eastmansafety.ca Open in urlscan Pro
2606:4700::6811:c249 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://eastmansafety.ca/
Submission: On June 16 via automatic, source certstream-suspicious (June 16th 2022, 12:41:03 am UTC) — Scanned from CA

Summary HTTP 62 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 16 IPs in 1 countries across 10 domains to perform 62 HTTP transactions. The main IP is 2606:4700::6811:c249, located in United States and belongs to CLOUDFLARENET, US. The main domain is eastmansafety.ca.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 16th 2022. Valid for: a year.

This is the only time eastmansafety.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2606:4700::68... 2606:4700::6811:c249	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	151.101.129.21 151.101.129.21	54113 (FASTLY) (FASTLY)
4	2607:f8b0:400... 2607:f8b0:4006:824::200a	15169 (GOOGLE) (GOOGLE)
1	52.216.133.139 52.216.133.139	16509 (AMAZON-02) (AMAZON-02)
5	52.84.125.79 52.84.125.79	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:551	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2606:4700:10:... 2606:4700:10::6816:1883	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:81d::2003	15169 (GOOGLE) (GOOGLE)
1	54.158.254.182 54.158.254.182	14618 (AMAZON-AES) (AMAZON-AES)
6	151.101.1.35 151.101.1.35	54113 (FASTLY) (FASTLY)
1 2	34.106.92.18 34.106.92.18	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:2800:21f... 2606:2800:21f:5dfa:af2c:7a6d:4339:27e7	15133 (EDGECAST) (EDGECAST)
15	2606:4700:10:... 2606:4700:10::ac43:2642	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
62	16

4 2606:4700::6811:c249 (United States)

ASN13335 (CLOUDFLARENET, US)

eastmansafety.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.129.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:824::200a (Mullica Hill, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.133.139 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

vp-digital-tower-etc.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.84.125.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-125-79.ord53.r.cloudfront.net

imageprocessor.digital.vistaprint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:551 (United States)

ASN13335 (CLOUDFLARENET, US)

static.websimages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:10::6816:1883 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81d::2003 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.158.254.182 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-254-182.compute-1.amazonaws.com

statscollector.digital.vistaprint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.1.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.106.92.18 (Salt Lake City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 18.92.106.34.bc.googleusercontent.com

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
slc.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:21f:5dfa:af2c:7a6d:4339:27e7 (United States)

ASN15133 (EDGECAST, US)

c6.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:10::ac43:2642 (United States)

ASN13335 (CLOUDFLARENET, US)

va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	tawk.to embed.tawk.to — Cisco Umbrella Rank: 8645 va.tawk.to — Cisco Umbrella Rank: 8216	217 KB
17	paypal.com 1 redirects www.paypal.com — Cisco Umbrella Rank: 2393 t.paypal.com — Cisco Umbrella Rank: 3224 c.paypal.com — Cisco Umbrella Rank: 5863 b.stats.paypal.com — Cisco Umbrella Rank: 4561 slc.stats.paypal.com — Cisco Umbrella Rank: 8973 c6.paypal.com — Cisco Umbrella Rank: 6679	399 KB
6	vistaprint.com imageprocessor.digital.vistaprint.com — Cisco Umbrella Rank: 108137 statscollector.digital.vistaprint.com — Cisco Umbrella Rank: 114771	358 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	3 KB
4	eastmansafety.ca eastmansafety.ca	124 KB
2	gstatic.com fonts.gstatic.com	49 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 444	39 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 246	19 KB
1	websimages.com static.websimages.com — Cisco Umbrella Rank: 100224	1 KB
1	amazonaws.com vp-digital-tower-etc.s3.amazonaws.com — Cisco Umbrella Rank: 214698	11 KB
62	10

	Domain	Requested by
21	embed.tawk.to	eastmansafety.ca embed.tawk.to
8	www.paypal.com	eastmansafety.ca www.paypal.com cdnjs.cloudflare.com
5	va.tawk.to	cdnjs.cloudflare.com
5	c.paypal.com	www.paypal.com c.paypal.com
5	imageprocessor.digital.vistaprint.com	eastmansafety.ca
4	fonts.googleapis.com	eastmansafety.ca embed.tawk.to
4	eastmansafety.ca	eastmansafety.ca
2	fonts.gstatic.com	fonts.googleapis.com
1	cdn.jsdelivr.net	embed.tawk.to
1	c6.paypal.com
1	slc.stats.paypal.com
1	b.stats.paypal.com	1 redirects
1	t.paypal.com	eastmansafety.ca
1	statscollector.digital.vistaprint.com	eastmansafety.ca
1	cdnjs.cloudflare.com	eastmansafety.ca
1	static.websimages.com	eastmansafety.ca
1	vp-digital-tower-etc.s3.amazonaws.com	eastmansafety.ca
62	17

This site contains links to these domains. Also see Links.

Domain
www.freefind.com
search.freefind.com
www.joesfirearmsafety.ca

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-16` - `2023-06-16`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-04-12` - `2023-04-12`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.s3.amazonaws.com Amazon	`2021-12-15` - `2022-12-03`	a year	crt.sh
imageprocessor.digital.vistaprint.com Amazon	`2022-04-11` - `2023-05-09`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
statscollector.digital.vistaprint.com Amazon	`2021-12-20` - `2023-01-17`	a year	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-03-04` - `2022-11-23`	9 months	crt.sh

This page contains 9 frames:

Primary Page: https://eastmansafety.ca/
Frame ID: 2D8EFB48E2F276D9214D5C802006F6D8
Requests: 39 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?sdkVersion=5.0.318&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpfaHZNVXBFQVAzbzB2SjRoZEFmTC02eFpqZzU3ZUp2SzVSeUZFNEI4ck5nMHFEQ2ZWcnFXemdFSkNOaEZrSWpacUJwVm42bl85U3FOY0gmbWVyY2hhbnQtaWQ9aW5mbyU0MGVhc3RtYW5zYWZldHkuY2EmY3VycmVuY3k9Q0FEJmRpc2FibGUtZnVuZGluZz1iYW5jb250YWN0JTJDYmxpayUyQ2VwcyUyQ2dpcm9wYXklMkNpZGVhbCUyQ21lcmNhZG9wYWdvJTJDbXliYW5rJTJDcDI0JTJDc2VwYSUyQ3NvZm9ydCIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX3lwaGdxZHhscGx6dnR1aWlzb29lY3BsZ2F5Y2xubSJ9fQ&clientID=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&sdkCorrelationID=f801929a698c5&storageID=uid_cba7e38099_mda6nda6nty&sessionID=uid_e2560a1ada_mda6nda6nty&buttonSessionID=uid_a59b073389_mda6nda6nty&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjp0cnVlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtdWx0aWJhbmNvIjp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=CAD&intent=capture&commit=true&vault=false&disableFunding.0=bancontact&disableFunding.1=blik&disableFunding.2=eps&disableFunding.3=giropay&disableFunding.4=ideal&disableFunding.5=mercadopago&disableFunding.6=mybank&disableFunding.7=p24&disableFunding.8=sepa&disableFunding.9=sofort&merchantID.0=info%40eastmansafety.ca&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Frame ID: B083829AFA5A5059A929134E5972AEC5
Requests: 7 HTTP requests in this frame

Frame: data://truncated
Frame ID: 09BC3B458F6898297E5933534E158798
Requests: 2 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: 8F6EB829DD042676A5FFA8D8728CA905
Requests: 5 HTTP requests in this frame

Frame: https://slc.stats.paypal.com/v2/counter2.cgi?p=uid_e2560a1ada_mda6nda6nty&s=SMART_PAYMENT_BUTTONS
Frame ID: F8C84371908C022DE63F8453C7E7604E
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/62835fee0eb/css/bubble-widget.css
Frame ID: E95CA1EF92CF1E2F66DE9C17FE09B974
Requests: 2 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/62835fee0eb/css/min-widget.css
Frame ID: 5298708AF7731741076F730EF6F101D4
Requests: 3 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/62835fee0eb/css/message-preview.css
Frame ID: 22EA8F1BDEEB3C3AC8D0EE736C1F89DB
Requests: 2 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/62835fee0eb/css/max-widget.css
Frame ID: 3FAB0819F22C3C85215823E164F404BA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Eastman Safety Training Centre located in Steinbach, MB

Detected technologies

Rollbar (Issue trackers) Expand

Overall confidence: 100%
Detected patterns

rollbar\.js/([0-9.]+)

Tawk.to (Live Chat) Expand

Overall confidence: 100%
Detected patterns

//embed\.tawk\.to

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

62
Requests

98 %
HTTPS

60 %
IPv6

10
Domains

17
Subdomains

16
IPs

1
Countries

1219 kB
Transfer

3355 kB
Size

12
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.freefind.com/
Title: search engine

Search URL Search Domain Scan URL

URL: https://search.freefind.com/find.html?si=55069036&pid=a
Title: advanced

Search URL Search Domain Scan URL

URL: http://www.joesfirearmsafety.ca/
Title: WWW.JOESFIREARMSAFETY.CA

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://b.stats.paypal.com/v2/counter.cgi?p=uid_e2560a1ada_mda6nda6nty&s=SMART_PAYMENT_BUTTONS HTTP 302
https://slc.stats.paypal.com/v2/counter2.cgi?p=uid_e2560a1ada_mda6nda6nty&s=SMART_PAYMENT_BUTTONS

62 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
eastmansafety.ca/ 107 KB
22 KB 391ms
345ms Document
text/html 2606:4700::6811:c249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eastmansafety.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:c249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81ac4057004b43343a5129aeb2bd84ac53ad72da6f0d0b80882e6cca977594f9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-origin: https://developer.cimpress.io
cache-control: public, s-maxage=43200, max-age=60
cf-cache-status: MISS
cf-ray: 71bf7f353fcfca67-YUL
content-encoding: gzip
content-language: en_gb
content-type: text/html; charset=utf-8
date: Thu, 16 Jun 2022 00:40:56 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 /
eastmansafety.ca/.css/ 203 KB
32 KB 651ms
649ms Stylesheet
text/css 2606:4700::6811:c249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eastmansafety.ca/.css/?cacheId=1641922929550
Requested by: Host: eastmansafety.ca
URL: https://eastmansafety.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:c249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82bc6d1d93130914a7edebb3bdc9ef6ec4e8031c56feb9d57d9741a5c92f2029

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eastmansafety.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

cf-ray: 71bf7f376ab9ca67-YUL
date: Thu, 16 Jun 2022 00:40:56 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
server: cloudflare
etag: W/"32dfa-GnzpsX0UkKBt6kkbkbas4wZCBfk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: en_gb
access-control-allow-origin: https://developer.cimpress.io
cache-control: public, s-maxage=43200, max-age=60
content-type: text/css; charset=utf-8

GET
H2 200 / Show response
eastmansafety.ca/.js/ 282 KB
70 KB 321ms
320ms Script
application/javascript 2606:4700::6811:c249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eastmansafety.ca/.js/?cacheId=1641922929550&locale=en-GB
Requested by: Host: eastmansafety.ca
URL: https://eastmansafety.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:c249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e007dab5daf16e805d72cbff8cae31160af985183ae3968f81b5ccf58f39489

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eastmansafety.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

cf-ray: 71bf7f376abaca67-YUL
date: Thu, 16 Jun 2022 00:40:56 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
etag: W/"4669b-I7SZnsdRY2BrFBFHLSBrS75clFE"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: en_gb
access-control-allow-origin: https://developer.cimpress.io
cache-control: public, s-maxage=43200, max-age=60
content-type: application/javascript; charset=utf-8

GET
H2 200 js Show response
www.paypal.com/sdk/ 327 KB
98 KB 297ms
209ms Script
application/javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&merchant-id=info%40eastmansafety.ca&currency=CAD&disable-funding=bancontact%2Cblik%2Ceps%2Cgiropay%2Cideal%2Cmercadopago%2Cmybank%2Cp24%2Csepa%2Csofort

Requested by

Host: eastmansafety.ca
URL: https://eastmansafety.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a381ac41b1507d9c25dde75f4921a61ce2e50348e199f916c06c13e6882523ef

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-CJMtKq9nSP0jkuRz2TZbXW+gC6eJxntfCbumedHaXhv//TgK' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-CJMtKq9nSP0jkuRz2TZbXW+gC6eJxntfCbumedHaXhv//TgK' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eastmansafety.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-CJMtKq9nSP0jkuRz2TZbXW+gC6eJxntfCbumedHaXhv//TgK' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-CJMtKq9nSP0jkuRz2TZbXW+gC6eJxntfCbumedHaXhv//TgK' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
age: 2941
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS
p3p: true
paypal-debug-id: f2950713ac6d5
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 99496
x-xss-protection: 1; mode=block
x-served-by: cache-sna10729-LGB, cache-yul12830-YUL
x-timer: S1655340056.313732,VS0,VE199
x-frame-options: SAMEORIGIN
date: Thu, 16 Jun 2022 00:40:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=10800
etag: W/"184a8-KZWY53gdp9g6vzXAgUl7GGsxR1M"
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 82ms
36ms Stylesheet
text/css 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cabin%3A100%2C400%2C700%7CSource%20Sans%20Pro%3A100%2C400%2C700

Requested by

Host: eastmansafety.ca
URL: https://eastmansafety.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200a Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0ebb6176c1ee135fb72e9ca7600a82edc2f61a86265c308e308e7a23b72d9d72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eastmansafety.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 16 Jun 2022 00:40:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 16 Jun 2022 00:40:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Jun 2022 00:40:56 GMT

GET
H/1.1 200
OK celebrate.png
vp-digital-tower-etc.s3.amazonaws.com/stock-assets/ 10 KB
11 KB 135ms
53ms Image
image/png 52.216.133.139
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vp-digital-tower-etc.s3.amazonaws.com/stock-assets/celebrate.png
Requested by: Host: eastmansafety.ca
URL: https://eastmansafety.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.133.139 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d4cff8de2398964e05c8efe129c043b5a9c1863201e4054ec0b20ac92a4191af

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eastmansafety.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Thu, 16 Jun 2022 00:40:57 GMT
Last-Modified: Thu, 12 Nov 2020 18:43:33 GMT
Server: AmazonS3
x-amz-request-id: FC40HQZ9HZJQPBE4
ETag: "704e4ac5de30951d68ade8ea443aeca6"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 10443
x-amz-id-2: Xz5HHeuJuEqWKzAKJbZD3WD3rZ72qdNjYcxkBERfn2E8WD6Q8Eye85/X/xAFzUFMI9ImRnDnJxY=

GET
H/1.1 200
OK image.aspx
imageprocessor.digital.vistaprint.com/crop/0,0,894x825/maxWidth/1000/https://www.vistaprint.com/preview/ 84 KB
84 KB 157ms
41ms Image
image/png 52.84.125.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/0,0,894x825/maxWidth/1000/https://www.vistaprint.com/preview/image.aspx?image_type=upload&image_token=1390635084-6e074606b5-cd0191&png=1
Requested by: Host: eastmansafety.ca
URL: https://eastmansafety.ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.125.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-125-79.ord53.r.cloudfront.net
Software: / Express
Resource Hash: 7da999e6ad98e5da22d71f939edafdc3142975cd8d12467c5383ba853cfdae90

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eastmansafety.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Wed, 15 Jun 2022 14:36:43 GMT
Via: 1.1 ded5b42496343c4e3c24e494166a790c.cloudfront.net (CloudFront)
Connection: keep-alive
Age: 36253
X-Powered-By: Express
ETag: W/"14f40-tOWmvshJBO2e0FFW33Mzs7xGt1Y"
RequestId: 2c4e714e-126d-4817-af73-0f6ba5b769da
X-Cache: Hit from cloudfront
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, s-maxage=604800,max-age=604800
X-Amz-Cf-Pop: ORD53-C1
Content-Length: 85824
X-Amz-Cf-Id: fdFOK_pobIv4zO5nq8e1YzHrC-Qn8gkK6MyAqw942xEqkgQZvqBFcA==

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/crop/0,137,1240x496/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/5a28830a-5efb-41f8-a83e-33ea30999519~110/ 159 KB
160 KB 77ms
40ms Image
image/png 52.84.125.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/0,137,1240x496/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/5a28830a-5efb-41f8-a83e-33ea30999519~110/original?tenant=vbu-digital
Requested by: Host: eastmansafety.ca
URL: https://eastmansafety.ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.125.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-125-79.ord53.r.cloudfront.net
Software: / Express
Resource Hash: dd3276ab3d9e6bbef422faf7febd05935e4da92143d07d7355dc4350035473a6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eastmansafety.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 17 May 2022 10:57:33 GMT
Via: 1.1 ded5b42496343c4e3c24e494166a790c.cloudfront.net (CloudFront)
Connection: keep-alive
Age: 2555003
X-Powered-By: Express
ETag: W/"27d74-pn2CcEgo082K2M7XiVw5pMWpMTo"
RequestId: 5cdb030c-29c2-4929-9c18-bf25386f5a16
X-Cache: Hit from cloudfront
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, s-maxage=604800,max-age=604800
X-Amz-Cf-Pop: ORD53-C1
Content-Length: 163188
X-Amz-Cf-Id: V8GxWlCdYJfzEWf7AkmtW8-LdACfvQvoxmKARI5R7HbJyNHQolGUhQ==

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/crop/0,0,236x214/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/28abe54b-bf0a-45dc-83df-02c0e90245f6~110/ 26 KB
26 KB 66ms
40ms Image
image/jpeg 52.84.125.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/0,0,236x214/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/28abe54b-bf0a-45dc-83df-02c0e90245f6~110/original?tenant=vbu-digital
Requested by: Host: eastmansafety.ca
URL: https://eastmansafety.ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.125.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-125-79.ord53.r.cloudfront.net
Software: / Express
Resource Hash: 88f5ca0187cfe7642b48b1fa60fd4b0a1abbc0a667a4fdd824177f429123975c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eastmansafety.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Sat, 11 Jun 2022 14:55:00 GMT
Via: 1.1 f194abfb7121bb6ccfc24868a57a10da.cloudfront.net (CloudFront)
Connection: keep-alive
Age: 380756
X-Powered-By: Express
ETag: W/"675f-a9tV1h4SZmWu1hp5+CX5bvGi99A"
RequestId: 4dc3b0f6-1a64-4f4a-9278-3f224f64c26f
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, s-maxage=604800,max-age=604800
X-Amz-Cf-Pop: ORD53-C1
Content-Length: 26463
X-Amz-Cf-Id: S0vd1pCKse7csg7RtfhCrid7gyvrK1hwQ0oCS0VfgG11P6NzWUzjhg==

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/crop/0,0,480x185/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/3d98974d-b205-4f49-9866-44f1381a6dde~110/ 43 KB
43 KB 102ms
43ms Image
image/png 52.84.125.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/0,0,480x185/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/3d98974d-b205-4f49-9866-44f1381a6dde~110/original?tenant=vbu-digital
Requested by: Host: eastmansafety.ca
URL: https://eastmansafety.ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.125.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-125-79.ord53.r.cloudfront.net
Software: / Express
Resource Hash: e79a8b916955ae6a38a75f0a25c9959f97db01033d796a7aeb72e012c408f4e7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eastmansafety.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Wed, 25 May 2022 15:59:51 GMT
Via: 1.1 ba678b56149db138d19ba1e860270838.cloudfront.net (CloudFront)
Connection: keep-alive
Age: 1845665
X-Powered-By: Express
ETag: W/"ab2b-QOsA9uTtTAYiQ6FXRcLaMe8on6A"
RequestId: 0abcb1da-e850-4285-a715-bfd1d7fa3375
X-Cache: Hit from cloudfront
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, s-maxage=604800,max-age=604800
X-Amz-Cf-Pop: ORD53-C1
Content-Length: 43819
X-Amz-Cf-Id: DfYuUIGtDZk0myjONbIEBh7GP0DjGEKfnNJhU0rX6cfv_x_21UL_Xw==

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/crop/0,0,480x169/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/00c98363-d37c-49df-8fcc-bb2585a551c7~110/ 43 KB
44 KB 98ms
39ms Image
image/png 52.84.125.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/0,0,480x169/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/00c98363-d37c-49df-8fcc-bb2585a551c7~110/original?tenant=vbu-digital
Requested by: Host: eastmansafety.ca
URL: https://eastmansafety.ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.125.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-125-79.ord53.r.cloudfront.net
Software: / Express
Resource Hash: 69bc3006b3086db895bbf1b83ca95d106d0ae06f3a846efc0617a1daf418df0b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eastmansafety.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 13 Jun 2022 00:56:26 GMT
Via: 1.1 c9119c9cbad606324b966549b1fefab8.cloudfront.net (CloudFront)
Connection: keep-alive
Age: 258270
X-Powered-By: Express
ETag: W/"adf7-IQvZyo8C0w9Oo9+2RlIhxdcrI3Y"
RequestId: bc331f7b-d6e0-4180-bf03-d938f34b4481
X-Cache: Hit from cloudfront
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, s-maxage=604800,max-age=604800
X-Amz-Cf-Pop: ORD53-C1
Content-Length: 44535
X-Amz-Cf-Id: IGCZxOaOq3M1wbMp9S5nH4qyZ6R_ZQ-o3kGDgI-07cgb6buV9m9i8w==

GET
H2 200 email-decode.min.js Show response
eastmansafety.ca/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
848 B 20ms
20ms Script
application/javascript 2606:4700::6811:c249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://eastmansafety.ca/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: eastmansafety.ca
URL: https://eastmansafety.ca/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:c249 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eastmansafety.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 00:40:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 10 Jun 2022 21:22:53 GMT
server: cloudflare
etag: W/"62a3b62d-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 71bf7f398d2aca67-YUL
vary: Accept-Encoding
expires: Sat, 18 Jun 2022 00:40:56 GMT

GET
H2 200 collector.js Show response
static.websimages.com/active-static/target/stats/ 1 KB
1 KB 68ms
25ms Script
application/javascript 2606:4700::6810:551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.websimages.com/active-static/target/stats/collector.js
Requested by: Host: eastmansafety.ca
URL: https://eastmansafety.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098618125383f339b61490acd432891e79d7ce980dfcc6e0261e93fab5500d89

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eastmansafety.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 00:40:56 GMT
content-encoding: br
cf-cache-status: HIT
age: 1346536
cf-polished: origSize=1803
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 16 Mar 2022 14:08:29 GMT
server: cloudflare
etag: W/"70b-5da5672a4d140-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=18000
cf-ray: 71bf7f3bfaeb7142-YUL
expires: Thu, 05 May 2022 15:58:05 GMT

GET
H2 200 rollbar.min.js Show response
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/ 69 KB
19 KB 50ms
19ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js

Requested by

Host: eastmansafety.ca
URL: https://eastmansafety.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b140f87ff144db782e0cddbdd64decbaa35b5c7c890f1e45b05fe2d8478b42e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://eastmansafety.ca/
Origin: https://eastmansafety.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 00:40:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 24208903
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18862
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fc1-112f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hgnY9x0KDvfnJ3RWl6VITqZ2zNGvNY025DkQ9eudKdlydnLPIwO56w0fRyrey4z1M9Shse9HJ%2BLYBJik1I%2BU2kj97LQ797u%2FpDhmdlMTLw2u4LZ472KA%2Fd3kbGJtRR24VjvMTkBX8ukhkz0qkKyYaZsK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 71bf7f3beb447139-YUL
expires: Tue, 06 Jun 2023 00:40:56 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 12 KB
5 KB 141ms
140ms Script
application/x-javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=eastmansafety.ca&t=xo&v=5.0.318&source=payments_sdk&mrid=info@eastmansafety.ca&client_id=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&merchant-id=info%40eastmansafety.ca&currency=CAD&disable-funding=bancontact%2Cblik%2Ceps%2Cgiropay%2Cideal%2Cmercadopago%2Cmybank%2Cp24%2Csepa%2Csofort

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-IzBSXWd1euyUJ9eZiuoiJCQIn0+liFUFBBRoqVMOOClJQIRB' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eastmansafety.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-IzBSXWd1euyUJ9eZiuoiJCQIn0+liFUFBBRoqVMOOClJQIRB' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: HIT, MISS
paypal-debug-id: f67650080063a
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 4299
x-xss-protection: 1; mode=block
x-served-by: cache-lax10637-LGB, cache-yul12830-YUL
x-timer: S1655340057.914579,VS0,VE130
x-frame-options: SAMEORIGIN
date: Thu, 16 Jun 2022 00:40:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/x-javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
etag: W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4"
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 default Show response
embed.tawk.to/5ab442d94b401e45400df9a8/ 2 KB
1010 B 247ms
208ms Script
application/x-javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/5ab442d94b401e45400df9a8/default

Requested by

Host: eastmansafety.ca
URL: https://eastmansafety.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a11105dd75a584d190bf8f2d00c9879c10649bc386fedb73d1d14e26f62561a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eastmansafety.ca/
Origin: https://eastmansafety.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 00:40:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
server: cloudflare
etag: W/"stable-v4-62835fee0eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 71bf7f3c19ef7133-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
fonts.gstatic.com/s/cabin/v24/ 26 KB
26 KB 67ms
20ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cabin/v24/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin%3A100%2C400%2C700%7CSource%20Sans%20Pro%3A100%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

832a9f68685073e8318db12a164566b0baedc599bdf72cca29f9a4c188506053

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://eastmansafety.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 15:42:33 GMT
x-content-type-options: nosniff
age: 118704
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26244
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 17:32:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Jun 2023 15:42:33 GMT

GET
H2 200 buttons Show response
www.paypal.com/smart/ Frame B083 365 KB
151 KB 320ms
319ms Document
text/html 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?sdkVersion=5.0.318&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpfaHZNVXBFQVAzbzB2SjRoZEFmTC02eFpqZzU3ZUp2SzVSeUZFNEI4ck5nMHFEQ2ZWcnFXemdFSkNOaEZrSWpacUJwVm42bl85U3FOY0gmbWVyY2hhbnQtaWQ9aW5mbyU0MGVhc3RtYW5zYWZldHkuY2EmY3VycmVuY3k9Q0FEJmRpc2FibGUtZnVuZGluZz1iYW5jb250YWN0JTJDYmxpayUyQ2VwcyUyQ2dpcm9wYXklMkNpZGVhbCUyQ21lcmNhZG9wYWdvJTJDbXliYW5rJTJDcDI0JTJDc2VwYSUyQ3NvZm9ydCIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX3lwaGdxZHhscGx6dnR1aWlzb29lY3BsZ2F5Y2xubSJ9fQ&clientID=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&sdkCorrelationID=f801929a698c5&storageID=uid_cba7e38099_mda6nda6nty&sessionID=uid_e2560a1ada_mda6nda6nty&buttonSessionID=uid_a59b073389_mda6nda6nty&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjp0cnVlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtdWx0aWJhbmNvIjp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=CAD&intent=capture&commit=true&vault=false&disableFunding.0=bancontact&disableFunding.1=blik&disableFunding.2=eps&disableFunding.3=giropay&disableFunding.4=ideal&disableFunding.5=mercadopago&disableFunding.6=mybank&disableFunding.7=p24&disableFunding.8=sepa&disableFunding.9=sofort&merchantID.0=info%40eastmansafety.ca&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0e6aed5934ca6e2e47107affca47a25cb9f15ee3500cf3187bb2b46fe540c53c

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eastmansafety.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: none
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-encoding: br
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Thu, 16 Jun 2022 00:40:57 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/W/"5b3d4-y4MVe+eePNbph7HiZ33bxdGuG7k"
p3p: true
paypal-debug-id: f8081545cb926
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-served-by: cache-lax10680-LGB, cache-yul12830-YUL
x-timer: S1655340057.044819,VS0,VE309
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 09BC 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 09BC 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 record
statscollector.digital.vistaprint.com/ 0
114 B 99ms
29ms Image
text/plain 54.158.254.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://statscollector.digital.vistaprint.com/record?siteId=2685093661&pageId=2685093661&pageTitle=Home&parentPageId=&builderType=tower&premium=true&referrer=&location=https%3A%2F%2Feastmansafety.ca%2F&visitorId=711853443
Requested by: Host: eastmansafety.ca
URL: https://eastmansafety.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.254.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-254-182.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eastmansafety.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://developer.cimpress.io
date: Thu, 16 Jun 2022 00:40:57 GMT
x-powered-by: Express
content-type: text/plain

GET
H2 200 ts
t.paypal.com/ 42 B
794 B 175ms
124ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Eastman%20Safety%20Training%20Centre%20located%20in%20Steinbach%2C%20MB&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1655340057074&g=0&completeurl=https%3A%2F%2Feastmansafety.ca%2F&ru=https%3A%2F%2Feastmansafety.ca%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D

Requested by

Host: eastmansafety.ca
URL: https://eastmansafety.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eastmansafety.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 00:40:57 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: accb54abcd794
x-cache-hits: 0, 0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 42
x-served-by: cache-lax10661-LGB, cache-yul12821-YUL
pragma: no-cache
x-timer: S1655340057.130379,VS0,VE114
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jun 2022 00:40:57 GMT

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame B083 327 KB
98 KB 12ms
12ms Script
application/javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?sdkVersion=5.0.318&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpfaHZNVXBFQVAzbzB2SjRoZEFmTC02eFpqZzU3ZUp2SzVSeUZFNEI4ck5nMHFEQ2ZWcnFXemdFSkNOaEZrSWpacUJwVm42bl85U3FOY0gmbWVyY2hhbnQtaWQ9aW5mbyU0MGVhc3RtYW5zYWZldHkuY2EmY3VycmVuY3k9Q0FEJmRpc2FibGUtZnVuZGluZz1iYW5jb250YWN0JTJDYmxpayUyQ2VwcyUyQ2dpcm9wYXklMkNpZGVhbCUyQ21lcmNhZG9wYWdvJTJDbXliYW5rJTJDcDI0JTJDc2VwYSUyQ3NvZm9ydCIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX3lwaGdxZHhscGx6dnR1aWlzb29lY3BsZ2F5Y2xubSJ9fQ&clientID=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&sdkCorrelationID=f801929a698c5&storageID=uid_cba7e38099_mda6nda6nty&sessionID=uid_e2560a1ada_mda6nda6nty&buttonSessionID=uid_a59b073389_mda6nda6nty&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjp0cnVlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtdWx0aWJhbmNvIjp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=CAD&intent=capture&commit=true&vault=false&disableFunding.0=bancontact&disableFunding.1=blik&disableFunding.2=eps&disableFunding.3=giropay&disableFunding.4=ideal&disableFunding.5=mercadopago&disableFunding.6=mybank&disableFunding.7=p24&disableFunding.8=sepa&disableFunding.9=sofort&merchantID.0=info%40eastmansafety.ca&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a381ac41b1507d9c25dde75f4921a61ce2e50348e199f916c06c13e6882523ef

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-CJMtKq9nSP0jkuRz2TZbXW+gC6eJxntfCbumedHaXhv//TgK' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-CJMtKq9nSP0jkuRz2TZbXW+gC6eJxntfCbumedHaXhv//TgK' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.paypal.com/smart/buttons?sdkVersion=5.0.318&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpfaHZNVXBFQVAzbzB2SjRoZEFmTC02eFpqZzU3ZUp2SzVSeUZFNEI4ck5nMHFEQ2ZWcnFXemdFSkNOaEZrSWpacUJwVm42bl85U3FOY0gmbWVyY2hhbnQtaWQ9aW5mbyU0MGVhc3RtYW5zYWZldHkuY2EmY3VycmVuY3k9Q0FEJmRpc2FibGUtZnVuZGluZz1iYW5jb250YWN0JTJDYmxpayUyQ2VwcyUyQ2dpcm9wYXklMkNpZGVhbCUyQ21lcmNhZG9wYWdvJTJDbXliYW5rJTJDcDI0JTJDc2VwYSUyQ3NvZm9ydCIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX3lwaGdxZHhscGx6dnR1aWlzb29lY3BsZ2F5Y2xubSJ9fQ&clientID=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&sdkCorrelationID=f801929a698c5&storageID=uid_cba7e38099_mda6nda6nty&sessionID=uid_e2560a1ada_mda6nda6nty&buttonSessionID=uid_a59b073389_mda6nda6nty&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjp0cnVlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtdWx0aWJhbmNvIjp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=CAD&intent=capture&commit=true&vault=false&disableFunding.0=bancontact&disableFunding.1=blik&disableFunding.2=eps&disableFunding.3=giropay&disableFunding.4=ideal&disableFunding.5=mercadopago&disableFunding.6=mybank&disableFunding.7=p24&disableFunding.8=sepa&disableFunding.9=sofort&merchantID.0=info%40eastmansafety.ca&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-CJMtKq9nSP0jkuRz2TZbXW+gC6eJxntfCbumedHaXhv//TgK' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-CJMtKq9nSP0jkuRz2TZbXW+gC6eJxntfCbumedHaXhv//TgK' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
age: 2942
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
p3p: true
paypal-debug-id: f2950713ac6d5
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 99496
x-xss-protection: 1; mode=block
x-served-by: cache-sna10729-LGB, cache-yul12830-YUL
x-timer: S1655340057.376818,VS0,VE1
x-frame-options: SAMEORIGIN
date: Thu, 16 Jun 2022 00:40:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=10800
etag: W/"184a8-KZWY53gdp9g6vzXAgUl7GGsxR1M"
accept-ranges: bytes
x-cache-hits: 1, 1

GET
DATA 200
OK truncated
/ Frame B083 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B083 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame B083 56 KB
19 KB 64ms
12ms Script
application/javascript 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ECAcc (nya/7974) /

Resource Hash

ba2422aceabae696a1acc59a14f99a4f251bae79032b4d603cd4e1493f74da0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 00:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 533891
x-cache: HIT, HIT
paypal-debug-id: b671534ade60
x-cache-hits: 242403
access-control-allow-methods: GET
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 19372
via: 1.1 varnish
x-served-by: cache-yul12822-YUL
last-modified: Wed, 25 May 2022 18:45:26 GMT
server: ECAcc (nya/7974)
x-timer: S1655340058.536780,VS0,VE2
etag: W/"628e7946-dec7"
access-control-max-age: 86400
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=86400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jun 2022 00:40:57 GMT

POST
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame B083 987 B
2 KB 161ms
158ms Ping
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0836861554ef1416b81b2496945796113ccefe3123c6f2cb83f54e31d2505f21

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/smart/buttons?sdkVersion=5.0.318&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpfaHZNVXBFQVAzbzB2SjRoZEFmTC02eFpqZzU3ZUp2SzVSeUZFNEI4ck5nMHFEQ2ZWcnFXemdFSkNOaEZrSWpacUJwVm42bl85U3FOY0gmbWVyY2hhbnQtaWQ9aW5mbyU0MGVhc3RtYW5zYWZldHkuY2EmY3VycmVuY3k9Q0FEJmRpc2FibGUtZnVuZGluZz1iYW5jb250YWN0JTJDYmxpayUyQ2VwcyUyQ2dpcm9wYXklMkNpZGVhbCUyQ21lcmNhZG9wYWdvJTJDbXliYW5rJTJDcDI0JTJDc2VwYSUyQ3NvZm9ydCIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX3lwaGdxZHhscGx6dnR1aWlzb29lY3BsZ2F5Y2xubSJ9fQ&clientID=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&sdkCorrelationID=f801929a698c5&storageID=uid_cba7e38099_mda6nda6nty&sessionID=uid_e2560a1ada_mda6nda6nty&buttonSessionID=uid_a59b073389_mda6nda6nty&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjp0cnVlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtdWx0aWJhbmNvIjp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=CAD&intent=capture&commit=true&vault=false&disableFunding.0=bancontact&disableFunding.1=blik&disableFunding.2=eps&disableFunding.3=giropay&disableFunding.4=ideal&disableFunding.5=mercadopago&disableFunding.6=mybank&disableFunding.7=p24&disableFunding.8=sepa&disableFunding.9=sofort&merchantID.0=info%40eastmansafety.ca&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 16 Jun 2022 00:40:57 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS, MISS
paypal-debug-id: f5502537bd8e9
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-lax10624-LGB, cache-yul12830-YUL
x-timer: S1655340058.551418,VS0,VE149
etag: W/W/"3db-1yipE53lZzcLw6EDFfCNgG+JOxM"
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0, 0

GET
H2 200 i Show response
c.paypal.com/v1/r/d/ Frame 8F6E 160 B
939 B 116ms
115ms Document
text/html 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: none
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
correlation-id: e8c20d545e80e
date: Thu, 16 Jun 2022 00:40:57 GMT
paypal-debug-id: e8c20d545e80e
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-lax10644-LGB, cache-yul12822-YUL
x-timer: S1655340058.568641,VS0,VE104
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

counter2.cgi
slc.stats.paypal.com/v2/ Frame F8C8
Redirect Chain

https://b.stats.paypal.com/v2/counter.cgi?p=uid_e2560a1ada_mda6nda6nty&s=SMART_PAYMENT_BUTTONS
https://slc.stats.paypal.com/v2/counter2.cgi?p=uid_e2560a1ada_mda6nda6nty&s=SMART_PAYMENT_BUTTONS

42 B
299 B

268ms
88ms

Image
image/jpeg

34.106.92.18
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://slc.stats.paypal.com/v2/counter2.cgi?p=uid_e2560a1ada_mda6nda6nty&s=SMART_PAYMENT_BUTTONS
Protocol: HTTP/1.1
Server: 34.106.92.18 Salt Lake City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 18.92.106.34.bc.googleusercontent.com
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Thu, 16 Jun 2022 00:40:58 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://slc.stats.paypal.com/v2/counter2.cgi?p=uid_e2560a1ada_mda6nda6nty&s=SMART_PAYMENT_BUTTONS
Date: Thu, 16 Jun 2022 00:40:57 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame 8F6E 56 KB
19 KB 14ms
13ms Script
application/javascript 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ECAcc (nya/7974) /

Resource Hash

ba2422aceabae696a1acc59a14f99a4f251bae79032b4d603cd4e1493f74da0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 00:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 533892
x-cache: HIT, HIT
paypal-debug-id: b671534ade60
x-cache-hits: 242405
access-control-allow-methods: GET
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 19372
via: 1.1 varnish
x-served-by: cache-yul12822-YUL
last-modified: Wed, 25 May 2022 18:45:26 GMT
server: ECAcc (nya/7974)
x-timer: S1655340058.696485,VS0,VE2
etag: W/"628e7946-dec7"
access-control-max-age: 86400
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=86400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jun 2022 00:40:57 GMT

GET
H2 200 twk-main.js Show response
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 121 B
264 B 64ms
63ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-main.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5ab442d94b401e45400df9a8/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eastmansafety.ca/
Origin: https://eastmansafety.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 00:40:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 08:44:36 GMT
server: cloudflare
etag: W/"da5bb1dc647470204df0e49f5afac2de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 71bf7f40c9ab7133-YUL

GET
H2 200 twk-vendor.js Show response
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 76 KB
27 KB 112ms
111ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-vendor.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5ab442d94b401e45400df9a8/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eastmansafety.ca/
Origin: https://eastmansafety.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 00:40:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 08:44:36 GMT
server: cloudflare
etag: W/"7dcb496e4882926f93f2e73fa87062c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 71bf7f40c9ac7133-YUL

GET
H2 200 twk-chunk-vendors.js Show response
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 206 KB
61 KB 157ms
156ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-vendors.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5ab442d94b401e45400df9a8/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5b1592fa8ab8256ceae1cf00cbe53ad23b82f85964514f421492df2a8735d2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eastmansafety.ca/
Origin: https://eastmansafety.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 00:40:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 08:44:36 GMT
server: cloudflare
etag: W/"0022ca6ee8862a21867d497826b1d4ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 71bf7f40c9b07133-YUL

GET
H2 200 twk-chunk-common.js Show response
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 157 KB
37 KB 154ms
153ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-common.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5ab442d94b401e45400df9a8/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f0aef9670e1b3f32b79f61f847d0f470c062a9d17ff4c0a8ce2517710ff3411

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eastmansafety.ca/
Origin: https://eastmansafety.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 00:40:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 08:44:36 GMT
server: cloudflare
etag: W/"a971da9828a19bc856261914c19bc242"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 71bf7f40c9b17133-YUL

GET
H2 200 twk-runtime.js Show response
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 2 KB
1 KB 68ms
67ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-runtime.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5ab442d94b401e45400df9a8/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

161f78f0d9ea5a5025a082c14b694df6ca43e2d48db62ee35f3368ff3da02cc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eastmansafety.ca/
Origin: https://eastmansafety.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 00:40:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 08:44:36 GMT
server: cloudflare
etag: W/"a15483b174cf94cb489a53ce9789161d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 71bf7f40c9b27133-YUL

GET
H2 200 twk-app.js Show response
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 151 B
207 B 65ms
64ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5ab442d94b401e45400df9a8/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eastmansafety.ca/
Origin: https://eastmansafety.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 00:40:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 08:44:36 GMT
server: cloudflare
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 71bf7f40c9b57133-YUL

POST
H2 200 p1 Show response
c.paypal.com/v1/r/d/b/ Frame 8F6E 125 B
638 B 153ms
152ms XHR
application/json 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p1

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ae1f629c6bf5f49c1985d702359767f805a618c5f6af05b40862968cb16aa282

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json

Response headers

timing-allow-origin: *
date: Thu, 16 Jun 2022 00:40:57 GMT
via: 1.1 varnish, 1.1 varnish
correlation-id: d5ac4e55fe2d9
x-served-by: cache-lax10645-LGB, cache-yul12822-YUL
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: d5ac4e55fe2d9
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges: bytes
content-type: application/json
content-length: 125
x-cache-hits: 0, 0

POST
H2 200 e Show response
c.paypal.com/v1/r/d/b/ Frame 8F6E 15 B
231 B 116ms
116ms XHR
application/json 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/e

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 16 Jun 2022 00:40:57 GMT
via: 1.1 varnish, 1.1 varnish
correlation-id: 9ce50ffadc100
x-served-by: cache-lax10651-LGB, cache-yul12822-YUL
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
content-type: application/json
paypal-debug-id: 9ce50ffadc100
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges: bytes
timing-allow-origin: *
content-length: 15
x-cache-hits: 0, 0

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ Frame 8F6E 0
294 B 207ms
112ms Image
text/plain 2606:2800:21f:5dfa:af2c:7a6d:4339:27e7
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c6.paypal.com/v1/r/d/b/p3?f=uid_e2560a1ada_mda6nda6nty&s=SMART_PAYMENT_BUTTONS

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:21f:5dfa:af2c:7a6d:4339:27e7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (daa/7CC3) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 00:40:57 GMT
content-encoding: gzip
correlation-id: c0c0d66aeb611
server: ECAcc (daa/7CC3)
strict-transport-security: max-age=63072000; includeSubDomains; preload
paypal-debug-id: c0c0d66aeb611
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=95
timing-allow-origin: *
vary: Accept-Encoding
content-length: 20

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame B083 989 B
882 B 153ms
153ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b3b9aacad8a87896f77a272a90031d21e483581b74ea9e97705f9c2596f601ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.paypal.com/smart/buttons?sdkVersion=5.0.318&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpfaHZNVXBFQVAzbzB2SjRoZEFmTC02eFpqZzU3ZUp2SzVSeUZFNEI4ck5nMHFEQ2ZWcnFXemdFSkNOaEZrSWpacUJwVm42bl85U3FOY0gmbWVyY2hhbnQtaWQ9aW5mbyU0MGVhc3RtYW5zYWZldHkuY2EmY3VycmVuY3k9Q0FEJmRpc2FibGUtZnVuZGluZz1iYW5jb250YWN0JTJDYmxpayUyQ2VwcyUyQ2dpcm9wYXklMkNpZGVhbCUyQ21lcmNhZG9wYWdvJTJDbXliYW5rJTJDcDI0JTJDc2VwYSUyQ3NvZm9ydCIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX3lwaGdxZHhscGx6dnR1aWlzb29lY3BsZ2F5Y2xubSJ9fQ&clientID=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&sdkCorrelationID=f801929a698c5&storageID=uid_cba7e38099_mda6nda6nty&sessionID=uid_e2560a1ada_mda6nda6nty&buttonSessionID=uid_a59b073389_mda6nda6nty&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjp0cnVlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtdWx0aWJhbmNvIjp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=CAD&intent=capture&commit=true&vault=false&disableFunding.0=bancontact&disableFunding.1=blik&disableFunding.2=eps&disableFunding.3=giropay&disableFunding.4=ideal&disableFunding.5=mercadopago&disableFunding.6=mybank&disableFunding.7=p24&disableFunding.8=sepa&disableFunding.9=sofort&merchantID.0=info%40eastmansafety.ca&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
content-type: application/json

Response headers

date: Thu, 16 Jun 2022 00:40:57 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS, MISS
paypal-debug-id: f550253bda6f4
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-lax10670-LGB, cache-yul12830-YUL
x-timer: S1655340058.770885,VS0,VE142
etag: W/W/"3dd-S8234QRIyhQCLWVqKELzjAOJd4c"
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0, 0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 985 B
2 KB 141ms
141ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ecb44ebd41633c942dafd1be25052b273359a362e49785edfaf21b993e16d486

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://eastmansafety.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
content-type: application/json

Response headers

date: Thu, 16 Jun 2022 00:40:58 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS, MISS
paypal-debug-id: f550253dfacfa
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-lax10626-LGB, cache-yul12825-YUL
x-timer: S1655340058.926890,VS0,VE124
etag: W/W/"3d9-62CFYh+3pUUU9Eaz6sZSNumCwA8"
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://eastmansafety.ca
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0, 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 155ms
133ms Preflight 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://eastmansafety.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://eastmansafety.ca
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Thu, 16 Jun 2022 00:40:57 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f55025362c2ce
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-sna10727-LGB, cache-yul12825-YUL
x-timer: S1655340058.792151,VS0,VE123

GET
H2 200 widget-settings Show response
va.tawk.to/v1/ 3 KB
1 KB 237ms
220ms Fetch
application/json 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=5ab442d94b401e45400df9a8&widgetId=default&sv=undefined

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f37c4e84e0b1cd31fb6a72769aca5244914fe554e62773ac30f187a5eb6af7e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eastmansafety.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 00:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: visitor-application-preemptive-s9jv
server: cloudflare
etag: W/"2-26-0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=7200, s-maxage=1800
cf-ray: 71bf7f422bd07133-YUL
access-control-allow-headers: content-type,x-tawk-token

POST
H3 200 start Show response
va.tawk.to/v1/session/ 1 KB
1 KB 151ms
135ms Fetch
application/json 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c2a34bb25d4d1a70ce89c8102e43507d828f63755f6bc1a64f30161b0b69cfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eastmansafety.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Thu, 16 Jun 2022 00:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: visitor-application-preemptive-plkx
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://eastmansafety.ca
vary: Accept-Encoding
access-control-allow-credentials: true
cf-ray: 71bf7f42ef827154-YUL
access-control-allow-headers: content-type,x-tawk-token

OPTIONS
H2 200 start
va.tawk.to/v1/session/ Frame 0
0 105ms
96ms Preflight 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://eastmansafety.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://eastmansafety.ca
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 71bf7f422bce7133-YUL
date: Thu, 16 Jun 2022 00:40:58 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-j23g

GET
H3 200 en.js Show response
embed.tawk.to/_s/v4/app/62835fee0eb/languages/ 16 KB
4 KB 18ms
18ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/62835fee0eb/languages/en.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2a37b3244a9a215cc8c90b8bc11388c4fd8b2dd23d415acfccf16e3224250d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eastmansafety.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 00:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2410653
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 08:44:37 GMT
server: cloudflare
etag: W/"5a13c5b16c3caf8b986d6b915fd4b13e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 71bf7f4398557154-YUL

GET
H3 200 twk-chunk-2d0d2b7c.js Show response
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 7 KB
2 KB 22ms
22ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-2d0d2b7c.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fee6dec9e7d648ac6be3c030ffc99fd2ac5f73398212f4cb2e43d7cdc28282ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eastmansafety.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 00:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2410653
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 08:44:36 GMT
server: cloudflare
etag: W/"1180d712a02848854eab38e1736e2616"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 71bf7f43c8b67154-YUL

GET
H3 200 twk-chunk-696bc286.js Show response
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 16 KB
5 KB 25ms
24ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-696bc286.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9014e413a2ed0a5b777c417873a254729ce6bb5fdca039a4dd5abd04417db98d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eastmansafety.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 00:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2410653
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 08:44:36 GMT
server: cloudflare
etag: W/"6712af3933a068dc9ca1293e0c2c828f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 71bf7f43c8b97154-YUL

GET
H3 200 twk-chunk-f1596d96.js Show response
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 10 KB
4 KB 23ms
23ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-f1596d96.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a902d8d0bf4615e985f80c1e6fa38147d341124ae44a7927e15a632c0eb3d87

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eastmansafety.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 00:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2410653
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 08:44:36 GMT
server: cloudflare
etag: W/"325d67a45c137803b4f8bd4d47afffed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 71bf7f43c8ba7154-YUL

GET
H3 200 twk-chunk-48f46bef.js Show response
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 16 KB
5 KB 32ms
31ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-48f46bef.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08b53c5a235af3613d1964d3678ac26432071b1eae951590b84f14ea839a5678

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eastmansafety.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 00:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2410653
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 08:44:36 GMT
server: cloudflare
etag: W/"601eb77cd91dcb708add40ebe9d149e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 71bf7f43c8bc7154-YUL

GET
H3 200 twk-chunk-4fe9d5dd.js Show response
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 942 B
781 B 32ms
32ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-4fe9d5dd.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eastmansafety.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 00:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2410653
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 08:44:36 GMT
server: cloudflare
etag: W/"5f434bdd806571a4e1b385bee9316ff6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 71bf7f43d8bf7154-YUL

GET
H3 200 twk-chunk-2d0b9454.js Show response
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 546 B
669 B 20ms
20ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-2d0b9454.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eastmansafety.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 00:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2410653
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 08:44:36 GMT
server: cloudflare
etag: W/"09c3819d373bd4178a620d721429fada"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 71bf7f43d8c27154-YUL

GET
H3 200 twk-chunk-f163fcd0.js Show response
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 11 KB
4 KB 19ms
18ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-f163fcd0.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb94ebe9718dddddc412d9054b58d2ec39bea39d4f40e2181bafc4fb21120c19

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eastmansafety.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 00:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2410653
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 08:44:36 GMT
server: cloudflare
etag: W/"5d825157bfbb4872b9ce8ea19e5eb7e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 71bf7f43d8c47154-YUL

GET
H3 200 twk-chunk-32507910.js Show response
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 70 KB
16 KB 29ms
29ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-32507910.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b601109f6454a4cdb28a089947fbaefcce2e471efcfdc60cc6869c9c36417e14

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eastmansafety.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 00:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2410653
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 08:44:36 GMT
server: cloudflare
etag: W/"006d5eeef6485daa02180491bbfb5485"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 71bf7f43d8c57154-YUL

GET
H3 200 bubble-widget.css
embed.tawk.to/_s/v4/app/62835fee0eb/css/ Frame E95C 13 KB
3 KB 38ms
38ms Stylesheet
text/css 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/62835fee0eb/css/bubble-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-2d0d2b7c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 00:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2410653
cf-polished: origSize=13594
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 08:44:36 GMT
server: cloudflare
etag: W/"ce7913b80c763449b3895d46419f7a6b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 71bf7f4409217154-YUL
cf-bgj: minify

GET
H3 200 min-widget.css
embed.tawk.to/_s/v4/app/62835fee0eb/css/ Frame 5298 24 KB
5 KB 38ms
38ms Stylesheet
text/css 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/62835fee0eb/css/min-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-2d0d2b7c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34533e0e1da75160a7daf8a64a6c8e84d3ee9b9265695cfdf0ce3ce7ccac0139

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 00:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2410653
cf-polished: origSize=25050
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 08:44:36 GMT
server: cloudflare
etag: W/"ca07acfc9643befa104a07a93067f7c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 71bf7f44293d7154-YUL
cf-bgj: minify

GET
H3 200 message-preview.css
embed.tawk.to/_s/v4/app/62835fee0eb/css/ Frame 22EA 37 KB
8 KB 25ms
25ms Stylesheet
text/css 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/62835fee0eb/css/message-preview.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-2d0d2b7c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c441a4185403c04c6660b68f8e08dbb2c1006c6a0f792fd454216a35b73fc867

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 00:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2410653
cf-polished: origSize=37650
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 08:44:36 GMT
server: cloudflare
etag: W/"792b46302ed8c4acdf03169ba30069fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 71bf7f44395c7154-YUL
cf-bgj: minify

GET
H3 200 max-widget.css
embed.tawk.to/_s/v4/app/62835fee0eb/css/ Frame 3FAB 73 KB
14 KB 29ms
29ms Stylesheet
text/css 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/62835fee0eb/css/max-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-2d0d2b7c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ef158b41b948a026674ff4d4780d40958e066c3c79b40748d091bb8123a9da6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 00:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2410653
cf-polished: origSize=74594
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 08:44:36 GMT
server: cloudflare
etag: W/"0d4a703e4e6f73ee4b1a0e152481a4c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 71bf7f44497b7154-YUL
cf-bgj: minify

GET
H3 200 63-br.svg
embed.tawk.to/_s/v4/assets/images/attention-grabbers/ Frame E95C 58 KB
15 KB 27ms
26ms Image
image/svg+xml 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://embed.tawk.to/_s/v4/assets/images/attention-grabbers/63-br.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7266f088f77c298317a52f78498aa5dcbf19cd686caaf86659203e6c1d15b986

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 00:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 485148
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 22 May 2021 07:25:18 GMT
server: cloudflare
etag: W/"920e49a1e237d88f3641817e90850650"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 71bf7f4459907154-YUL

GET
H3 200 css
fonts.googleapis.com/ Frame 5298 7 KB
592 B 76ms
35ms Stylesheet
text/css 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/css/min-widget.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200a Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6f1e145d88c4b3f343055576d559fa8999045d205ea2f4e0d84f3b539c56ced8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://embed.tawk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 15 Jun 2022 22:58:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 16 Jun 2022 00:40:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Jun 2022 00:40:58 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 22EA 7 KB
592 B 77ms
36ms Stylesheet
text/css 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/css/message-preview.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200a Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6f1e145d88c4b3f343055576d559fa8999045d205ea2f4e0d84f3b539c56ced8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://embed.tawk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 15 Jun 2022 23:07:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 16 Jun 2022 00:40:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Jun 2022 00:40:58 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3FAB 7 KB
592 B 57ms
36ms Stylesheet
text/css 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/css/max-widget.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200a Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6f1e145d88c4b3f343055576d559fa8999045d205ea2f4e0d84f3b539c56ced8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://embed.tawk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 15 Jun 2022 23:05:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 16 Jun 2022 00:40:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Jun 2022 00:40:58 GMT

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ Frame 5298 23 KB
23 KB 59ms
19ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://eastmansafety.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 23:16:08 GMT
x-content-type-options: nosniff
age: 177890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 23:16:08 GMT

GET
H2 200 emojione.min.js Show response
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ 295 KB
39 KB 69ms
31ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-vendors.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eastmansafety.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 00:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7485553
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19144-FRA, cache-yyz4544-YYZ
timing-allow-origin: *
server: cloudflare
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ymIF%2FKUbh14R%2FmUhU78x9LLBLt1hGC3QAphdjhSJNFnmfO6Fy9q4yx%2FeYC0ryjiyVnFAH8FwKRKhkfOtOdnakxe%2FIje2UFyZMaRiUJvE6BsiT5plPOQyPMmFSO%2B7DyUWw%2FsjC5PG%2FOPRgTPAUaY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 71bf7f453f5d713e-YUL

OPTIONS
H3 200 v3
va.tawk.to/log-performance/ Frame 0
0 75ms
75ms Preflight 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://eastmansafety.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://eastmansafety.ca
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 71bf7f45ab057156-YUL
date: Thu, 16 Jun 2022 00:40:58 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-wbv5

POST
H3 200 v3 Show response
va.tawk.to/log-performance/ 5 B
346 B 74ms
74ms Fetch
text/html 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eastmansafety.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Thu, 16 Jun 2022 00:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: visitor-application-preemptive-m9nk
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-methods: POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://eastmansafety.ca
vary: Accept-Encoding
access-control-allow-credentials: true
cf-ray: 71bf7f461bbe7156-YUL
access-control-allow-headers: content-type,x-tawk-token

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
eastmansafety.ca/	1970-01-20 03:50:26	Name: webs-stats-visitor-id Value: 711853443
.paypal.com/	1970-01-20 03:49:01	Name: l7_az Value: dcg15.slc
.paypal.com/	1970-01-21 06:05:48	Name: ts Value: vreXpYrS%3D1750034457%26vteXpYrS%3D1655341857%26vr%3D69f4c2111810a1d595059432fe4b446a%26vt%3D69f4c2111810a1d595059432fe4b4469%26vtyp%3Dnew
.paypal.com/	1970-01-21 06:05:48	Name: ts_c Value: vr%3D69f4c2111810a1d595059432fe4b446a%26vt%3D69f4c2111810a1d595059432fe4b4469
.paypal.com/	1970-01-20 03:49:31	Name: LANG Value: en_US%3BCA
.paypal.com/	1970-01-20 03:53:19	Name: tsrce Value: loggernodeweb
.c.paypal.com/	1970-01-21 23:37:00	Name: sc_f Value: MHnIi8X_hfTevqNjHUgns8YkFB0q02vSrV2Gw1pusJo2RF9wlySoHzVkMb0ky5EUHQArttzxiIXaHsB6sBzLBzLoPLTVhRgBUI8USG
.paypal.com/	1970-01-27 11:01:00	Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK Value: EJLXPAZUHy23XASzTHXjrT51y5CpIoY7xp6Gr9OqCYKyT6dDr4abTZaMAvDWKIzv1vXx_fdakrNBI0uu
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTY1NTM0MDA1Nzg1OCIsImwiOiIwIiwibSI6IjAifQ
eastmansafety.ca/	1969-12-31 23:59:59	Name: twk_idm_key Value: EuPhozPMPtLGD0Wmr1s98
eastmansafety.ca/	1969-12-31 23:59:59	Name: TawkConnectionTime Value: 0
.eastmansafety.ca/	1970-01-20 08:08:12	Name: twk_uuid_5ab442d94b401e45400df9a8 Value: %7B%22uuid%22%3A%221.1Hx7fF23W2QCquFXZuk0aMUW1V7L3fMMLQoGZ0B5jvSPWKPS7UOwHKVTwiexJBPZrVj836YxhChHBwjGuuVExItuowDsFd4Q822LcDCQycosPfoQM72Z8y7bouLgBY41rnPzk7Palw1kqakKctZyve%22%2C%22version%22%3A3%2C%22domain%22%3A%22eastmansafety.ca%22%2C%22ts%22%3A1655340058197%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.stats.paypal.com
c.paypal.com
c6.paypal.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
eastmansafety.ca
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
imageprocessor.digital.vistaprint.com
slc.stats.paypal.com
static.websimages.com
statscollector.digital.vistaprint.com
t.paypal.com
va.tawk.to
vp-digital-tower-etc.s3.amazonaws.com
www.paypal.com
151.101.1.35
151.101.129.21
2606:2800:21f:5dfa:af2c:7a6d:4339:27e7
2606:4700:10::6816:1883
2606:4700:10::ac43:2642
2606:4700::6810:551
2606:4700::6810:5814
2606:4700::6811:180e
2606:4700::6811:c249
2607:f8b0:4006:81d::2003
2607:f8b0:4006:824::200a
34.106.92.18
52.216.133.139
52.84.125.79
54.158.254.182
0836861554ef1416b81b2496945796113ccefe3123c6f2cb83f54e31d2505f21
08b53c5a235af3613d1964d3678ac26432071b1eae951590b84f14ea839a5678
098618125383f339b61490acd432891e79d7ce980dfcc6e0261e93fab5500d89
0b140f87ff144db782e0cddbdd64decbaa35b5c7c890f1e45b05fe2d8478b42e
0c2a34bb25d4d1a70ce89c8102e43507d828f63755f6bc1a64f30161b0b69cfc
0e007dab5daf16e805d72cbff8cae31160af985183ae3968f81b5ccf58f39489
0e6aed5934ca6e2e47107affca47a25cb9f15ee3500cf3187bb2b46fe540c53c
0ebb6176c1ee135fb72e9ca7600a82edc2f61a86265c308e308e7a23b72d9d72
0f0aef9670e1b3f32b79f61f847d0f470c062a9d17ff4c0a8ce2517710ff3411
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
161f78f0d9ea5a5025a082c14b694df6ca43e2d48db62ee35f3368ff3da02cc1
1a902d8d0bf4615e985f80c1e6fa38147d341124ae44a7927e15a632c0eb3d87
1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b
25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c
34533e0e1da75160a7daf8a64a6c8e84d3ee9b9265695cfdf0ce3ce7ccac0139
3a11105dd75a584d190bf8f2d00c9879c10649bc386fedb73d1d14e26f62561a
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c
4ef158b41b948a026674ff4d4780d40958e066c3c79b40748d091bb8123a9da6
5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7
69bc3006b3086db895bbf1b83ca95d106d0ae06f3a846efc0617a1daf418df0b
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6f1e145d88c4b3f343055576d559fa8999045d205ea2f4e0d84f3b539c56ced8
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
7266f088f77c298317a52f78498aa5dcbf19cd686caaf86659203e6c1d15b986
7da999e6ad98e5da22d71f939edafdc3142975cd8d12467c5383ba853cfdae90
81ac4057004b43343a5129aeb2bd84ac53ad72da6f0d0b80882e6cca977594f9
82bc6d1d93130914a7edebb3bdc9ef6ec4e8031c56feb9d57d9741a5c92f2029
832a9f68685073e8318db12a164566b0baedc599bdf72cca29f9a4c188506053
88f5ca0187cfe7642b48b1fa60fd4b0a1abbc0a667a4fdd824177f429123975c
9014e413a2ed0a5b777c417873a254729ce6bb5fdca039a4dd5abd04417db98d
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
a381ac41b1507d9c25dde75f4921a61ce2e50348e199f916c06c13e6882523ef
ae1f629c6bf5f49c1985d702359767f805a618c5f6af05b40862968cb16aa282
b3b9aacad8a87896f77a272a90031d21e483581b74ea9e97705f9c2596f601ce
b5b1592fa8ab8256ceae1cf00cbe53ad23b82f85964514f421492df2a8735d2f
b601109f6454a4cdb28a089947fbaefcce2e471efcfdc60cc6869c9c36417e14
ba2422aceabae696a1acc59a14f99a4f251bae79032b4d603cd4e1493f74da0f
bb94ebe9718dddddc412d9054b58d2ec39bea39d4f40e2181bafc4fb21120c19
c441a4185403c04c6660b68f8e08dbb2c1006c6a0f792fd454216a35b73fc867
d2a37b3244a9a215cc8c90b8bc11388c4fd8b2dd23d415acfccf16e3224250d7
d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5
d4cff8de2398964e05c8efe129c043b5a9c1863201e4054ec0b20ac92a4191af
dd3276ab3d9e6bbef422faf7febd05935e4da92143d07d7355dc4350035473a6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79a8b916955ae6a38a75f0a25c9959f97db01033d796a7aeb72e012c408f4e7
ecb44ebd41633c942dafd1be25052b273359a362e49785edfaf21b993e16d486
f37c4e84e0b1cd31fb6a72769aca5244914fe554e62773ac30f187a5eb6af7e0
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867
fee6dec9e7d648ac6be3c030ffc99fd2ac5f73398212f4cb2e43d7cdc28282ed

eastmansafety.ca Open in urlscan Pro 2606:4700::6811:c249 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

62 Requests

98 %HTTPS

60 %IPv6

10 Domains

17 Subdomains

16 IPs

1 Countries

1219 kBTransfer

3355 kBSize

12 Cookies

3 Outgoing links

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

eastmansafety.ca Open in urlscan Pro
2606:4700::6811:c249 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

98 %
HTTPS

60 %
IPv6

10
Domains

17
Subdomains

16
IPs

1
Countries

1219 kB
Transfer

3355 kB
Size

12
Cookies

62 HTTP transactions
4 data transactions