cloudfront.net

app.fairstone.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6812:562a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.235.54.6 (Canada)

ASN16276 (OVH, FR)
PTR: prd-capture-5.tjsint.net

capture.trackjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.113.163.172 (Canada)

ASN16276 (OVH, FR)
PTR: prd-usage-5.tjsint.net

usage.trackjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:33:3::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:10::210:a99 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.163.248.4 (United States)

ASN16509 (AMAZON-02, US)

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.186.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-120.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7709 (United States)

ASN13335 (CLOUDFLARENET, US)

js.appboycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2724:3600:17:4c3f:1b80:93a1 (United States)

ASN16509 (AMAZON-02, US)

api.salemove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 184.86.103.219 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-103-219.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (San Francisco, United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.172.103.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-103-101.fra60.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-18.fra60.r.cloudfront.net

cdn.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::ac40:963f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.46 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.82.157.137 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-98-82-157-137.compute-1.amazonaws.com

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.192.84 (San Francisco, United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::ac43:8ef5 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.149.149 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

sdk.iad-05.braze.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.7.4.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-4-15.compute-1.amazonaws.com

in.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:9a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2724:1200:0:99b9:cd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

libs.salemove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.64.84 (San Francisco, United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.246.144.89 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-144-89.eu-west-1.compute.amazonaws.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::15 (United States)

ASN15169 (GOOGLE, US)

tracking.fairstone.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States) 1 redirects

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.153.247 (None, )

ASN13335 (CLOUDFLARENET, US)

a.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.152.17 (None, )

ASN13335 (CLOUDFLARENET, US)

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.166 (United Kingdom)

ASN16509 (AMAZON-02, US)

pixel-ssn.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.42.209 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a4.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:6a00:1a:6404:eb40:93a1 (United States)

ASN16509 (AMAZON-02, US)

site-assets.salemove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.21.29.68 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-29-68.compute-1.amazonaws.com

bf55798edn.bf.dynatrace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

6501431.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.198.23.205 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 205.23.198.104.bc.googleusercontent.com

r.ingest-lr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.211.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-211-219.compute-1.amazonaws.com

client-logger.salemove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	fairstone.ca oam.fairstone.ca app.fairstone.ca tracking.fairstone.ca	684 KB
11	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 td.doubleclick.net — Cisco Umbrella Rank: 192 stats.g.doubleclick.net — Cisco Umbrella Rank: 136 cm.g.doubleclick.net — Cisco Umbrella Rank: 283 6501431.fls.doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 150	6 KB
10	salemove.com api.salemove.com — Cisco Umbrella Rank: 15955 libs.salemove.com — Cisco Umbrella Rank: 17086 site-assets.salemove.com — Cisco Umbrella Rank: 52213 client-logger.salemove.com — Cisco Umbrella Rank: 12757	456 KB
10	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 326	174 KB
8	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 817	236 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	595 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	5 KB
6	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 930	6 KB
5	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 893 tr6.snapchat.com — Cisco Umbrella Rank: 1360	984 B
5	adnxs.com 1 redirects acdn.adnxs.com — Cisco Umbrella Rank: 613 secure.adnxs.com — Cisco Umbrella Rank: 479 ib.adnxs.com — Cisco Umbrella Rank: 267	12 KB
5	dynatrace.com js-cdn.dynatrace.com — Cisco Umbrella Rank: 4209 bf55798edn.bf.dynatrace.com — Cisco Umbrella Rank: 676527	133 KB
4	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 4401	1 KB
4	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 1004 s.tribalfusion.com — Cisco Umbrella Rank: 3163 a4.tribalfusion.com — Cisco Umbrella Rank: 49742	5 KB
4	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 321 px4.ads.linkedin.com — Cisco Umbrella Rank: 6828	2 KB
3	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1568	662 B
3	google.de www.google.de — Cisco Umbrella Rank: 11271	191 B
3	quantserve.com 1 redirects secure.quantserve.com — Cisco Umbrella Rank: 1471 pixel.quantserve.com — Cisco Umbrella Rank: 1044 pixel-ssn.quantserve.com — Cisco Umbrella Rank: 45226	11 KB
3	yimg.com s.yimg.com — Cisco Umbrella Rank: 712	8 KB
3	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 345 s.amazon-adsystem.com — Cisco Umbrella Rank: 352	8 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	80 KB
3	ingest-lr.com cdn.ingest-lr.com — Cisco Umbrella Rank: 55952 r.ingest-lr.com — Cisco Umbrella Rank: 45958	175 KB
2	quora.com a.quora.com — Cisco Umbrella Rank: 6617 q.quora.com — Cisco Umbrella Rank: 5041	15 KB
2	braze.com sdk.iad-05.braze.com — Cisco Umbrella Rank: 2490	657 B
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1222	8 KB
2	treasuredata.com cdn.treasuredata.com — Cisco Umbrella Rank: 15411 in.treasuredata.com — Cisco Umbrella Rank: 4577	22 KB
2	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1442 insight.adsrvr.org — Cisco Umbrella Rank: 945	13 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 982	25 KB
2	bing.net bat.bing.net — Cisco Umbrella Rank: 20475	464 B
2	bing.com bat.bing.com — Cisco Umbrella Rank: 348	15 KB
2	trackjs.com capture.trackjs.com — Cisco Umbrella Rank: 9611 usage.trackjs.com — Cisco Umbrella Rank: 3054	445 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3643	1 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1501	706 B
1	appboycdn.com js.appboycdn.com — Cisco Umbrella Rank: 3581	58 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1089	24 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 498	295 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 784	14 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	14 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
1	sendgrid.net 1 redirects u18537296.ct.sendgrid.net	236 B
138	39

	Domain	Requested by
10	cdn.cookielaw.org	www.googletagmanager.com oam.fairstone.ca cdn.cookielaw.org
10	oam.fairstone.ca	oam.fairstone.ca
8	analytics.tiktok.com	oam.fairstone.ca analytics.tiktok.com
7	www.googletagmanager.com	oam.fairstone.ca www.googletagmanager.com
6	www.facebook.com
6	ct.pinterest.com	oam.fairstone.ca s.pinimg.com
4	libs.salemove.com	api.salemove.com libs.salemove.com
4	tr.snapchat.com	sc-static.net oam.fairstone.ca
4	td.doubleclick.net	www.googletagmanager.com
4	api.salemove.com	www.googletagmanager.com oam.fairstone.ca
3	bf55798edn.bf.dynatrace.com	oam.fairstone.ca
3	sp.analytics.yahoo.com
3	www.google.de
3	www.google.com	www.googletagmanager.com
3	s.yimg.com	oam.fairstone.ca
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
3	px.ads.linkedin.com	1 redirects oam.fairstone.ca
2	r.ingest-lr.com	oam.fairstone.ca
2	6501431.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	s.tribalfusion.com	1 redirects a.tribalfusion.com
2	ib.adnxs.com	oam.fairstone.ca
2	sdk.iad-05.braze.com	oam.fairstone.ca
2	use.fontawesome.com	js.appboycdn.com use.fontawesome.com
2	s.amazon-adsystem.com	1 redirects
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	secure.adnxs.com	1 redirects
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	bat.bing.net	bat.bing.com
2	bat.bing.com	www.googletagmanager.com bat.bing.com
2	js-cdn.dynatrace.com	oam.fairstone.ca js-cdn.dynatrace.com
1	client-logger.salemove.com	oam.fairstone.ca
1	ad.doubleclick.net
1	site-assets.salemove.com	libs.salemove.com
1	cm.g.doubleclick.net
1	a4.tribalfusion.com	1 redirects
1	pixel-ssn.quantserve.com
1	pixel.quantserve.com	1 redirects
1	q.quora.com
1	a.quora.com	www.googletagmanager.com
1	tr6.snapchat.com	sc-static.net
1	region1.google-analytics.com
1	region1.analytics.google.com	1 redirects
1	stats.g.doubleclick.net	www.googletagmanager.com
1	tracking.fairstone.ca	oam.fairstone.ca
1	insight.adsrvr.org	js.adsrvr.org
1	rules.quantcount.com	secure.quantserve.com
1	in.treasuredata.com	cdn.treasuredata.com
1	a.tribalfusion.com	www.googletagmanager.com
1	cdn.treasuredata.com	oam.fairstone.ca
1	js.adsrvr.org	www.googletagmanager.com
1	acdn.adnxs.com	oam.fairstone.ca
1	secure.quantserve.com	oam.fairstone.ca
1	js.appboycdn.com	www.googletagmanager.com
1	c.amazon-adsystem.com	www.googletagmanager.com
1	sc-static.net	www.googletagmanager.com
1	px4.ads.linkedin.com
1	geolocation.onetrust.com	oam.fairstone.ca
1	snap.licdn.com	www.googletagmanager.com
1	usage.trackjs.com
1	capture.trackjs.com	oam.fairstone.ca
1	cdnjs.cloudflare.com	oam.fairstone.ca
1	app.fairstone.ca	oam.fairstone.ca
1	cdn.ingest-lr.com	oam.fairstone.ca
1	fonts.googleapis.com	oam.fairstone.ca
1	u18537296.ct.sendgrid.net	1 redirects
138	65

This site contains links to these domains. Also see Links.

Domain
www.onetrust.com

Subject Issuer	Validity	Valid
*.fairstone.ca Amazon RSA 2048 M02	`2024-08-17` - `2025-09-16`	a year	crt.sh
upload.video.google.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.google-analytics.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
ingest-lr.com WE1	`2024-09-11` - `2024-12-10`	3 months	crt.sh
js-cdn.dynatrace.com Amazon RSA 2048 M02	`2024-01-03` - `2025-01-31`	a year	crt.sh
cookielaw.org WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
*.trackjs.com RapidSSL TLS RSA CA G1	`2024-08-05` - `2025-08-11`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
geolocation.onetrust.com WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-10-14` - `2025-04-14`	6 months	crt.sh
bat.bing.net Microsoft Azure RSA TLS Issuing CA 03	`2024-07-30` - `2025-01-26`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-07-26` - `2024-10-24`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-05` - `2025-08-07`	a year	crt.sh
sc-static.net Amazon RSA 2048 M03	`2023-12-21` - `2025-01-18`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
appboycdn.com WE1	`2024-10-06` - `2025-01-04`	3 months	crt.sh
*.glia.com Amazon RSA 2048 M02	`2024-05-17` - `2025-06-14`	a year	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-10-09` - `2024-11-27`	2 months	crt.sh
quantserve.com R11	`2024-08-23` - `2024-11-21`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2024-04-08` - `2025-05-09`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
*.treasuredata.com Amazon RSA 2048 M03	`2024-06-18` - `2025-07-17`	a year	crt.sh
tribalfusion.com WE1	`2024-09-30` - `2024-12-29`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.doubleclick.net WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.google.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-23` - `2025-07-22`	a year	crt.sh
use.fontawesome.com WE1	`2024-09-09` - `2024-12-09`	3 months	crt.sh
sdk.iad-05.braze.com WE1	`2024-10-13` - `2025-01-11`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
*.google.de WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-07-30` - `2025-01-22`	6 months	crt.sh
tracking.fairstone.ca WR3	`2024-10-08` - `2025-01-06`	3 months	crt.sh
quora.com WR1	`2024-10-07` - `2025-01-05`	3 months	crt.sh
*.bf.dynatrace.com Amazon RSA 2048 M02	`2023-12-20` - `2025-01-16`	a year	crt.sh
api.logrocket.com R10	`2024-08-29` - `2024-11-27`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://oam.fairstone.ca/en/login
Frame ID: 0F17EC1674F27E913EC466E1837EB006
Requests: 125 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/963056520?random=1729169214284&cv=11&fst=1729169214284&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ag0z86866613za201zb6866613&gcd=13t3t3t2t5l1&dma_cps=syphamo&dma=1&tag_exp=101533422~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin&hn=www.googleadservices.com&frm=0&tiba=Online%20account%20management%20for%20purchase%20financing%20accounts&did=dYWJhMj&gdid=dYWJhMj&npa=0&pscdl=noapi&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: DE861E0A1F53DF1C64640A45464BC234
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/868121167?random=1729169214296&cv=11&fst=1729169214296&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ag0v878133823z86866613za201zb6866613&gcd=13t3t3t2t5l1&dma_cps=syphamo&dma=1&tag_exp=101533421~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin&hn=www.googleadservices.com&frm=0&tiba=Online%20account%20management%20for%20purchase%20financing%20accounts&did=dYWJhMj&gdid=dYWJhMj&npa=0&pscdl=noapi&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: 153778B75FDCBB7D15ADF26F787F4D16
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=253853c3-b931-447a-9812-74fb9e31c99a&u_scsid=8bea81e2-ce11-44de-b663-6997a48b5a38&u_sclid=71532488-219c-41cd-98cf-0a69c5974ecd
Frame ID: DFE0F9B846CCB01BC6F8713A45006FCC
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 17BAB57DA08680EE9765024A33447B74
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=yvkjvx3&ref=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin&upid=qvgyw8m&upv=1.1.0&paapi=1
Frame ID: 06743C422C6596717A03A9A6334D39BE
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-Q8NJ0QC7WK&gacid=653418318.1729169216&gtm=45je4ag0v870661557z86866613za200zb6866613&dma=1&dma_cps=syphamo&gcs=G111&gcd=13t3t3t2t5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101529666~101686685&z=990153791
Frame ID: 1B0621D7E73CD5E69E2A73EF19484B18
Requests: 1 HTTP requests in this frame

Frame: https://6501431.fls.doubleclick.net/activityi;dc_pre=CJyAmqe5lYkDFf6Jgwcduc4J-g;src=6501431;type=fairs0;cat=fairs0;ord=3523905842784;npa=0;auiddc=1759408775.1729169215;gdid=dYWJhMj;ps=1;pcor=2030687430;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ag0v9189976264z86866613za201zb6866613;gcs=G111;gcd=13t3t3t2t5l1;dma_cps=syphamo;dma=1;tag_exp=101533422~101686685~101823848~101836705;epver=2;~oref=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin
Frame ID: CB3B427EA9578E40BBBEA659A8A4D89C
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=6501431;type=fairs0;cat=fairs0;ord=3523905842784;npa=0;auiddc=1759408775.1729169215;gdid=dYWJhMj;ps=1;pcor=2030687430;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ag0v9189976264z86866613za201zb6866613;gcs=G111;gcd=13t3t3t2t5l1;dma_cps=syphamo;dma=1;tag_exp=101533422~101686685~101823848~101836705;epver=2;~oref=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin
Frame ID: C90EE5B86C559D7F79560CF60C5D0612
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Online account management for purchase financing accounts

Page URL History Show full URLs

https://u18537296.ct.sendgrid.net/ls/click?upn=u001.SMbza-2FRUkGsnUodPLALnt4HF6mTxpWJx47f-2FNIfKnb0nrjC0q-2FYi... HTTP 302
https://oam.fairstone.ca/en/login Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Braze (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

js\.appboycdn\.com/web-sdk/([\d.]+)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Page Statistics

138
Requests

94 %
HTTPS

48 %
IPv6

39
Domains

65
Subdomains

60
IPs

7
Countries

2804 kB
Transfer

9803 kB
Size

52
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u18537296.ct.sendgrid.net/ls/click?upn=u001.SMbza-2FRUkGsnUodPLALnt4HF6mTxpWJx47f-2FNIfKnb0nrjC0q-2FYirx0H5KK2Falj-aoA_EkonfaGHk3fp62DTWVGG7QLG7HSfwUfo5SeO2GHqVwBjWASiAwHyIw5xAy5YrZlC8CrCQR3tmbaX2jbuoVtZCgdk2JTMDuSwmRVd5MQzA2p3haS1-2FcJkdOn68BV9yvA4PYdRbzYAsDew-2BTq0ks5k420V1-2F07GINhy87abKQlg32Od3p4-2FgZxXo-2FctgH56OTTrz2-2FCbAscajTUy6zGubk-2B7FDj0pLwX1DGgV0dHQHn1j-2B16tU4AVI1SqeXhP-2Bjm9MFyC5Mav19ubr4xhyWXZPfmxSNlsmf3scldpEUMk7w-2B3e-2FTpDASI5dzQs3kz2gOggSpPGzupq6v5EWWd9cO9vFowvDfxu7StjxcsJSkbV8Yx82AHuhaA01RkOj8sE3CHG HTTP 302
https://oam.fairstone.ca/en/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1775842&time=1729169214424&url=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1775842&time=1729169214424&url=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin&e_ipv6=AQJzrLivH8uiLAAAAZKahEyKrFLtGJCyP2oGlI6GyKfjlMS7KNFmtw-JEh60F6fZkKsowswvGA5V21ZOqpXcS3hFAoQenw

Request Chain 50

https://secure.adnxs.com/px?id=1785564&seg=37340936&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1785564%26seg%3D37340936%26t%3D2

Request Chain 60

https://s.amazon-adsystem.com/iu3?pid=2c7b923a-2a0d-44bc-9a2f-5c125397f667&event=PageView&gtmVersion=3.5&ts=1729169214851 HTTP 302
https://s.amazon-adsystem.com/iu3?pid=2c7b923a-2a0d-44bc-9a2f-5c125397f667&event=PageView&gtmVersion=3.5&ts=1729169214851&dcc=t

Request Chain 108

https://region1.analytics.google.com/g/collect?v=2&tid=G-Q8NJ0QC7WK&gtm=45je4ag0v870661557z86866613za200zb6866613&_p=1729169213712&_gaz=1&gcs=G111&gcd=13t3t3t2t5l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=101529666~101686685&gdid=dYWJhMj&cid=653418318.1729169216&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1729169214&sct=1&seg=0&dl=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin&dt=Online%20account%20management%20for%20purchase%20financing%20accounts&en=page_view&_fv=1&_ss=1&_c=1&ep.gtm_container_version=GTM-WSVWM6%3A%20612&ep.page_language=en&tfd=3516 HTTP 302
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=653418318.1729169216&dbk=18290085024747068317&dma=1&dma_cps=syphamo&en=page_view&gcs=G111&gtm=45je4ag0v870661557z86866613za200zb6866613&npa=0&tid=G-Q8NJ0QC7WK&dl=https%3A%2F%2Foam.fairstone.ca%3F

Request Chain 114

https://pixel.quantserve.com/pixel;r=1896119185;labels=_fp.event.PageView;event=refresh;rf=0;a=p-NBcLVNp6C9daN;url=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin;ns=0;ce=1;qjs=1;qv=fd657345-20240925114642;ref=;d=fairstone.ca;dst=1;et=1729169215719;tzo=-120;ogl=;ses=e82956f6-ac6e-42a3-8726-12ffd2928981;uht=2;fpan=1;fpa=P0-1047400681-1729169215248;pbc=;cm=undefined;gdpr=0;mdl= HTTP 302
https://pixel-ssn.quantserve.com/pixel;r=1896119185;labels=_fp.event.PageView;event=refresh;rf=0;a=p-NBcLVNp6C9daN;url=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin;ns=0;ce=1;qjs=1;qv=fd657345-20240925114642;ref=;d=fairstone.ca;dst=1;et=1729169215719;tzo=-120;ogl=;ses=e82956f6-ac6e-42a3-8726-12ffd2928981;uht=2;fpan=1;fpa=P0-1047400681-1729169215248;pbc=;cm=undefined;gdpr=0;mdl=;dip=278300f0-7526-46b5-a79a-7b37652c403e

Request Chain 115

https://s.tribalfusion.com/insights?%7B%22tagKey%22%3A%221289214851%22%2C%22th%22%3A9304644153%2C%22version%22%3A%221.1%22%2C%22tKey%22%3A%22aQmneMQAfB3Hry0WUJmH6nSS38UKgkcr%22%2C%22url%22%3A%22https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin%22%2C%22clientName%22%3A%22Fairstone%2520Bank%2520of%2520Canada%22%2C%22clientID%22%3A818083%2C%22eventType%22%3A%22insights%22%2C%22segmentNumber%22%3A0%2C%22segmentName%22%3A%22Sitewide.%20Homepage%22%7D HTTP 302
https://a4.tribalfusion.com/ipg?ip6=2001:1b60:1010:3:1011:45af:a3ad:3558&kv=%7B%22ord%22%3A%201115967%2C%20%22clientID%22%3A%20818083%7D&redirect=https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662169771996469 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=exp

Request Chain 127

https://6501431.fls.doubleclick.net/activityi;src=6501431;type=fairs0;cat=fairs0;ord=3523905842784;npa=0;auiddc=1759408775.1729169215;gdid=dYWJhMj;ps=1;pcor=2030687430;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ag0v9189976264z86866613za201zb6866613;gcs=G111;gcd=13t3t3t2t5l1;dma_cps=syphamo;dma=1;tag_exp=101533422~101686685~101823848~101836705;epver=2;~oref=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin HTTP 302
https://6501431.fls.doubleclick.net/activityi;dc_pre=CJyAmqe5lYkDFf6Jgwcduc4J-g;src=6501431;type=fairs0;cat=fairs0;ord=3523905842784;npa=0;auiddc=1759408775.1729169215;gdid=dYWJhMj;ps=1;pcor=2030687430;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ag0v9189976264z86866613za201zb6866613;gcs=G111;gcd=13t3t3t2t5l1;dma_cps=syphamo;dma=1;tag_exp=101533422~101686685~101823848~101836705;epver=2;~oref=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin

138 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
oam.fairstone.ca/en/
Redirect Chain

https://u18537296.ct.sendgrid.net/ls/click?upn=u001.SMbza-2FRUkGsnUodPLALnt4HF6mTxpWJx47f-2FNIfKnb0nrjC0q-2FYirx0H5KK2Falj-aoA_EkonfaGHk3fp62DTWVGG7QLG7HSfwUfo5SeO2GHqVwBjWASiAwHyIw5xAy5YrZlC8CrCQR...
https://oam.fairstone.ca/en/login

1 KB
2 KB

864ms
439ms

Document
text/html

18.245.60.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://oam.fairstone.ca/en/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-102.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5b5dc8151787bff08d75498e2fc64d7f1e4ecefa1a7eaa5157f1f9323cae687a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;frame-ancestors 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-length: 1269
content-security-policy: upgrade-insecure-requests;frame-ancestors 'self' ;
content-type: text/html
date: Thu, 17 Oct 2024 12:46:54 GMT
etag: "d1e93a2004b6174f9f524f811c72cbf0"
last-modified: Thu, 17 Oct 2024 12:04:14 GMT
permissions-policy: geolocation=()
referrer-policy: no-referrer-when-downgrade
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
via: 1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
x-amz-cf-id: EkWT8hHFfaX-EebWByovh3-BzPCDDmteiC1MH8rmLfBClcIP83HOYw==
x-amz-cf-pop: FRA60-P5
x-amz-id-2: SCJXHEjvvbbpHhC1dhr2H0+9iLeptsZfFLFXuuUy8dJi9fS/yLP4AP0ciNK7G3+LNxDlx+MK3WVbnrqUWr4ypZf9eHHI1pRN
x-amz-request-id: NS1EFAXMDCPB9X5C
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 56
Content-Type: text/html; charset=utf-8
Date: Thu, 17 Oct 2024 12:46:52 GMT
Location: https://oam.fairstone.ca/en/login
Server: nginx
X-Robots-Tag: noindex, nofollow

GET
H2 200 EndsWith.js Show response
oam.fairstone.ca/ca-central-1/polyfill/ 293 B
872 B 40ms
38ms Script
application/javascript 18.245.60.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://oam.fairstone.ca/ca-central-1/polyfill/EndsWith.js

Requested by

Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/en/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-102.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

531edabd1b7ced398e36666fa6a370fc985f613c2f3e6a9765ae5fd34612c1a4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;frame-ancestors 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

etag: "7342c23a6042fcc45dca29c2139e69ab"
age: 75236
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: _W9XspPU0zEvBAa7meQN8iWZ48RzrzV69JaTzCc1_zE1yZioqZSKRA==
date: Wed, 16 Oct 2024 15:52:58 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 12:53:49 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;frame-ancestors 'self' ;
referrer-policy: no-referrer-when-downgrade
via: 1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
permissions-policy: geolocation=()
accept-ranges: bytes
content-length: 293
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 Includes.js Show response
oam.fairstone.ca/ca-central-1/polyfill/ 182 B
761 B 39ms
37ms Script
application/javascript 18.245.60.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://oam.fairstone.ca/ca-central-1/polyfill/Includes.js

Requested by

Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/en/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-102.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

924f135658805ba58c664ad6a7755f799a85381bda501d5ef8eb2e105a479687

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;frame-ancestors 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

etag: "6e101cb786933e96cb005a358afb33be"
age: 75236
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: zsaiKeEv_AmHyYMA_2a7y2K1XfeuFxxgdRhFPVPcVWJjNv0vOwE5xA==
date: Wed, 16 Oct 2024 15:52:58 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 12:53:48 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;frame-ancestors 'self' ;
referrer-policy: no-referrer-when-downgrade
via: 1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
permissions-policy: geolocation=()
accept-ranges: bytes
content-length: 182
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 main.5ce5995b.js Show response
oam.fairstone.ca/ca-central-1/static/js/ 2 MB
532 KB 29ms
29ms Script
application/javascript 18.245.60.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://oam.fairstone.ca/ca-central-1/static/js/main.5ce5995b.js

Requested by

Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/en/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-102.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

cf4a39da3c8dfae85c399d506c415102192db14ab1aa1ec8013bcafd13c44d72

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;frame-ancestors 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

content-encoding: br
etag: W/"f74d61879b16ef669e5789d59cb1225a"
age: 1273
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 1KzBj_cSS_duu5avNNuSWq7i0PelxEg3XFWUsstsTVc3mTli-tSQTw==
date: Thu, 17 Oct 2024 12:25:41 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 17 Oct 2024 12:04:15 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;frame-ancestors 'self' ;
referrer-policy: no-referrer-when-downgrade
via: 1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
permissions-policy: geolocation=()
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 main.c530e76f.css
oam.fairstone.ca/ca-central-1/static/css/ 170 KB
25 KB 41ms
39ms Stylesheet
text/css 18.245.60.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://oam.fairstone.ca/ca-central-1/static/css/main.c530e76f.css

Requested by

Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/en/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-102.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

eb1180bbd9bf49cdb1fb111988bbfe5e76630c73ea5c785bd24953c02a1efd40

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;frame-ancestors 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

content-encoding: br
etag: W/"bded7f6a37c1c76aa27a267917b3dcd5"
age: 75236
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 8Y1bG0Ht7aZhrTcbKgWff8VpxFdaslNK0h8NNM2U8yLZy839dXI5kQ==
date: Wed, 16 Oct 2024 15:52:58 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 16 Oct 2024 12:53:49 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;frame-ancestors 'self' ;
referrer-policy: no-referrer-when-downgrade
via: 1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
permissions-policy: geolocation=()
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 80ms
28ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;600&display=swap

Requested by

Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/ca-central-1/static/css/main.c530e76f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8e4051e892757a600ba202d40a84ed2534c76de840a12fcee0a3398dc4b7db4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/ca-central-1/static/css/main.c530e76f.css

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 12:46:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 12:46:53 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 17 Oct 2024 11:35:58 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 533 KB
138 KB 124ms
77ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WSVWM6&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/en/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c4820409e1996404acb80fa8db5ad53a92cee649e58027e2a8cfa6d85560f3d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

content-encoding: gzip
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Thu, 17 Oct 2024 12:46:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 12:46:53 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 17 Oct 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 140868
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 logger-1.min.js Show response
cdn.ingest-lr.com/ 854 KB
174 KB 67ms
32ms Script
text/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ingest-lr.com/logger-1.min.js

Requested by

Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/ca-central-1/static/js/main.5ce5995b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e730db385c29e329772cdc5ec852c528a7611a5fa084723560a99dc14718cdcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"56e75e33be02152eeedbf585d7ba27787b9f1c4434ec78cb0ec98b228cc5b324-br"
age: 207
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L2L8I0uRcGL%2FwOgyiACWH0x13GDmVfNsOGqzL30TpLvHMcCiy13t1ArrBYxLkW99rX2yVmz8iDINPEYYrcxgq9iXEHVNgAen1cOac6ZNtAAiFNF6ozsOLV128T6H8qLaxgVEOXtGwsEy6xakE6u5tw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: HIT
server-timing: cfExtPri
date: Thu, 17 Oct 2024 12:46:53 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 16 Oct 2024 20:18:23 GMT
x-served-by: cache-fra-eddf8230150-FRA
x-cache-hits: 13
vary: x-fh-requested-host, accept-encoding
strict-transport-security: max-age=31556926
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729112709.504152,VS0,VE0
cross-origin-resource-policy: cross-origin
cf-ray: 8d4064e20ca0d369-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 402650613d0bbda7_complete.js Show response
js-cdn.dynatrace.com/jstag/18f0de72187/bf55798edn/ 314 KB
115 KB 97ms
26ms Script
application/javascript 52.222.236.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js-cdn.dynatrace.com/jstag/18f0de72187/bf55798edn/402650613d0bbda7_complete.js
Requested by: Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/ca-central-1/static/js/main.5ce5995b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-7.fra56.r.cloudfront.net
Software: /
Resource Hash: 48debd556034aa67de99fd9d6ba70b71dbdb5b7931845c05688a2446f8dc7702

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://oam.fairstone.ca
Referer: https://oam.fairstone.ca/en/login

Response headers

dynatrace-response-id: AQQJM870T5C9
content-encoding: gzip
age: 162
expires: Thu, 17 Oct 2024 13:44:11 GMT
x-oneagent-js-injection: true
x-cache: Hit from cloudfront
x-amz-cf-id: JlCzJvWBC0sWA0CXlyOMgaGoMf2gNmLsOodHHNFQoFLkbq3lXt5izA==
date: Thu, 17 Oct 2024 12:44:11 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
timing-allow-origin: *
dynatrace-response-source: Cluster
traffic-source: UNKNOWN
via: 1.1 34fdfb7c7c11559df7e622af2b62f5ca.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P4

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7g.205045be683531a34e58.ttf
oam.fairstone.ca/ca-central-1/static/media/ 39 KB
40 KB 31ms
29ms Font
binary/octet-stream 18.245.60.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://oam.fairstone.ca/ca-central-1/static/media/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7g.205045be683531a34e58.ttf

Requested by

Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/ca-central-1/static/css/main.c530e76f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-102.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ed891295d5d4f70182e68bb3fa450a2b0bf22cfc89286c420632639fb6fd3510

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;frame-ancestors 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://oam.fairstone.ca
Referer: https://oam.fairstone.ca/ca-central-1/static/css/main.c530e76f.css

Response headers

etag: "123352716b6df5cc7d06e6edb5f9554b"
age: 75234
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: n37iWGJswpeV34TojsfkZhm_cPNUDQFSNKltimFyk6UxVFRtBn3W3w==
date: Wed, 16 Oct 2024 15:53:00 GMT
content-type: binary/octet-stream
last-modified: Wed, 16 Oct 2024 12:53:49 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;frame-ancestors 'self' ;
referrer-policy: no-referrer-when-downgrade
via: 1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
permissions-policy: geolocation=()
accept-ranges: bytes
content-length: 40408
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdr.007a43ce8ea223766111.ttf
oam.fairstone.ca/ca-central-1/static/media/ 39 KB
40 KB 32ms
30ms Font
binary/octet-stream 18.245.60.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://oam.fairstone.ca/ca-central-1/static/media/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdr.007a43ce8ea223766111.ttf

Requested by

Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/ca-central-1/static/css/main.c530e76f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-102.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

658fa08b32ae728ab7498ae847c47c1d9750c37ca79da6f685f125f56699d68c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;frame-ancestors 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://oam.fairstone.ca
Referer: https://oam.fairstone.ca/ca-central-1/static/css/main.c530e76f.css

Response headers

etag: "32f95a4b3e3d909ec3d5c37208f55d5d"
age: 75234
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: EJKf6iXAq1uf-A7LAWJMPK0PJd3GWy6ttASmEhJ1DSbiiLww1eYNXg==
date: Wed, 16 Oct 2024 15:53:00 GMT
content-type: binary/octet-stream
last-modified: Wed, 16 Oct 2024 12:53:49 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;frame-ancestors 'self' ;
referrer-policy: no-referrer-when-downgrade
via: 1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
permissions-policy: geolocation=()
accept-ranges: bytes
content-length: 40028
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdr.d0487a183b7966971115.ttf
oam.fairstone.ca/ca-central-1/static/media/ 39 KB
40 KB 95ms
93ms Font
binary/octet-stream 18.245.60.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://oam.fairstone.ca/ca-central-1/static/media/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdr.d0487a183b7966971115.ttf

Requested by

Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/ca-central-1/static/css/main.c530e76f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-102.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e44186395f92ca92a743b7bfce319e95f8a16705b772ae61fc46e8c00f6842c4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;frame-ancestors 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://oam.fairstone.ca
Referer: https://oam.fairstone.ca/ca-central-1/static/css/main.c530e76f.css

Response headers

etag: "07d81517c33a1f61c53338fc6221e8e5"
age: 75234
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: pqJc_y-6rAoxvVwQ8_whYA9h5s9nZnuFOnxvQe2WnPSzdcs-l35dxQ==
date: Wed, 16 Oct 2024 15:53:00 GMT
content-type: binary/octet-stream
last-modified: Wed, 16 Oct 2024 12:53:49 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;frame-ancestors 'self' ;
referrer-policy: no-referrer-when-downgrade
via: 1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
permissions-policy: geolocation=()
accept-ranges: bytes
content-length: 40076
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 403 feature-flags Show response
app.fairstone.ca/ 986 B
1 KB 75ms
23ms XHR
text/html 18.245.86.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.fairstone.ca/feature-flags
Requested by: Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/ca-central-1/static/js/main.5ce5995b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-66.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: f3793d1587f9024b4bde7b2e892fb5913f6faf91d5e82a70b11d1d3461de61b1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://oam.fairstone.ca/en/login

Response headers

access-control-expose-headers: *
via: 1.1 a84e87b6b82308dbc0e331c3e28c23c6.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Error from cloudfront
content-length: 986
x-amz-cf-id: 0mDtZcmHeo-z1Q--Awl7qwumstp5mJh7-Cbf3wLd4Ilk8rUQywsJVw==
date: Thu, 17 Oct 2024 12:46:53 GMT
content-type: text/html
x-amz-cf-pop: FRA60-P6
server: CloudFront

GET bb354a55-d0b0-4427-9a7b-896680f2767c
https://oam.fairstone.ca/ Frame 0
0

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 22 KB
8 KB 109ms
33ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js?did=018ea968-bbcb-77c3-84d5-ebb424303255

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSVWM6&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efad755939e511f2bc1feb0d58d6014006e8598a4d431f27a66dd59e14fc19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

content-md5: uiXk8gw/ehyoMvZ3GeQiaQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCEDAD087F157F
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 65097
x-content-type-options: nosniff
date: Thu, 17 Oct 2024 12:46:54 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 06:37:40 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 97951482-501e-0072-1cf4-1fe2b4000000
cf-ray: 8d4064e38f88dbe3-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7214
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H3 200 crypto-js.min.js Show response
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/ 47 KB
14 KB 94ms
36ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/crypto-js.min.js

Requested by

Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/en/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eab5d90a71736f267af39fdf32caa8c71673fd06703279b01e0f92b0d7be0bfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://oam.fairstone.ca
Referer: https://oam.fairstone.ca/en/login

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03e2d-bb78"
age: 585553
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Th756xlvlmKve%2Fh0FAn4uo9ZjtOZFdl3jWLp5ns5ndiydNy909g2LFDjjEHGKGNFh8g1FTWhly0Ly%2BcgXEBsEliljr58dRmcl0BQFryut4LciNltS3wnYQxgdARRdXzxcqCStEczdA3V%2FIb5RXojM1nR"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 07 Oct 2025 12:46:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 12:46:54 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:09:17 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d4064e37d47dbcd-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14107
server: cloudflare

POST
H2 202 capture Show response
capture.trackjs.com/ 0
172 B 404ms
121ms XHR
text/plain 15.235.54.6
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.trackjs.com/capture?token=c7fa76c0c98e4559af59eff773479d45&v=3.10.4
Requested by: Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/ca-central-1/static/js/main.5ce5995b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 15.235.54.6 , Canada, ASN16276 (OVH, FR),
Reverse DNS: prd-capture-5.tjsint.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://oam.fairstone.ca/en/login

Response headers

access-control-max-age: 86400
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
content-length: 0
date: Thu, 17 Oct 2024 12:46:54 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS

GET
H2 200 ruxitagent_D_10299241001084140.js Show response
js-cdn.dynatrace.com/jstag/18f0de72187/ 42 KB
16 KB 23ms
20ms Script
application/javascript 52.222.236.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js-cdn.dynatrace.com/jstag/18f0de72187/ruxitagent_D_10299241001084140.js
Requested by: Host: js-cdn.dynatrace.com
URL: https://js-cdn.dynatrace.com/jstag/18f0de72187/bf55798edn/402650613d0bbda7_complete.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-7.fra56.r.cloudfront.net
Software: /
Resource Hash: 7a28f558e497f8ecebc8242ccba48de0e9cb6a1d9a49a2daf020935ea9449e27

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://oam.fairstone.ca
Referer: https://oam.fairstone.ca/en/login

Response headers

dynatrace-response-id: PP43KLW4HAKW
content-encoding: gzip
age: 1382441
expires: Wed, 01 Oct 2025 12:46:12 GMT
x-oneagent-js-injection: true
x-cache: Hit from cloudfront
x-amz-cf-id: wNzvE24AUPzslfC4Lhdaw9oliu_DE0ptQiR1El-thb1ija43tP50wg==
date: Tue, 01 Oct 2024 12:46:12 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
dynatrace-response-source: Cluster
traffic-source: UNKNOWN
via: 1.1 34fdfb7c7c11559df7e622af2b62f5ca.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P4

GET
H2 200 018ea968-bbcb-77c3-84d5-ebb424303255.json Show response
cdn.cookielaw.org/consent/018ea968-bbcb-77c3-84d5-ebb424303255/ 8 KB
3 KB 116ms
67ms XHR
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/018ea968-bbcb-77c3-84d5-ebb424303255/018ea968-bbcb-77c3-84d5-ebb424303255.json

Requested by

Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/ca-central-1/static/js/main.5ce5995b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7566ed5003866dd02b611157822d2fae573d43dc40dba5df228c2685bdc73adc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

content-md5: lrCDjzGaMkPGbi31GRkwag==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DCEDF365DBE3CE
age: 54881
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Fri, 18 Oct 2024 12:46:54 GMT
date: Thu, 17 Oct 2024 12:46:54 GMT
content-type: application/json
last-modified: Wed, 16 Oct 2024 15:01:22 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 3fbd2035-b01e-0073-19dc-1fe349000000
cf-ray: 8d4064e4184037eb-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2395
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H/1.1 200
OK usage.gif
usage.trackjs.com/ 43 B
273 B 374ms
114ms Image
image/gif 148.113.163.172
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usage.trackjs.com/usage.gif?token=c7fa76c0c98e4559af59eff773479d45&correlationId=ad7549cf-e70a-435d-aed8-8d49140f5287&application=roam&x=3e704ff4-243a-4648-8397-d651fedf3f3d&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.113.163.172 , Canada, ASN16276 (OVH, FR),
Reverse DNS: prd-usage-5.tjsint.net
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

Cross-Origin-Resource-Policy: cross-origin
Content-Length: 43
Date: Thu, 17 Oct 2024 12:46:54 GMT
Content-Type: image/gif
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 238 KB
86 KB 59ms
37ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-963056520&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSVWM6&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

da026293c60fd1260b8e8ba7f9e802e0286d494339c72f8fd4d1735f2ed3d279

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Thu, 17 Oct 2024 12:46:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 12:46:54 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 17 Oct 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 87474
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 285 KB
97 KB 66ms
45ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-868121167&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSVWM6&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

61beacb4cd56eeb260d049582a39a567acd852dda78a7a3fc284d859544c0cdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Thu, 17 Oct 2024 12:46:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 12:46:54 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 17 Oct 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 98744
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 bat.js Show response
bat.bing.com/ 50 KB
15 KB 274ms
51ms Script
application/javascript 2620:1ec:33:3::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSVWM6&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:3::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "028e0691d20db1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 86DA06AD8F5843048210D3BAB8F61097 Ref B: LON212050704003 Ref C: 2024-10-17T12:46:54Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14570
date: Thu, 17 Oct 2024 12:46:53 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 22:47:44 GMT
vary: Accept-Encoding

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 257ms
37ms Script
application/javascript 2a02:26f0:3500:10::210:a99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSVWM6&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

cache-control: max-age=57005
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 14628
date: Thu, 17 Oct 2024 12:46:54 GMT
last-modified: Thu, 22 Aug 2024 10:43:55 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
295 B 245ms
50ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/ca-central-1/static/js/main.5ce5995b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: application/json
Referer: https://oam.fairstone.ca/en/login

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
access-control-allow-methods: GET, OPTIONS
cf-ray: 8d4064e5dace364e-FRA
access-control-allow-origin: *
date: Thu, 17 Oct 2024 12:46:54 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Content-Type

GET
H2 200 logo_fairstone_32px.ico
oam.fairstone.ca/ca-central-1/assets/ 1 KB
2 KB 27ms
26ms Other
image/vnd.microsoft.icon 18.245.60.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://oam.fairstone.ca/ca-central-1/assets/logo_fairstone_32px.ico?V=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-102.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f3e5e92420d3ce2b8a44ff4144890cf2b14e03015076bfd64050329c77ae3bbd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;frame-ancestors 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

etag: "9779dcfa7b74e51aa55c853be0606649"
age: 74603
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: rcdlKObgfzV_ZSjP5os9nH9KwNv92fd-uSJS3ES9f8z7F3dZgN37uw==
date: Wed, 16 Oct 2024 16:03:32 GMT
content-type: image/vnd.microsoft.icon
last-modified: Wed, 16 Oct 2024 12:53:48 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;frame-ancestors 'self' ;
referrer-policy: no-referrer-when-downgrade
via: 1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
permissions-policy: geolocation=()
accept-ranges: bytes
content-length: 1222
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 logo_fairstone_32px.ico
oam.fairstone.ca/ca-central-1/assets/ 1 KB
491 B 34ms
29ms Other
image/vnd.microsoft.icon 18.245.60.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://oam.fairstone.ca/ca-central-1/assets/logo_fairstone_32px.ico?V=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-102.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f3e5e92420d3ce2b8a44ff4144890cf2b14e03015076bfd64050329c77ae3bbd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;frame-ancestors 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

etag: "9779dcfa7b74e51aa55c853be0606649"
age: 74603
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 9KH3tTpqxVMyGDDP3v7kB0HWKRAMAU0JDCXZQY3N9qn1WbJk3mhzRg==
date: Thu, 17 Oct 2024 12:46:54 GMT
content-type: image/vnd.microsoft.icon
last-modified: Wed, 16 Oct 2024 12:53:48 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;frame-ancestors 'self' ;
referrer-policy: no-referrer-when-downgrade
via: 1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
permissions-policy: geolocation=()
accept-ranges: bytes
content-length: 1222
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET 3c6a1ef8-b506-40d7-b904-eac3ce09764b
https://oam.fairstone.ca/ Frame 0
0

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202405.2.0/ 451 KB
110 KB 51ms
30ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202405.2.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js?did=018ea968-bbcb-77c3-84d5-ebb424303255

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

402dda334f81814b077c20d0d093636239c027f3e82996fd7c12cb91aa57540a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

content-md5: Ryx3T13YxV6i1yEKSnAPIA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCA5E423ECD5E2
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 56586
x-content-type-options: nosniff
date: Thu, 17 Oct 2024 12:46:54 GMT
content-type: application/javascript
last-modified: Tue, 16 Jul 2024 22:10:45 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 5397dca7-d01e-0041-53f9-19bb99000000
cf-ray: 8d4064e65f71dbe3-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 112015
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
817 B 255ms
171ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=1775842&time=1729169214424&url=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin
Requested by: Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/ca-central-1/static/js/main.5ce5995b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: *
Referer: https://oam.fairstone.ca/en/login

Response headers

x-li-pop: afd-prod-ltx1-x
content-encoding: gzip
x-fs-uuid: 000624ab94cab372b6a8d2814848cc67
x-msedge-ref: Ref A: 8EC0A85AF3C74E26BFDCE94B5EA6B2AF Ref B: FRAEDGE1209 Ref C: 2024-10-17T12:46:54Z
x-li-fabric: prod-ltx1
x-restli-protocol-version: 1.0.0
access-control-allow-methods: GET, OPTIONS
x-li-uuid: AAYkq5TKs3K2qNKBSEjMZw==
x-li-proto: http/2
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Thu, 17 Oct 2024 12:46:54 GMT
content-type: application/json
access-control-allow-headers: *

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1775842&time=1729169214424&url=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1775842&time=1729169214424&url=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin&e_ipv6=AQJzrLivH8uiLAAAAZKahEyKrFLtGJCyP2oGlI6GyKfjlMS7KNFmtw-JEh60F6f...

0
265 B

354ms
206ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1775842&time=1729169214424&url=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin&e_ipv6=AQJzrLivH8uiLAAAAZKahEyKrFLtGJCyP2oGlI6GyKfjlMS7KNFmtw-JEh60F6fZkKsowswvGA5V21ZOqpXcS3hFAoQenw
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 2A41B3DBAFB04C829F8C33C68917334C Ref B: FRAEDGE1515 Ref C: 2024-10-17T12:46:54Z
x-li-fabric: prod-lor1
x-li-uuid: AAYkq5TP9XwWPOT1GH8R3A==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Thu, 17 Oct 2024 12:46:54 GMT
content-type: application/javascript

Redirect headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1775842&time=1729169214424&url=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin&e_ipv6=AQJzrLivH8uiLAAAAZKahEyKrFLtGJCyP2oGlI6GyKfjlMS7KNFmtw-JEh60F6fZkKsowswvGA5V21ZOqpXcS3hFAoQenw
x-msedge-ref: Ref A: DA4F8FAB0682465E8E4EF812221AC8AC Ref B: FRAEDGE1619 Ref C: 2024-10-17T12:46:54Z
x-li-fabric: prod-lor1
x-li-uuid: AAYkq5TK4+nix/WZz8pMMw==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Thu, 17 Oct 2024 12:46:54 GMT

GET
H2 200 5613842.js Show response
bat.bing.com/p/action/ 370 B
421 B 53ms
47ms Script
application/javascript 2620:1ec:33:3::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5613842.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:3::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a791796f72eea3c5febcbe84acc17e5e8e434e71036ea481b168dc4f41f12a9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7F173DE99F364DF399924CF2AA6115BC Ref B: LON212050704003 Ref C: 2024-10-17T12:46:54Z
x-cache: CONFIG_NOCACHE
date: Thu, 17 Oct 2024 12:46:54 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

POST
H2 204 0
bat.bing.net/actionp/ 0
345 B 143ms
45ms Ping
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.net/actionp/0?ti=5613842&tm=gtm002&Ver=2&mid=e7f1c4e7-798b-44e2-804a-790860f0e506&bo=1&evt=consent&src=enforced&cdb=AQAI&asc=D
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2C88CF56E7A649BEB359B973062804F0 Ref B: FRA31EDGE0105 Ref C: 2024-10-17T12:46:54Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Thu, 17 Oct 2024 12:46:53 GMT

GET
H2 204 0
bat.bing.net/action/ 0
119 B 143ms
47ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.net/action/0?ti=5613842&tm=gtm002&Ver=2&mid=e7f1c4e7-798b-44e2-804a-790860f0e506&bo=2&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Online%20account%20management%20for%20purchase%20financing%20accounts&p=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin&r=&lt=1997&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=650561
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2CC0535EF26C4755972E153A40C8AEFF Ref B: FRA31EDGE0105 Ref C: 2024-10-17T12:46:54Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Thu, 17 Oct 2024 12:46:53 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/018ea968-bbcb-77c3-84d5-ebb424303255/01926799-c7c6-75ca-b80b-0177f1b532f0/01926799-ce9c-7194-bf60-6f4ff5ecf7bf/ 76 KB
16 KB 57ms
56ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/018ea968-bbcb-77c3-84d5-ebb424303255/01926799-c7c6-75ca-b80b-0177f1b532f0/01926799-ce9c-7194-bf60-6f4ff5ecf7bf/en.json

Requested by

Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/ca-central-1/static/js/main.5ce5995b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed1667a9167bdc29865690a5d728256c5cbefaec7f9d50ee2f7a82c14fc96721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

content-md5: DkryuuLUedcmVFoSMmfHYA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DCEDF36BD5BF78
age: 74605
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Fri, 18 Oct 2024 12:46:54 GMT
date: Thu, 17 Oct 2024 12:46:54 GMT
content-type: application/json
last-modified: Wed, 16 Oct 2024 15:01:32 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 0778e18b-c01e-00ff-66dc-1fae12000000
cf-ray: 8d4064e71ca437eb-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16395
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 334 KB
108 KB 81ms
77ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q8NJ0QC7WK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSVWM6&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a95334d40f8fa08fcc51145d8d4427ca26de4888aabf81090229b9a79c4e552f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 17 Oct 2024 12:46:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 12:46:54 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 110868
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 236 KB
86 KB 73ms
72ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-F41R5T0N3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSVWM6&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6ab6f7f304c7c9ef84d082b18ba70cfaead75c6c0a7dd5ecc5d925a5a575ea71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 17 Oct 2024 12:46:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 12:46:54 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 17 Oct 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 87612
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 227 KB
58 KB 97ms
33ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSVWM6&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5bbd9766838bf11e3ff360ec5cbb60d6ada352fbad7f7691e24f847313b9b1d4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Oct 2024 12:46:54 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=23, mss=1232, tbw=4448, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: BRejVs4CuDvv6UDy4OWZfmdEHDs9BNFuVgXKSVncwdRj30q2UCoT5qVCY6zJsYkQPKsGcRTIb+LPvME+auRMRw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59352
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 126ms
35ms Script
application/javascript 2a04:4e42:600::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSVWM6&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 919293e56b6a814a84a579b014f63a2423b0419c418494da7baa7c0c5893cde1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

access-control-max-age: 86400
access-control-expose-headers: X-CDN
cache-control: max-age=7200
content-encoding: br
etag: "b37f6fea55e9029c9c9d413c47f69cb7"
x-cdn: fastly
access-control-allow-methods: GET
alt-svc: h3=":443";ma=600
access-control-allow-origin: *
content-length: 1878
date: Thu, 17 Oct 2024 12:46:54 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-amz-server-side-encryption: AES256

GET
H2 200 scevent.min.js Show response
sc-static.net/ 55 KB
24 KB 124ms
36ms Script
application/javascript 3.163.248.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSVWM6&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.163.248.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: ffaf3b7f34955e1c40b72cab3f9c84a08869774c525b76cbca16dc4b08593b08

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

cache-control: private, s-maxage=0, max-age=600
content-encoding: gzip
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 23694
x-amz-cf-id: i-0s7MiQhfXbdPD6a1cV6eq6EZlnDDySCexDdJJIwjZibBnILx1UFg==
date: Thu, 17 Oct 2024 12:46:54 GMT
content-type: application/javascript;charset=utf-8
x-amz-cf-pop: FRA60-P1
server: CloudFront
access-control-allow-headers: Content-Type

GET
H2 200 amzn.js Show response
c.amazon-adsystem.com/aat/ 20 KB
7 KB 136ms
45ms Script
application/javascript 13.224.186.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aat/amzn.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSVWM6&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-120.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94a0a3c0673d4f3df2968b07d166da482c084aed9e42bd688e91fef7b542a5cc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

vary: Accept-Encoding
content-encoding: gzip
x-amz-version-id: IqMkJCJ9FL02PPSZO8jXnJ4SGBMhrQ95
etag: W/"f292ecd95650f3a734ce4669c00e2432"
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront), 1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
x-cache: RefreshHit from cloudfront
x-amz-cf-id: MAuPuV676JXA8pyy49p1_JoyhrILGXdJjHNad9LSqVTpkwlqi_-FBw==
date: Wed, 16 Oct 2024 20:00:06 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 16:46:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3, FRA2-C1
x-amz-server-side-encryption: AES256

GET
H2 200 braze.no-amd.min.js Show response
js.appboycdn.com/web-sdk/4.8/ 198 KB
58 KB 136ms
45ms Script
application/javascript 2606:4700::6810:7709
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.appboycdn.com/web-sdk/4.8/braze.no-amd.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSVWM6&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:7709 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 974028b9da7d3879211c9f8a75f220e73f33176764418e5879f75e301543c223

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

x-amz-id-2: pY6cpLtRYi4jE8vdTpjOrK2XvPNXOy64pa8BaTRiA5q05tad1kd8MOG9gKqg+JRhH/sacGLwmAVG/uTU8E6dZJYftNCoBOTC9EKRCaybxb4=
cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"1156b0828b527f1f5de1a36da0b2ef12"
age: 2852
x-amz-request-id: 68B8SQX1HGY1KY5Z
expires: Thu, 17 Oct 2024 16:46:54 GMT
cf-ray: 8d4064e86cc48fda-FRA
date: Thu, 17 Oct 2024 12:46:54 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 11 Jul 2023 17:02:21 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 salemove_integration.js Show response
api.salemove.com/ 9 KB
10 KB 177ms
12ms Script
application/javascript 2600:9000:2724:3600:17:4c3f:1b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.salemove.com/salemove_integration.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSVWM6&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:3600:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a39fda84d9a110d7deecae1b8926b1ac860dd1c76f79e14b3a0d740c315c58c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
etag: "3466cc6f2068120138b624ff9fd4a77b"
age: 1162
via: 1.1 1270eda8f49e8826b43258fcc9ef44d2.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 9323
x-amz-cf-id: DTii-7k8Y08pajH-MxSTjFTFO0CiUZkT47_UzyBYpzODm7bcPMBssw==
date: Thu, 17 Oct 2024 12:27:40 GMT
content-type: application/javascript
last-modified: Mon, 14 Oct 2024 17:00:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
x-amz-server-side-encryption: AES256

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 270ms
110ms Script
application/javascript 184.86.103.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C40PDC9U9OSI9F1LMVR0&lib=ttq
Requested by: Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/en/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.103.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-103-219.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 459522c82146cee5dcd2245caa803cea45cbe24d85738abdc5fecb68669d8236

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

content-encoding: gzip
expires: Thu, 17 Oct 2024 12:46:54 GMT
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=0, origin; dur=94
x-cache: TCP_MISS from a184-86-102-216.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
date: Thu, 17 Oct 2024 12:46:54 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: b1375ce
x-tt-trace-host: 01f8142ac9864b932f9774d2bcec67772dd242ac6b39c1029148d23cc525695d0a297615105c042191f8f80b93aa9c0b15a3b3257086298d3971a1a6721871b3397935cc26f1a5b0ead52977c583b8747e2fc0b22e99f2ee87d59a15ccfe158f13
x-origin-response-time: 94,184.86.102.216
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24101712465464A4165DCF341F417764-1B6BC0D23CC6D681-00
content-length: 2006
x-tt-logid: 2024101712465464A4165DCF341F417764
server: nginx

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 266ms
109ms Script
application/javascript 184.86.103.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C4FSL09CF95KKVVHNHV0&lib=ttq
Requested by: Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/en/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.103.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-103-219.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8b6ac9736be5b1ebfb38591812e9a40c2dfc903b7efb2ffd5d04ceb5e7a6cb2b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

content-encoding: gzip
expires: Thu, 17 Oct 2024 12:46:54 GMT
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=0, origin; dur=95
x-cache: TCP_MISS from a184-86-102-216.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
date: Thu, 17 Oct 2024 12:46:54 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: b1375d0
x-tt-trace-host: 01f8142ac9864b932f9774d2bcec67772dd242ac6b39c1029148d23cc525695d0a0673bbc739580d8fc34ba996876c81e688f65dfb76162b25b826d63dd55f84c72656aec2ce23d6b160e378bfa538d9db83b55c362019e6ae00244e60b99bd76c
x-origin-response-time: 95,184.86.102.216
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24101712465451FCEC04078DDD3AF9A5-5316DCB6897DCDBB-00
x-tt-logid: 2024101712465451FCEC04078DDD3AF9A5
server: nginx

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 19 KB
7 KB 196ms
40ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/en/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

aebe8df81ee2ba5bc51e3abc322910ee5122a0ac06edfbcf7a04e1659d17dc9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

content-encoding: gzip
etag: "bc033c3a83e1880e480086bf11ac0b0a-df"
x-amz-version-id: JRuD6BVFDpXh1T7iUrCVWNpcX_ACBwVG
age: 2632
x-content-type-options: nosniff
date: Thu, 17 Oct 2024 12:03:04 GMT
last-modified: Wed, 28 Aug 2024 12:33:10 GMT
vary: Origin, Accept-Encoding
x-amz-expiration: expiry-date="Fri, 03 Oct 2025 00:00:00 GMT", rule-id="oath-standard-lifecycle"
content-type: application/javascript
x-amz-id-2: eSPIonP8NtdfeZDWsXGZZYKXSYulT5icup6PNBE5RHhR+nUNX/PHJjW/zCSkTvIOPe/wj2it4nA=
strict-transport-security: max-age=31536000
cache-control: public,max-age=3600
ats-carp-promotion: 1, 1
referrer-policy: no-referrer-when-downgrade
x-amz-request-id: GP53ZKHQ6HJ8YMJQ
x-ycpi: 1
accept-ranges: bytes
content-length: 6826
x-xss-protection: 1; mode=block
server: ATS
x-amz-server-side-encryption: AES256

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
10 KB 182ms
24ms Script
application/javascript 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/en/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 20133cc700841ec85f087ff9834a922b482b9135e98574a9afebade4c754558c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

cache-control: private, max-age=604800
content-encoding: gzip
etag: "HP/dXILNCv8vRT01LqWQOg=="
expires: Thu, 24 Oct 2024 12:46:55 GMT
accept-ranges: bytes
date: Thu, 17 Oct 2024 12:46:55 GMT
content-type: application/javascript
vary: Accept-Encoding

GET
H/1.1 200
OK pixie.js Show response
acdn.adnxs.com/dmp/up/ 25 KB
9 KB 103ms
30ms Script
application/javascript 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/up/pixie.js
Requested by: Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/en/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2dde2110b2815bd940b5d681c6bc59f8f65bc1a57049fab33748967266d79f65

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

Content-Encoding: gzip
ETag: W/"670fef03-6401"
Age: 71689
Expires: Thu, 17 Oct 2024 16:52:08 GMT
X-Cache: HIT, HIT
Date: Thu, 17 Oct 2024 12:46:54 GMT
Content-Type: application/javascript
Last-Modified: Wed, 16 Oct 2024 16:51:15 GMT
X-Served-By: cache-lga21930-LGA, cache-fra-etou8220141-FRA
X-Cache-Hits: 15, 4933
Vary: Accept-Encoding
Cache-Control: max-age=86402
X-Timer: S1729169215.935597,VS0,VE0
Connection: keep-alive
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 8745
Server: nginx/1.18.0 (Ubuntu)

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 51 KB
13 KB 97ms
28ms Script
application/x-javascript 18.172.103.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSVWM6&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.103.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-103-101.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ced3b19dbaf9805d635d9b2e6af1d83c752d8e677ef41728c3aa1e5990f6ff3f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Encoding: gzip
ETag: W/"c344dc53c8de38f6fc7ffc8afeeeee6e"
Age: 39759
Connection: keep-alive
Via: 1.1 fd9d525f4633063393693172d96013ca.cloudfront.net (CloudFront)
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: lf_6SQwpp5PXKjgqKyzeZhqJeX73sStCxxOaXKVNmt5IlhPNIREitQ==
Date: Thu, 17 Oct 2024 01:44:16 GMT
Content-Type: application/x-javascript
Last-Modified: Tue, 15 Oct 2024 06:56:09 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P8
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK td.min.js Show response
cdn.treasuredata.com/sdk/2.5/ 62 KB
21 KB 139ms
26ms Script
application/javascript 13.32.99.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.treasuredata.com/sdk/2.5/td.min.js
Requested by: Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/en/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-18.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 91151fed4a0bc63a6d12e5262a85f66327d1b67f559acadff2a65d7916bfb600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

Content-Encoding: gzip
Etag: W/"4f1ce36f0d9560ba0d6a0e483de33ea8"
Age: 10420773
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: uAoKXSt0HwDMpsh63sFt3G3fR6UY861EQum6-LiZA4GtbtTH8v8pFA==
Date: Tue, 18 Jun 2024 22:07:21 GMT
Content-Type: application/javascript
Last-Modified: Mon, 08 Mar 2021 12:38:23 GMT
Vary: Accept-Encoding
Transfer-Encoding: chunked
Cache-Control: public, max-age=315360000
Connection: keep-alive
Cross-Origin-Resource-Policy: cross-origin
Via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P3
Server: AmazonS3

GET
H3 200 pixel.js Show response
a.tribalfusion.com/pixel/tags/Fairstone%20Bank%20of%20Canada/818083/ 13 KB
3 KB 252ms
197ms Script
application/x-javascript 2606:4700:4400::ac40:963f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.tribalfusion.com/pixel/tags/Fairstone%20Bank%20of%20Canada/818083/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSVWM6&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:963f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21b6025fcd2e1d0d4ba6f594eb39cfeb0f29d419dbc65ba1bd8e806108c08479

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: 4263473920539724434
expires: Thu, 17 Oct 2024 13:46:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
p3p: CP="NOI DEVo TAIa OUR BUS"
date: Thu, 17 Oct 2024 12:46:55 GMT
content-type: application/x-javascript
last-modified: Tue, 01 Oct 2024 09:11:02 GMT
vary: Accept-Encoding
cache-control: max-age=3600, private
x-function: 151
cf-ray: 8d4064e95c2ed29a-FRA
x-reuse-index: 603
content-length: 3200
server: cloudflare

GET
H2

200

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1785564&seg=37340936&t=2
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1785564%26seg%3D37340936%26t%3D2

43 B
1 KB

39ms
37ms

Image
image/gif

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1785564%26seg%3D37340936%26t%3D2

Protocol

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 217.114.215.132; 217.114.215.132; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 86cae03c-be1f-482c-873c-d3ceedf71149
content-length: 43
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Thu, 17 Oct 2024 12:46:54 GMT
x-xss-protection: 0
content-type: image/gif
server: nginx/1.23.4

Redirect headers

cache-control: no-store, no-cache, private
location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1785564%26seg%3D37340936%26t%3D2
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin: 217.114.215.132; 217.114.215.132; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid: 42f521dd-45a4-49bf-bb89-f5d10a229b71
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Thu, 17 Oct 2024 12:46:54 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H2 200 otFloatingRounded.json Show response
cdn.cookielaw.org/scripttemplates/202405.2.0/assets/ 10 KB
3 KB 51ms
49ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202405.2.0/assets/otFloatingRounded.json

Requested by

Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/ca-central-1/static/js/main.5ce5995b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a46f91cabe458009c3ae8788c1901c2aa7ded5131630ffc004fc0ad234c63889

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

content-md5: WVLsU1hdXRRE26DuHsEIMg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCA5E41F84D2D8
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 49341
x-content-type-options: nosniff
date: Thu, 17 Oct 2024 12:46:54 GMT
content-type: application/json
last-modified: Tue, 16 Jul 2024 22:10:37 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 69b51275-101e-00d4-3361-d8daaa000000
cf-ray: 8d4064e7ee1a37eb-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2622
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/202405.2.0/assets/v2/ 64 KB
14 KB 62ms
61ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202405.2.0/assets/v2/otPcTab.json

Requested by

Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/ca-central-1/static/js/main.5ce5995b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e31226785d7fabf5f5f98c4c0e3caf4e18cfd4b9f5bdd84422585cc65e81720

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

content-md5: ytzNuvchBbS9ynH4FxVlOw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCA5E421117D2B
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 49341
x-content-type-options: nosniff
date: Thu, 17 Oct 2024 12:46:54 GMT
content-type: application/json
last-modified: Tue, 16 Jul 2024 22:10:40 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 41d54a6d-e01e-00ca-7360-d80047000000
cf-ray: 8d4064e7fe2037eb-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13725
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202405.2.0/assets/ 24 KB
4 KB 51ms
49ms Fetch
text/css 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202405.2.0/assets/otCommonStyles.css

Requested by

Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/ca-central-1/static/js/main.5ce5995b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c52550189ad7a781a37919af639c2d6a786821aad8b982daa6a54af46817b8fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

content-md5: 9eusssrwoAzVOVsIadvhfQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 49341
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 17 Oct 2024 12:46:54 GMT
content-type: text/css
last-modified: Tue, 16 Jul 2024 22:10:51 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 4769862b-901e-0009-6307-f48904000000
cf-ray: 8d4064e7fe2237eb-FRA
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/963056520/ 5 KB
2 KB 112ms
58ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/963056520/?random=1729169214284&cv=11&fst=1729169214284&bg=ffffff&guid=ON&async=1&gtm=45be4ag0z86866613za201zb6866613&gcd=13t3t3t2t5l1&dma_cps=syphamo&dma=1&tag_exp=101533422~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin&hn=www.googleadservices.com&frm=0&tiba=Online%20account%20management%20for%20purchase%20financing%20accounts&did=dYWJhMj&gdid=dYWJhMj&npa=0&pscdl=noapi&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-963056520&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75cd492cd6cb0415ba52ea9ccbc93ecd53c9bf64b4c5b0d43e47b71b91c388ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2337
date: Thu, 17 Oct 2024 12:46:54 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 963056520
td.doubleclick.net/td/rul/ Frame DE86 0
0 124ms
39ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/963056520?random=1729169214284&cv=11&fst=1729169214284&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ag0z86866613za201zb6866613&gcd=13t3t3t2t5l1&dma_cps=syphamo&dma=1&tag_exp=101533422~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin&hn=www.googleadservices.com&frm=0&tiba=Online%20account%20management%20for%20purchase%20financing%20accounts&did=dYWJhMj&gdid=dYWJhMj&npa=0&pscdl=noapi&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-963056520&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oam.fairstone.ca/en/login
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Oct 2024 12:46:54 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/868121167/ 5 KB
2 KB 84ms
58ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/868121167/?random=1729169214296&cv=11&fst=1729169214296&bg=ffffff&guid=ON&async=1&gtm=45be4ag0v878133823z86866613za201zb6866613&gcd=13t3t3t2t5l1&dma_cps=syphamo&dma=1&tag_exp=101533421~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin&hn=www.googleadservices.com&frm=0&tiba=Online%20account%20management%20for%20purchase%20financing%20accounts&did=dYWJhMj&gdid=dYWJhMj&npa=0&pscdl=noapi&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-868121167&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82cd140a4556995accd267ce349526b8eaa86ede83b8cc097663594ec38a1815

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2343
date: Thu, 17 Oct 2024 12:46:54 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 868121167
td.doubleclick.net/td/rul/ Frame 1537 0
0 122ms
41ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/868121167?random=1729169214296&cv=11&fst=1729169214296&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ag0v878133823z86866613za201zb6866613&gcd=13t3t3t2t5l1&dma_cps=syphamo&dma=1&tag_exp=101533421~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin&hn=www.googleadservices.com&frm=0&tiba=Online%20account%20management%20for%20purchase%20financing%20accounts&did=dYWJhMj&gdid=dYWJhMj&npa=0&pscdl=noapi&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-868121167&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oam.fairstone.ca/en/login
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Oct 2024 12:46:54 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect
www.google.com/ccm/ 0
0 177ms
59ms Ping
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin&scrsrc=www.googletagmanager.com&frm=0&rnd=448347794.1729169215&auid=1759408775.1729169215&npa=0&gtm=45He4ag0v6866613za200&gcs=G111&gcd=13t3t3t2t5l1&dma_cps=syphamo&dma=1&tag_exp=101686685&tft=1729169214812&tfd=2684&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSVWM6&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

GET
H2 200 main.97c41ef3.js Show response
s.pinimg.com/ct/lib/ 82 KB
23 KB 36ms
22ms Script
application/javascript 2a04:4e42:600::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e2d60cdf4948bf1fcc89d3e1fb4875dbfe0cd45125eced25eb220b5fd72abe73

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

access-control-max-age: 86400
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
content-encoding: br
etag: "e1539e83e14f862d3b381b23e74d63fa"
x-cdn: fastly
access-control-allow-methods: GET
alt-svc: h3=":443";ma=600
access-control-allow-origin: *
content-length: 23701
date: Thu, 17 Oct 2024 12:46:54 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-amz-server-side-encryption: AES256

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/
Redirect Chain

https://s.amazon-adsystem.com/iu3?pid=2c7b923a-2a0d-44bc-9a2f-5c125397f667&event=PageView&gtmVersion=3.5&ts=1729169214851
https://s.amazon-adsystem.com/iu3?pid=2c7b923a-2a0d-44bc-9a2f-5c125397f667&event=PageView&gtmVersion=3.5&ts=1729169214851&dcc=t

0
0

176ms
176ms

Fetch
text/html

98.82.157.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s.amazon-adsystem.com/iu3?pid=2c7b923a-2a0d-44bc-9a2f-5c125397f667&event=PageView&gtmVersion=3.5&ts=1729169214851&dcc=t
Protocol: HTTP/1.1
Server: 98.82.157.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-98-82-157-137.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

Redirect headers

Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Location: https://s.amazon-adsystem.com/iu3?pid=2c7b923a-2a0d-44bc-9a2f-5c125397f667&event=PageView&gtmVersion=3.5&ts=1729169214851&dcc=t
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid: 5XDQ7B4XTX42Y2MP4ZV8
Content-Length: 0
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Date: Thu, 17 Oct 2024 12:46:55 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server

GET
H2 200 FairstoneLogoEN_RGB.png
cdn.cookielaw.org/logos/18cc06a1-62cf-44d1-91d5-6d54478f59fd/01903612-a7fe-7a3f-a13c-bf6bac9930d2/8359be7c-6e3e-4da1-b34d-cc7134367b98/ 14 KB
15 KB 32ms
32ms Image
mage/png 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/18cc06a1-62cf-44d1-91d5-6d54478f59fd/01903612-a7fe-7a3f-a13c-bf6bac9930d2/8359be7c-6e3e-4da1-b34d-cc7134367b98/FairstoneLogoEN_RGB.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

699da4bb72bb41e2f62d75bdcfd402a8c74ddb3fc19c8d34852c7edf64e6d035

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

content-md5: 9Ipy7aYMsdAeNqvbV5Z/VA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DC913630B1BDA2
age: 690
cf-cache-status: HIT
x-content-type-options: nosniff
date: Thu, 17 Oct 2024 12:46:54 GMT
content-type: mage/png
last-modified: Thu, 20 Jun 2024 14:35:11 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 39ff0b48-601e-00db-5d1f-c3375c000000
cf-ray: 8d4064e90f8cdbe3-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14664
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 34ms
33ms Image
image/svg+xml 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

content-md5: Y+c301RBZNK39PvKQWrIBw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 55735
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 17 Oct 2024 12:46:54 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Oct 2024 06:37:43 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 324d4739-a01e-00a0-6e98-1f5cec000000
cf-ray: 8d4064e90f90dbe3-FRA
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
495 B 38ms
37ms Fetch
image/svg+xml 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/ca-central-1/static/js/main.5ce5995b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

content-md5: tXyZydHjxQshFMbbBT1/8A==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 30367
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 17 Oct 2024 12:46:54 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Oct 2024 06:37:42 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 0913ac37-401e-00aa-1ae5-1f4565000000
cf-ray: 8d4064e90f8b37eb-FRA
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H3 200 111782726207517 Show response
connect.facebook.net/signals/config/ 80 KB
16 KB 86ms
86ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/111782726207517?v=2.9.171&r=stable&domain=oam.fairstone.ca&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C28%2C82%2C87%2C47%2C46%2C86%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e9a0e5ec5f0661a12dd757f2c83cd1aef3db954df2c5484741798619cd4edb12

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Oct 2024 12:46:54 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=29, rtx=0, c=68, mss=1232, tbw=67488, tp=63, tpl=0, uplat=59, ullat=0
pragma: public
x-fb-debug: SPcDpT7g7R5SRBFYPWQ4QV4jEF3QqyV78sVrx5/4Q/vd0RJRY7TBB8MGCheFWcc0mue0dOY3rkBkZjdo/GDLNQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 204 td
www.googletagmanager.com/ 0
18 B 28ms
28ms Image
text/plain 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googletagmanager.com/td?id=G-Q8NJ0QC7WK&v=3&t=t&pid=266865575&dl=oam.fairstone.ca%2Fen%2Flogin&tdp=G-Q8NJ0QC7WK;70661557;1;6;0&frm=0&rtg=866613&rlo=5&slo=3&hlo=1&lst=1&pcid=866613&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgtc:59:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgtc:59:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Thu, 17 Oct 2024 12:46:55 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 i
tr.snapchat.com/cm/ Frame DFE0 0
0 129ms
42ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=253853c3-b931-447a-9812-74fb9e31c99a&u_scsid=8bea81e2-ce11-44de-b663-6997a48b5a38&u_sclid=71532488-219c-41cd-98cf-0a69c5974ecd

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://oam.fairstone.ca/en/login
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 17 Oct 2024 12:46:55 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 p
tr.snapchat.com/ 68 B
444 B 169ms
44ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=253853c3-b931-447a-9812-74fb9e31c99a&ev=PAGE_VIEW&intg=gtm&pids=253853c3-b931-447a-9812-74fb9e31c99a&u_c1=905bc943-a087-46a6-bccc-804066bec947&cdid=%40-c80e9553-d674-4bcc-91a6-618d3ce92c65&u_sclid=71532488-219c-41cd-98cf-0a69c5974ecd&u_scsid=8bea81e2-ce11-44de-b663-6997a48b5a38&bg=false&bt=1d53c387&d_bvs=%5B%5D&df=true&huah=true&m_dcl=1644&m_fcps=1736&m_pi=1416&m_pl=1996&m_pv=2&m_rd=2881&m_sh=1200&m_sl=2762&m_sw=1600&pl=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin&trackId=d3b80e7e-16a3-423d-a939-4a0b4d57822b&ts=1729169215010&v=3.33.0-2409301510

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 6
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
date: Thu, 17 Oct 2024 12:46:55 GMT
content-type: image/png
server: API Gateway

GET
H2 200 253853c3-b931-447a-9812-74fb9e31c99a.json Show response
tr.snapchat.com/config/ca/ 118 B
402 B 217ms
135ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/ca/253853c3-b931-447a-9812-74fb9e31c99a.json?v=3.33.0-2409301510

Requested by

Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/ca-central-1/static/js/main.5ce5995b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

f1b0da0fda8fcf843c0f2f148a2c7bd94f1380bc35cadfcd23e5b8c1bab49c32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: application/json
Referer: https://oam.fairstone.ca/en/login

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 97
access-control-allow-credentials: true
observe-browsing-topics: ?1
via: 1.1 google
access-control-allow-origin: https://oam.fairstone.ca
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118
date: Thu, 17 Oct 2024 12:46:55 GMT
content-type: application/json
server: API Gateway

POST
H2 200 visitor_config Show response
api.salemove.com/ 31 KB
33 KB 147ms
144ms XHR
application/json 2600:9000:2724:3600:17:4c3f:1b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.salemove.com/visitor_config?referrer=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin&

Requested by

Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/ca-central-1/static/js/main.5ce5995b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:3600:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

7216a9931985767e52992d4d330ad5870046273005bffb1a66a2a72650f4f28a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://oam.fairstone.ca/en/login

Response headers

x-site-visitor-config: true
access-control-max-age: 7200
access-control-expose-headers
access-control-allow-methods: GET, POST, PUT, PATCH, OPTIONS, HEAD, DELETE
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-amz-cf-id: IX8X37Y2eFEzCPFwbQbtpP8dhz2qaF1vw3Z2JIMx7D2ZFgpOvgulqw==
date: Thu, 17 Oct 2024 12:46:55 GMT
content-type: application/json
vary: Origin
access-control-allow-headers: Content-Type, Accept, Authorization
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
via: 1.1 1270eda8f49e8826b43258fcc9ef44d2.cloudfront.net (CloudFront)
access-control-allow-origin: https://oam.fairstone.ca
content-length: 31652
x-amz-cf-pop: FRA56-P12

GET
H2 200 / Show response
ct.pinterest.com/user/ 325 B
328 B 185ms
48ms XHR
application/json 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2612877778067&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1729169215036&dep=2%2CPAGE_LOAD
Requested by: Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/ca-central-1/static/js/main.5ce5995b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e781dd5b9ca502edc933e1290054b72b9e4d3b592d481d78827363acb8ad1621

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

access-control-expose-headers: Epik,Pin-Unauth
content-encoding: gzip
x-pinterest-rid-128bit: 9f77b3dea710640ce9e97f783367c864
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443";ma=600
date: Thu, 17 Oct 2024 12:46:55 GMT
content-type: application/json; charset=utf-8
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-cdn: fastly
access-control-allow-credentials: true
referrer-policy: origin
pin-unauth: dWlkPVlqTTRNR1JtT1RrdE0yVXpNUzAwWkRRMExUZzFOV1V0T0Raa01XTmhaV1F4TURrNQ
pinterest-version: fb9f71fb62208539b9606df48028c975558a59a0
access-control-allow-origin: https://oam.fairstone.ca
content-length: 188
x-pinterest-rid: 1685514323464603

GET
H2 200 / Show response
ct.pinterest.com/user/ 325 B
676 B 185ms
50ms XHR
application/json 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%2C%22event_id%22%3A%220f8195ae-d22b-4565-bfd0-060e669fa034%22%7D&tid=2612877778067&cb=1729169215038&dep=5%2CEVENT_TAGS_ABSENT
Requested by: Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/ca-central-1/static/js/main.5ce5995b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e781dd5b9ca502edc933e1290054b72b9e4d3b592d481d78827363acb8ad1621

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

access-control-expose-headers: Epik,Pin-Unauth
content-encoding: gzip
x-pinterest-rid-128bit: fc3eda779dfd5071c5df8db3cc579bb6
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443";ma=600
date: Thu, 17 Oct 2024 12:46:55 GMT
content-type: application/json; charset=utf-8
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-cdn: fastly
access-control-allow-credentials: true
referrer-policy: origin
pin-unauth: dWlkPU5qY3laVGcxWTJZdFpHTTFNaTAwTmpjeUxUZzNOMkl0TkRObVpqbG1OelF3WlRZNQ
pinterest-version: fb9f71fb62208539b9606df48028c975558a59a0
access-control-allow-origin: https://oam.fairstone.ca
content-length: 188
x-pinterest-rid: 1425827074864523

GET
H2 200 7f85a56ba4.css
use.fontawesome.com/ 1 KB
888 B 499ms
45ms Stylesheet
text/css 2606:4700:3037::ac43:8ef5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/7f85a56ba4.css
Requested by: Host: js.appboycdn.com
URL: https://js.appboycdn.com/web-sdk/4.8/braze.no-amd.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e92913c2b11fc1e9e7c4f84628362d1c9660e7f7e88904d124c9ebbbef9d4e48

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

cache-control: max-age=1800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
etag: W/"8360eb270b919a1fb4776bc448d9ed14"
age: 3256
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1PobvUsTTTBuK7mbt0DWTyHvSex3NqYmtPGXwcPn5mkZYAgaxmNQjM%2Bpzu%2BSHvAGoIHZ8mFfi56uahcXT27ddoYwiYB1WgKRg1ctaMavPbflXnAW8NCsy99cDn1IlYONMUj34TIDv0J1B0sN3iA2YZey"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d4064ed384bd27d-FRA
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Oct 2024 12:46:55 GMT
content-type: text/css
last-modified: Fri, 22 Sep 2023 00:57:51 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 / Show response
ct.pinterest.com/v3/ 35 B
207 B 79ms
55ms Fetch
image/gif 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?tid=2612877778067&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2297c41ef3%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1729169215148
Requested by: Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/ca-central-1/static/js/main.5ce5995b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-pinterest-rid-128bit: b6f0d01e53b46739b67a4a48ba2a046e
x-cdn: fastly
access-control-allow-credentials: true
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: fb9f71fb62208539b9606df48028c975558a59a0
access-control-allow-origin: https://oam.fairstone.ca
alt-svc: h3=":443";ma=600
content-length: 35
date: Thu, 17 Oct 2024 12:46:55 GMT
x-pinterest-rid: 1314890373828300
content-type: image/gif

POST
H2 201 / Show response
sdk.iad-05.braze.com/api/v3/data/ 655 B
657 B 245ms
183ms XHR
application/json 172.64.149.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/data/

Requested by

Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/ca-central-1/static/js/main.5ce5995b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.149.149 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4f50997a153a548c44cad622c80e943e464492dae20df7fe87cdea92915c5cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://oam.fairstone.ca/en/login
X-Braze-TriggersRequest: true
X-Braze-Last-Req-Ms-Ago: 7200000
X-Braze-DataRequest: true
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/json
X-Braze-Api-Key: 817e75de-d499-4561-a419-60363d15e161

Response headers

access-control-max-age: 7200
x-request-id: aa549907-4d0b-494c-bc52-aa604a74d732
access-control-expose-headers
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"d4f50997a153a548c44cad622c80e943"
access-control-allow-methods: POST, GET
date: Thu, 17 Oct 2024 12:46:55 GMT
content-type: application/json
vary: Origin,Accept-Encoding
x-runtime: 0.052414
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=0, private, must-revalidate
x-ratelimit-reset: 1729169217
cf-ray: 8d4064ed29e53730-FRA
x-ratelimit-remaining: 497.0
access-control-allow-origin: *
x-ratelimit-limit: 500.0
server: cloudflare

OPTIONS
H2 200 /
sdk.iad-05.braze.com/api/v3/data/ Frame 0
0 301ms
205ms Preflight 172.64.149.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/data/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.149.149 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-triggersrequest,x-requested-with
Access-Control-Request-Method: POST
Origin: https://oam.fairstone.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-triggersrequest,x-requested-with
access-control-allow-methods: POST, GET
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
cf-cache-status: DYNAMIC
cf-ray: 8d4064eb681e3730-FRA
content-encoding: gzip
date: Thu, 17 Oct 2024 12:46:55 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
195 B 206ms
177ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/ca-central-1/static/js/main.5ce5995b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://oam.fairstone.ca/en/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: *
Content-Type: text/plain;charset=UTF-8

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: DDDA8A4BA2F747DE9BA1270C9FA90FA8 Ref B: FRAEDGE1619 Ref C: 2024-10-17T12:46:55Z
x-li-fabric: prod-lor1
access-control-allow-credentials: true
x-li-uuid: AAYkq5TU8mqwYOdZ7nzbCA==
x-li-proto: http/2
access-control-allow-origin: https://oam.fairstone.ca
x-cache: CONFIG_NOCACHE
date: Thu, 17 Oct 2024 12:46:55 GMT
vary: Origin

GET
H2 200 10198817.json Show response
s.yimg.com/wi/config/ 2 B
281 B 328ms
234ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10198817.json

Requested by

Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/ca-central-1/static/js/main.5ce5995b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

content-encoding: gzip
age: 0
access-control-allow-methods: GET
x-content-type-options: nosniff
date: Thu, 17 Oct 2024 12:46:55 GMT
content-type: application/json
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-id-2: caYsZdMBQfA6P4YFkhQsL5Auryn9QSietshIBOmicwSEJ50goOxaPyEKqgPBDwhRnUTwzmw8qaMYSd2i8PKaHEpRmfq5OXxk
strict-transport-security: max-age=31536000
cache-control: public,max-age=3600
referrer-policy: no-referrer-when-downgrade
x-amz-request-id: GASB75RS9PSNAZM4
x-ycpi: 1
access-control-allow-origin: *
content-length: 22
x-xss-protection: 1; mode=block
server: ATS

GET
H2 200 10202303.json Show response
s.yimg.com/wi/config/ 47 B
632 B 338ms
244ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10202303.json

Requested by

Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/ca-central-1/static/js/main.5ce5995b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

1aa117ace62bb52f8d60f07cbf1aebdaadf7a02cdfbe8542a5a916c44f8e7b08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

x-amz-version-id: hM2hx_HkN1WcBShZKoYE_IOOpisTAQ_H
etag: "3155e2d8cea7fca2c344014f31c7b3db"
age: 0
access-control-allow-methods: GET
x-content-type-options: nosniff
date: Thu, 17 Oct 2024 12:46:56 GMT
last-modified: Thu, 17 Oct 2024 09:55:32 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-expiration: expiry-date="Sat, 22 Nov 2025 00:00:00 GMT", rule-id="oath-standard-lifecycle"
content-type: application/json
x-amz-id-2: eCjM9Yq/0fGjUT7neBSQyz1yj5qiGzu15LtBL+ZKchlIWIwIqdEbgOTzAYZFgTtl7EaeehnodGexobpjCu+jkf6qvgNOLZTq6clwhFLrm1I=
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-amz-request-id: GAS298JGG7Y0DSGH
x-ycpi: 1
accept-ranges: bytes
access-control-allow-origin: *
content-length: 47
x-xss-protection: 1; mode=block
server: ATS
x-amz-server-side-encryption: AES256

GET
H2 200 up Show response
ib.adnxs.com/pixie/ 9 B
311 B 63ms
32ms Fetch
application/xml 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.adnxs.com/pixie/up?pi=3287f9c3-b344-4535-acd2-5ddc7dc2f7ea
Requested by: Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/ca-central-1/static/js/main.5ce5995b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software: nginx/1.23.4 /
Resource Hash: e4b9a4d34a563158069f54e72a34585d7a2a25f753b9b30220d429d2bc8624b8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

access-control-max-age: 0
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS
x-proxy-origin: 217.114.215.132; 217.114.215.132; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
access-control-allow-origin: https://oam.fairstone.ca
content-length: 9
date: Thu, 17 Oct 2024 12:46:55 GMT
content-type: application/xml
server: nginx/1.23.4
access-control-allow-headers: Content-Type

GET
H2 200 main.MWMyZjYwMzkyMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 342 KB
95 KB 33ms
20ms Script
application/javascript 184.86.103.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWMyZjYwMzkyMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C4FSL09CF95KKVVHNHV0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.103.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-103-219.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8257d5a78bc54902d7af44125a9adb813b495d3a5dea731a8a565f55dc2d6bd1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

x-cache: TCP_MEM_HIT from a184-86-102-216.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=15
x-tt-trace-id: 00-24101711432535D6D0D1588A693315E5-5F24B73E987FE014-00
content-length: 96897
date: Thu, 17 Oct 2024 12:46:55 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 2024101711432535D6D0D1588A693315E5
server: nginx
x-akamai-request-id: b137a04
x-tt-trace-host: 01f220ea2904dea03f7b24b6307c471c277579e3a4f1a57a9812cbf9e854d80913564a2c46f37668037acacf508f6befa9879869db88bf0c3e88848fc2cfd0172f24f3827ab4de962078d5b650fd62bd824a7816d66f6f3db05af511901f9c00ac

GET
H2 200 main.MTdkNGE4ZTU0MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 336 KB
94 KB 69ms
61ms Script
application/javascript 184.86.103.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdkNGE4ZTU0MA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C40PDC9U9OSI9F1LMVR0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.103.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-103-219.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0fa4b363e8c64be0ce5fc394e33075b0d4475f41a1d49cb02da79ebbac12829e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

x-cache: TCP_MEM_HIT from a184-86-102-216.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=18
x-tt-trace-id: 00-24101012580459E0E6986663B3021F2B-62A56B5866C1251C-00
content-length: 95202
date: Thu, 17 Oct 2024 12:46:55 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 2024101012580459E0E6986663B3021F2B
server: nginx
x-akamai-request-id: b137a0e
x-tt-trace-host: 018241e1a0a4449b191a6b3cc3143a19ca2a043f5535cfda8c3487f18db172d5022eb6fbab9fc664e7020d142d681987760894f827384b874325de431512ffb58095da8fd31a95c21f929aec1b9093a010830c9c997587084bc76a20864f20e534

GET
H3 200 /
www.google.com/pagead/1p-user-list/963056520/ 42 B
64 B 53ms
52ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/963056520/?random=1729169214284&cv=11&fst=1729166400000&bg=ffffff&guid=ON&async=1&gtm=45be4ag0z86866613za201zb6866613&gcd=13t3t3t2t5l1&dma_cps=syphamo&dma=1&tag_exp=101533422~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin&hn=www.googleadservices.com&frm=0&tiba=Online%20account%20management%20for%20purchase%20financing%20accounts&did=dYWJhMj&gdid=dYWJhMj&npa=0&pscdl=noapi&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfj3DbgUL698CKkHGd56Kx4y9WvOPRfw&random=1852665488&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 17 Oct 2024 12:46:55 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.de/pagead/1p-user-list/963056520/ 42 B
64 B 96ms
51ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/963056520/?random=1729169214284&cv=11&fst=1729166400000&bg=ffffff&guid=ON&async=1&gtm=45be4ag0z86866613za201zb6866613&gcd=13t3t3t2t5l1&dma_cps=syphamo&dma=1&tag_exp=101533422~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin&hn=www.googleadservices.com&frm=0&tiba=Online%20account%20management%20for%20purchase%20financing%20accounts&did=dYWJhMj&gdid=dYWJhMj&npa=0&pscdl=noapi&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfj3DbgUL698CKkHGd56Kx4y9WvOPRfw&random=1852665488&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 17 Oct 2024 12:46:55 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/868121167/ 42 B
64 B 50ms
48ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/868121167/?random=1729169214296&cv=11&fst=1729166400000&bg=ffffff&guid=ON&async=1&gtm=45be4ag0v878133823z86866613za201zb6866613&gcd=13t3t3t2t5l1&dma_cps=syphamo&dma=1&tag_exp=101533421~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin&hn=www.googleadservices.com&frm=0&tiba=Online%20account%20management%20for%20purchase%20financing%20accounts&did=dYWJhMj&gdid=dYWJhMj&npa=0&pscdl=noapi&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfNaTLWe_pxTJL1f2vejTiFGros_jrlA&random=3188882303&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 17 Oct 2024 12:46:55 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.de/pagead/1p-user-list/868121167/ 42 B
64 B 97ms
52ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/868121167/?random=1729169214296&cv=11&fst=1729166400000&bg=ffffff&guid=ON&async=1&gtm=45be4ag0v878133823z86866613za201zb6866613&gcd=13t3t3t2t5l1&dma_cps=syphamo&dma=1&tag_exp=101533421~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin&hn=www.googleadservices.com&frm=0&tiba=Online%20account%20management%20for%20purchase%20financing%20accounts&did=dYWJhMj&gdid=dYWJhMj&npa=0&pscdl=noapi&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfNaTLWe_pxTJL1f2vejTiFGros_jrlA&random=3188882303&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 17 Oct 2024 12:46:55 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 106ms
45ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=111782726207517&ev=PageView&dl=https%3A%2F%2Foam.fairstone.ca&rl=&if=false&ts=1729169215206&sw=1600&sh=1200&v=2.9.171&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12316&fbp=fb.1.1729169215192.792177211195089970&pm=1&hrl=f88e7a&ler=empty&cdl=API_unavailable&it=1729169214908&coo=false&tm=1&cs_cc=1&cas=8330085250403814%2C27584046977860680%2C7142560702538813%2C2716741075019024%2C5699366450187140%2C7718502758223041%2C1569449243167982%2C1034720233297093&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=10, mss=1328, tbw=2926, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 17 Oct 2024 12:46:55 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 377ms
316ms Image
image/png 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=111782726207517&ev=PageView&dl=https%3A%2F%2Foam.fairstone.ca&rl=&if=false&ts=1729169215206&sw=1600&sh=1200&v=2.9.171&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12316&fbp=fb.1.1729169215192.792177211195089970&pm=1&hrl=f88e7a&ler=empty&cdl=API_unavailable&it=1729169214908&coo=false&tm=1&cs_cc=1&cas=8330085250403814%2C27584046977860680%2C7142560702538813%2C2716741075019024%2C5699366450187140%2C7718502758223041%2C1569449243167982%2C1034720233297093&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7426725228683309828"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Oct 2024 12:46:55 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: Wdndhzwoan/AKwIsAs1/Otf1JR/aM99JS0pGmScyZ7k6GtMmR8hC+rrQV5rNjCBTdrsutQdkaKRH4d6LlvlXOw==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7426725228683309828", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=1, c=8, mss=1328, tbw=3244, tp=-1, tpl=-1, uplat=290, ullat=0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H/1.1 200
OK pageviews Show response
in.treasuredata.com/js/v3/event/prod_td_sdk/ 89 B
584 B 600ms
116ms Script
application/javascript 52.7.4.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://in.treasuredata.com/js/v3/event/prod_td_sdk/pageviews?api_key=11152%2Fb113eaab9bf307401be9cc54a2c2c0d98dc10665&modified=1729169215232&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0ZF92ZXJzaW9uIjoiMi41LjEiLCJ0ZF9jbGllbnRfaWQiOiI3YzhmNDA2ZC1jNzMxLTRlNjktODEyYS1iYjg4NmRiZTc4ZjYiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImRlLWRlIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoiT25saW5lIGFjY291bnQgbWFuYWdlbWVudCBmb3IgcHVyY2hhc2UgZmluYW5jaW5nIGFjY291bnRzIiwidGRfZGVzY3JpcHRpb24iOiJMb2cgaW4gb3IgcmVnaXN0ZXIgdG8gZ2V0IG1vbnRobHkgdXBkYXRlcyByZWdhcmRpbmcgeW91ciBGYWlyc3RvbmUgcHVyY2hhc2UgZmluYW5jaW5nIGFjY291bnQuIiwidGRfdXJsIjoiaHR0cHM6Ly9vYW0uZmFpcnN0b25lLmNhL2VuL2xvZ2luIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyOS4wLjAuMCBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ0ZF9ob3N0Ijoib2FtLmZhaXJzdG9uZS5jYSIsInRkX3BhdGgiOiIvZW4vbG9naW4iLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2lwIjoidGRfaXAiLCJ0ZF9icm93c2VyIjoidGRfYnJvd3NlciIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6InRkX2Jyb3dzZXJfdmVyc2lvbiIsInRkX29zIjoidGRfb3MiLCJ0ZF9vc192ZXJzaW9uIjoidGRfb3NfdmVyc2lvbiJ9&callback=TreasureJSONPCallback0

Requested by

Host: cdn.treasuredata.com
URL: https://cdn.treasuredata.com/sdk/2.5/td.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.7.4.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-7-4-15.compute-1.amazonaws.com

Software

Resource Hash

3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-store
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
P3P: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Content-Length: 89
Date: Thu, 17 Oct 2024 12:46:55 GMT
Content-Type: application/javascript

GET
H2 200 rules-p-NBcLVNp6C9daN.js Show response
rules.quantcount.com/ 222 B
706 B 108ms
31ms Script
application/javascript 2600:9000:223c:9a00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-NBcLVNp6C9daN.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:9a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1b1cb7131b4a37fb3abf1f8ee5cb56adfd592b20a840f4f05e9da56ffd379a1c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

etag: "7f4e5cc267407cd9c7a8d75295509d05"
age: 2958
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: cxeNxvY2LY6yqdGv8uAVQvw6xD3kexRwjIR2rzm845aM5b6qX5GgHA==
date: Thu, 17 Oct 2024 11:57:38 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 30 Nov 2023 20:36:03 GMT
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 222
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 displayAd.js Show response
s.tribalfusion.com/ 677 B
867 B 264ms
241ms Script
application/x-javascript 2606:4700:4400::ac40:963f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/displayAd.js?dver=0.8&th=9304644153
Requested by: Host: a.tribalfusion.com
URL: https://a.tribalfusion.com/pixel/tags/Fairstone%20Bank%20of%20Canada/818083/pixel.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:963f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a19f64b730aed86cc5d217b12c7199f46d961be98e030939244b648e3bf03a4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
expires: Wed, 15 Jan 2025 12:46:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
p3p: CP="NOI DEVo TAIa OUR BUS"
date: Thu, 17 Oct 2024 12:46:55 GMT
content-type: application/x-javascript
last-modified: Tue, 01 Oct 2024 09:11:02 GMT
vary: Accept-Encoding
cache-control: private
x-function: 153
cf-ray: 8d4064ebaacdd29a-FRA
x-reuse-index: 4
content-length: 331
server: cloudflare

GET
H2 200 bootstrapper-bbd13c626.js Show response
libs.salemove.com/visitor/ 649 KB
171 KB 287ms
28ms Script
application/javascript 2600:9000:2724:1200:0:99b9:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://libs.salemove.com/visitor/bootstrapper-bbd13c626.js

Requested by

Host: api.salemove.com
URL: https://api.salemove.com/salemove_integration.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:1200:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

449a44e570c7320beb7d235c1ddc5ae935ecb347ece6953b77b7750f031ef2b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

content-encoding: gzip
etag: W/"5f3ae601cb95c2599e2109e3109b284a"
age: 787450
x-cache: Hit from cloudfront
x-amz-cf-id: aLcHzcqM1kcvX--kD5MQd-HsJxEUNjx25MMqVK2n5hwV5HjUsa1zFA==
date: Tue, 08 Oct 2024 10:02:46 GMT
content-type: application/javascript
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
last-modified: Tue, 08 Oct 2024 09:25:47 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: max-age=31536000
x-amz-meta-s3cmd-attrs: md5:5f3ae601cb95c2599e2109e3109b284a
via: 1.1 e240913a5e90e18bd637baa6899f2280.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 token_create.js Show response
ct.pinterest.com/static/ct/ 4 KB
4 KB 21ms
20ms Script
application/javascript 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/static/ct/token_create.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9ca07df45944b8440ae6241e4a017db2b6e4600e5f647d3180c96877198c3552

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

cache-control: max-age=7200
timing-allow-origin: https://ct.pinterest.com
etag: "16d5d552603d86726ae439fc61299d42"
age: 2100
x-cdn: fastly
alt-svc: h3=":443";ma=600
content-length: 4103
date: Thu, 17 Oct 2024 12:46:55 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 ct.html
ct.pinterest.com/ Frame 17BA 0
0 113ms
47ms Document
text/html 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://oam.fairstone.ca/en/login
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443";ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Thu, 17 Oct 2024 12:46:55 GMT
pinterest-version: fb9f71fb62208539b9606df48028c975558a59a0
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 1
x-pinterest-rid: 8024851959939152
x-pinterest-rid-128bit: 990930bc84b214456f5e00570f453b6e

GET
H2 200 up
insight.adsrvr.org/track/ Frame 0674 0
0 280ms
43ms Document
text/html 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=yvkjvx3&ref=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin&upid=qvgyw8m&upv=1.1.0&paapi=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Referer: https://oam.fairstone.ca/en/login
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-length: 0
content-type: text/html
date: Thu, 17 Oct 2024 12:46:55 GMT
server: Kestrel

GET
H2 200 / Show response
ct.pinterest.com/v3/ 35 B
362 B 156ms
140ms Fetch
image/gif 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%2C%22event_id%22%3A%220f8195ae-d22b-4565-bfd0-060e669fa034%22%7D&tid=2612877778067&cb=1729169215364&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%2C%22pin_unauth%22%3A%22dWlkPVlqTTRNR1JtT1RrdE0yVXpNUzAwWkRRMExUZzFOV1V0T0Raa01XTmhaV1F4TURrNQ%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2297c41ef3%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D
Requested by: Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/ca-central-1/static/js/main.5ce5995b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 2
x-pinterest-rid-128bit: c5875018b95c6428e8cbac538628cdef
x-cdn: fastly
access-control-allow-credentials: true
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: fb9f71fb62208539b9606df48028c975558a59a0
access-control-allow-origin: https://oam.fairstone.ca
alt-svc: h3=":443";ma=600
content-length: 35
date: Thu, 17 Oct 2024 12:46:55 GMT
x-pinterest-rid: 1677469071180462
content-type: image/gif

GET
H2 200 pixie
ib.adnxs.com/ 42 B
226 B 118ms
112ms Image
image/gif 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?e=PageView&pi=3287f9c3-b344-4535-acd2-5ddc7dc2f7ea&it=1729169215171&v=0.0.43&u=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin&st=1729169215171&et=1729169215370&if=0&uetmsmid=9423ff85-c49e-4800-b458-49832e0edc57&asce=0&ascc=0&tcfhl=0&tcfe=0&tcfgdpr=0&tcfc=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software: nginx/1.23.4 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 42
date: Thu, 17 Oct 2024 12:46:55 GMT
content-type: image/gif
server: nginx/1.23.4
x-proxy-origin: 217.114.215.132; 217.114.215.132; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

GET
H2 200 identify_7bf75739.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 112ms
17ms Script
application/javascript 184.86.103.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_7bf75739.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdkNGE4ZTU0MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.103.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-103-219.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

x-cache: TCP_MEM_HIT from a184-86-102-216.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
x-tt-trace-id: 00-240830025227E79A4DF8BF924B869511-468297346CF6AEDD-00
content-length: 39516
date: Thu, 17 Oct 2024 12:46:55 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20240830025227E79A4DF8BF924B869511
server: nginx
x-akamai-request-id: b137d2d
x-tt-trace-host: 016a5cc83cee8dfe88f672d5ec608cb81022056674737cf13f7ab17792b576caf8a9c3a53da78f7ec20eaa67ace17ab562f06bf9ec1ce661c866d128edadcaad99f4855021889f99bd3325745a2e4d9e38dabc69ddfcc4fb835c2fd8fea5039500

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
720 B 511ms
496ms Ping
text/plain 184.86.103.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdkNGE4ZTU0MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.103.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-103-219.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://oam.fairstone.ca/en/login

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Thu, 17 Oct 2024 12:46:56 GMT
server-timing: inner; dur=380, cdn-cache; desc=MISS, edge; dur=10, origin; dur=473
x-cache: TCP_MISS from a184-86-102-216.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
date: Thu, 17 Oct 2024 12:46:56 GMT
x-akamai-request-id: b137e16
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01f8142ac9864b932f9774d2bcec67772dd242ac6b39c1029148d23cc525695d0a9a6004d563839478a3f9e388f69a262b23c22459d1c9380f3a854430b85e4040f46efe1328f2933c97fad3d8ee24f4301f640c9f149505feacaaac825207ff12
x-origin-response-time: 473,184.86.102.216
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-2410171246554EA999682DD1F13A25F2-286B82DE9E5FB6D0-00
content-length: 0
x-tt-logid: 202410171246554EA999682DD1F13A25F2
server: nginx

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
721 B 199ms
183ms Ping
text/plain 184.86.103.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdkNGE4ZTU0MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.103.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-103-219.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://oam.fairstone.ca/en/login

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Thu, 17 Oct 2024 12:46:55 GMT
server-timing: inner; dur=41, cdn-cache; desc=MISS, edge; dur=17, origin; dur=137
x-cache: TCP_MISS from a184-86-102-216.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
date: Thu, 17 Oct 2024 12:46:55 GMT
x-akamai-request-id: b137e31
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01f8142ac9864b932f9774d2bcec67772dd242ac6b39c1029148d23cc525695d0ae74408a6b2f676f9e3ff1807ec143f49ef31be34a59d9249a7569137bd1828879e591f8fe1abec948e653f34a992bafc5fe63eb9acb783e944e693fe7ec2dfe4
x-origin-response-time: 138,184.86.102.216
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-241017124655F1EF8EAAB4DD003CEFE9-717CC552464B7BC5-00
content-length: 0
x-tt-logid: 20241017124655F1EF8EAAB4DD003CEFE9
server: nginx

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
508 B 253ms
55ms Image
image/gif 54.246.144.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2017%20Oct%202024%2012%3A46%3A55%20GMT&n=-2d&b=Online%20account%20management%20for%20purchase%20financing%20accounts&.yp=10198817&f=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin&enc=UTF-8&yv=1.16.5&tagmgr=gtm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.246.144.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-246-144-89.eu-west-1.compute.amazonaws.com

Software

ATS/9.1.10.134 /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
cache-control: no-cache, no-store, private, must-revalidate
pragma: no-cache
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-content-type-options: nosniff
via: http/1.1 traffic_server (ApacheTrafficServer/9.1.10.134)
expires: Thu, 17 Oct 2024 12:46:55 GMT
accept-ranges: bytes
referrer-policy: strict-origin-when-cross-origin
content-length: 43
date: Thu, 17 Oct 2024 12:46:55 GMT
content-type: image/gif
server: ATS/9.1.10.134
x-frame-options: DENY

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
77 B 255ms
57ms Image
image/gif 54.246.144.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&b=Online%20account%20management%20for%20purchase%20financing%20accounts&.yp=10198817&f=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin&enc=UTF-8&yv=1.16.5&et=custom&ec=fairstonertg&tagmgr=gtm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.246.144.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-246-144-89.eu-west-1.compute.amazonaws.com

Software

ATS/9.1.10.134 /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
cache-control: no-cache, no-store, private, must-revalidate
pragma: no-cache
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-content-type-options: nosniff
via: http/1.1 traffic_server (ApacheTrafficServer/9.1.10.134)
expires: Thu, 17 Oct 2024 12:46:55 GMT
accept-ranges: bytes
referrer-policy: strict-origin-when-cross-origin
content-length: 43
date: Thu, 17 Oct 2024 12:46:55 GMT
content-type: image/gif
server: ATS/9.1.10.134
x-frame-options: DENY

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
77 B 254ms
56ms Image
image/gif 54.246.144.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&b=Online%20account%20management%20for%20purchase%20financing%20accounts&.yp=10202303&f=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin&enc=UTF-8&yv=1.16.5&tagmgr=gtm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.246.144.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-246-144-89.eu-west-1.compute.amazonaws.com

Software

ATS/9.1.10.134 /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
cache-control: no-cache, no-store, private, must-revalidate
pragma: no-cache
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-content-type-options: nosniff
via: http/1.1 traffic_server (ApacheTrafficServer/9.1.10.134)
expires: Thu, 17 Oct 2024 12:46:55 GMT
accept-ranges: bytes
referrer-policy: strict-origin-when-cross-origin
content-length: 43
date: Thu, 17 Oct 2024 12:46:55 GMT
content-type: image/gif
server: ATS/9.1.10.134
x-frame-options: DENY

GET
H2 200 font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 30 KB
7 KB 50ms
50ms Stylesheet
text/css 2606:4700:3037::ac43:8ef5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/7f85a56ba4.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://use.fontawesome.com/7f85a56ba4.css

Response headers

cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
etag: W/"36082410df2ef7f83932219089dc1443"
age: 54217
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZPSrgJ0o3nqrq8njX3nJ%2Bk%2FxFl%2F4VlKWqn8lVy1dgdUo2V8wkX36w5kU2j6DrWSAqHdMLZdauO9A2lNKp6hLAnwpqW3DHBvPZskMleqRWlfMw8HFLDWMDzlvJSTmMvPlbA3%2BaF4Bef4%2FBLansaTU%2Ftz3"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d4064ed8982d27d-FRA
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Oct 2024 12:46:55 GMT
content-type: text/css
last-modified: Fri, 22 Sep 2023 01:44:05 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 collect Show response
tracking.fairstone.ca/g/ 65 B
548 B 641ms
451ms XHR
text/plain 2001:4860:4802:32::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.fairstone.ca/g/collect?v=2&tid=G-F41R5T0N3&gtm=45je4ag0z86866613za200zb6866613&_p=1729169213712&gcs=G111&gcd=13t3t3t2t5l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=101686685&gdid=dYWJhMj&cid=653418318.1729169216&ecid=2114188229&ul=de-de&sr=1600x1200&_fplc=0&ur=DE-BW&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&sst.rnd=448347794.1729169215&sst.etld=google.de&sst.gcsub=region1&sst.tft=1729169213712&sst.ude=0&_s=1&sid=1729169214&sct=1&seg=0&dl=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin&dt=Online%20account%20management%20for%20purchase%20financing%20accounts&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3481&richsstsse

Requested by

Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/ca-central-1/static/js/main.5ce5995b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

cache-control: no-cache
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
via: 1.1 google
access-control-allow-origin: https://oam.fairstone.ca
date: Thu, 17 Oct 2024 12:46:56 GMT
content-type: text/plain
vary: Accept-Encoding

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
554 B 186ms
30ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Q8NJ0QC7WK&cid=653418318.1729169216&gtm=45je4ag0v870661557z86866613za200zb6866613&aip=1&dma=1&dma_cps=syphamo&gcs=G111&gcd=13t3t3t2t5l1&npa=0&frm=0&tag_exp=101529666~101686685
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q8NJ0QC7WK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://oam.fairstone.ca
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 12:46:55 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 1B06 0
0 38ms
37ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-Q8NJ0QC7WK&gacid=653418318.1729169216&gtm=45je4ag0v870661557z86866613za200zb6866613&dma=1&dma_cps=syphamo&gcs=G111&gcd=13t3t3t2t5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101529666~101686685&z=990153791

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q8NJ0QC7WK&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oam.fairstone.ca/en/login
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Oct 2024 12:46:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 58ms
57ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q8NJ0QC7WK&cid=653418318.1729169216&gtm=45je4ag0v870661557z86866613za200zb6866613&aip=1&dma=1&dma_cps=syphamo&gcs=G111&gcd=13t3t3t2t5l1&npa=0&frm=0&tag_exp=101529666~101686685&tag_exp=101529666~101686685&z=1807417688

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 17 Oct 2024 12:46:55 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2

204

https://region1.analytics.google.com/g/collect?v=2&tid=G-Q8NJ0QC7WK&gtm=45je4ag0v870661557z86866613za200zb6866613&_p=1729169213712&_gaz=1&gcs=G111&gcd=13t3t3t2t5l1&npa=0&dma_cps=syphamo&dma=1&tag_e...
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=653418318.1729169216&dbk=18290085024747068317&dma=1&dma_cps=syphamo&en=page_view&gcs=G111&gtm=45je4ag0v870661557z86...

0
1 KB

72ms
61ms

Fetch
text/plain

2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=653418318.1729169216&dbk=18290085024747068317&dma=1&dma_cps=syphamo&en=page_view&gcs=G111&gtm=45je4ag0v870661557z86866613za200zb6866613&npa=0&tid=G-Q8NJ0QC7WK&dl=https%3A%2F%2Foam.fairstone.ca%3F
Protocol: H2
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
attribution-reporting-info: preferred-platform=os
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
attribution-reporting-register-os-trigger: "https://region1.google-analytics.com/privacy-sandbox/register-os-conversion?_c=1&cid=653418318.1729169216&dbk=18290085024747068317&dma=1&dma_cps=syphamo&en=page_view&gcs=G111&gtm=45je4ag0v870661557z86866613za200zb6866613&npa=0&tid=G-Q8NJ0QC7WK&dl=https%3A%2F%2Foam.fairstone.ca%3F"
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
attribution-reporting-register-trigger: {"aggregatable_trigger_data":[{"key_piece":"0x31276dc428eab5bf","source_keys":["1"]},{"key_piece":"0xf2378ea7781197c2","source_keys":["2","3","4"]}],"aggregatable_values":{"1":65,"2":65,"3":65,"4":6356},"debug_key":"18290085024747068317","debug_reporting":true,"event_trigger_data":[{"filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"1"}],"filters":{"2":["672005876","868121167"],"5":["10-17","10-16","10-15"]}}
date: Thu, 17 Oct 2024 12:46:55 GMT
content-type: text/plain
server: Golfe2

Redirect headers

cache-control: no-cache, no-store, must-revalidate
location: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=653418318.1729169216&dbk=18290085024747068317&dma=1&dma_cps=syphamo&en=page_view&gcs=G111&gtm=45je4ag0v870661557z86866613za200zb6866613&npa=0&tid=G-Q8NJ0QC7WK&dl=https%3A%2F%2Foam.fairstone.ca%3F
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 514
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 12:46:55 GMT
content-type: text/html; charset=UTF-8
server: Golfe2

POST
H2 200 p
tr6.snapchat.com/ 0
47 B 59ms
30ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://oam.fairstone.ca/en/login

Response headers

via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 17 Oct 2024 12:46:55 GMT
x-envoy-upstream-service-time: 1
server: API Gateway

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 223 KB
80 KB 41ms
41ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-6501431&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSVWM6&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e50d83446137b8e3bdcba6f278f79b4ece4afbb5b9a60d63afb9d60bbe035410

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Thu, 17 Oct 2024 12:46:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 12:46:55 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 17 Oct 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 81808
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 qevents.js Show response
a.quora.com/ 41 KB
15 KB 161ms
35ms Script
text/plain 162.159.153.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.quora.com/qevents.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSVWM6&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.153.247 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5af5ee0b37b1f0ef31c42932bbf81424e4bb53e95e87a47e058625c1af2245db

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"87b5ecaafd0e88097cbbb1bbb7695fe9"
x-amz-version-id: jrgqQn59BHyNBJEhUqaibHl1Lk06.AzO
age: 52050
expires: Thu, 17 Oct 2024 16:46:55 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Oct 2024 12:46:55 GMT
content-type: text/plain
last-modified: Thu, 28 Mar 2024 17:33:19 GMT
vary: Accept-Encoding
x-amz-id-2: V1KqiLEqgavTxZxeOhRwxks/e9Bwov1/UFMqsrtEEzLmoDSbUpr5Gq/SrBc09Cr251D8a88zvXjr2380vgygWiCKDQGX6cFQNHy8wkgu4h4=
cache-control: public, max-age=14400
x-amz-meta-s3cmd-attrs: md5:87b5ecaafd0e88097cbbb1bbb7695fe9
x-amz-request-id: CHBWA4MHHEB4ZTF0
cf-ray: 8d4064eee95491cf-FRA
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 597088370792613 Show response
connect.facebook.net/signals/config/ 33 KB
5 KB 66ms
66ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/597088370792613?v=2.9.171&r=stable&domain=oam.fairstone.ca&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C28%2C82%2C87%2C47%2C46%2C86%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112%2C162%2C194%2C196%2C121%2C144%2C150%2C188%2C189%2C128%2C231%2C115%2C126%2C145%2C172%2C158%2C117%2C232%2C164%2C118%2C234%2C165%2C135%2C122%2C153%2C147%2C113%2C127

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fd09c227f7338c2f5b67bd06cd2734fee436b487d1c1f93afc7b18b76205d749

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Oct 2024 12:46:55 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=73, mss=1232, tbw=84688, tp=80, tpl=0, uplat=46, ullat=0
pragma: public
x-fb-debug: 5A7v6q5HKwEO6+2gho71SW847ymGnCA0eWYT/ND28CemS9nMzL3KfFpLskRw7MfmkrtqoBn/o0dJXkmaLRgykg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 pixel
q.quora.com/_/ad/fa1f99229b1e4be38dac70979b084e49/ 43 B
348 B 244ms
128ms Image
image/gif 162.159.152.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/fa1f99229b1e4be38dac70979b084e49/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.152.17 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-q-stat: ,f1175f695d5c1956b3d096a07d9bfe95,10.0.0.172,47558,217.114.215.132,,294965257367,1,1729169215.898,0.004,,.,0,0,0.000,0.004,-,0,0,203,191,95,10,34729,,,,,,-,
cf-ray: 8d4064eef98f4dac-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
date: Thu, 17 Oct 2024 12:46:55 GMT
content-type: image/gif
server: cloudflare

GET
H2

200

pixel;r=1896119185;labels=_fp.event.PageView;event=refresh;rf=0;a=p-NBcLVNp6C9daN;url=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin;ns=0;ce=1;qjs=1;qv=fd657345-20240925114642;ref=;d=fairstone.ca;dst=...
pixel-ssn.quantserve.com/
Redirect Chain

https://pixel.quantserve.com/pixel;r=1896119185;labels=_fp.event.PageView;event=refresh;rf=0;a=p-NBcLVNp6C9daN;url=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin;ns=0;ce=1;qjs=1;qv=fd657345-2024092511...
https://pixel-ssn.quantserve.com/pixel;r=1896119185;labels=_fp.event.PageView;event=refresh;rf=0;a=p-NBcLVNp6C9daN;url=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin;ns=0;ce=1;qjs=1;qv=fd657345-202409...

35 B
357 B

118ms
27ms

Image
image/gif

91.228.74.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel-ssn.quantserve.com/pixel;r=1896119185;labels=_fp.event.PageView;event=refresh;rf=0;a=p-NBcLVNp6C9daN;url=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin;ns=0;ce=1;qjs=1;qv=fd657345-20240925114642;ref=;d=fairstone.ca;dst=1;et=1729169215719;tzo=-120;ogl=;ses=e82956f6-ac6e-42a3-8726-12ffd2928981;uht=2;fpan=1;fpa=P0-1047400681-1729169215248;pbc=;cm=undefined;gdpr=0;mdl=;dip=278300f0-7526-46b5-a79a-7b37652c403e

Protocol

Server

91.228.74.166 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

strict-transport-security: max-age=86400
cache-control: private, no-cache, no-store, proxy-revalidate
pragma: no-cache
expires: Fri, 04 Aug 1978 12:00:00 GMT
content-length: 35
date: Thu, 17 Oct 2024 12:46:55 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[{"label":["YSA7yGTOzwNEmvjBdNjlSQ=="],"pcode":["p-NBcLVNp6C9daN"]}],"trigger_data":"1"}]}
content-type: image/gif

Redirect headers

strict-transport-security: max-age=86400
cache-control: private, no-cache, no-store, proxy-revalidate
location: https://pixel-ssn.quantserve.com/pixel;r=1896119185;labels=_fp.event.PageView;event=refresh;rf=0;a=p-NBcLVNp6C9daN;url=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin;ns=0;ce=1;qjs=1;qv=fd657345-20240925114642;ref=;d=fairstone.ca;dst=1;et=1729169215719;tzo=-120;ogl=;ses=e82956f6-ac6e-42a3-8726-12ffd2928981;uht=2;fpan=1;fpa=P0-1047400681-1729169215248;pbc=;cm=undefined;gdpr=0;mdl=;dip=278300f0-7526-46b5-a79a-7b37652c403e
pragma: no-cache
expires: Fri, 04 Aug 1978 12:00:00 GMT
content-length: 35
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
date: Thu, 17 Oct 2024 12:46:55 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[{"label":["YSA7yGTOzwNEmvjBdNjlSQ=="],"pcode":["p-NBcLVNp6C9daN"]}],"trigger_data":"1"}]}
content-type: image/gif

GET
H2

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://s.tribalfusion.com/insights?%7B%22tagKey%22%3A%221289214851%22%2C%22th%22%3A9304644153%2C%22version%22%3A%221.1%22%2C%22tKey%22%3A%22aQmneMQAfB3Hry0WUJmH6nSS38UKgkcr%22%2C%22url%22%3A%22htt...
https://a4.tribalfusion.com/ipg?ip6=2001:1b60:1010:3:1011:45af:a3ad:3558&kv=%7B%22ord%22%3A%201115967%2C%20%22clientID%22%3A%20818083%7D&redirect=https://cm.g.doubleclick.net/pixel?google_nid=exp&g...
https://cm.g.doubleclick.net/pixel?google_nid=exp

170 B
409 B

134ms
62ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=exp

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Thu, 17 Oct 2024 12:46:56 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

Redirect headers

cache-control: no-cache, private
location: https://cm.g.doubleclick.net/pixel?google_nid=exp
cf-cache-status: DYNAMIC
pragma: no-cache
x-function: 201
cf-ray: 8d4064effb777276-HAM
expires: Thu, 01 Jan 1970 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
x-reuse-index: 93
p3p: CP="NOI DEVo TAIa OUR BUS"
server-timing: cfExtPri
date: Thu, 17 Oct 2024 12:46:56 GMT
content-type: text/html
server: cloudflare

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
719 B 266ms
258ms Ping
text/plain 184.86.103.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdkNGE4ZTU0MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.103.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-103-219.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://oam.fairstone.ca/en/login

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Thu, 17 Oct 2024 12:46:55 GMT
server-timing: inner; dur=131, cdn-cache; desc=MISS, edge; dur=8, origin; dur=227
x-cache: TCP_MISS from a184-86-102-216.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
date: Thu, 17 Oct 2024 12:46:55 GMT
x-akamai-request-id: b138076
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01f8142ac9864b932f9774d2bcec67772dd242ac6b39c1029148d23cc525695d0ad3e58aa5c05f0a2ed6507f4212fe638063856d4087b79915bffd123edddcc2c2aeac23729b78e5477a8ffd4863789f7cbea22fb36f804886e37002d7bef2064f
x-origin-response-time: 228,184.86.102.216
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-2410171246555429DB74329DA4383709-186E3FB943E4DC9C-00
content-length: 0
x-tt-logid: 202410171246555429DB74329DA4383709
server: nginx

POST
H2 200 p
tr.snapchat.com/ 0
91 B 33ms
31ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://oam.fairstone.ca/en/login

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://oam.fairstone.ca
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 17 Oct 2024 12:46:55 GMT
server: API Gateway

GET
H2 200 webcomponents_es5-bbd13c626.js Show response
libs.salemove.com/visitor/ 936 B
1 KB 21ms
20ms Script
application/javascript 2600:9000:2724:1200:0:99b9:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://libs.salemove.com/visitor/webcomponents_es5-bbd13c626.js

Requested by

Host: libs.salemove.com
URL: https://libs.salemove.com/visitor/bootstrapper-bbd13c626.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:1200:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

832dbd199f70ade357e88a3f5d32920c8c63e69258dc173d3b261686320895db

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

etag: "f86098c5208655efb405300993461936"
age: 787448
x-cache: Hit from cloudfront
x-amz-cf-id: vmsOP30_FZY0foSGpRJbP78GwIRFUiZqd78hwWV9dbMjNfVxhkAMxA==
date: Tue, 08 Oct 2024 10:02:48 GMT
content-type: application/javascript
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
last-modified: Tue, 08 Oct 2024 09:25:48 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: max-age=31536000
x-amz-meta-s3cmd-attrs: md5:f86098c5208655efb405300993461936
via: 1.1 e240913a5e90e18bd637baa6899f2280.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 936
x-amz-cf-pop: FRA56-P12
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 /
www.facebook.com/tr/ 0
101 B 26ms
21ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=111782726207517&ev=PageView&dl=https%3A%2F%2Foam.fairstone.ca&rl=&if=false&ts=1729169215805&sw=1600&sh=1200&v=2.9.171&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=12316&fbp=fb.1.1729169215192.792177211195089970&pm=1&hrl=f88e7a&ler=empty&cdl=API_unavailable&it=1729169214908&coo=false&cs_cc=1&cas=8330085250403814%2C27584046977860680%2C7142560702538813%2C2716741075019024%2C5699366450187140%2C7718502758223041%2C1569449243167982%2C1034720233297093&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=25, rtx=1, c=8, mss=1328, tbw=6154, tp=-1, tpl=-1, uplat=1, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 17 Oct 2024 12:46:55 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
925 B 61ms
57ms Image
image/png 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=111782726207517&ev=PageView&dl=https%3A%2F%2Foam.fairstone.ca&rl=&if=false&ts=1729169215805&sw=1600&sh=1200&v=2.9.171&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=12316&fbp=fb.1.1729169215192.792177211195089970&pm=1&hrl=f88e7a&ler=empty&cdl=API_unavailable&it=1729169214908&coo=false&cs_cc=1&cas=8330085250403814%2C27584046977860680%2C7142560702538813%2C2716741075019024%2C5699366450187140%2C7718502758223041%2C1569449243167982%2C1034720233297093&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7426725229193986654"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Oct 2024 12:46:55 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: 0e/8gir+ObBbQl3dYNcleDOsdZel3EDxlHPl7cPO1lvwZYfs8NNT3ukWjpbFTmDnN87grHAAwf6RX8qtx7ojBA==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7426725229193986654", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=1, c=8, mss=1328, tbw=6422, tp=-1, tpl=-1, uplat=37, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 /
www.facebook.com/tr/ 0
101 B 35ms
32ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=597088370792613&ev=PageView&dl=https%3A%2F%2Foam.fairstone.ca&rl=&if=false&ts=1729169215807&sw=1600&sh=1200&v=2.9.171&r=stable&ec=0&o=12316&fbp=fb.1.1729169215192.792177211195089970&pm=1&hrl=bd1bce&ler=empty&cdl=API_unavailable&it=1729169214908&coo=false&cs_cc=1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=25, rtx=1, c=8, mss=1328, tbw=6268, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 17 Oct 2024 12:46:55 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
845 B 78ms
75ms Image
image/png 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=597088370792613&ev=PageView&dl=https%3A%2F%2Foam.fairstone.ca&rl=&if=false&ts=1729169215807&sw=1600&sh=1200&v=2.9.171&r=stable&ec=0&o=12316&fbp=fb.1.1729169215192.792177211195089970&pm=1&hrl=bd1bce&ler=empty&cdl=API_unavailable&it=1729169214908&coo=false&cs_cc=1&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7426725228697728809"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Oct 2024 12:46:55 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: gMnQybWmKqzQqQyToCcGTw/uUawnAeqqeEQtb2Pp6LD9I14pGyw8EhtP3HZ1CCxtp3wDlsH/Q1/JsZUX7r1Ghg==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7426725228697728809", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=1, c=8, mss=1328, tbw=7369, tp=-1, tpl=-1, uplat=38, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 visitor-app.26377c4c.min.js Show response
libs.salemove.com/ 696 KB
201 KB 29ms
27ms Script
application/javascript 2600:9000:2724:1200:0:99b9:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://libs.salemove.com/visitor-app.26377c4c.min.js

Requested by

Host: libs.salemove.com
URL: https://libs.salemove.com/visitor/bootstrapper-bbd13c626.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:1200:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c65c69f2a50fea409df704928bc55cdb3de9aed7631ebf288e69003c719776d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

content-encoding: gzip
etag: W/"4f6fea1e2eae0def4d19ba93b92529a7"
age: 522654
x-cache: Hit from cloudfront
x-amz-cf-id: Ngnhw_5qJUil9oX6Gm_Ifciq4qUwS3xpe31mPL3EsX8frvoG1cyCUw==
date: Fri, 11 Oct 2024 11:36:02 GMT
content-type: application/javascript
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
last-modified: Fri, 11 Oct 2024 11:11:20 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: max-age=31536000
x-amz-meta-s3cmd-attrs: md5:4f6fea1e2eae0def4d19ba93b92529a7
via: 1.1 e240913a5e90e18bd637baa6899f2280.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 visitor-app.26377c4c.default.css
libs.salemove.com/ 277 KB
40 KB 29ms
27ms Stylesheet
text/css 2600:9000:2724:1200:0:99b9:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://libs.salemove.com/visitor-app.26377c4c.default.css

Requested by

Host: libs.salemove.com
URL: https://libs.salemove.com/visitor/bootstrapper-bbd13c626.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:1200:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f81abc642247ee095c6e16e8131cc54be971a537bf9b3f41d4526dda1d72025e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

content-encoding: gzip
etag: W/"d639efaf1ab0050c9c4dab2f96ab5016"
age: 522654
x-cache: Hit from cloudfront
x-amz-cf-id: CZ-Pa4wWj9Z-RBspiNWjrkSdJ6YjHvB1AaveI5KGwFX_RXzE0mDS0g==
date: Fri, 11 Oct 2024 11:36:02 GMT
content-type: text/css
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
last-modified: Fri, 11 Oct 2024 11:11:20 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: max-age=31536000
x-amz-meta-s3cmd-attrs: md5:d639efaf1ab0050c9c4dab2f96ab5016
via: 1.1 e240913a5e90e18bd637baa6899f2280.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 e425a244-a636-41ef-b67a-0d221109ea35.js Show response
site-assets.salemove.com/assets/7633a278-0bc4-4a16-ba54-55c35919feaf/ 242 B
753 B 99ms
22ms Script
application/javascript 2600:9000:20eb:6a00:1a:6404:eb40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://site-assets.salemove.com/assets/7633a278-0bc4-4a16-ba54-55c35919feaf/e425a244-a636-41ef-b67a-0d221109ea35.js

Requested by

Host: libs.salemove.com
URL: https://libs.salemove.com/visitor/bootstrapper-bbd13c626.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:6a00:1a:6404:eb40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b09701acc6c60763e6cf5ec904ae8eed9771d4d0957f437403fcbea92b003ae7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

etag: "4e39b2860fecfd88cf35264e6700b6bc"
age: 26519
x-cache: Hit from cloudfront
x-amz-cf-id: keZtYdNmsBdRpSNXxqjq9m0mxrknxvKvOynOmA2u8yS9mJuloxU9XQ==
date: Thu, 17 Oct 2024 06:37:15 GMT
content-type: application/javascript
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
last-modified: Thu, 19 Nov 2020 12:01:06 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: public, max-age=86400
via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 242
x-amz-cf-pop: FRA2-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 200 bf Show response
bf55798edn.bf.dynatrace.com/ 939 B
1 KB 379ms
112ms Fetch
text/plain 107.21.29.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bf55798edn.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_-2D14_sn_LM2BC5G3HCDFDIDRCC97ER0G0ECVRFHD&svrid=-14&flavor=cors&vi=TOFOROVCFAPNFKMKNHBADKQJRJPBTQBM-0&modifiedSince=1723140269564&rf=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin&bp=3&app=402650613d0bbda7&crc=2670415112&en=2xaf6fae&end=1
Requested by: Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/ca-central-1/static/js/main.5ce5995b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.21.29.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-21-29-68.compute-1.amazonaws.com
Software: /
Resource Hash: 221a90c20d43a3522de06e035e2b637ec6a5a76d75e2713ff723292e02193dee

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://oam.fairstone.ca/en/login

Response headers

x-oneagent-js-injection: true
access-control-allow-origin: https://oam.fairstone.ca
cache-control: no-cache
content-length: 939
date: Thu, 17 Oct 2024 12:46:56 GMT
content-type: text/plain;charset=utf-8

GET
H2

200

activityi;dc_pre=CJyAmqe5lYkDFf6Jgwcduc4J-g;src=6501431;type=fairs0;cat=fairs0;ord=3523905842784;npa=0;auiddc=1759408775.1729169215;gdid=dYWJhMj;ps=1;pcor=2030687430;uaa=;uab=;uafvl=;uamb=0;uam=;ua...
6501431.fls.doubleclick.net/ Frame CB3B
Redirect Chain

https://6501431.fls.doubleclick.net/activityi;src=6501431;type=fairs0;cat=fairs0;ord=3523905842784;npa=0;auiddc=1759408775.1729169215;gdid=dYWJhMj;ps=1;pcor=2030687430;uaa=;uab=;uafvl=;uamb=0;uam=;...
https://6501431.fls.doubleclick.net/activityi;dc_pre=CJyAmqe5lYkDFf6Jgwcduc4J-g;src=6501431;type=fairs0;cat=fairs0;ord=3523905842784;npa=0;auiddc=1759408775.1729169215;gdid=dYWJhMj;ps=1;pcor=203068...

0
0

52ms
48ms

Document
text/html

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6501431.fls.doubleclick.net/activityi;dc_pre=CJyAmqe5lYkDFf6Jgwcduc4J-g;src=6501431;type=fairs0;cat=fairs0;ord=3523905842784;npa=0;auiddc=1759408775.1729169215;gdid=dYWJhMj;ps=1;pcor=2030687430;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ag0v9189976264z86866613za201zb6866613;gcs=G111;gcd=13t3t3t2t5l1;dma_cps=syphamo;dma=1;tag_exp=101533422~101686685~101823848~101836705;epver=2;~oref=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-6501431&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oam.fairstone.ca/en/login
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 394
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Oct 2024 12:46:56 GMT
expires: Thu, 17 Oct 2024 12:46:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Oct 2024 12:46:56 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://6501431.fls.doubleclick.net/activityi;dc_pre=CJyAmqe5lYkDFf6Jgwcduc4J-g;src=6501431;type=fairs0;cat=fairs0;ord=3523905842784;npa=0;auiddc=1759408775.1729169215;gdid=dYWJhMj;ps=1;pcor=2030687430;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ag0v9189976264z86866613za201zb6866613;gcs=G111;gcd=13t3t3t2t5l1;dma_cps=syphamo;dma=1;tag_exp=101533422~101686685~101823848~101836705;epver=2;~oref=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activityi;fledge=1;src=6501431;type=fairs0;cat=fairs0;ord=3523905842784;npa=0;auiddc=1759408775.1729169215;gdid=dYWJhMj;ps=1;pcor=2030687430;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noap...
td.doubleclick.net/td/fls/rul/ Frame C90E 0
0 148ms
139ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=6501431;type=fairs0;cat=fairs0;ord=3523905842784;npa=0;auiddc=1759408775.1729169215;gdid=dYWJhMj;ps=1;pcor=2030687430;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ag0v9189976264z86866613za201zb6866613;gcs=G111;gcd=13t3t3t2t5l1;dma_cps=syphamo;dma=1;tag_exp=101533422~101686685~101823848~101836705;epver=2;~oref=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-6501431&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oam.fairstone.ca/en/login
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Oct 2024 12:46:56 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=6501431;type=fairs0;cat=fairs0;ord=3523905842784;npa=0;auiddc=1759408775.1729169215;gdid=dYWJhMj;ps=1;pcor=2030687430;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=...
ad.doubleclick.net/ 0
22 B 107ms
56ms Image
image/png 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=6501431;type=fairs0;cat=fairs0;ord=3523905842784;npa=0;auiddc=1759408775.1729169215;gdid=dYWJhMj;ps=1;pcor=2030687430;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ag0v9189976264z86866613za201zb6866613;gcs=G111;gcd=13t3t3t2t5l1;dma_cps=syphamo;dma=1;tag_exp=101533422~101686685~101823848~101836705;epver=2;~oref=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin?

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://oam.fairstone.ca/en/login

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Thu, 17 Oct 2024 12:46:56 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"7875139245884492012"}],"aggregatable_trigger_data":[{"filters":[{"14":["6787791"]}],"key_piece":"0x95d053a5ac0fda6a","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0xf284519209bd0024","not_filters":{"14":["6787791"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"2876462944979513374","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"7875139245884492012","filters":[{"14":["6787791"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"7875139245884492012","filters":[{"14":["6787791"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"7875139245884492012","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"7875139245884492012","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["6501431"]}}
content-type: image/png
x-xss-protection: 0
server: cafe

POST
H2 201 sources_triggered Show response
api.salemove.com/overseer/ 2 B
506 B 320ms
318ms XHR
application/json 2600:9000:2724:3600:17:4c3f:1b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.salemove.com/overseer/sources_triggered

Requested by

Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/ca-central-1/static/js/main.5ce5995b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:3600:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6ImFhNTE3YjQ3LTNmOWQtNGRkZC05ZDM2LTY5ZTY2ZWI4NTliNyJ9.eyJpYXQiOjE3MjkxNjkyMTUsImV4cCI6MTczMDM3ODgxNSwiaXNzIjoiR2xpYSBTaXRlIFZpc2l0b3IgQ29uZmlnIiwic3ViIjoidmlzaXRvcjoxZTM4Mjc0OC1kMjdhLTRkNjUtYWEyNy1iNWE5NDZiZmYwMWYiLCJyb2xlcyI6W3sidHlwZSI6InZpc2l0b3IiLCJ2aXNpdG9yX2lkIjoiMWUzODI3NDgtZDI3YS00ZDY1LWFhMjctYjVhOTQ2YmZmMDFmIn0seyJ0eXBlIjoic2l0ZV92aXNpdG9yIiwic2l0ZV9pZCI6Ijc2MzNhMjc4LTBiYzQtNGExNi1iYTU0LTU1YzM1OTE5ZmVhZiIsImVuZ2FnZW1lbnRfc2l0ZV9pZHMiOlsiNzYzM2EyNzgtMGJjNC00YTE2LWJhNTQtNTVjMzU5MTlmZWFmIl19XSwiYWNjb3VudF9pZCI6ImRjZDg5MjdhLTdlMzgtNDUyNS04ZDVmLTM3N2IzZjk4MTVjNiJ9.aXF9NC48umbLMRPBP32hos3zTXFulKkhnxRsQs54EAMAp3R0X82qyocYTcc3C-RXLHbdvbJYfLNqGqCXyYnWHw
Referer: https://oam.fairstone.ca/en/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/vnd.salemove.private+json
Content-Type: application/json

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 7200
access-control-expose-headers
access-control-allow-methods: GET, POST, PUT, PATCH, OPTIONS, HEAD, DELETE
x-content-type-options: nosniff
via: 1.1 e787a68a5271d06ea7b7e56fa6886dc8.cloudfront.net (CloudFront)
access-control-allow-origin: https://oam.fairstone.ca
x-cache: Miss from cloudfront
content-length: 2
x-amz-cf-id: S0sjpXwIAVRBFhbWbKXg1c-nQI3LhuY_NIiUT93Hx0tl1emc4XBbTQ==
date: Thu, 17 Oct 2024 12:46:56 GMT
content-type: application/json
vary: Origin
x-amz-cf-pop: FRA56-P12
access-control-allow-headers: Content-Type, Accept, Authorization

OPTIONS
H2 200 sources_triggered
api.salemove.com/overseer/ Frame 0
0 164ms
121ms Preflight 2600:9000:2724:3600:17:4c3f:1b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.salemove.com/overseer/sources_triggered

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:3600:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://oam.fairstone.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authorization,content-type
access-control-allow-methods: GET, PUT, PATCH, POST, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
content-length: 0
date: Thu, 17 Oct 2024 12:46:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 e787a68a5271d06ea7b7e56fa6886dc8.cloudfront.net (CloudFront)
x-amz-cf-id: eRU5f2oIT9c0OGSVofuePapVGZnRfegOg70yAz2FjPLvyhZOBwBosA==
x-amz-cf-pop: FRA56-P12
x-cache: Miss from cloudfront

OPTIONS
H2 204 i
r.ingest-lr.com/ Frame 0
0 515ms
131ms Preflight 104.198.23.205
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://r.ingest-lr.com/i?a=hwqsvv%2Froam-mbjta&r=5-74fe5240-9f4a-449e-b34f-ef6aaad00df8&t=90ce72b3-a64e-418f-9804-02a03f99d3a1&s=0&rs=0%2Cu&u=2f61ab19-7809-472b-87b8-0f39bbbe243c&is=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.23.205 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

205.23.198.104.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-logrocket-relay-version
Access-Control-Request-Method: POST
Origin: https://oam.fairstone.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-Relay-Version
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
content-length: 0
date: Thu, 17 Oct 2024 12:46:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 201 i Show response
r.ingest-lr.com/ 28 B
522 B 811ms
238ms XHR
application/json 104.198.23.205
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://r.ingest-lr.com/i?a=hwqsvv%2Froam-mbjta&r=5-74fe5240-9f4a-449e-b34f-ef6aaad00df8&t=90ce72b3-a64e-418f-9804-02a03f99d3a1&s=0&rs=0%2Cu&u=2f61ab19-7809-472b-87b8-0f39bbbe243c&is=1

Requested by

Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/ca-central-1/static/js/main.5ce5995b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.23.205 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

205.23.198.104.bc.googleusercontent.com

Software

/ Express

Resource Hash

80be7fb9f1763671e4d3cddf72349425a4d4088f7b0ed21c238ab41b8c22ac1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
X-LogRocket-Relay-Version: 2024.9.0
Referer: https://oam.fairstone.ca/en/login

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 1728000
etag: W/"1c-PFMDrwGsbHZtXHXvOeVrYQ+hlvQ"
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
content-length: 28
date: Thu, 17 Oct 2024 12:46:58 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-Relay-Version

POST
H2 200 bf Show response
bf55798edn.bf.dynatrace.com/ 217 B
490 B 117ms
110ms Fetch
text/plain 107.21.29.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bf55798edn.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_1_sn_LM2BC5G3HCDFDIDRCC97ER0G0ECVRFHD_app-3A402650613d0bbda7_1_ol_0_perc_100000_mul_1_rcs-3Acss_0&svrid=1&flavor=cors&vi=TOFOROVCFAPNFKMKNHBADKQJRJPBTQBM-0&modifiedSince=1729168768693&rf=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin&bp=3&app=402650613d0bbda7&crc=1807100872&en=2xaf6fae&end=1
Requested by: Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/ca-central-1/static/js/main.5ce5995b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.21.29.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-21-29-68.compute-1.amazonaws.com
Software: /
Resource Hash: 4636d28d94a3d3b5b53336849d4aaa761a6471a6b8a8fd6ada5bb29830ddd1ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://oam.fairstone.ca/en/login

Response headers

x-oneagent-js-injection: true
access-control-allow-origin: https://oam.fairstone.ca
cache-control: no-cache
content-length: 217
date: Thu, 17 Oct 2024 12:46:57 GMT
content-type: text/plain;charset=utf-8

POST
H/1.1 204
No Content / Show response
client-logger.salemove.com/ 0
303 B 361ms
118ms Fetch 34.199.211.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://client-logger.salemove.com/

Requested by

Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/ca-central-1/static/js/main.5ce5995b.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.199.211.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-199-211-219.compute-1.amazonaws.com

Software

envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://oam.fairstone.ca/en/login

Response headers

strict-transport-security: max-age=31536000
access-control-max-age: 7200
access-control-expose-headers
x-envoy-upstream-service-time: 2
access-control-allow-methods: POST
access-control-allow-origin: *
date: Thu, 17 Oct 2024 12:46:59 GMT
vary: Origin
server: envoy

POST
H2 200 bf Show response
bf55798edn.bf.dynatrace.com/ 217 B
489 B 224ms
220ms Fetch
text/plain 107.21.29.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bf55798edn.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_1_sn_LM2BC5G3HCDFDIDRCC97ER0G0ECVRFHD_app-3A402650613d0bbda7_1_ol_0_perc_100000_mul_1_rcs-3Acss_0&svrid=1&flavor=cors&vi=TOFOROVCFAPNFKMKNHBADKQJRJPBTQBM-0&modifiedSince=1729168768693&rf=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin&bp=3&app=402650613d0bbda7&crc=903971403&en=2xaf6fae&end=1
Requested by: Host: oam.fairstone.ca
URL: https://oam.fairstone.ca/ca-central-1/static/js/main.5ce5995b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.21.29.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-21-29-68.compute-1.amazonaws.com
Software: /
Resource Hash: 4636d28d94a3d3b5b53336849d4aaa761a6471a6b8a8fd6ada5bb29830ddd1ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://oam.fairstone.ca/en/login

Response headers

x-oneagent-js-injection: true
access-control-allow-origin: https://oam.fairstone.ca
cache-control: no-cache
content-length: 217
date: Thu, 17 Oct 2024 12:46:59 GMT
content-type: text/plain;charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: oam.fairstone.ca
URL: blob:https://oam.fairstone.ca/bb354a55-d0b0-4427-9a7b-896680f2767c

Domain: oam.fairstone.ca
URL: blob:https://oam.fairstone.ca/3c6a1ef8-b506-40d7-b904-eac3ce09764b

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

52 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-21 00:20:55	Name: X-AB Value: cc8f398e6c2d4b84b15908c5e6ccf9a3
oam.fairstone.ca/	1970-01-21 00:20:55	Name: _lr_tabs_-hwqsvv%2Froam-mbjta Value: {%22sessionID%22:0%2C%22recordingID%22:%225-74fe5240-9f4a-449e-b34f-ef6aaad00df8%22%2C%22lastActivity%22:1729169213884%2C%22hasActivity%22:false}
oam.fairstone.ca/	1970-01-21 00:20:55	Name: _lr_hb_-hwqsvv%2Froam-mbjta Value: {%22heartbeat%22:1729169213885}
oam.fairstone.ca/	1969-12-31 23:59:59	Name: _lr_uf_-hwqsvv Value: 8a21b66a-0801-4d2f-b41d-1afd50af17e3
.oam.fairstone.ca/	1970-01-21 00:19:31	Name: Visitor Type Value: New visitor
.fairstone.ca/	1969-12-31 23:59:59	Name: rxVisitor2xaf6fae Value: 1729169213995A0H663A8D45H5COTSKUOVDQLG0D8FK8Q
.fairstone.ca/	1969-12-31 23:59:59	Name: dtSa2xaf6fae Value: -
.fairstone.ca/	1969-12-31 23:59:59	Name: rxvt2xaf6fae Value: 1729171014160\|1729169214001
.fairstone.ca/	1969-12-31 23:59:59	Name: dtPC2xaf6fae Value: -14$569213977_92h-vTOFOROVCFAPNFKMKNHBADKQJRJPBTQBM-0e0
.oam.fairstone.ca/	1970-01-21 09:05:05	Name: Hit Timestamp Value: 2024-10-17T14:46:54.684+02:00
.linkedin.com/	1970-01-21 09:05:05	Name: bcookie Value: "v=2&2ed21738-0ef0-465f-8737-31a422b62ef8"
.linkedin.com/	1970-01-21 04:38:41	Name: li_gc Value: MTswOzE3MjkxNjkyMTQ7MjswMjEOVDPpFYZ8uFKbtucj0OZD/LJjAikdmNfNuB+zl3iRpw==
.linkedin.com/	1970-01-21 00:20:55	Name: lidc Value: "b=OGST05:s=O:r=O:a=O:p=O:g=3202:u=1:x=1:i=1729169214:t=1729255614:v=2:sig=AQFq1e7ij8jIhk_NAS1RvN-NbZM3k0RS"
.fairstone.ca/	1970-01-21 02:29:05	Name: _gcl_au Value: 1.1.1759408775.1729169215
.fairstone.ca/	1970-01-21 09:05:05	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Thu+Oct+17+2024+14%3A46%3A54+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202405.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=7c8f406d-c731-4e69-812a-bb886dbe78f6&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Foam.fairstone.ca%2Fen%2Flogin&groups=C0003%3A1%2CC0002%3A1%2CC0004%3A1%2CC0001%3A1
.adnxs.com/	1970-01-21 02:29:05	Name: XANDR_PANID Value: yPj4Wvta3CtD1PB0bmVJCUt0SmSSJmvhCnklunmBAMKDiTouRaJkqHbguAOX1xSy_6kMbG_pNBS2j6CnKLZgPN2J-05z8yOI5i32we0jExM.
.adnxs.com/	1970-01-21 09:55:29	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 02:29:05	Name: uuid2 Value: 5831815755352844269
.fairstone.ca/	1970-01-21 09:49:15	Name: _scid Value: vzKQW8lDoIenpjPMgEBmvslHXNVgBTCb
.fairstone.ca/	1970-01-21 09:49:15	Name: _scid_r Value: vzKQW8lDoIenpjPMgEBmvslHXNVgBTCb
.adnxs.com/	1970-01-21 02:29:05	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2Ild>@/oK!@wnf-Te9(>wL5L!!'^J$oQFn
.tiktok.com/	1970-01-21 09:41:05	Name: _ttp Value: 2nZ8PdHpcvmOEDNlht7EQ0HaEhM
.fairstone.ca/	1970-01-21 09:55:29	Name: ab.storage.userId.817e75de-d499-4561-a419-60363d15e161 Value: %7B%22g%22%3A%227c8f406d-c731-4e69-812a-bb886dbe78f6%22%2C%22c%22%3A1729169215041%2C%22l%22%3A1729169215047%7D
.fairstone.ca/	1970-01-21 09:55:29	Name: ab.storage.deviceId.817e75de-d499-4561-a419-60363d15e161 Value: %7B%22g%22%3A%221315f0d7-8b4a-7916-7582-95db37743393%22%2C%22c%22%3A1729169215059%2C%22l%22%3A1729169215059%7D
.fairstone.ca/	1970-01-21 09:55:29	Name: ab.storage.sessionId.817e75de-d499-4561-a419-60363d15e161 Value: %7B%22g%22%3A%229498339e-5f7d-04ee-6bae-29401331c64f%22%2C%22e%22%3A1729171015066%2C%22c%22%3A1729169215042%2C%22l%22%3A1729169215066%7D
api.salemove.com/	1970-01-21 09:05:05	Name: visitor_session Value: eyJhbGciOiJFUzI1NiJ9.eyJpYXQiOjE3MjkxNjkyMTUsInZpc2l0b3JfaWQiOiIxZTM4Mjc0OC1kMjdhLTRkNjUtYWEyNy1iNWE5NDZiZmYwMWYiLCJpc3MiOiJHbGlhIFNpdGUgVmlzaXRvciBDb25maWciLCJraWQiOiIyN2NiOWRhMi1kNDg0LTQxNzMtOGRkMS03ZDU5NjI1NTk5ZmEifQ.-D_8dfXmHBEVlOG2WVfH5RNGgtiON7FkN27aqcS7q62NsYnNy-AEeN8GJTP2S8JGb-ByNGQhuSfDwXPycxRFwg
api.salemove.com/	1970-01-21 09:05:05	Name: visitor_session_partitioned Value: eyJhbGciOiJFUzI1NiJ9.eyJpYXQiOjE3MjkxNjkyMTUsInZpc2l0b3JfaWQiOiIxZTM4Mjc0OC1kMjdhLTRkNjUtYWEyNy1iNWE5NDZiZmYwMWYiLCJpc3MiOiJHbGlhIFNpdGUgVmlzaXRvciBDb25maWciLCJraWQiOiIyN2NiOWRhMi1kNDg0LTQxNzMtOGRkMS03ZDU5NjI1NTk5ZmEifQ.-D_8dfXmHBEVlOG2WVfH5RNGgtiON7FkN27aqcS7q62NsYnNy-AEeN8GJTP2S8JGb-ByNGQhuSfDwXPycxRFwg
.snapchat.com/	1970-01-21 09:41:05	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgQ0AIAgDsItIGIq4c4jKFRxve2NT/QwBtWSOLElmyKm6hpV85t0IIxYN3voB5hD1UzIAAAA=
.fairstone.ca/	1970-01-21 02:29:05	Name: _fbp Value: fb.1.1729169215192.792177211195089970
.pinterest.com/	1970-01-21 09:05:05	Name: ar_debug Value: 1
.fairstone.ca/	1970-01-21 09:55:29	Name: _td Value: 7c8f406d-c731-4e69-812a-bb886dbe78f6
.oam.fairstone.ca/	1970-01-21 09:05:05	Name: _pin_unauth Value: dWlkPVlqTTRNR1JtT1RrdE0yVXpNUzAwWkRRMExUZzFOV1V0T0Raa01XTmhaV1F4TURrNQ
.fairstone.ca/	1970-01-21 09:41:05	Name: _tt_enable_cookie Value: 1
.fairstone.ca/	1970-01-21 09:41:05	Name: _ttp Value: bjS00mAApgvdLppvXNT-ubTGc-O
.amazon-adsystem.com/	1970-01-21 06:29:34	Name: ad-id Value: A3aTFvPL2kc4n4JzVtBueo8
.amazon-adsystem.com/	1970-01-21 09:55:29	Name: ad-privacy Value: 0
.ct.pinterest.com/	1970-01-21 09:05:05	Name: _pinterest_ct_ua Value: "TWc9PSZhWGxBTWVQNGxtTkpGWkxSNjNoZENiUUtRaDNnbzZGTlpMc1VBVDc5OS92ZUdCdHNPVmxPN3N0U1lrRW4vNEE0QmVCNThyTHpud0pIZFdNWTgxdm1NWmppZzJ6RnFWNjlvNHNPRE90YlVyWT0mUFJqVGdvdzh4Skg3cG9EQ3B0ZTFvYW9XekVjPQ=="
.fairstone.ca/	1970-01-21 00:29:34	Name: _ScCbts Value: %5B%5D
.fairstone.ca/	1970-01-21 09:55:29	Name: _ga_F41R5T0N3 Value: GS1.1.1729169214.1.0.1729169214.0.0.2114188229
.fairstone.ca/	1970-01-21 09:55:29	Name: _ga Value: GA1.1.653418318.1729169216
.fairstone.ca/	1970-01-21 09:55:29	Name: _ga_Q8NJ0QC7WK Value: GS1.1.1729169214.1.0.1729169215.59.0.0
.doubleclick.net/	1970-01-21 09:41:05	Name: IDE Value: AHWqTUmvm9QRCmhNqN8eFb2D49v6GpX7WwYW0jgnabtiHxVFf7nOJqvQsyFcNG5M
.quantserve.com/	1970-01-21 09:49:43	Name: mc Value: 6711073f-b8195-21148-41d08
.in.treasuredata.com/	1970-01-21 09:55:29	Name: _td_global Value: 2a2742f7-ac19-4ae6-afec-7691d1b8f4c3
.fairstone.ca/	1970-01-21 09:43:58	Name: __qca Value: P0-1047400681-1729169215248
.tribalfusion.com/	1970-01-21 02:29:05	Name: ANON_ID Value: aVns6EpyXanbqiVRFUm8Zd6MdXYyRF01impqEMc1R3fuZc6lAFrFXltaF52VOEiPROZbaetFpRMBTgE79uOrfGN
.region1.google-analytics.com/	1970-01-21 02:29:05	Name: ar_debug Value: 1
.fairstone.ca/	1970-01-21 09:55:29	Name: FPID Value: FPID2.2.GwHxU%2BbjnRLJ5EavMfF9%2BgejrG%2FO%2FA5zQcqL%2F%2BI6Rfk%3D.1729169216
.fairstone.ca/	1970-01-21 00:20:41	Name: FPLC Value: 4s6eb3Q0atL%2BAOLFurrXYwAykl5x3%2BPsVMt6S1EA2LUwEnp%2Bk8jWvziCCf3PujxPYWmsX%2FhK8ChGAJViOJ%2BB78VyAA9Ny04QmGeRNFHvwNUkNz%2BlGZNUBOSbMvHv7A%3D%3D
.doubleclick.net/	1970-01-21 01:02:41	Name: ar_debug Value: 1
.fairstone.ca/	1969-12-31 23:59:59	Name: dtCookie2xaf6fae Value: v_4_srv_1_sn_LM2BC5G3HCDFDIDRCC97ER0G0ECVRFHD_app-3A402650613d0bbda7_1_ol_0_perc_100000_mul_1_rcs-3Acss_0
.doubleclick.net/	1970-01-21 04:38:41	Name: receive-cookie-deprecation Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://app.fairstone.ca/feature-flags Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;frame-ancestors 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6501431.fls.doubleclick.net
a.quora.com
a.tribalfusion.com
a4.tribalfusion.com
acdn.adnxs.com
ad.doubleclick.net
analytics.tiktok.com
api.salemove.com
app.fairstone.ca
bat.bing.com
bat.bing.net
bf55798edn.bf.dynatrace.com
c.amazon-adsystem.com
capture.trackjs.com
cdn.cookielaw.org
cdn.ingest-lr.com
cdn.treasuredata.com
cdnjs.cloudflare.com
client-logger.salemove.com
cm.g.doubleclick.net
connect.facebook.net
ct.pinterest.com
fonts.googleapis.com
geolocation.onetrust.com
googleads.g.doubleclick.net
ib.adnxs.com
in.treasuredata.com
insight.adsrvr.org
js-cdn.dynatrace.com
js.adsrvr.org
js.appboycdn.com
libs.salemove.com
oam.fairstone.ca
pixel-ssn.quantserve.com
pixel.quantserve.com
px.ads.linkedin.com
px4.ads.linkedin.com
q.quora.com
r.ingest-lr.com
region1.analytics.google.com
region1.google-analytics.com
rules.quantcount.com
s.amazon-adsystem.com
s.pinimg.com
s.tribalfusion.com
s.yimg.com
sc-static.net
sdk.iad-05.braze.com
secure.adnxs.com
secure.quantserve.com
site-assets.salemove.com
snap.licdn.com
sp.analytics.yahoo.com
stats.g.doubleclick.net
td.doubleclick.net
tr.snapchat.com
tr6.snapchat.com
tracking.fairstone.ca
u18537296.ct.sendgrid.net
usage.trackjs.com
use.fontawesome.com
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
oam.fairstone.ca
104.18.42.209
104.198.23.205
107.21.29.68
13.107.42.14
13.224.186.120
13.32.99.18
142.250.184.230
142.250.186.34
148.113.163.172
15.197.193.217
15.235.54.6
151.101.192.84
151.101.64.84
151.101.65.108
162.159.152.17
162.159.153.247
167.89.123.53
172.217.16.198
172.64.149.149
18.172.103.101
18.245.60.102
18.245.86.66
184.86.103.219
185.89.210.46
2001:4860:4802:32::15
2001:4860:4802:32::36
2600:9000:20eb:6a00:1a:6404:eb40:93a1
2600:9000:223c:9a00:6:44e3:f8c0:93a1
2600:9000:2724:1200:0:99b9:cd80:93a1
2600:9000:2724:3600:17:4c3f:1b80:93a1
2606:4700:3037::ac43:8ef5
2606:4700:4400::6812:2089
2606:4700:4400::ac40:963f
2606:4700::6810:7709
2606:4700::6811:180e
2606:4700::6812:562a
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2620:1ec:21::14
2620:1ec:33:3::10
2620:1ec:c11::237
2a00:1288:80:807::2
2a00:1450:4001:806::200a
2a00:1450:4001:813::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9c
2a02:26f0:3500:10::210:a99
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:600::84
2a06:98c1:3120::3
3.163.248.4
34.199.211.219
35.190.43.134
52.222.236.7
52.7.4.15
54.246.144.89
91.228.74.166
98.82.157.137
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0fa4b363e8c64be0ce5fc394e33075b0d4475f41a1d49cb02da79ebbac12829e
1aa117ace62bb52f8d60f07cbf1aebdaadf7a02cdfbe8542a5a916c44f8e7b08
1b1cb7131b4a37fb3abf1f8ee5cb56adfd592b20a840f4f05e9da56ffd379a1c
20133cc700841ec85f087ff9834a922b482b9135e98574a9afebade4c754558c
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
21b6025fcd2e1d0d4ba6f594eb39cfeb0f29d419dbc65ba1bd8e806108c08479
221a90c20d43a3522de06e035e2b637ec6a5a76d75e2713ff723292e02193dee
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2dde2110b2815bd940b5d681c6bc59f8f65bc1a57049fab33748967266d79f65
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0
402dda334f81814b077c20d0d093636239c027f3e82996fd7c12cb91aa57540a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
449a44e570c7320beb7d235c1ddc5ae935ecb347ece6953b77b7750f031ef2b1
459522c82146cee5dcd2245caa803cea45cbe24d85738abdc5fecb68669d8236
4636d28d94a3d3b5b53336849d4aaa761a6471a6b8a8fd6ada5bb29830ddd1ce
48debd556034aa67de99fd9d6ba70b71dbdb5b7931845c05688a2446f8dc7702
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
531edabd1b7ced398e36666fa6a370fc985f613c2f3e6a9765ae5fd34612c1a4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5af5ee0b37b1f0ef31c42932bbf81424e4bb53e95e87a47e058625c1af2245db
5b5dc8151787bff08d75498e2fc64d7f1e4ecefa1a7eaa5157f1f9323cae687a
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
5bbd9766838bf11e3ff360ec5cbb60d6ada352fbad7f7691e24f847313b9b1d4
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
61beacb4cd56eeb260d049582a39a567acd852dda78a7a3fc284d859544c0cdb
658fa08b32ae728ab7498ae847c47c1d9750c37ca79da6f685f125f56699d68c
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
699da4bb72bb41e2f62d75bdcfd402a8c74ddb3fc19c8d34852c7edf64e6d035
6a19f64b730aed86cc5d217b12c7199f46d961be98e030939244b648e3bf03a4
6ab6f7f304c7c9ef84d082b18ba70cfaead75c6c0a7dd5ecc5d925a5a575ea71
7216a9931985767e52992d4d330ad5870046273005bffb1a66a2a72650f4f28a
7566ed5003866dd02b611157822d2fae573d43dc40dba5df228c2685bdc73adc
75cd492cd6cb0415ba52ea9ccbc93ecd53c9bf64b4c5b0d43e47b71b91c388ea
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4
7a28f558e497f8ecebc8242ccba48de0e9cb6a1d9a49a2daf020935ea9449e27
80be7fb9f1763671e4d3cddf72349425a4d4088f7b0ed21c238ab41b8c22ac1f
8257d5a78bc54902d7af44125a9adb813b495d3a5dea731a8a565f55dc2d6bd1
82cd140a4556995accd267ce349526b8eaa86ede83b8cc097663594ec38a1815
832dbd199f70ade357e88a3f5d32920c8c63e69258dc173d3b261686320895db
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
8b6ac9736be5b1ebfb38591812e9a40c2dfc903b7efb2ffd5d04ceb5e7a6cb2b
8e31226785d7fabf5f5f98c4c0e3caf4e18cfd4b9f5bdd84422585cc65e81720
8e4051e892757a600ba202d40a84ed2534c76de840a12fcee0a3398dc4b7db4c
91151fed4a0bc63a6d12e5262a85f66327d1b67f559acadff2a65d7916bfb600
919293e56b6a814a84a579b014f63a2423b0419c418494da7baa7c0c5893cde1
924f135658805ba58c664ad6a7755f799a85381bda501d5ef8eb2e105a479687
94a0a3c0673d4f3df2968b07d166da482c084aed9e42bd688e91fef7b542a5cc
974028b9da7d3879211c9f8a75f220e73f33176764418e5879f75e301543c223
9ca07df45944b8440ae6241e4a017db2b6e4600e5f647d3180c96877198c3552
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a39fda84d9a110d7deecae1b8926b1ac860dd1c76f79e14b3a0d740c315c58c6
a46f91cabe458009c3ae8788c1901c2aa7ded5131630ffc004fc0ad234c63889
a791796f72eea3c5febcbe84acc17e5e8e434e71036ea481b168dc4f41f12a9c
a95334d40f8fa08fcc51145d8d4427ca26de4888aabf81090229b9a79c4e552f
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
aebe8df81ee2ba5bc51e3abc322910ee5122a0ac06edfbcf7a04e1659d17dc9c
b09701acc6c60763e6cf5ec904ae8eed9771d4d0957f437403fcbea92b003ae7
c4820409e1996404acb80fa8db5ad53a92cee649e58027e2a8cfa6d85560f3d0
c52550189ad7a781a37919af639c2d6a786821aad8b982daa6a54af46817b8fa
c65c69f2a50fea409df704928bc55cdb3de9aed7631ebf288e69003c719776d7
ced3b19dbaf9805d635d9b2e6af1d83c752d8e677ef41728c3aa1e5990f6ff3f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf4a39da3c8dfae85c399d506c415102192db14ab1aa1ec8013bcafd13c44d72
d4f50997a153a548c44cad622c80e943e464492dae20df7fe87cdea92915c5cd
da026293c60fd1260b8e8ba7f9e802e0286d494339c72f8fd4d1735f2ed3d279
e2d60cdf4948bf1fcc89d3e1fb4875dbfe0cd45125eced25eb220b5fd72abe73
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44186395f92ca92a743b7bfce319e95f8a16705b772ae61fc46e8c00f6842c4
e4b9a4d34a563158069f54e72a34585d7a2a25f753b9b30220d429d2bc8624b8
e50d83446137b8e3bdcba6f278f79b4ece4afbb5b9a60d63afb9d60bbe035410
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e730db385c29e329772cdc5ec852c528a7611a5fa084723560a99dc14718cdcf
e781dd5b9ca502edc933e1290054b72b9e4d3b592d481d78827363acb8ad1621
e92913c2b11fc1e9e7c4f84628362d1c9660e7f7e88904d124c9ebbbef9d4e48
e9a0e5ec5f0661a12dd757f2c83cd1aef3db954df2c5484741798619cd4edb12
eab5d90a71736f267af39fdf32caa8c71673fd06703279b01e0f92b0d7be0bfc
eb1180bbd9bf49cdb1fb111988bbfe5e76630c73ea5c785bd24953c02a1efd40
ed1667a9167bdc29865690a5d728256c5cbefaec7f9d50ee2f7a82c14fc96721
ed891295d5d4f70182e68bb3fa450a2b0bf22cfc89286c420632639fb6fd3510
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efad755939e511f2bc1feb0d58d6014006e8598a4d431f27a66dd59e14fc19cb
f1b0da0fda8fcf843c0f2f148a2c7bd94f1380bc35cadfcd23e5b8c1bab49c32
f3793d1587f9024b4bde7b2e892fb5913f6faf91d5e82a70b11d1d3461de61b1
f3e5e92420d3ce2b8a44ff4144890cf2b14e03015076bfd64050329c77ae3bbd
f81abc642247ee095c6e16e8131cc54be971a537bf9b3f41d4526dda1d72025e
fd09c227f7338c2f5b67bd06cd2734fee436b487d1c1f93afc7b18b76205d749
ffaf3b7f34955e1c40b72cab3f9c84a08869774c525b76cbca16dc4b08593b08

oam.fairstone.ca Open in urlscan Pro 18.245.60.102 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

138 Requests

94 %HTTPS

48 %IPv6

39 Domains

65 Subdomains

60 IPs

7 Countries

2804 kBTransfer

9803 kBSize

52 Cookies

1 Outgoing links

Page URL History

Redirected requests

138 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

oam.fairstone.ca Open in urlscan Pro
18.245.60.102 Public Scan

Screenshot
Live screenshot

Full Image

138
Requests

94 %
HTTPS

48 %
IPv6

39
Domains

65
Subdomains

60
IPs

7
Countries

2804 kB
Transfer

9803 kB
Size

52
Cookies

138 HTTP transactions
0 data transactions