client-retention.canadianvisa.org Open in urlscan Pro
95.85.55.135 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://client-retention.canadianvisa.org/
Effective URL:
https://client-retention.canadianvisa.org/
Submission: On January 31 via api (January 31st 2022, 10:29:32 am UTC) from CA — Scanned from NL

Summary HTTP 48 Redirects Behaviour Indicators

Summary

This website contacted 22 IPs in 5 countries across 16 domains to perform 48 HTTP transactions. The main IP is 95.85.55.135, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN, US. The main domain is client-retention.canadianvisa.org.
TLS certificate: Issued by R3 on January 31st 2022. Valid for: 3 months.

This is the only time client-retention.canadianvisa.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	95.85.55.135 95.85.55.135	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
5	35.244.143.131 35.244.143.131	15169 (GOOGLE) (GOOGLE)
1	18.66.97.37 18.66.97.37	16509 (AMAZON-02) (AMAZON-02)
1	52.20.78.240 52.20.78.240	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	52.222.236.74 52.222.236.74	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	184.30.25.80 184.30.25.80	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
9	2.16.186.155 2.16.186.155	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.66.139.28 18.66.139.28	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
2	64.202.112.95 64.202.112.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	108.128.149.41 108.128.149.41	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
48	22

6 95.85.55.135 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

client-retention.canadianvisa.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
retention-client-api.canadianvisa.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.143.131 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 131.143.244.35.bc.googleusercontent.com

api.exponea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-37.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.20.78.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-78-240.compute-1.amazonaws.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-74.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.25.80 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-25-80.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2.16.186.155 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-155.deploy.static.akamaitechnologies.com

cdn.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
accounts.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-28.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.149.41 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-149-41.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	livechatinc.com cdn.livechatinc.com — Cisco Umbrella Rank: 6508 api.livechatinc.com — Cisco Umbrella Rank: 5512 secure.livechatinc.com — Cisco Umbrella Rank: 6785 accounts.livechatinc.com — Cisco Umbrella Rank: 7887	268 KB
6	canadianvisa.org 1 redirects client-retention.canadianvisa.org retention-client-api.canadianvisa.org	507 KB
5	exponea.com api.exponea.com — Cisco Umbrella Rank: 21129	92 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 644 script.hotjar.com — Cisco Umbrella Rank: 919 vars.hotjar.com — Cisco Umbrella Rank: 1012 in.hotjar.com — Cisco Umbrella Rank: 1810	65 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47 ajax.googleapis.com — Cisco Umbrella Rank: 293	11 KB
3	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 2353 tr.outbrain.com — Cisco Umbrella Rank: 2115	4 KB
3	gstatic.com fonts.gstatic.com	76 KB
2	google.nl www.google.nl — Cisco Umbrella Rank: 7820	565 B
2	google.com www.google.com — Cisco Umbrella Rank: 13	565 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	386 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 96 googleads.g.doubleclick.net — Cisco Umbrella Rank: 46	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	114 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 106	15 KB
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 3497	269 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	64 KB
48	16

	Domain	Requested by
5	api.exponea.com	client-retention.canadianvisa.org api.exponea.com
4	cdn.livechatinc.com	client-retention.canadianvisa.org secure.livechatinc.com
4	client-retention.canadianvisa.org	1 redirects client-retention.canadianvisa.org
3	api.livechatinc.com	cdn.livechatinc.com
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	client-retention.canadianvisa.org secure.livechatinc.com
2	www.google.nl	client-retention.canadianvisa.org
2	www.google.com	client-retention.canadianvisa.org
2	www.facebook.com	client-retention.canadianvisa.org
2	tr.outbrain.com	amplify.outbrain.com client-retention.canadianvisa.org
2	connect.facebook.net	client-retention.canadianvisa.org connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com client-retention.canadianvisa.org
2	retention-client-api.canadianvisa.org	client-retention.canadianvisa.org
1	googleads.g.doubleclick.net	www.googleadservices.com
1	accounts.livechatinc.com	cdn.livechatinc.com
1	www.googleadservices.com	www.googletagmanager.com
1	secure.livechatinc.com	cdn.livechatinc.com
1	in.hotjar.com	script.hotjar.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	vars.hotjar.com	static.hotjar.com
1	amplify.outbrain.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	api.ipify.org	client-retention.canadianvisa.org
1	static.hotjar.com	client-retention.canadianvisa.org
1	www.googletagmanager.com	client-retention.canadianvisa.org
1	ajax.googleapis.com	client-retention.canadianvisa.org
48	26

This site contains no links.

Subject Issuer	Validity	Valid
client-retention.canadianvisa.org R3	`2022-01-31` - `2022-05-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
api.exponea.com GTS CA 1D4	`2021-12-22` - `2022-03-22`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
retention-client-api.canadianvisa.org R3	`2021-12-02` - `2022-03-02`	3 months	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2021-01-19` - `2022-02-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-09` - `2022-02-07`	3 months	crt.sh
livechat.com DigiCert SHA2 Secure Server CA	`2021-04-20` - `2022-04-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://client-retention.canadianvisa.org/
Frame ID: 96A6D1B975985D0AF7FB7C057394E5FC
Requests: 39 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-ad575b5823df97fc9725e14a57070642.html
Frame ID: F79893D634B86E5AE5F52ECF44B4C560
Requests: 1 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=13012263&group=2&embedded=1&widget_version=3&unique_groups=0
Frame ID: F594B636F725C031CB771E8E725EEA36
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Dashboard - Canadian visa

Page URL History Show full URLs

http://client-retention.canadianvisa.org/ HTTP 301
https://client-retention.canadianvisa.org/ Page URL

Detected technologies

LiveChat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

cdn\.livechatinc\.com/.*tracking\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

48
Requests

100 %
HTTPS

50 %
IPv6

16
Domains

26
Subdomains

22
IPs

5
Countries

1239 kB
Transfer

4233 kB
Size

20
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://client-retention.canadianvisa.org/ HTTP 301
https://client-retention.canadianvisa.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
client-retention.canadianvisa.org/
Redirect Chain

http://client-retention.canadianvisa.org/
https://client-retention.canadianvisa.org/

6 KB
6 KB

41ms
13ms

Document
text/html

95.85.55.135
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://client-retention.canadianvisa.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.85.55.135 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 5d77d28442f2d97315467f54c85f85b092af7854c989ff8e367d7cfa04ea1b3e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9

Response headers

Server: nginx/1.16.1
Date: Mon, 31 Jan 2022 10:29:27 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 6391
Last-Modified: Fri, 17 Dec 2021 10:28:57 GMT
Connection: keep-alive
ETag: "61bc6669-18f7"
Accept-Ranges: bytes

Redirect headers

Server: nginx/1.16.1
Date: Mon, 31 Jan 2022 10:29:27 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://client-retention.canadianvisa.org/

GET
H2 200 css
fonts.googleapis.com/ 8 KB
778 B 89ms
31ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,700

Requested by

Host: client-retention.canadianvisa.org
URL: https://client-retention.canadianvisa.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c21346e0102cb0ae60afdb16611a27cc5699b4d39e6fbbd2db156d1985070de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://client-retention.canadianvisa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 08:52:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 31 Jan 2022 10:29:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 31 Jan 2022 10:29:27 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
868 B 88ms
30ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: client-retention.canadianvisa.org
URL: https://client-retention.canadianvisa.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d44a3249e2be052d683c7b58d03890937199b056a6313bd7ae0834281a70a2d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://client-retention.canadianvisa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 10:29:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 31 Jan 2022 10:29:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 31 Jan 2022 10:29:27 GMT

GET
H2 200 jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/ 36 KB
9 KB 69ms
22ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/jquery-ui.css

Requested by

Host: client-retention.canadianvisa.org
URL: https://client-retention.canadianvisa.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://client-retention.canadianvisa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 29 Jan 2022 01:40:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 204545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8422
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Jan 2023 01:40:22 GMT

GET
H/1.1 200
OK style.d2cbce615df10f7c03f9.css
client-retention.canadianvisa.org/ 313 KB
47 KB 13ms
12ms Stylesheet
text/css 95.85.55.135
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://client-retention.canadianvisa.org/style.d2cbce615df10f7c03f9.css
Requested by: Host: client-retention.canadianvisa.org
URL: https://client-retention.canadianvisa.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.85.55.135 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: da1bf5f19af7f7879514683fda33121c528af311c67966aa8fff28dd5cf2e948

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://client-retention.canadianvisa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 10:29:27 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Dec 2021 10:29:03 GMT
Server: nginx/1.16.1
ETag: "61bc666f-bbb8"
Content-Type: text/css
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 48056
Expires: Mon, 07 Feb 2022 10:29:27 GMT

GET
H/1.1 200
OK bundle.d2cbce615df10f7c03f9.js Show response
client-retention.canadianvisa.org/ 2 MB
453 KB 50ms
24ms Script
application/javascript 95.85.55.135
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://client-retention.canadianvisa.org/bundle.d2cbce615df10f7c03f9.js
Requested by: Host: client-retention.canadianvisa.org
URL: https://client-retention.canadianvisa.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.85.55.135 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 34e2e0ce614b887c029cb00671d86c800e9e6c53e77eac478fa3eceee496ce42

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://client-retention.canadianvisa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 10:29:27 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Dec 2021 10:28:59 GMT
Server: nginx/1.16.1
ETag: "61bc666b-711fa"
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 463354
Expires: Mon, 07 Feb 2022 10:29:27 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 194 KB
64 KB 82ms
28ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PTTXXK2

Requested by

Host: client-retention.canadianvisa.org
URL: https://client-retention.canadianvisa.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4aeba7e4042c3fa9ee7692c260ec4f2b6fbf07f71dd4fff83ffe1525cb93424c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://client-retention.canadianvisa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 10:29:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64747
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 31 Jan 2022 10:29:27 GMT

GET
H2 200 exponea.min.js Show response
api.exponea.com/js/ 301 KB
90 KB 53ms
18ms Script
application/javascript 35.244.143.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.exponea.com/js/exponea.min.js
Requested by: Host: client-retention.canadianvisa.org
URL: https://client-retention.canadianvisa.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.143.131 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 131.143.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 054c1f59301fd4980541353686ac0390b7d760e304e8e1f9f4f7ae7025df0bb8

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://client-retention.canadianvisa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 10:29:27 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 13:40:22 GMT
server: nginx
etag: "61b74d46-16876"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
alt-svc: clear
content-length: 92278
via: 1.1 google
expires: Mon, 31 Jan 2022 11:29:27 GMT

GET
H2 200 hotjar-1957728.js Show response
static.hotjar.com/c/ 4 KB
2 KB 72ms
27ms Script
application/javascript 18.66.97.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1957728.js?sv=6

Requested by

Host: client-retention.canadianvisa.org
URL: https://client-retention.canadianvisa.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-37.fra56.r.cloudfront.net

Software

Resource Hash

d98f0cb4bfdf04f956dfcb6152059f2e92f104cda0edf08a8bb0e1e3bf0b2a52

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://client-retention.canadianvisa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 10:29:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1890
access-control-allow-origin: *
cache-control: max-age=60
etag: W/c5a033a8536de6de4c741ac3e7269297
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-cache-hit: 1
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: I6Diipf7XEOE8kHcciirRtV7bhO5lsuh9ZVVoUI7uO9JxthroToO2g==

GET
H/1.1 401
Unauthorized fields Show response
retention-client-api.canadianvisa.org/v1/form/ 93 B
337 B 87ms
17ms XHR
application/json 95.85.55.135
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://retention-client-api.canadianvisa.org/v1/form/fields?access-token=null&uid=1
Requested by: Host: client-retention.canadianvisa.org
URL: https://client-retention.canadianvisa.org/bundle.d2cbce615df10f7c03f9.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.85.55.135 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 5282c6b09031c4de92e9b6d96597b8b9e055f46942479c5b74bafb9f11ffa66f

Request headers

Accept: application/json, text/plain, */*
Referer: https://client-retention.canadianvisa.org/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 31 Jan 2022 10:29:27 GMT
Transfer-Encoding: chunked
Server: nginx/1.16.1
Connection: keep-alive
Vary: Accept
Content-Type: application/json; charset=UTF-8

GET
H/1.1 401
Unauthorized fields Show response
retention-client-api.canadianvisa.org/v1/form/ 93 B
337 B 86ms
17ms XHR
application/json 95.85.55.135
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://retention-client-api.canadianvisa.org/v1/form/fields?access-token=null&uid=1
Requested by: Host: client-retention.canadianvisa.org
URL: https://client-retention.canadianvisa.org/bundle.d2cbce615df10f7c03f9.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.85.55.135 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 5282c6b09031c4de92e9b6d96597b8b9e055f46942479c5b74bafb9f11ffa66f

Request headers

Accept: application/json, text/plain, */*
Referer: https://client-retention.canadianvisa.org/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 31 Jan 2022 10:29:27 GMT
Transfer-Encoding: chunked
Server: nginx/1.16.1
Connection: keep-alive
Vary: Accept
Content-Type: application/json; charset=UTF-8

GET
H/1.1 200
OK / Show response
api.ipify.org/ 19 B
269 B 314ms
101ms XHR
application/json 52.20.78.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: client-retention.canadianvisa.org
URL: https://client-retention.canadianvisa.org/bundle.d2cbce615df10f7c03f9.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.20.78.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-78-240.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 57ddc40dc8707c053caf2f6ccbf4ad70aa34ace5967276a066419ef92fb26228

Request headers

Accept: application/json, text/plain, */*
Referer: https://client-retention.canadianvisa.org/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 10:29:27 GMT
Via: 1.1 vegur
Server: Cowboy
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://client-retention.canadianvisa.org
Connection: keep-alive
Content-Length: 19

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 68ms
20ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://client-retention.canadianvisa.org
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:52:02 GMT
x-content-type-options: nosniff
age: 247045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 28 Jan 2023 13:52:02 GMT

GET
H2 200 modules.a389f57d0ad3cbd8094d.js Show response
script.hotjar.com/ 230 KB
61 KB 65ms
23ms Script
application/javascript 52.222.236.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.a389f57d0ad3cbd8094d.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1957728.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-74.fra56.r.cloudfront.net

Software

Resource Hash

c9af4a6f50315626992164b4a9af6226cecdd6ef5d125843eca426304f3fedfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://client-retention.canadianvisa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 14:27:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 417741
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 61698
access-control-allow-origin: *
last-modified: Wed, 26 Jan 2022 14:26:35 GMT
etag: "924fdfe3dc65e55ee74f0fd0e4d06766"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: _ZsPDWpaafRLevUfkGxwFZmkqQjGhCsMpozy33o4Mh_nbG_NOZpZYA==

GET
H2 200 bundle Show response
api.exponea.com/webxp/projects/9a5c1884-6c59-11eb-8b86-9ef8a0068af9/ 58 B
227 B 45ms
18ms Fetch
application/json 35.244.143.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.exponea.com/webxp/projects/9a5c1884-6c59-11eb-8b86-9ef8a0068af9/bundle
Requested by: Host: api.exponea.com
URL: https://api.exponea.com/js/exponea.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.143.131 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 131.143.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ab30f84e46a8b11bb67a479056a7475f947e501894b8c8528e308f262acabc4d

Request headers

Accept: application/json
Referer: https://client-retention.canadianvisa.org/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 10:29:27 GMT
via: 1.1 google
etag: "ab30f84e46a8b11bb67a479056a7475f947e501894b8c8528e308f262acabc4d"
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, max-age=0
accept-ranges: bytes
alt-svc: clear
content-length: 58

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 64ms
18ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PTTXXK2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://client-retention.canadianvisa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3273
date: Mon, 31 Jan 2022 09:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 31 Jan 2022 11:34:54 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 8 KB
3 KB 76ms
27ms Script
application/x-javascript 184.30.25.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PTTXXK2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.25.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-80.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 998d9415269d92557b561a936955f7590d5052865044a9191a528b5a36f3afc9

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://client-retention.canadianvisa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 10:29:27 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Oct 2021 12:12:10 GMT
Server: AkamaiNetStorage
ETag: "973e2603f46b719eecf8139c22b897a0:1633349530.816673"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3150
Expires: Mon, 31 Jan 2022 10:49:27 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 78ms
26ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: client-retention.canadianvisa.org
URL: https://client-retention.canadianvisa.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c55508ea7ce1ad08364772fbfadb835d2b1d1b9238d345c45eee1943ada4ff6f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://client-retention.canadianvisa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26237
x-xss-protection: 0
pragma: public
x-fb-debug: 3rQoKVdehXdjdLqC+OOI+G6kXvFEyxuxy0btM7HwFjtTk0FT9btg6FAhJ9Xvttx2ZDj6i8R4PdOSwgu01ajbzQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Mon, 31 Jan 2022 10:29:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tracking.js Show response
cdn.livechatinc.com/ 79 KB
24 KB 79ms
19ms Script
application/javascript 2.16.186.155
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/tracking.js
Requested by: Host: client-retention.canadianvisa.org
URL: https://client-retention.canadianvisa.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-155.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: dd1f2f2162be34a91f65b034c33341adc27481d14decdf7c6c5ed88283c687fb

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://client-retention.canadianvisa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: ouh4VqjnUoICjHhI4tW3zDGUm629qnY5
content-encoding: br
last-modified: Mon, 31 Jan 2022 08:53:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"39f9d38bbed4878f0e28f837f9c65240"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=28800
date: Mon, 31 Jan 2022 10:29:27 GMT
content-length: 24074
x-amz-cf-id: dd3dkV_PQbeBazuolTFUFV2cfq7WFu_KnQVzO9JPbMKhGjIcVwySDw==
expires: Mon, 31 Jan 2022 18:29:27 GMT

GET
H2 200 box-ad575b5823df97fc9725e14a57070642.html Show response
vars.hotjar.com/ Frame F798 2 KB
1 KB 58ms
18ms Document
text/html 18.66.139.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-ad575b5823df97fc9725e14a57070642.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1957728.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-28.fra60.r.cloudfront.net
Software: /
Resource Hash: f56a1b71444d153f2f81146d9a0cca991518ebc72e0686f917470f8c522ee383

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://client-retention.canadianvisa.org/

Response headers

content-type: text/html
content-length: 1050
date: Tue, 16 Nov 2021 11:16:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "a123045c9cc95cfe44d6b5d126b9f1a7"
last-modified: Tue, 16 Nov 2021 11:15:47 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: pfd5buWBkrHzGJHKr_dfMWPZ6Qem1unMxYL5RRtCcQLlNo_X7JJ0Yg==
age: 6563601

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
454 B 82ms
22ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-60594623-1&cid=784849080.1643624968&jid=2109590875&gjid=173352579&_gid=1862729032.1643624968&_u=YGBAiEABBAAAAE~&z=1286338422

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://client-retention.canadianvisa.org/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 31 Jan 2022 10:29:27 GMT
content-type: text/plain
access-control-allow-origin: https://client-retention.canadianvisa.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 18ms
18ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=918060783&t=pageview&_s=1&dl=https%3A%2F%2Fclient-retention.canadianvisa.org%2F&ul=en-us&de=UTF-8&dt=Dashboard%20-%20Canadian%20visa&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABB~&jid=2109590875&gjid=173352579&cid=784849080.1643624968&tid=UA-60594623-1&_gid=1862729032.1643624968&gtm=2wg1q0PTTXXK2&cd6=&cd16=&cd18=&cd19=&z=248572807

Requested by

Host: client-retention.canadianvisa.org
URL: https://client-retention.canadianvisa.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://client-retention.canadianvisa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 00:49:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34812
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 365ms
88ms Script
application/javascript 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=0037bfe3aa65d755d91de3ef30ea3af84a
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://client-retention.canadianvisa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 10:29:28 GMT
content-encoding: gzip
X-TraceId: 1684b2b2051d726bf69a6fe29385fb21
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 366ms
89ms Image
image/gif 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=0037bfe3aa65d755d91de3ef30ea3af84a&obApiVersion=1.0-gtm&obtpVersion=1.5.2&name=PAGE_VIEW&dl=https%3A%2F%2Fclient-retention.canadianvisa.org%2F%23%2Flogin&optOut=false&bust=0926151440064708
Requested by: Host: client-retention.canadianvisa.org
URL: https://client-retention.canadianvisa.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://client-retention.canadianvisa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 10:29:28 GMT
Cache-Control: no-cache
X-TraceId: 5084aa9564c25e2f17816fb99b31c104
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 638202162930393 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 28ms
27ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/638202162930393?v=2.9.51&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fbee0487b2b14ef569efd815af1124b2c02b8ed7fa9f518cb3049474c72b13fc

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://client-retention.canadianvisa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 88961
x-xss-protection: 0
pragma: public
x-fb-debug: 24numZ0iJwqAx9eUUg69sC+t+0Qy4nvKB47oBs78Lk4TlO6mOeptcGXd7rtv/OUu4BaCWwL/wyjzI0eBwqI7BQ==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 31 Jan 2022 10:29:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 get_dynamic_configuration Show response
api.livechatinc.com/v3.3/customer/action/ 271 B
502 B 531ms
509ms Script
application/javascript 2.16.186.155
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=13012263&url=https%3A%2F%2Fclient-retention.canadianvisa.org%2F%23%2Flogin&channel_type=code&jsonp=__gvlcehl4hnp

Requested by

Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-155.deploy.static.akamaitechnologies.com

Software

Resource Hash

9c3398f49fb126a254c62ad123bf1742cda4d3a400117b817464386e2ed0cac0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://client-retention.canadianvisa.org/;
X-Frame-Options	allow-from https://client-retention.canadianvisa.org/

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://client-retention.canadianvisa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: frame-ancestors https://client-retention.canadianvisa.org/;
vary: Accept-Encoding
x-frame-options: allow-from https://client-retention.canadianvisa.org/
date: Mon, 31 Jan 2022 10:29:28 GMT
content-length: 271
legacy: 2023-06-30
content-type: application/javascript; charset=UTF-8

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1957728/ 146 B
321 B 94ms
35ms XHR
application/json 108.128.149.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1957728/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.a389f57d0ad3cbd8094d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.149.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-149-41.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 30886bcaa4bc9292431c9ae196c0b6bbcc4e4311b4839780c91a09c771c76c6e

Request headers

Referer: https://client-retention.canadianvisa.org/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Mon, 31 Jan 2022 10:29:27 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

POST
H2 200 bulk Show response
api.exponea.com/ 422 B
681 B 18ms
18ms Fetch
application/json 35.244.143.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.exponea.com/bulk
Requested by: Host: api.exponea.com
URL: https://api.exponea.com/js/exponea.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.143.131 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 131.143.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e5ec314749fe9520e7e9ec6bc1eedb917bd62e6eac098205f7761b431fbc878f

Request headers

Accept: application/json
Referer: https://client-retention.canadianvisa.org/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 31 Jan 2022 10:29:27 GMT
via: 1.1 google
content-type: application/json
access-control-allow-origin: https://client-retention.canadianvisa.org
access-control-allow-credentials: true
alt-svc: clear
content-length: 422
x-request-id: 7246f356-e610-4053-9f7a-b64aa92193ba

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 58ms
20ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=638202162930393&ev=PageView&dl=https%3A%2F%2Fclient-retention.canadianvisa.org%2F%23%2Flogin&rl=&if=false&ts=1643624967915&sw=1600&sh=1200&v=2.9.51&r=stable&ec=0&o=30&fbp=fb.1.1643624967914.549720356&it=1643624967841&coo=false&exp=p1&rqm=GET

Requested by

Host: client-retention.canadianvisa.org
URL: https://client-retention.canadianvisa.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://client-retention.canadianvisa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 10:29:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 31 Jan 2022 10:29:27 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 110ms
41ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-60594623-1&cid=784849080.1643624968&jid=2109590875&_u=YGBAiEABBAAAAE~&z=178904473

Requested by

Host: client-retention.canadianvisa.org
URL: https://client-retention.canadianvisa.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://client-retention.canadianvisa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 10:29:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
501 B 120ms
61ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-60594623-1&cid=784849080.1643624968&jid=2109590875&_u=YGBAiEABBAAAAE~&z=178904473

Requested by

Host: client-retention.canadianvisa.org
URL: https://client-retention.canadianvisa.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://client-retention.canadianvisa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 10:29:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 show Show response
api.exponea.com/managed-tags/ 39 B
100 B 98ms
98ms Fetch
application/json 35.244.143.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.exponea.com/managed-tags/show

Requested by

Host: api.exponea.com
URL: https://api.exponea.com/js/exponea.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.143.131 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

131.143.244.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

9ecc155c1a20b00b0ed06cb25a949c26ede5f170e02ec814bc6d9b444cc65d2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json
Referer: https://client-retention.canadianvisa.org/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 31 Jan 2022 10:29:28 GMT
via: 1.1 google
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-origin: https://client-retention.canadianvisa.org
access-control-allow-credentials: true
alt-svc: clear
content-length: 39

POST
H2 200 show Show response
api.exponea.com/managed-tags/ 39 B
130 B 42ms
42ms Fetch
application/json 35.244.143.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.exponea.com/managed-tags/show

Requested by

Host: api.exponea.com
URL: https://api.exponea.com/js/exponea.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.143.131 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

131.143.244.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

9ecc155c1a20b00b0ed06cb25a949c26ede5f170e02ec814bc6d9b444cc65d2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json
Referer: https://client-retention.canadianvisa.org/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 31 Jan 2022 10:29:27 GMT
via: 1.1 google
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-origin: https://client-retention.canadianvisa.org
access-control-allow-credentials: true
alt-svc: clear
content-length: 39

GET
H2 200 get_configuration Show response
api.livechatinc.com/v3.3/customer/action/ 4 KB
2 KB 26ms
26ms Script
application/javascript 2.16.186.155
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=13012263&version=237.2.2.299.575.70.38.3.1.1.1.6&group_id=2&jsonp=__lc_static_config
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-155.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fdc31be123828c9a02f5346fa30b585f3b1175ec73034fb554db3b12f790bbfb

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://client-retention.canadianvisa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 10:29:28 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
cache-control: public, max-age=426
content-length: 1371
expires: Mon, 31 Jan 2022 10:36:34 GMT

GET
H2 200 open_chat Show response
secure.livechatinc.com/customer/action/ Frame F594 4 KB
2 KB 209ms
201ms Document
text/html 2.16.186.155
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=13012263&group=2&embedded=1&widget_version=3&unique_groups=0
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-155.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ad0ab3a3f34dfd188dbd2b89180adce99ece21717069a483fc5d581801b83a43

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://client-retention.canadianvisa.org/

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
vary: Accept-Encoding
content-length: 1987
expires: Mon, 31 Jan 2022 10:29:28 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 31 Jan 2022 10:29:28 GMT

GET
H2 200 get_localization Show response
api.livechatinc.com/v3.3/customer/action/ 11 KB
4 KB 77ms
77ms Script
application/javascript 2.16.186.155
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.3/customer/action/get_localization?license_id=13012263&version=ae864b109b85f5ea248e52050fc10cfd_23b92ea46b9313e89059d197d28a716f&language=en&group_id=2&jsonp=__lc_localization
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-155.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 606f1153f698848099b66e465356be634d505404998badd06a1a7c7f57ec7a02

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://client-retention.canadianvisa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 10:29:28 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
cache-control: public, max-age=464
content-length: 3902
expires: Mon, 31 Jan 2022 10:37:12 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F594 5 KB
710 B 58ms
30ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap

Requested by

Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=13012263&group=2&embedded=1&widget_version=3&unique_groups=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8c1be81fbe2afbd7df1a0df3c9c998a4e845d1b3f07629e857cf169681ad0319

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 10:24:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 31 Jan 2022 10:29:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 31 Jan 2022 10:29:28 GMT

GET
H2 200 0.21761f98.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame F594 208 KB
65 KB 20ms
20ms Script
application/javascript 2.16.186.155
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/0.21761f98.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=13012263&group=2&embedded=1&widget_version=3&unique_groups=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-155.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2e52a2ff3d8154520c84daa26e0265e0b5179a35292dfc7479037c5de4788b0d

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: AQxMjSKVaTBpW7lytIQNga_ebOGIno8O
content-encoding: br
last-modified: Mon, 31 Jan 2022 08:53:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"eca6fd4b47c91ca78c8c6a429433f32c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
date: Mon, 31 Jan 2022 10:29:28 GMT
content-length: 66083
x-amz-cf-id: K1Omt_tE6T42WA7F8UktsSBNERi8WLFmuuY6gdsHupkhSAyqaUQCJA==
expires: Tue, 31 Jan 2023 10:29:28 GMT

GET
H2 200 2.779c10cb.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame F594 217 KB
62 KB 41ms
41ms Script
application/javascript 2.16.186.155
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/2.779c10cb.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=13012263&group=2&embedded=1&widget_version=3&unique_groups=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-155.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1764b72d1f4f3f119ee03fd08105b10748fb8434b39f95d0bade3228d70bb112

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: BdGBJ6.o5Yx6OdP08atsujdeKYlKS81B
content-encoding: br
last-modified: Mon, 31 Jan 2022 08:53:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: W/"d117f1bd2718a26d1333b7ca33f32a89"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
date: Mon, 31 Jan 2022 10:29:28 GMT
content-length: 62717
x-amz-cf-id: Hk1roHqAfpBcwen9_i_XCRNgxonwMqinUnckJqIU2opFtmQwPFIYhw==
expires: Tue, 31 Jan 2023 10:29:28 GMT

GET
H2 200 iframe.b7250a2d.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame F594 402 KB
108 KB 48ms
48ms Script
application/javascript 2.16.186.155
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/iframe.b7250a2d.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=13012263&group=2&embedded=1&widget_version=3&unique_groups=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-155.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: ef3d93f918d168f404885f98cbbe6b4a612af6539c6893f9d0f9c0e24fb2d04a

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: dRuPfDmCmGwDjg6yW3e.hAZFuc.VggQP
content-encoding: br
last-modified: Mon, 31 Jan 2022 08:53:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"118946eb444fb5dd26abe983a613b8ae"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
date: Mon, 31 Jan 2022 10:29:28 GMT
content-length: 110065
x-amz-cf-id: gEEihlp2AIq2ylNJo-phKmjKJKP6K1er6yUe9lKdqiI2BeJRjAFeOw==
expires: Tue, 31 Jan 2023 10:29:28 GMT

GET
H3 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v25/ Frame F594 16 KB
16 KB 70ms
32ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v25/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa5d2912bec294d33c9dc4be4a00a9a5f4ac993049a935f4535ae687e3b08d0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.livechatinc.com
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 19:30:45 GMT
x-content-type-options: nosniff
age: 399523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16088
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:56:33 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 26 Jan 2023 19:30:45 GMT

GET
H3 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v25/ Frame F594 16 KB
16 KB 68ms
31ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v25/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f3dd8063edfcdb39f4a2163e59dbc73e16a688c59979a4103948fcbf060f385

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.livechatinc.com
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 19:30:45 GMT
x-content-type-options: nosniff
age: 399523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16168
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:56:49 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 26 Jan 2023 19:30:45 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 77ms
30ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PTTXXK2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

63158f73aa9f4d442cf349762c6beac9fcf35c14c3376888e728164acfde3b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://client-retention.canadianvisa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 10:29:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14855
x-xss-protection: 0
server: cafe
etag: 17539559064140624452
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 31 Jan 2022 10:29:28 GMT

POST
H2 200 token Show response
accounts.livechatinc.com/customer/ Frame F594 138 B
1 KB 166ms
158ms XHR
application/json 2.16.186.155
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.livechatinc.com/customer/token
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/widget/static/js/0.21761f98.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-155.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 680a1130a20fb390859779cb1291c409a49576506fe035dfca97ebfcf0f99cb6

Request headers

Referer: https://secure.livechatinc.com/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 10:29:28 GMT
content-type: application/json
access-control-allow-origin: https://secure.livechatinc.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 138
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/873086315/ 2 KB
2 KB 79ms
32ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/873086315/?random=1643624968879&cv=9&fst=1643624968879&num=1&label=g9acCJ22yWoQ6_qooAM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1q0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fclient-retention.canadianvisa.org%2F&tiba=Dashboard%20-%20Canadian%20visa&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79f2dd4f96b2bc1c8af84043d6fce006ef92f6e0243199d140ee4ae9a9360321

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://client-retention.canadianvisa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 10:29:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1065
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/873086315/ 42 B
64 B 60ms
31ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/873086315/?random=1643624968879&cv=9&fst=1643623200000&num=1&label=g9acCJ22yWoQ6_qooAM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1q0&sendb=1&frm=0&url=https%3A%2F%2Fclient-retention.canadianvisa.org%2F&tiba=Dashboard%20-%20Canadian%20visa&async=1&fmt=3&is_vtc=1&random=1720838363&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://client-retention.canadianvisa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 10:29:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.nl/pagead/1p-user-list/873086315/ 42 B
64 B 60ms
33ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/873086315/?random=1643624968879&cv=9&fst=1643623200000&num=1&label=g9acCJ22yWoQ6_qooAM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1q0&sendb=1&frm=0&url=https%3A%2F%2Fclient-retention.canadianvisa.org%2F&tiba=Dashboard%20-%20Canadian%20visa&async=1&fmt=3&is_vtc=1&random=1720838363&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://client-retention.canadianvisa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 10:29:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 40ms
19ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=638202162930393&ev=Microdata&dl=https%3A%2F%2Fclient-retention.canadianvisa.org%2F%23%2Flogin&rl=&if=false&ts=1643624969421&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20Dashboard%20-%20Canadian%20visa%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.51&r=stable&ec=1&o=30&fbp=fb.1.1643624967914.549720356&it=1643624967841&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://client-retention.canadianvisa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 10:29:29 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 31 Jan 2022 10:29:29 GMT

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.accounts.livechatinc.com/v2/customer/token	1970-01-20 18:04:56	Name: __lc_cid Value: 5c669ad7-6882-497a-6515-3c718c47b607
.accounts.livechatinc.com/v2/customer/token	1970-01-20 18:04:56	Name: __lc_cst Value: 3347239b8b9ca256f9428a18022873be1d59d346f8657d4b3b58b5a7e59e3d728cbb1b6143179d36710980d0b7a02adf30389ff09119c9f5e451f70b773d
.accounts.livechatinc.com/customer/token	1970-01-20 18:04:56	Name: __lc_cid Value: 5c669ad7-6882-497a-6515-3c718c47b607
.accounts.livechatinc.com/customer/token	1970-01-20 18:04:56	Name: __lc_cst Value: 3347239b8b9ca256f9428a18022873be1d59d346f8657d4b3b58b5a7e59e3d728cbb1b6143179d36710980d0b7a02adf30389ff09119c9f5e451f70b773d
.canadianvisa.org/	1970-01-20 02:43:20	Name: _gcl_au Value: 1.1.491768410.1643624968
client-retention.canadianvisa.org/	1970-01-20 00:35:11	Name: token Value:
.canadianvisa.org/	1970-01-20 18:04:56	Name: _ga Value: GA1.2.784849080.1643624968
.canadianvisa.org/	1970-01-20 00:35:11	Name: _gid Value: GA1.2.1862729032.1643624968
.canadianvisa.org/	1970-01-20 00:33:45	Name: _dc_gtm_UA-60594623-1 Value: 1
.canadianvisa.org/	1970-01-20 09:19:20	Name: _hjSessionUser_1957728 Value: eyJpZCI6IjFhMzQwNWM2LWM5ZWUtNTNmZC1iOTkwLTA3NWUyY2U1ZGNkMSIsImNyZWF0ZWQiOjE2NDM2MjQ5Njc3NjMsImV4aXN0aW5nIjpmYWxzZX0=
.canadianvisa.org/	1970-01-20 00:33:46	Name: _hjFirstSeen Value: 1
client-retention.canadianvisa.org/	1970-01-20 00:33:45	Name: _hjIncludedInPageviewSample Value: 1
.canadianvisa.org/	1970-01-20 00:33:46	Name: _hjSession_1957728 Value: eyJpZCI6ImY0MzIxNDA0LTYyZTAtNGY2NC1iMDFkLWE0MTJhNmZiOWIyOCIsImNyZWF0ZWQiOjE2NDM2MjQ5Njc4NDgsImluU2FtcGxlIjp0cnVlfQ==
.canadianvisa.org/	1970-01-20 00:33:46	Name: _hjAbsoluteSessionInProgress Value: 0
api.exponea.com/	1970-01-21 02:50:32	Name: xnpe_9a5c1884-6c59-11eb-8b86-9ef8a0068af9 Value: b5e140c3-3834-4b8f-ab9c-54791142f354
.canadianvisa.org/	1970-01-21 02:50:32	Name: __exponea_etc__ Value: b5e140c3-3834-4b8f-ab9c-54791142f354
.canadianvisa.org/	1970-01-20 00:33:48	Name: __exponea_time2__ Value: -0.0008199214935302734
.canadianvisa.org/	1970-01-20 02:43:20	Name: _fbp Value: fb.1.1643624967914.549720356
client-retention.canadianvisa.org/	1970-01-20 00:33:45	Name: outbrain_cid_fetch Value: true
.doubleclick.net/	1970-01-20 00:33:45	Name: test_cookie Value: CheckForPermission

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://retention-client-api.canadianvisa.org/v1/form/fields?access-token=null&uid=1 Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)
network	error	URL: https://retention-client-api.canadianvisa.org/v1/form/fields?access-token=null&uid=1 Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)
network	error	Message: An unknown error occurred when fetching the script.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.livechatinc.com
ajax.googleapis.com
amplify.outbrain.com
api.exponea.com
api.ipify.org
api.livechatinc.com
cdn.livechatinc.com
client-retention.canadianvisa.org
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
in.hotjar.com
retention-client-api.canadianvisa.org
script.hotjar.com
secure.livechatinc.com
static.hotjar.com
stats.g.doubleclick.net
tr.outbrain.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.nl
www.googleadservices.com
www.googletagmanager.com
108.128.149.41
142.250.185.66
18.66.139.28
18.66.97.37
184.30.25.80
2.16.186.155
2a00:1450:4001:800::2003
2a00:1450:4001:801::200a
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2004
2a00:1450:4001:810::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:831::2002
2a00:1450:4001:831::2008
2a00:1450:400c:c06::9c
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
35.244.143.131
52.20.78.240
52.222.236.74
64.202.112.95
95.85.55.135
054c1f59301fd4980541353686ac0390b7d760e304e8e1f9f4f7ae7025df0bb8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
1764b72d1f4f3f119ee03fd08105b10748fb8434b39f95d0bade3228d70bb112
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1f3dd8063edfcdb39f4a2163e59dbc73e16a688c59979a4103948fcbf060f385
2e52a2ff3d8154520c84daa26e0265e0b5179a35292dfc7479037c5de4788b0d
30886bcaa4bc9292431c9ae196c0b6bbcc4e4311b4839780c91a09c771c76c6e
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
34e2e0ce614b887c029cb00671d86c800e9e6c53e77eac478fa3eceee496ce42
4aeba7e4042c3fa9ee7692c260ec4f2b6fbf07f71dd4fff83ffe1525cb93424c
5282c6b09031c4de92e9b6d96597b8b9e055f46942479c5b74bafb9f11ffa66f
57ddc40dc8707c053caf2f6ccbf4ad70aa34ace5967276a066419ef92fb26228
5c21346e0102cb0ae60afdb16611a27cc5699b4d39e6fbbd2db156d1985070de
5d77d28442f2d97315467f54c85f85b092af7854c989ff8e367d7cfa04ea1b3e
606f1153f698848099b66e465356be634d505404998badd06a1a7c7f57ec7a02
63158f73aa9f4d442cf349762c6beac9fcf35c14c3376888e728164acfde3b86
680a1130a20fb390859779cb1291c409a49576506fe035dfca97ebfcf0f99cb6
79f2dd4f96b2bc1c8af84043d6fce006ef92f6e0243199d140ee4ae9a9360321
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8c1be81fbe2afbd7df1a0df3c9c998a4e845d1b3f07629e857cf169681ad0319
998d9415269d92557b561a936955f7590d5052865044a9191a528b5a36f3afc9
9c3398f49fb126a254c62ad123bf1742cda4d3a400117b817464386e2ed0cac0
9ecc155c1a20b00b0ed06cb25a949c26ede5f170e02ec814bc6d9b444cc65d2d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ab30f84e46a8b11bb67a479056a7475f947e501894b8c8528e308f262acabc4d
ad0ab3a3f34dfd188dbd2b89180adce99ece21717069a483fc5d581801b83a43
c55508ea7ce1ad08364772fbfadb835d2b1d1b9238d345c45eee1943ada4ff6f
c9af4a6f50315626992164b4a9af6226cecdd6ef5d125843eca426304f3fedfa
d44a3249e2be052d683c7b58d03890937199b056a6313bd7ae0834281a70a2d6
d98f0cb4bfdf04f956dfcb6152059f2e92f104cda0edf08a8bb0e1e3bf0b2a52
da1bf5f19af7f7879514683fda33121c528af311c67966aa8fff28dd5cf2e948
dd1f2f2162be34a91f65b034c33341adc27481d14decdf7c6c5ed88283c687fb
e5ec314749fe9520e7e9ec6bc1eedb917bd62e6eac098205f7761b431fbc878f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3d93f918d168f404885f98cbbe6b4a612af6539c6893f9d0f9c0e24fb2d04a
f56a1b71444d153f2f81146d9a0cca991518ebc72e0686f917470f8c522ee383
f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702
fa5d2912bec294d33c9dc4be4a00a9a5f4ac993049a935f4535ae687e3b08d0b
fbee0487b2b14ef569efd815af1124b2c02b8ed7fa9f518cb3049474c72b13fc
fdc31be123828c9a02f5346fa30b585f3b1175ec73034fb554db3b12f790bbfb

client-retention.canadianvisa.org Open in urlscan Pro 95.85.55.135 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

48 Requests

100 %HTTPS

50 %IPv6

16 Domains

26 Subdomains

22 IPs

5 Countries

1239 kBTransfer

4233 kBSize

20 Cookies

0 Outgoing links

Page URL History

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

client-retention.canadianvisa.org Open in urlscan Pro
95.85.55.135 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

100 %
HTTPS

50 %
IPv6

16
Domains

26
Subdomains

22
IPs

5
Countries

1239 kB
Transfer

4233 kB
Size

20
Cookies

48 HTTP transactions
0 data transactions