refer.envisionfinancial.ca Open in urlscan Pro
18.238.49.123 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://email.co-buying.com/ls/click?upn=u001.HCo-2BptZIeULDCtVfL3WB4LOfkC3cStU7eCEp8i0fR2AO0do7JwoBWvCgxyRXF6irpxt6oZpDUnSm...
Effective URL:
https://refer.envisionfinancial.ca/refer?bp_p=%2Fiaf%2Fenvision_raf1%3Fauth_token%3D8mxaRo1x_9xHD_wy6g97&utm_campaign=envision_raf1...
Submission: On November 06 via manual (November 6th 2024, 1:27:29 am UTC) from CA — Scanned from CA

Summary HTTP 25 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 10 IPs in 1 countries across 8 domains to perform 25 HTTP transactions. The main IP is 18.238.49.123, located in United States and belongs to AMAZON-02, US. The main domain is refer.envisionfinancial.ca.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on July 30th 2024. Valid for: 6 months.

This is the only time refer.envisionfinancial.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:21d... 2600:9000:21dd:f800:b:5644:c00:93a1	16509 (AMAZON-02) (AMAZON-02)
7	18.238.49.123 18.238.49.123	16509 (AMAZON-02) (AMAZON-02)
2	18.173.132.27 18.173.132.27	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:824::2008	15169 (GOOGLE) (GOOGLE)
6	2600:9000:23c... 2600:9000:23cb:c000:1:7b17:b000:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:80b::2008	15169 (GOOGLE) (GOOGLE)
1	108.139.47.115 108.139.47.115	16509 (AMAZON-02) (AMAZON-02)
1	18.173.132.101 18.173.132.101	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:ca01	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.217.49.68 52.217.49.68	16509 (AMAZON-02) (AMAZON-02)
2	52.217.48.88 52.217.48.88	16509 (AMAZON-02) (AMAZON-02)
25	10

1 2600:9000:21dd:f800:b:5644:c00:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

email.co-buying.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.238.49.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-49-123.jfk52.r.cloudfront.net

refer.envisionfinancial.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.173.132.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-132-27.jfk52.r.cloudfront.net

cdn.co-buying.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:23cb:c000:1:7b17:b000:93a1 (United States)

ASN16509 (AMAZON-02, US)

bp.envisionfinancial.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80b::2008 (United States)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.47.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-115.jfk50.r.cloudfront.net

platform.buyapowa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.132.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-132-101.jfk52.r.cloudfront.net

cdn.rollbar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:ca01 (United States)

ASN13335 (CLOUDFLARENET, US)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.217.49.68 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

buyapowa-fonts-us.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.217.48.88 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-east-1-r-w.amazonaws.com

buyapowa-fonts-us.s3.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	envisionfinancial.ca refer.envisionfinancial.ca bp.envisionfinancial.ca	155 KB
4	amazonaws.com buyapowa-fonts-us.s3.amazonaws.com buyapowa-fonts-us.s3.us-east-1.amazonaws.com	132 KB
3	co-buying.com 1 redirects email.co-buying.com cdn.co-buying.com — Cisco Umbrella Rank: 197322	19 KB
2	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 927	18 KB
1	cloudinary.com res.cloudinary.com — Cisco Umbrella Rank: 2653	159 KB
1	rollbar.com cdn.rollbar.com — Cisco Umbrella Rank: 14046	24 KB
1	buyapowa.com platform.buyapowa.com	410 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	77 KB
25	8

	Domain	Requested by
7	refer.envisionfinancial.ca	refer.envisionfinancial.ca
6	bp.envisionfinancial.ca	cdn.co-buying.com cdn.rollbar.com
2	buyapowa-fonts-us.s3.us-east-1.amazonaws.com	buyapowa-fonts-us.s3.amazonaws.com
2	buyapowa-fonts-us.s3.amazonaws.com	platform.buyapowa.com
2	ssl.google-analytics.com	www.googletagmanager.com refer.envisionfinancial.ca
2	cdn.co-buying.com	refer.envisionfinancial.ca
1	res.cloudinary.com
1	cdn.rollbar.com	bp.envisionfinancial.ca
1	platform.buyapowa.com	refer.envisionfinancial.ca
1	www.googletagmanager.com	refer.envisionfinancial.ca
1	email.co-buying.com	1 redirects
25	11

This site contains links to these domains. Also see Links.

Domain
www.envisionfinancial.ca
facebook.com

Subject Issuer	Validity	Valid
refer.envisionfinancial.ca DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-01-21`	6 months	crt.sh
*.co-buying.com Amazon RSA 2048 M02	`2024-05-28` - `2025-06-25`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
bp.envisionfinancial.ca Amazon RSA 2048 M03	`2023-12-24` - `2025-01-21`	a year	crt.sh
*.buyapowa.com Amazon RSA 2048 M02	`2024-11-05` - `2025-12-04`	a year	crt.sh
cdn.rollbar.com Amazon RSA 2048 M03	`2024-04-11` - `2025-05-09`	a year	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2024-04-23` - `2025-05-25`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2024-04-22` - `2025-04-07`	a year	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2024-09-18` - `2025-09-16`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://refer.envisionfinancial.ca/refer?bp_p=%2Fiaf%2Fenvision_raf1%3Fauth_token%3D8mxaRo1x_9xHD_wy6g97&utm_campaign=envision_raf1&utm_content=banner_hero_image&utm_medium=email&utm_source=buyapowa&utm_term=referrer_nurture
Frame ID: 94D133B42B0BCACCDC5D5C22623B89D2
Requests: 12 HTTP requests in this frame

Frame: https://bp.envisionfinancial.ca/iaf/envision_raf1?auth_token=8mxaRo1x_9xHD_wy6g97&locale=en&utm_campaign=envision_raf1&utm_content=banner_hero_image&utm_medium=email&utm_source=buyapowa&utm_term=referrer_nurture&p=%2Fiaf%2Fenvision_raf1%3Fauth_token%3D8mxaRo1x_9xHD_wy6g97&embedded_at_url=https%3A%2F%2Frefer.envisionfinancial.ca%2Frefer%3Fbp_p%3D%252Fiaf%252Fenvision_raf1%253Fauth_token%253D8mxaRo1x_9xHD_wy6g97%26utm_campaign%3Denvision_raf1%26utm_content%3Dbanner_hero_image%26utm_medium%3Demail%26utm_source%3Dbuyapowa%26utm_term%3Dreferrer_nurture
Frame ID: 71A4E1192583A17C2B61B69C81A4D657
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Referral Perks

Page URL History Show full URLs

https://email.co-buying.com/ls/click?upn=u001.HCo-2BptZIeULDCtVfL3WB4LOfkC3cStU7eCEp8i0fR2AO0do7JwoBWvCg... HTTP 302
https://refer.envisionfinancial.ca/refer?bp_p=%2Fiaf%2Fenvision_raf1%3Fauth_token%3D8mxaRo1x_9xHD_wy6g97&utm_ca... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Page Statistics

25
Requests

100 %
HTTPS

45 %
IPv6

8
Domains

11
Subdomains

10
IPs

1
Countries

992 kB
Transfer

2517 kB
Size

7
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.envisionfinancial.ca/
Title: Envision Financial, a division of First West Credit Union

Search URL Search Domain Scan URL

URL: https://facebook.com/envisionfinancial.ca

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://email.co-buying.com/ls/click?upn=u001.HCo-2BptZIeULDCtVfL3WB4LOfkC3cStU7eCEp8i0fR2AO0do7JwoBWvCgxyRXF6irpxt6oZpDUnSmuRa2zbLuwiunWjMk-2BGwAX1oXzySnWMDPI0A-2BQogro5R2nFTMUQwVAV03xTC6O3Rh3PmkNv-2B096iYwS7jEqfWfkwWV-2FaZFflZLknKIJ06vkI0Rg66H-2Fw-2FzxJ1cmlNERj-2B1GmCsrMJad-2FBgIckwDhn3Lj-2BN-2BGeqPy3YP643DbtQRtommnchfsZPOpuj8L1YWj-2BEmSO-2BnBSH-2B4KM7rdDpaqZ3uiivOjitpQfXGbFCY8X-2Fng-2Fc0vRl9wmxSe_-2F3-2FoneFXGBABD0QahmmAlNoGPG5iTVDe5-2Fjw6OuZZcTRBVKlfRXJrnNU8Wue8kVX3xNxDSvWlr-2BrN8kn8Q75A-2F5v6gPopK7rFfaVe7iAXpDufK6-2BOEasWdFUWEIGj8SOIKa3tOxcSgffArgpv5J3mX98WLPhxf-2F-2FAwhZZNxqaEd7Od95FxpjDIDP9ShWl5Cr2Brs8On1qz74cDUNpAxMomOprKe2ZTvse5wb-2Bi8aKUdiappTPix0KTbdW8wGKz-2FUlG3EQU8GKCHVcauBXa7C6DpsH3Uhm3sxXJc7SHAbFhe-2BTdkSA-2FxcV2xQQWZ9GkNsuyhO5-2BCIssehO7A3DU60Gws9Jv2Ww8CxhoFmxR1UIqn9xLfsAF0i69OxR-2FG1O3nvOceklMYaf4oSxTb7DhU-2B-2FZbgTFJ6KcknvMKdkDpZICHy3Qkt6kkEPT0L-2FLbtRw41DM4TFQ4t7-2B3BbfPDCVKRHwwM7AjIf7TPL1nw1VQZqpC5JD3LGjf-2BH3aJEBJ9UmxET-2FBFqO0hdN-2Fdrbllm03-2Fm-2Fbq-2BiVSQ-2BF9PBptrF1ARwLjlLhbpMSahhrcpQBJWFEb2BzbJ9z1bDDvxv6T3gMKT6CtNrgl5Uh0DXtFwZDoe6d3KJa4WfsJFnw583jpNxZj24BEQAeWxqNMD-2FBUGpec-2F7XCwx-2BqTDIjWotNIiAlvZeWcAzsheG9Ixtrp5tpUwKEfURsfbGRM71YSM5-2B6tTdI6GUtE0u4fU4XGVDvwGpJhVQqUqbJJiXRR1QqUXXvIMXqNCqo2HsqYg2Z-2F8YYS9U8-2FCphNn-2B9PVZZBiQGiME8Xbq-2BqOmc30ZCaP1oC-2FCP6cni4ryJC-2Bxqxfp9bJ-2BRwittXdwfxBTkFBjGezuspdxY2ssFztSUKuxzryFd8YNEk0Fy0rs-2Ffl1gW45JIdDb0alnlpHXtykENejo-2F3rZraB8girgzbdS-2BemXS0npQiTs92hwax2URTxrrlJW9yV-2BWFngGDtoogmWfKTsdp0hLC5uHzUxMrUNTkUj4oRODVso59XP6rD14DSKh-2BXDV-2FGiLhzU0ILrHUE2xXx6VoZP3w9dpXTBUco5cAJDAXBgRoI8qY3qbgYCiPOoc8vb7ZqNUjGhNGrkudJVzGV7hzTrbNo3JbOeLF0RFUYxii4zYBFWa3RH3B4qzqpcj-2BAd4ckVOxspdI6kWImsxCVJquO88Rg9AE-3D HTTP 302
https://refer.envisionfinancial.ca/refer?bp_p=%2Fiaf%2Fenvision_raf1%3Fauth_token%3D8mxaRo1x_9xHD_wy6g97&utm_campaign=envision_raf1&utm_content=banner_hero_image&utm_medium=email&utm_source=buyapowa&utm_term=referrer_nurture Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request refer Show response
refer.envisionfinancial.ca/
Redirect Chain

https://email.co-buying.com/ls/click?upn=u001.HCo-2BptZIeULDCtVfL3WB4LOfkC3cStU7eCEp8i0fR2AO0do7JwoBWvCgxyRXF6irpxt6oZpDUnSmuRa2zbLuwiunWjMk-2BGwAX1oXzySnWMDPI0A-2BQogro5R2nFTMUQwVAV03xTC6O3Rh3PmkN...
https://refer.envisionfinancial.ca/refer?bp_p=%2Fiaf%2Fenvision_raf1%3Fauth_token%3D8mxaRo1x_9xHD_wy6g97&utm_campaign=envision_raf1&utm_content=banner_hero_image&utm_medium=email&utm_source=buyapow...

5 KB
6 KB

451ms
158ms

Document
text/html

18.238.49.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://refer.envisionfinancial.ca/refer?bp_p=%2Fiaf%2Fenvision_raf1%3Fauth_token%3D8mxaRo1x_9xHD_wy6g97&utm_campaign=envision_raf1&utm_content=banner_hero_image&utm_medium=email&utm_source=buyapowa&utm_term=referrer_nurture

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.49.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-49-123.jfk52.r.cloudfront.net

Software

Cowboy /

Resource Hash

8d71f82548b5a7799573721c73413c798b246a2ca1587c1edbe12b2a085cb142

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0, private, must-revalidate
content-length: 4683
content-type: text/html; charset=utf-8
date: Wed, 06 Nov 2024 01:27:23 GMT
etag: W/"8d71f82548b5a7799573721c73413c79"
link: </assets/application-d7a752b74a0154905c4f833bed58c7aaba1b7553b37221403d28fc9ecae775af.css>; rel=preload; as=style; nopush,</assets/application-a342ec161edf3fa3a97a3af5a72dbe403cd5b93f437aa9e825c5f17ace9cff5f.js>; rel=preload; as=script; nopush
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
referrer-policy: strict-origin-when-cross-origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1730856444&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=Xw8wKIcqwp9R0h%2BOxYCZYFGH8xVIhu8%2BY64525MzQY0%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1730856444&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=Xw8wKIcqwp9R0h%2BOxYCZYFGH8xVIhu8%2BY64525MzQY0%3D
server: Cowboy
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 vegur, 1.1 9b2aa79b9573beef202ad020dc96008a.cloudfront.net (CloudFront)
x-amz-cf-id: QBVn361x7GNxeeOqrqYhT8rw_fGI1SinrGG3jPDMgpiZo9015n1q-Q==
x-amz-cf-pop: JFK52-P3
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: b9c5f2f9-1b8e-4063-b4bc-d78083a54ee0
x-runtime: 0.005737
x-xss-protection: 0

Redirect headers

content-length: 267
content-type: text/html; charset=utf-8
date: Wed, 06 Nov 2024 01:27:23 GMT
location: https://refer.envisionfinancial.ca/refer?bp_p=%2Fiaf%2Fenvision_raf1%3Fauth_token%3D8mxaRo1x_9xHD_wy6g97&utm_campaign=envision_raf1&utm_content=banner_hero_image&utm_medium=email&utm_source=buyapowa&utm_term=referrer_nurture
server: nginx
via: 1.1 bcc31f3e5b9e78f99a5a01aa529f6c94.cloudfront.net (CloudFront)
x-amz-cf-id: 4ylC20z5BM9xFQUwOxQXmgJAQRJ8-yW4J7C9tFn7nUvUIZH_rQHG2Q==
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront
x-robots-tag: noindex, nofollow

GET
H2 200 application-d7a752b74a0154905c4f833bed58c7aaba1b7553b37221403d28fc9ecae775af.css
refer.envisionfinancial.ca/assets/ 6 KB
2 KB 67ms
62ms Stylesheet
text/css 18.238.49.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://refer.envisionfinancial.ca/assets/application-d7a752b74a0154905c4f833bed58c7aaba1b7553b37221403d28fc9ecae775af.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.49.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-49-123.jfk52.r.cloudfront.net

Software

Cowboy /

Resource Hash

36ae15ca7bd3709d78c53fc84213afae4130221e0fc9079435fd09cd50325a73

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refer.envisionfinancial.ca/refer?bp_p=%2Fiaf%2Fenvision_raf1%3Fauth_token%3D8mxaRo1x_9xHD_wy6g97&utm_campaign=envision_raf1&utm_content=banner_hero_image&utm_medium=email&utm_source=buyapowa&utm_term=referrer_nurture

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1730856444&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=Xw8wKIcqwp9R0h%2BOxYCZYFGH8xVIhu8%2BY64525MzQY0%3D
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
content-encoding: gzip
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1730856444&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=Xw8wKIcqwp9R0h%2BOxYCZYFGH8xVIhu8%2BY64525MzQY0%3D"}]}
via: 1.1 vegur, 1.1 9b2aa79b9573beef202ad020dc96008a.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 1608
x-amz-cf-id: Gyr1-4KaSmKyyzj1xF1ZoBa3ACGt-o1n_e6V_nNZ0O9cTY9sG1s7tA==
date: Wed, 06 Nov 2024 01:27:23 GMT
content-type: text/css
last-modified: Mon, 15 Apr 2024 14:51:53 GMT
server: Cowboy
x-amz-cf-pop: JFK52-P3
vary: accept-encoding

GET
H2 200 application-a342ec161edf3fa3a97a3af5a72dbe403cd5b93f437aa9e825c5f17ace9cff5f.js Show response
refer.envisionfinancial.ca/assets/ 108 KB
38 KB 94ms
89ms Script
text/javascript 18.238.49.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://refer.envisionfinancial.ca/assets/application-a342ec161edf3fa3a97a3af5a72dbe403cd5b93f437aa9e825c5f17ace9cff5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.49.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-49-123.jfk52.r.cloudfront.net

Software

Cowboy /

Resource Hash

2c5280ce5c98ff55e83d64d43f8ed521129c38a2e000757a386dbeed1255ae52

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refer.envisionfinancial.ca/refer?bp_p=%2Fiaf%2Fenvision_raf1%3Fauth_token%3D8mxaRo1x_9xHD_wy6g97&utm_campaign=envision_raf1&utm_content=banner_hero_image&utm_medium=email&utm_source=buyapowa&utm_term=referrer_nurture

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1730856444&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=Xw8wKIcqwp9R0h%2BOxYCZYFGH8xVIhu8%2BY64525MzQY0%3D
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
content-encoding: gzip
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1730856444&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=Xw8wKIcqwp9R0h%2BOxYCZYFGH8xVIhu8%2BY64525MzQY0%3D"}]}
via: 1.1 vegur, 1.1 9b2aa79b9573beef202ad020dc96008a.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 37839
x-amz-cf-id: dFhjCLtxOSFCGikQVqlcFiRb_9RLZET8yjgrIVji_k9XarSgQHRIBA==
date: Wed, 06 Nov 2024 01:27:23 GMT
content-type: text/javascript
last-modified: Fri, 24 May 2024 21:29:12 GMT
server: Cowboy
x-amz-cf-pop: JFK52-P3
vary: accept-encoding

GET
H2 200 embedding.min.js Show response
cdn.co-buying.com/ 47 KB
16 KB 177ms
30ms Script
text/javascript 18.173.132.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.co-buying.com/embedding.min.js

Requested by

Host: refer.envisionfinancial.ca
URL: https://refer.envisionfinancial.ca/refer?bp_p=%2Fiaf%2Fenvision_raf1%3Fauth_token%3D8mxaRo1x_9xHD_wy6g97&utm_campaign=envision_raf1&utm_content=banner_hero_image&utm_medium=email&utm_source=buyapowa&utm_term=referrer_nurture

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.132.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-132-27.jfk52.r.cloudfront.net

Software

Cowboy /

Resource Hash

332db6b7d69a091d6f5d33560cbb9d932c1314a48733a3d24fe1e47d7f8528f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=7889238

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refer.envisionfinancial.ca/

Response headers

content-encoding: gzip
age: 66658
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1730789786&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=xUlRZD1MSdfX%2F2%2BiWwdvUDe1eK4wKUsN9qi6rlzxcnc%3D"}]}
x-cache: Hit from cloudfront
x-amz-cf-id: 59Dm2JwfKSbNOSAREAmIx6DSO_ev6y7P568kN9K2RT2dhl70XjTiXQ==
date: Tue, 05 Nov 2024 06:56:26 GMT
content-type: text/javascript
last-modified: Mon, 04 Nov 2024 09:34:14 GMT
vary: Accept-Encoding,Origin
strict-transport-security: max-age=7889238
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1730789786&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=xUlRZD1MSdfX%2F2%2BiWwdvUDe1eK4wKUsN9qi6rlzxcnc%3D
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control: public, max-age=86400
via: 1.1 vegur, 1.1 eb2d3c7af7f453242c6551f237e2edd4.cloudfront.net (CloudFront), 1.1 38385695b10551583d750b943a475982.cloudfront.net (CloudFront)
x-amz-cf-pop: MCI50-P1, JFK52-P2
server: Cowboy

GET
H2 200 envision_logo-c674ec28419444beb2f2a3cdfd46cb932b70447e81f2f4849b60d90308d53c90.png
refer.envisionfinancial.ca/assets/client/ 23 KB
24 KB 74ms
71ms Image
image/png 18.238.49.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refer.envisionfinancial.ca/assets/client/envision_logo-c674ec28419444beb2f2a3cdfd46cb932b70447e81f2f4849b60d90308d53c90.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.49.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-49-123.jfk52.r.cloudfront.net

Software

Cowboy /

Resource Hash

6f6f6e1b90011fe6760dc7a01084f4608447ccea63e22bbf77111516b8a120b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refer.envisionfinancial.ca/refer?bp_p=%2Fiaf%2Fenvision_raf1%3Fauth_token%3D8mxaRo1x_9xHD_wy6g97&utm_campaign=envision_raf1&utm_content=banner_hero_image&utm_medium=email&utm_source=buyapowa&utm_term=referrer_nurture

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1730856444&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=Xw8wKIcqwp9R0h%2BOxYCZYFGH8xVIhu8%2BY64525MzQY0%3D
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1730856444&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=Xw8wKIcqwp9R0h%2BOxYCZYFGH8xVIhu8%2BY64525MzQY0%3D"}]}
via: 1.1 vegur, 1.1 9b2aa79b9573beef202ad020dc96008a.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 23673
x-amz-cf-id: tr4vFRGWBJoUAZEAhuNiBrBiFY3kRKEnVqrul3s2R_5PlwV6TsWLKA==
date: Wed, 06 Nov 2024 01:27:23 GMT
content-type: image/png
last-modified: Tue, 13 Sep 2022 18:40:30 GMT
server: Cowboy
x-amz-cf-pop: JFK52-P3

GET
H2 200 envision_perks-8463365b1acec407c92dd69abbe28dcff91a48cd8f1194da8c0fe0ef672c89c4.png
refer.envisionfinancial.ca/assets/client/ 10 KB
11 KB 70ms
66ms Image
image/png 18.238.49.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refer.envisionfinancial.ca/assets/client/envision_perks-8463365b1acec407c92dd69abbe28dcff91a48cd8f1194da8c0fe0ef672c89c4.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.49.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-49-123.jfk52.r.cloudfront.net

Software

Cowboy /

Resource Hash

33589a06ffb4c106c4cf4abf511bb017d78bc8fb6df188713a941eebba21c9e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refer.envisionfinancial.ca/refer?bp_p=%2Fiaf%2Fenvision_raf1%3Fauth_token%3D8mxaRo1x_9xHD_wy6g97&utm_campaign=envision_raf1&utm_content=banner_hero_image&utm_medium=email&utm_source=buyapowa&utm_term=referrer_nurture

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1730856444&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=Xw8wKIcqwp9R0h%2BOxYCZYFGH8xVIhu8%2BY64525MzQY0%3D
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1730856444&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=Xw8wKIcqwp9R0h%2BOxYCZYFGH8xVIhu8%2BY64525MzQY0%3D"}]}
via: 1.1 vegur, 1.1 9b2aa79b9573beef202ad020dc96008a.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 10587
x-amz-cf-id: UuSt5o4I5mLBUtdb73bUpxknTUAbfKil71KJTu-OurH2duraYJ-Q3w==
date: Wed, 06 Nov 2024 01:27:23 GMT
content-type: image/png
last-modified: Tue, 13 Sep 2022 18:40:30 GMT
server: Cowboy
x-amz-cf-pop: JFK52-P3

GET
H2 200 facebook-thumb-11101aec3a666954dc35e413e6071380522284258d6e7186d0a93e5a36dab558.png
refer.envisionfinancial.ca/assets/site/ 35 KB
36 KB 71ms
70ms Image
image/png 18.238.49.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refer.envisionfinancial.ca/assets/site/facebook-thumb-11101aec3a666954dc35e413e6071380522284258d6e7186d0a93e5a36dab558.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.49.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-49-123.jfk52.r.cloudfront.net

Software

Cowboy /

Resource Hash

ac4c2d5397263b97337536e94cb053ea0326938ddff109d25e04ea5dac70d02e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refer.envisionfinancial.ca/refer?bp_p=%2Fiaf%2Fenvision_raf1%3Fauth_token%3D8mxaRo1x_9xHD_wy6g97&utm_campaign=envision_raf1&utm_content=banner_hero_image&utm_medium=email&utm_source=buyapowa&utm_term=referrer_nurture

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1730856444&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=Xw8wKIcqwp9R0h%2BOxYCZYFGH8xVIhu8%2BY64525MzQY0%3D
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1730856444&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=Xw8wKIcqwp9R0h%2BOxYCZYFGH8xVIhu8%2BY64525MzQY0%3D"}]}
via: 1.1 vegur, 1.1 9b2aa79b9573beef202ad020dc96008a.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 35901
x-amz-cf-id: XaSmDR9oNax3mF3JoqnJEDqFvxdosU5zEOZ9UscVfqZT062ZYu6l0w==
date: Wed, 06 Nov 2024 01:27:23 GMT
content-type: image/png
last-modified: Tue, 13 Sep 2022 18:40:30 GMT
server: Cowboy
x-amz-cf-pop: JFK52-P3

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 211 KB
77 KB 128ms
60ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N7PLNW

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

74e36879032ea9334e26a514af838395f5966b33d2cfa16ccdbeb5f24a061dab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refer.envisionfinancial.ca/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Wed, 06 Nov 2024 01:27:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 01:27:24 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 06 Nov 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 77690
x-xss-protection: 0
server: Google Tag Manager

POST
H2 200 envision_raf1 Show response
bp.envisionfinancial.ca/canary-check/ 64 B
1 KB 112ms
110ms Fetch
application/json 2600:9000:23cb:c000:1:7b17:b000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bp.envisionfinancial.ca/canary-check/envision_raf1

Requested by

Host: cdn.co-buying.com
URL: https://cdn.co-buying.com/embedding.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23cb:c000:1:7b17:b000:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cowboy /

Resource Hash

4a6491419bc760667ba3e244ade7555a33308de9732c1805712aae2da15afd54

Security Headers

Name	Value
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://refer.envisionfinancial.ca/

Response headers

access-control-max-age: 120
x-request-id: b61ff218-f0d6-4618-985c-5205e2680a0b
access-control-expose-headers
etag: W/"4a6491419bc760667ba3e244ade7555a"
x-permitted-cross-domain-policies: none
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1730856444&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=UkJGjVk0hzgwqxvPXhXiaePWulRyGJfovkQ4R31MSlQ%3D"}]}
access-control-allow-methods: GET, POST
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-amz-cf-id: 9g22d4m9ga0NUrO94gqGrVVxZ9idf3mpEg2iK1seNqijIeAYH4DGMg==
date: Wed, 06 Nov 2024 01:27:24 GMT
content-type: application/json; charset=utf-8
vary: Accept, Origin
x-runtime: 0.021670
strict-transport-security: max-age=7889238
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1730856444&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=UkJGjVk0hzgwqxvPXhXiaePWulRyGJfovkQ4R31MSlQ%3D
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control: max-age=120, private
access-control-allow-credentials: true
referrer-policy: origin
content-security-policy-report-only: default-src 'self' https:; font-src 'self' https: data:; img-src 'self' https: data:; object-src 'self'; script-src 'self' 'unsafe-inline' https://use.typekit.net https://cdn.rollbar.com https://cdn.co-buying.com https://platform.buyapowa.com/ https://js-agent.newrelic.com https://bam-cell.nr-data.net https://bam.nr-data.net; connect-src 'self' https://bam-cell.nr-data.net https://bam.nr-data.net https://api.rollbar.com; style-src 'unsafe-inline' 'self' https:
via: 1.1 vegur, 1.1 667392b7601b2f20a44ef149f6859dae.cloudfront.net (CloudFront)
access-control-allow-origin: https://refer.envisionfinancial.ca
content-length: 64
x-xss-protection: 0
x-amz-cf-pop: JFK50-P1
server: Cowboy

OPTIONS
H2 200 envision_raf1
bp.envisionfinancial.ca/canary-check/ Frame 0
0 191ms
73ms Preflight 2600:9000:23cb:c000:1:7b17:b000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bp.envisionfinancial.ca/canary-check/envision_raf1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:c000:1:7b17:b000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://refer.envisionfinancial.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://refer.envisionfinancial.ca
access-control-expose-headers
access-control-max-age: 120
content-length: 0
date: Wed, 06 Nov 2024 01:27:24 GMT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1730856444&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=UkJGjVk0hzgwqxvPXhXiaePWulRyGJfovkQ4R31MSlQ%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1730856444&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=UkJGjVk0hzgwqxvPXhXiaePWulRyGJfovkQ4R31MSlQ%3D
server: Cowboy
via: 1.1 vegur, 1.1 667392b7601b2f20a44ef149f6859dae.cloudfront.net (CloudFront)
x-amz-cf-id: nfk_KeijxdP11NZzQ0L7NBryDcvuf5CgAiYRFF1BhER3ZcV9f6yixA==
x-amz-cf-pop: JFK50-P1
x-cache: Miss from cloudfront

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 97ms
27ms Script
text/javascript 2607:f8b0:4006:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N7PLNW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refer.envisionfinancial.ca/

Response headers

content-encoding: gzip
age: 1220
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:215:0"}],}
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 03:07:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 01:07:04 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:215:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 17168
server: Golfe2

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
410 B 45ms
43ms Image
image/gif 2607:f8b0:4006:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=259786201&utmhn=refer.envisionfinancial.ca&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-ca&utmje=0&utmfl=-&utmdt=Referral%20Perks&utmhid=508974840&utmr=-&utmp=%2Frefer%3Fbp_p%3D%25252Fiaf%25252Fenvision_raf1%25253Fauth_token%25253D8mxaRo1x_9xHD_wy6g97%26utm_campaign%3Denvision_raf1%26utm_content%3Dbanner_hero_image%26utm_medium%3Demail%26utm_source%3Dbuyapowa%26utm_term%3Dreferrer_nurture&utmht=1730856444874&utmac=UA-34281500-2&utmgtm=45He4au0n71N7PLNWza200&utmcc=__utma%3D91044505.1816655427.1730856445.1730856445.1730856445.1%3B%2B__utmz%3D91044505.1730856445.1.1.utmcsr%3Dbuyapowa%7Cutmccn%3Denvision_raf1%7Cutmcmd%3Demail%7Cutmctr%3Dreferrer_nurture%7Cutmcct%3Dbanner_hero_image%3B&utmjid=2102458879&utmredir=1&utmu=qmAgAABAAAGBAAAAAgAAAAAE~

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refer.envisionfinancial.ca/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:169:0"}],}
x-content-type-options: nosniff
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:169:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 01:27:24 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
server: Golfe2

GET
H2 200 envision_raf1 Show response
bp.envisionfinancial.ca/iaf/ Frame 71A4 9 KB
10 KB 175ms
111ms Document
text/html 2600:9000:23cb:c000:1:7b17:b000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bp.envisionfinancial.ca/iaf/envision_raf1?auth_token=8mxaRo1x_9xHD_wy6g97&locale=en&utm_campaign=envision_raf1&utm_content=banner_hero_image&utm_medium=email&utm_source=buyapowa&utm_term=referrer_nurture&p=%2Fiaf%2Fenvision_raf1%3Fauth_token%3D8mxaRo1x_9xHD_wy6g97&embedded_at_url=https%3A%2F%2Frefer.envisionfinancial.ca%2Frefer%3Fbp_p%3D%252Fiaf%252Fenvision_raf1%253Fauth_token%253D8mxaRo1x_9xHD_wy6g97%26utm_campaign%3Denvision_raf1%26utm_content%3Dbanner_hero_image%26utm_medium%3Demail%26utm_source%3Dbuyapowa%26utm_term%3Dreferrer_nurture

Requested by

Host: cdn.co-buying.com
URL: https://cdn.co-buying.com/embedding.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23cb:c000:1:7b17:b000:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cowboy /

Resource Hash

7adfc1d50b2a6e3779bc1eeaa5c50164bc3442b9901281ebda244db3988457ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://refer.envisionfinancial.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: no-store
content-length: 9016
content-security-policy-report-only: default-src 'self' https:; font-src 'self' https: data:; img-src 'self' https: data:; object-src 'self'; style-src 'unsafe-inline' 'self' https:; script-src 'self' 'unsafe-inline' https://use.typekit.net https://cdn.rollbar.com https://cdn.co-buying.com https://platform.buyapowa.com/ https://js-agent.newrelic.com https://bam-cell.nr-data.net https://bam.nr-data.net; connect-src 'self' https://bam-cell.nr-data.net https://bam.nr-data.net https://api.rollbar.com
content-type: text/html; charset=utf-8
date: Wed, 06 Nov 2024 01:27:24 GMT
etag: W/"7adfc1d50b2a6e3779bc1eeaa5c50164"
link: <https://platform.buyapowa.com/platform.js>; rel=preload; as=script; nopush,<https://cdn.co-buying.com/assets/platform_embedded-6256c78a.js>; rel=preload; as=script; nopush
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
referrer-policy: origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1730856445&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=Ykzde00eBpdsEQ2R9mjGWcJ4qh399C8JIKxZU5HWXEc%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1730856445&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=Ykzde00eBpdsEQ2R9mjGWcJ4qh399C8JIKxZU5HWXEc%3D
server: Cowboy
strict-transport-security: max-age=7889238
via: 1.1 vegur, 1.1 80d5d65d27a0450c8f0018381b103d7a.cloudfront.net (CloudFront)
x-amz-cf-id: BwIXDryf6TTHYJhel-Zirj21_nM9kleXlHNtJFjsjDBTs3e4iyFwkQ==
x-amz-cf-pop: JFK50-P1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-request-id: de7c3605-d3ad-4511-9713-18acfba1471a
x-runtime: 0.026896
x-xss-protection: 0

GET
H2 200 platform.js Show response
platform.buyapowa.com/ Frame 71A4 2 MB
410 KB 428ms
295ms Script
text/javascript 108.139.47.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.buyapowa.com/platform.js
Requested by: Host: refer.envisionfinancial.ca
URL: https://refer.envisionfinancial.ca/refer?bp_p=%2Fiaf%2Fenvision_raf1%3Fauth_token%3D8mxaRo1x_9xHD_wy6g97&utm_campaign=envision_raf1&utm_content=banner_hero_image&utm_medium=email&utm_source=buyapowa&utm_term=referrer_nurture
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-115.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 272ac69a1da26e0072b8e9cd0035cf21f7ed5ddda09f2bf3ede45669ed12c008

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bp.envisionfinancial.ca/

Response headers

x-amz-cf-pop: JFK50-P1
cache-control: no-cache
content-encoding: gzip
etag: W/"1157e55d72d629d99625befce6f11919"
via: 1.1 f577ca8c3771798c088df2efc06d2bc4.cloudfront.net (CloudFront)
x-cache: RefreshHit from cloudfront
x-amz-cf-id: g_Z4LE-o9u7tCSSaTQZHpF7pP8UfTUwSOEPL3v0RNe_A58VXn-uVUg==
date: Wed, 06 Nov 2024 01:27:26 GMT
content-type: text/javascript
vary: accept-encoding
server: AmazonS3
last-modified: Tue, 05 Nov 2024 23:02:28 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 platform_embedded-6256c78a.js Show response
cdn.co-buying.com/assets/ Frame 71A4 922 B
2 KB 27ms
27ms Script
text/javascript 18.173.132.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.co-buying.com/assets/platform_embedded-6256c78a.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.132.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-132-27.jfk52.r.cloudfront.net

Software

Cowboy /

Resource Hash

190d570b26ff10169436f558e9c450cbd636cf7d7ce4e771d3c6986c8f6ee17f

Security Headers

Name	Value
Strict-Transport-Security	max-age=7889238

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bp.envisionfinancial.ca/

Response headers

age: 43986
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1730380242&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=o7jVAnh3FMJ09usPeGmlo%2FBBr2m7H62CJRLwxGx%2B7L8%3D"}]}
x-cache: Hit from cloudfront
x-amz-cf-id: w03Z5tnlGyzWM2RODRZnZnb9HW7gPpz2KQX_IAuxfIS6_nGFOd_QsA==
date: Tue, 05 Nov 2024 13:14:58 GMT
content-type: text/javascript
last-modified: Wed, 16 Oct 2024 07:35:16 GMT
vary: Accept-Encoding,Origin
strict-transport-security: max-age=7889238
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1730380242&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=o7jVAnh3FMJ09usPeGmlo%2FBBr2m7H62CJRLwxGx%2B7L8%3D
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control: public, max-age=86400
via: 1.1 vegur, 1.1 0e9d65763124ffd5921e616a7b0081ce.cloudfront.net (CloudFront), 1.1 38385695b10551583d750b943a475982.cloudfront.net (CloudFront)
content-length: 922
x-amz-cf-pop: IAD55-P6, JFK52-P2
server: Cowboy

GET
H/1.1 200
OK rollbar.min.js Show response
cdn.rollbar.com/rollbarjs/refs/tags/v2.26.1/ Frame 71A4 78 KB
24 KB 188ms
102ms Script
application/javascript 18.173.132.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.26.1/rollbar.min.js
Requested by: Host: bp.envisionfinancial.ca
URL: https://bp.envisionfinancial.ca/iaf/envision_raf1?auth_token=8mxaRo1x_9xHD_wy6g97&locale=en&utm_campaign=envision_raf1&utm_content=banner_hero_image&utm_medium=email&utm_source=buyapowa&utm_term=referrer_nurture&p=%2Fiaf%2Fenvision_raf1%3Fauth_token%3D8mxaRo1x_9xHD_wy6g97&embedded_at_url=https%3A%2F%2Frefer.envisionfinancial.ca%2Frefer%3Fbp_p%3D%252Fiaf%252Fenvision_raf1%253Fauth_token%253D8mxaRo1x_9xHD_wy6g97%26utm_campaign%3Denvision_raf1%26utm_content%3Dbanner_hero_image%26utm_medium%3Demail%26utm_source%3Dbuyapowa%26utm_term%3Dreferrer_nurture
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.132.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-132-101.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 41764f6cf1cfa99fad12f1ee265ea0bb292761f6b15d1f5432756524854cd77f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://bp.envisionfinancial.ca
Referer: https://bp.envisionfinancial.ca/

Response headers

Content-Encoding: gzip
ETag: W/"ddf66d492e77fc149633a129f1f09c40"
X-Cache: Miss from cloudfront
X-Amz-Cf-Id: 8T8tTqXpU3NCFInnRp5Jo2-aLtox8teY8apvn-YN4xmre-p0eTycqQ==
Date: Wed, 06 Nov 2024 01:27:26 GMT
Content-Type: application/javascript
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
Last-Modified: Wed, 04 Jan 2023 20:16:53 GMT
Transfer-Encoding: chunked
Cache-Control: max-age=30672000,public
Connection: keep-alive
Via: 1.1 91ac4dab8fb53750ccb2571903bd2844.cloudfront.net (CloudFront)
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: JFK52-P2
Server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 200 graphql Show response
bp.envisionfinancial.ca/ Frame 71A4 2 KB
3 KB 164ms
163ms Fetch
application/json 2600:9000:23cb:c000:1:7b17:b000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bp.envisionfinancial.ca/graphql

Requested by

Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.26.1/rollbar.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23cb:c000:1:7b17:b000:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cowboy /

Resource Hash

9917b0f8cd49d5d0b9f60786600104a978ae79c3bb6d4fae3a80bfc2607fa567

Security Headers

Name	Value
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bp.envisionfinancial.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept: */*
content-type: application/json

Response headers

x-request-id: 9936f3de-0b98-4248-9865-219f40b8c0e3
etag: W/"9917b0f8cd49d5d0b9f60786600104a9"
x-permitted-cross-domain-policies: none
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1730856446&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=4JB2%2FUii%2FNiR6O%2BItb2TyWo8FVknGZ5%2B7Jpca%2BF74qM%3D"}]}
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-amz-cf-id: qtsZ-FSZ7o4Ejke9KYW2ERlS8-Hi530CcLPfxtCURCkg2nnunUCP0Q==
date: Wed, 06 Nov 2024 01:27:25 GMT
content-type: application/json; charset=utf-8
vary: Accept
x-runtime: 0.067884
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=7889238
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1730856446&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=4JB2%2FUii%2FNiR6O%2BItb2TyWo8FVknGZ5%2B7Jpca%2BF74qM%3D
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control: no-store
referrer-policy: origin
content-security-policy-report-only: default-src 'self' https:; font-src 'self' https: data:; img-src 'self' https: data:; object-src 'self'; script-src 'self' 'unsafe-inline' https://use.typekit.net https://cdn.rollbar.com https://cdn.co-buying.com https://platform.buyapowa.com/ https://js-agent.newrelic.com https://bam-cell.nr-data.net https://bam.nr-data.net; connect-src 'self' https://bam-cell.nr-data.net https://bam.nr-data.net https://api.rollbar.com; style-src 'unsafe-inline' 'self' https:
via: 1.1 vegur, 1.1 80d5d65d27a0450c8f0018381b103d7a.cloudfront.net (CloudFront)
content-length: 1988
x-xss-protection: 0
x-amz-cf-pop: JFK50-P1
server: Cowboy

GET
H2 200 envision_favicon-a98a39a98e02158182ad9ab09751edfab048a164ba5a252884f4e5ff3960d73c.ico
refer.envisionfinancial.ca/assets/client/ 1 KB
2 KB 63ms
62ms Other
image/vnd.microsoft.icon 18.238.49.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://refer.envisionfinancial.ca/assets/client/envision_favicon-a98a39a98e02158182ad9ab09751edfab048a164ba5a252884f4e5ff3960d73c.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.49.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-49-123.jfk52.r.cloudfront.net

Software

Cowboy /

Resource Hash

c758181d3aba5768050f691ad2c5fc496cf44966c545864113af11737d2309ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refer.envisionfinancial.ca/refer?bp_p=%2Fiaf%2Fenvision_raf1%3Fauth_token%3D8mxaRo1x_9xHD_wy6g97&utm_campaign=envision_raf1&utm_content=banner_hero_image&utm_medium=email&utm_source=buyapowa&utm_term=referrer_nurture

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1730856446&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=gTBw32EwmT%2BFVWBpRz7ACso6qLLUWd26clxA4nhJcmM%3D
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1730856446&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=gTBw32EwmT%2BFVWBpRz7ACso6qLLUWd26clxA4nhJcmM%3D"}]}
via: 1.1 vegur, 1.1 9b2aa79b9573beef202ad020dc96008a.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 1150
x-amz-cf-id: L7TA-yMhIGo_OnjMVai3565mHuVURXVw-11AD_lPXxvp6xmZOb95zA==
date: Wed, 06 Nov 2024 01:27:25 GMT
content-type: image/vnd.microsoft.icon
last-modified: Tue, 13 Sep 2022 18:40:30 GMT
server: Cowboy
x-amz-cf-pop: JFK52-P3

POST
H2 200 graphql Show response
bp.envisionfinancial.ca/ Frame 71A4 19 KB
20 KB 168ms
164ms Fetch
application/json 2600:9000:23cb:c000:1:7b17:b000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bp.envisionfinancial.ca/graphql

Requested by

Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.26.1/rollbar.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23cb:c000:1:7b17:b000:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cowboy /

Resource Hash

28dee7f2399e25870226a3a1cb082f3d22ce7141e6447fedc8ff7c659952d77d

Security Headers

Name	Value
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bp.envisionfinancial.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept: */*
content-type: application/json

Response headers

x-request-id: fd473aab-6b6c-4b8b-9169-3723722e2457
etag: W/"28dee7f2399e25870226a3a1cb082f3d"
x-permitted-cross-domain-policies: none
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1730856446&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=4JB2%2FUii%2FNiR6O%2BItb2TyWo8FVknGZ5%2B7Jpca%2BF74qM%3D"}]}
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-amz-cf-id: BV3oqkf00OnpR8BjNtJkGj3C6TfuhCOUgcGIrBQcI1HUS-njPRz2eQ==
date: Wed, 06 Nov 2024 01:27:25 GMT
content-type: application/json; charset=utf-8
vary: Accept
x-runtime: 0.041450
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=7889238
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1730856446&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=4JB2%2FUii%2FNiR6O%2BItb2TyWo8FVknGZ5%2B7Jpca%2BF74qM%3D
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control: no-store
referrer-policy: origin
content-security-policy-report-only: default-src 'self' https:; font-src 'self' https: data:; img-src 'self' https: data:; object-src 'self'; script-src 'self' 'unsafe-inline' https://use.typekit.net https://cdn.rollbar.com https://cdn.co-buying.com https://platform.buyapowa.com/ https://js-agent.newrelic.com https://bam-cell.nr-data.net https://bam.nr-data.net; connect-src 'self' https://bam-cell.nr-data.net https://bam.nr-data.net https://api.rollbar.com; style-src 'unsafe-inline' 'self' https:
via: 1.1 vegur, 1.1 80d5d65d27a0450c8f0018381b103d7a.cloudfront.net (CloudFront)
content-length: 19532
x-xss-protection: 0
x-amz-cf-pop: JFK50-P1
server: Cowboy

GET
H2 200 Ref_Signup_ktbqw9.jpg
res.cloudinary.com/hudq8owit/image/upload/v1724327341/ Frame 71A4 158 KB
159 KB 139ms
71ms Image
image/jpeg 2606:4700::6811:ca01
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/hudq8owit/image/upload/v1724327341/Ref_Signup_ktbqw9.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ca01 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c256a3de7bb3400730308f1368d63fccfa4b8452aeed077dd346fe3af4893f23

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bp.envisionfinancial.ca/

Response headers

x-request-id: 6ad830fd02646769b6d02d495cc33357
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
etag: "52bb472eab1b4b9cde43ee90d35d3085"
x-content-type-options: nosniff
server-timing: cld-cloudflare;dur=29;start=2024-11-06T01:27:26.725Z;desc=hit,rtt;dur=16,content-info;desc="width=350,height=350,bytes=162182,o=1,ef=(17);"
date: Wed, 06 Nov 2024 01:27:26 GMT
content-type: image/jpeg
last-modified: Thu, 22 Aug 2024 11:49:02 GMT
vary: Accept-Encoding
strict-transport-security: max-age=604800
cache-control: public, no-transform, immutable, max-age=2592000
timing-allow-origin: *
cf-ray: 8de14d17fb69a2d2-YUL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 162182
server: cloudflare

GET
H/1.1 200
OK roboto-black.css
buyapowa-fonts-us.s3.amazonaws.com/b74beab7-fb09-4a39-ac5b-b380033961cb/ Frame 71A4 737 B
1 KB 203ms
92ms Stylesheet
text/plain 52.217.49.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://buyapowa-fonts-us.s3.amazonaws.com/b74beab7-fb09-4a39-ac5b-b380033961cb/roboto-black.css
Requested by: Host: platform.buyapowa.com
URL: https://platform.buyapowa.com/platform.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.217.49.68 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: e67e9399d80b71990fdfc9d25f8eaa649c647b377fe2ff44ee61c9aa47a4a72a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bp.envisionfinancial.ca/

Response headers

ETag: "e744ce6a19984b9d9d7324d3e1fccc21"
x-amz-request-id: PXFE7ETN3YT6BYJV
Accept-Ranges: bytes
Content-Length: 737
Date: Wed, 06 Nov 2024 01:27:27 GMT
Last-Modified: Mon, 29 Jun 2020 15:57:20 GMT
Content-Type
Server: AmazonS3
x-amz-id-2: 4CHX4bopqqPEagKnCjuzLIHvX6tHk8x56d/ue4c+86x7iW+R0pe60WBy3u/2yfvtreV+h0Z2Jng=

GET
H/1.1 200
OK roboto.css
buyapowa-fonts-us.s3.amazonaws.com/f09982d2-96fb-48fd-88ab-29d50b89a476/ Frame 71A4 701 B
1 KB 207ms
97ms Stylesheet
text/plain 52.217.49.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://buyapowa-fonts-us.s3.amazonaws.com/f09982d2-96fb-48fd-88ab-29d50b89a476/roboto.css
Requested by: Host: platform.buyapowa.com
URL: https://platform.buyapowa.com/platform.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.217.49.68 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 06ba961fd86f29a969ea93c7d310dab861f3c39fdf5c58abc046f81703e3e8ef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bp.envisionfinancial.ca/

Response headers

ETag: "ce47d52a613643ba3fe1ed7502bba6e0"
x-amz-request-id: PXF8VTD6Y7CYASHF
Accept-Ranges: bytes
Content-Length: 701
Date: Wed, 06 Nov 2024 01:27:27 GMT
Last-Modified: Mon, 29 Jun 2020 15:57:20 GMT
Content-Type
Server: AmazonS3
x-amz-id-2: BbjQH/pZYsG6+f+Zfl1vM4woJe4JYyVSfV2oAKW+sCrcOBwLOr60rNrssTzjcWPr4c5qyIbcBwY=

POST
H2 200 graphql Show response
bp.envisionfinancial.ca/ Frame 71A4 80 B
1 KB 123ms
119ms Fetch
application/json 2600:9000:23cb:c000:1:7b17:b000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bp.envisionfinancial.ca/graphql

Requested by

Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.26.1/rollbar.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23cb:c000:1:7b17:b000:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cowboy /

Resource Hash

003414911c16f553c9c8e783f44d03a7d0c8f2291f050cadabd22f1f7b41e415

Security Headers

Name	Value
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bp.envisionfinancial.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept: */*
content-type: application/json

Response headers

x-request-id: d7b535d8-7fe4-445f-bbea-05d5c16670c2
etag: W/"003414911c16f553c9c8e783f44d03a7"
x-permitted-cross-domain-policies: none
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1730856446&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=4JB2%2FUii%2FNiR6O%2BItb2TyWo8FVknGZ5%2B7Jpca%2BF74qM%3D"}]}
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-amz-cf-id: cxLV5CzO7wHX1aHFJEES2PIIyQ3AHWzru22mSOlxvNMzle4x-6D6Lw==
date: Wed, 06 Nov 2024 01:27:26 GMT
content-type: application/json; charset=utf-8
vary: Accept
x-runtime: 0.043517
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=7889238
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1730856446&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=4JB2%2FUii%2FNiR6O%2BItb2TyWo8FVknGZ5%2B7Jpca%2BF74qM%3D
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control: no-store
referrer-policy: origin
content-security-policy-report-only: default-src 'self' https:; font-src 'self' https: data:; img-src 'self' https: data:; object-src 'self'; script-src 'self' 'unsafe-inline' https://use.typekit.net https://cdn.rollbar.com https://cdn.co-buying.com https://platform.buyapowa.com/ https://js-agent.newrelic.com https://bam-cell.nr-data.net https://bam.nr-data.net; connect-src 'self' https://bam-cell.nr-data.net https://bam.nr-data.net https://api.rollbar.com; style-src 'unsafe-inline' 'self' https:
via: 1.1 vegur, 1.1 80d5d65d27a0450c8f0018381b103d7a.cloudfront.net (CloudFront)
content-length: 80
x-xss-protection: 0
x-amz-cf-pop: JFK50-P1
server: Cowboy

GET
H/1.1 200
OK roboto-black.woff2
buyapowa-fonts-us.s3.us-east-1.amazonaws.com/b74beab7-fb09-4a39-ac5b-b380033961cb/ Frame 71A4 65 KB
65 KB 210ms
87ms Font
application/octet-stream 52.217.48.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://buyapowa-fonts-us.s3.us-east-1.amazonaws.com/b74beab7-fb09-4a39-ac5b-b380033961cb/roboto-black.woff2
Requested by: Host: buyapowa-fonts-us.s3.amazonaws.com
URL: https://buyapowa-fonts-us.s3.amazonaws.com/b74beab7-fb09-4a39-ac5b-b380033961cb/roboto-black.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.217.48.88 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-east-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 026d836bb00b979293032a9221da04e71faf87f79f48b6bb92e3f9935f5315bc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://bp.envisionfinancial.ca
Referer: https://buyapowa-fonts-us.s3.amazonaws.com/

Response headers

Access-Control-Max-Age: 3000
ETag: "72f6fd218b59c42e804cb543cfc53598"
Access-Control-Allow-Methods: GET
x-amz-request-id: P831CRQ4CAF2KMFX
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 66148
Date: Wed, 06 Nov 2024 01:27:28 GMT
Last-Modified: Tue, 28 Jan 2020 15:40:33 GMT
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Server: AmazonS3
Content-Type
x-amz-id-2: kucx9YC07UOXsMNrBXcCZQCGFXu5hCODAoSG8fbBLuj9y3I52abZ/KJSZem8VFT4Lx++RNq+wTc=

GET
H/1.1 200
OK roboto.woff2
buyapowa-fonts-us.s3.us-east-1.amazonaws.com/f09982d2-96fb-48fd-88ab-29d50b89a476/ Frame 71A4 64 KB
65 KB 165ms
62ms Font
application/octet-stream 52.217.48.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://buyapowa-fonts-us.s3.us-east-1.amazonaws.com/f09982d2-96fb-48fd-88ab-29d50b89a476/roboto.woff2
Requested by: Host: buyapowa-fonts-us.s3.amazonaws.com
URL: https://buyapowa-fonts-us.s3.amazonaws.com/f09982d2-96fb-48fd-88ab-29d50b89a476/roboto.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.217.48.88 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-east-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8cef08634dc57d6519717c5a99a9e502bdc96586fe64770520a4820b0b089920

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://bp.envisionfinancial.ca
Referer: https://buyapowa-fonts-us.s3.amazonaws.com/

Response headers

Access-Control-Max-Age: 3000
ETag: "9feb0110b6dff9ee2b9ebd17f7a1aee6"
Access-Control-Allow-Methods: GET
x-amz-request-id: P838N6FNERMX1W2C
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 65916
Date: Wed, 06 Nov 2024 01:27:28 GMT
Last-Modified: Tue, 28 Jan 2020 15:40:34 GMT
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Server: AmazonS3
Content-Type
x-amz-id-2: PTTdeTqheF4+teAPbL1S32HMKM2xyGX15fumhMlg+rGt5Fq+x67jvt5Zbnw2/WDyx2VYsrM3OPs=

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
refer.envisionfinancial.ca/	1969-12-31 23:59:59	Name: _buyapowa_embedded_site_session Value: 49KcvEhoAjJ%2FAQJgIFP4CCDYU%2B7cioD4fBWaTURcoq%2B8jzb9iEVFscCPuGDlR4cf%2Fgm2EEQnXfWrJ9xIZl5Vr3aNtK7gpdZYK8IBQ2W%2Bgb5RtMv8Gc3vkhlIZ4NyDa8I4prigj9QEwWCKAvmjwxS1WXkGipJ8BAbeYmKU8rt%2Bqhy8B2i68PzC4CJrWylRyIejwGT19mw9gizv1sAZ0kbaj0uoG43lZJxXuttFJt2ICKnLTu0griprBBu3jdj3gDVZ6igvFgphA9aqvb%2FnyeruSnVnfwLPuf%2FGHnHIGe2%2FHB%2B2%2BBb85KfS%2Fcg0n8NTlKwMkm6voLbgQ%3D%3D--8ZCpZPy9jaG2UN7f--Hb9SzrIU5IyBxbOin4H26Q%3D%3D
.refer.envisionfinancial.ca/	1970-01-21 10:23:36	Name: __utma Value: 91044505.1816655427.1730856445.1730856445.1730856445.1
.refer.envisionfinancial.ca/	1969-12-31 23:59:59	Name: __utmc Value: 91044505
.refer.envisionfinancial.ca/	1970-01-21 05:10:24	Name: __utmz Value: 91044505.1730856445.1.1.utmcsr=buyapowa\|utmccn=envision_raf1\|utmcmd=email\|utmctr=referrer_nurture\|utmcct=banner_hero_image
.refer.envisionfinancial.ca/	1970-01-21 00:47:37	Name: __utmt_UA-34281500-2 Value: 1
.refer.envisionfinancial.ca/	1970-01-21 00:47:38	Name: __utmb Value: 91044505.1.10.1730856445
.envisionfinancial.ca/	1970-01-21 10:16:24	Name: bp_tid Value: %7B%22e891bb30-3b71-4caa-9dfc-0347774a2ab6%22%3A%22577a4256-9611-4ccf-ae1e-e9d3314dd305%22%7D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.co-buying.com/embedding.min.js(Line 3) Message: Unrecognized feature: 'web-share'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bp.envisionfinancial.ca
buyapowa-fonts-us.s3.amazonaws.com
buyapowa-fonts-us.s3.us-east-1.amazonaws.com
cdn.co-buying.com
cdn.rollbar.com
email.co-buying.com
platform.buyapowa.com
refer.envisionfinancial.ca
res.cloudinary.com
ssl.google-analytics.com
www.googletagmanager.com
108.139.47.115
18.173.132.101
18.173.132.27
18.238.49.123
2600:9000:21dd:f800:b:5644:c00:93a1
2600:9000:23cb:c000:1:7b17:b000:93a1
2606:4700::6811:ca01
2607:f8b0:4006:80b::2008
2607:f8b0:4006:824::2008
52.217.48.88
52.217.49.68
003414911c16f553c9c8e783f44d03a7d0c8f2291f050cadabd22f1f7b41e415
026d836bb00b979293032a9221da04e71faf87f79f48b6bb92e3f9935f5315bc
06ba961fd86f29a969ea93c7d310dab861f3c39fdf5c58abc046f81703e3e8ef
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
190d570b26ff10169436f558e9c450cbd636cf7d7ce4e771d3c6986c8f6ee17f
272ac69a1da26e0072b8e9cd0035cf21f7ed5ddda09f2bf3ede45669ed12c008
28dee7f2399e25870226a3a1cb082f3d22ce7141e6447fedc8ff7c659952d77d
2c5280ce5c98ff55e83d64d43f8ed521129c38a2e000757a386dbeed1255ae52
332db6b7d69a091d6f5d33560cbb9d932c1314a48733a3d24fe1e47d7f8528f4
33589a06ffb4c106c4cf4abf511bb017d78bc8fb6df188713a941eebba21c9e1
36ae15ca7bd3709d78c53fc84213afae4130221e0fc9079435fd09cd50325a73
41764f6cf1cfa99fad12f1ee265ea0bb292761f6b15d1f5432756524854cd77f
4a6491419bc760667ba3e244ade7555a33308de9732c1805712aae2da15afd54
6f6f6e1b90011fe6760dc7a01084f4608447ccea63e22bbf77111516b8a120b7
74e36879032ea9334e26a514af838395f5966b33d2cfa16ccdbeb5f24a061dab
7adfc1d50b2a6e3779bc1eeaa5c50164bc3442b9901281ebda244db3988457ae
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8cef08634dc57d6519717c5a99a9e502bdc96586fe64770520a4820b0b089920
8d71f82548b5a7799573721c73413c798b246a2ca1587c1edbe12b2a085cb142
9917b0f8cd49d5d0b9f60786600104a978ae79c3bb6d4fae3a80bfc2607fa567
ac4c2d5397263b97337536e94cb053ea0326938ddff109d25e04ea5dac70d02e
c256a3de7bb3400730308f1368d63fccfa4b8452aeed077dd346fe3af4893f23
c758181d3aba5768050f691ad2c5fc496cf44966c545864113af11737d2309ac
e67e9399d80b71990fdfc9d25f8eaa649c647b377fe2ff44ee61c9aa47a4a72a

refer.envisionfinancial.ca Open in urlscan Pro 18.238.49.123 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

100 %HTTPS

45 %IPv6

8 Domains

11 Subdomains

10 IPs

1 Countries

992 kBTransfer

2517 kBSize

7 Cookies

2 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

7 Cookies

1 Console Messages

Security Headers

Indicators

refer.envisionfinancial.ca Open in urlscan Pro
18.238.49.123 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

100 %
HTTPS

45 %
IPv6

8
Domains

11
Subdomains

10
IPs

1
Countries

992 kB
Transfer

2517 kB
Size

7
Cookies

25 HTTP transactions
0 data transactions