www.unifund.ca Open in urlscan Pro
2606:4700::6812:c5f Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://unifund.ca/
Effective URL:
https://www.unifund.ca/
Submission: On March 18 via manual (March 18th 2024, 4:21:31 pm UTC) from CA — Scanned from CA

Summary HTTP 49 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 18 domains to perform 49 HTTP transactions. The main IP is 2606:4700::6812:c5f, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.unifund.ca.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 4th 2023. Valid for: a year.

This is the only time www.unifund.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6812:d5f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 15	2606:4700::68... 2606:4700::6812:c5f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2600:141b:e80... 2600:141b:e800:1182::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2606:4700:e6:... 2606:4700:e6::ac40:cf26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:10:... 2606:4700:10::6816:e17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.96.121.93 3.96.121.93	16509 (AMAZON-02) (AMAZON-02)
3	54.85.179.91 54.85.179.91	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f00... 2a03:2880:f003:c0e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	104.17.209.240 104.17.209.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	208.95.112.2 208.95.112.2	53334 (TUT-AS) (TUT-AS)
1	3.162.3.99 3.162.3.99	16509 (AMAZON-02) (AMAZON-02)
1 1	18.207.56.13 18.207.56.13	14618 (AMAZON-AES) (AMAZON-AES)
2	63.140.38.112 63.140.38.112	14618 (AMAZON-AES) (AMAZON-AES)
2	63.140.39.240 63.140.39.240	14618 (AMAZON-AES) (AMAZON-AES)
1	3.162.3.90 3.162.3.90	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4004:c06::5f	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
1	35.183.88.173 35.183.88.173	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:244... 2600:9000:244d:3000:1b:45dc:7080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4004:c1f::5e	15169 (GOOGLE) (GOOGLE)
1	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
49	20

1 2606:4700::6812:d5f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unifund.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700::6812:c5f (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unifund.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.unifund.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:141b:e800:1182::1e80 (Piscataway, United States)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e6::ac40:cf26 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:e17 (United States)

ASN13335 (CLOUDFLARENET, US)

my.hellobar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.96.121.93 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-96-121-93.ca-central-1.compute.amazonaws.com

c.la1-c1cs-yul.salesforceliveagent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.85.179.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-179-91.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
intact.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.209.240 (None, )

ASN13335 (CLOUDFLARENET, US)

zn4mjvfrs2lq3antc-clientexperience.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.95.112.2 (United States)

ASN53334 (TUT-AS, US)

pro.ip-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.162.3.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-99.yul62.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.207.56.13 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-207-56-13.compute-1.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.38.112 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-112.data.adobedc.net

intactfinancialcorpo.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.39.240 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-39-240.data.adobedc.net

adobedc.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
intactglobal.112.2o7.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.162.3.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-90.yul62.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.183.88.173 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-183-88-173.ca-central-1.compute.amazonaws.com

d.la1-c1cs-yul.salesforceliveagent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:244d:3000:1b:45dc:7080:93a1 (United States)

ASN16509 (AMAZON-02, US)

hi.hellobar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1f::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	unifund.ca 3 redirects unifund.ca www.unifund.ca	1003 KB
8	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 429	162 KB
4	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 245 intact.demdex.net adobedc.demdex.net — Cisco Umbrella Rank: 7227	6 KB
4	hellobar.com my.hellobar.com — Cisco Umbrella Rank: 18243 hi.hellobar.com — Cisco Umbrella Rank: 76859	77 KB
3	qualtrics.com zn4mjvfrs2lq3antc-clientexperience.siteintercept.qualtrics.com siteintercept.qualtrics.com — Cisco Umbrella Rank: 858	26 KB
2	omtrdc.net intactfinancialcorpo.tt.omtrdc.net	948 B
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 742 script.hotjar.com — Cisco Umbrella Rank: 1067	59 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 188	71 KB
2	salesforceliveagent.com c.la1-c1cs-yul.salesforceliveagent.com d.la1-c1cs-yul.salesforceliveagent.com	43 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1184	24 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 263	487 B
1	gstatic.com fonts.gstatic.com	15 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 682	16 KB
1	2o7.net intactglobal.112.2o7.net	345 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 38	2 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1277	517 B
1	ip-api.com pro.ip-api.com — Cisco Umbrella Rank: 6450	312 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 253	7 KB
49	18

	Domain	Requested by
14	www.unifund.ca	1 redirects www.unifund.ca
8	assets.adobedtm.com	www.unifund.ca assets.adobedtm.com
3	my.hellobar.com	www.unifund.ca my.hellobar.com
2	siteintercept.qualtrics.com	zn4mjvfrs2lq3antc-clientexperience.siteintercept.qualtrics.com siteintercept.qualtrics.com
2	intactfinancialcorpo.tt.omtrdc.net	assets.adobedtm.com
2	connect.facebook.net	assets.adobedtm.com connect.facebook.net
2	dpm.demdex.net	assets.adobedtm.com www.unifund.ca
2	use.fontawesome.com	www.unifund.ca
2	unifund.ca	2 redirects
1	bam.nr-data.net	js-agent.newrelic.com
1	fonts.gstatic.com	fonts.googleapis.com
1	hi.hellobar.com
1	d.la1-c1cs-yul.salesforceliveagent.com	c.la1-c1cs-yul.salesforceliveagent.com
1	js-agent.newrelic.com	www.unifund.ca
1	intactglobal.112.2o7.net	www.unifund.ca
1	fonts.googleapis.com	my.hellobar.com
1	script.hotjar.com	static.hotjar.com
1	adobedc.demdex.net	assets.adobedtm.com
1	cm.everesttech.net	1 redirects
1	intact.demdex.net	assets.adobedtm.com
1	static.hotjar.com	www.unifund.ca
1	pro.ip-api.com	my.hellobar.com
1	zn4mjvfrs2lq3antc-clientexperience.siteintercept.qualtrics.com	assets.adobedtm.com
1	c.la1-c1cs-yul.salesforceliveagent.com	www.unifund.ca
1	cdnjs.cloudflare.com	www.unifund.ca
49	25

This site contains links to these domains. Also see Links.

Domain
www1.johnson.ca
careers.intactfc.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-04` - `2024-05-03`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
la1-core1.sfdc-58ktaz.salesforceliveagent.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-15` - `2024-11-13`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-27` - `2024-03-26`	3 months	crt.sh
*.qualtrics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-27` - `2024-03-26`	a year	crt.sh
*.ip-api.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-21` - `2025-01-20`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2023-08-22` - `2024-09-21`	a year	crt.sh
adobedc.demdex.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-22` - `2024-11-21`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.112.2o7.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-10` - `2024-05-10`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-01-15` - `2025-02-15`	a year	crt.sh
*.hellobar.com Amazon RSA 2048 M03	`2023-09-15` - `2024-10-13`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.unifund.ca/
Frame ID: D7461D9DF083B854A61567252F67745D
Requests: 48 HTTP requests in this frame

Frame: https://intact.demdex.net/dest5.html?d_nsid=0
Frame ID: 9017B563B3825AF9F73DDE2F0905D985
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome to Unifund | Unifund

Page URL History Show full URLs

http://unifund.ca/ HTTP 301
https://unifund.ca/ HTTP 301
http://www.unifund.ca/ HTTP 301
https://www.unifund.ca/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

Page Statistics

49
Requests

98 %
HTTPS

50 %
IPv6

18
Domains

25
Subdomains

20
IPs

3
Countries

1510 kB
Transfer

3590 kB
Size

18
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www1.johnson.ca/
Title: JOHNSON_RGB_POS Created with Sketch.

Search URL Search Domain Scan URL

URL: https://careers.intactfc.com/ca/en
Title: Careers

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://unifund.ca/ HTTP 301
https://unifund.ca/ HTTP 301
http://www.unifund.ca/ HTTP 301
https://www.unifund.ca/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://cm.everesttech.net/cm/dd?d_uuid=82764335984028733540413229704473722417 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZfhqBgAAAJDueQN-

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.unifund.ca/
Redirect Chain

http://unifund.ca/
https://unifund.ca/
http://www.unifund.ca/
https://www.unifund.ca/

99 KB
31 KB

593ms
203ms

Document
text/html

2606:4700::6812:c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unifund.ca/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6a425f06c2f97cef9340dd1fba862608616b36cae3a726a1e5589e28e8f04d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Age: 5649
CF-Cache-Status: DYNAMIC
CF-RAY: 86668e3e3a7236fc-YYZ
Cache-Control: max-age=86400, public
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Content-language: en
Date: Mon, 18 Mar 2024 16:21:24 GMT
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Fri, 15 Mar 2024 06:47:46 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Cookie,Accept-Encoding,X-Geo-Country
Via: varnish
X-AH-Environment: prod
X-Cache: HIT
X-Cache-Hits: 13
X-Content-Type-Options: nosniff
X-Drupal-Cache: HIT
X-Drupal-Dynamic-Cache: MISS
X-Frame-Options: SAMEORIGIN
X-Generator: Drupal 9 (https://www.drupal.org)
X-Geo-Country
X-Request-ID: v-6947ef30-e536-11ee-aaeb-c351ee0dd2fb
X-UA-Compatible: IE=edge

Redirect headers

Age: 1179050
CF-Cache-Status: DYNAMIC
CF-RAY: 86668e3a9d96a1ea-YYZ
Cache-Control: max-age=1209600
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 18 Mar 2024 16:21:24 GMT
Expires: Tue, 19 Mar 2024 00:50:34 GMT
Location: https://www.unifund.ca/
Server: cloudflare
Transfer-Encoding: chunked
Vary: X-Geo-Country
Via: varnish
X-Cache: HIT
X-Cache-Hits: 6563
X-Content-Type-Options: nosniff
X-Geo-Country: CA
X-Request-ID: v-5fb00cc0-da8a-11ee-a3eb-fb4532f7f0e6

GET
H2 200 launch-7e1acfb263fa.min.js Show response
assets.adobedtm.com/6e1d227ae226/0ce367742ade/ 517 KB
144 KB 524ms
132ms Script
application/x-javascript 2600:141b:e800:1182::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/6e1d227ae226/0ce367742ade/launch-7e1acfb263fa.min.js
Requested by: Host: www.unifund.ca
URL: https://www.unifund.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:e800:1182::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 875d748db75616431091a0cdbbfa344ce599e19daf8ec2adfdb4aee938777623

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.unifund.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 16:21:25 GMT
content-encoding: gzip
last-modified: Fri, 16 Feb 2024 19:07:58 GMT
server: AkamaiNetStorage
etag: "117f4f84948397d276bdee7cbbc03249:1708110477.924081"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.unifund.ca
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 147288
expires: Mon, 18 Mar 2024 17:21:25 GMT

GET
H/1.1 200
OK css_aMijO2TCgeDBXd_YpsPxkCw9pDxE0SlA0z7n0Hp9TH4.css
www.unifund.ca/sites/unifund/files/css/ 10 KB
3 KB 153ms
115ms Stylesheet
text/css 2606:4700::6812:c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unifund.ca/sites/unifund/files/css/css_aMijO2TCgeDBXd_YpsPxkCw9pDxE0SlA0z7n0Hp9TH4.css

Requested by

Host: www.unifund.ca
URL: https://www.unifund.ca/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68c8a33b64c281e0c15ddfd8a6c3f1902c3da43c44d12940d33ee7d07a7d4c7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.unifund.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

X-Cache-Hits: 141
Date: Mon, 18 Mar 2024 16:21:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
Via: varnish
Age: 426453
X-Cache: HIT
Connection: keep-alive
X-AH-Environment: prod
Content-Length: 2718
X-Request-ID: v-da96506a-ce24-11ee-a53a-072faa5ac114
Last-Modified: Tue, 05 Dec 2023 14:16:54 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=1209600
Accept-Ranges: bytes
CF-RAY: 86668e3fbdab36fc-YYZ
Expires: Mon, 01 Apr 2024 16:21:25 GMT

GET
H/1.1 200
OK css_XEu2iZ58Liz5zDaTHFZoNcJcDVm45gAMeERwZjDxY-U.css
www.unifund.ca/sites/unifund/files/css/ 214 KB
33 KB 276ms
122ms Stylesheet
text/css 2606:4700::6812:c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unifund.ca/sites/unifund/files/css/css_XEu2iZ58Liz5zDaTHFZoNcJcDVm45gAMeERwZjDxY-U.css

Requested by

Host: www.unifund.ca
URL: https://www.unifund.ca/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c4bb6899e7c2e2cf9cc36931c566835c25c0d59b8e6000c7844706630f163e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.unifund.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

X-Cache-Hits: 167
Date: Mon, 18 Mar 2024 16:21:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
Via: varnish
Age: 411379
X-Cache: HIT
Connection: keep-alive
X-AH-Environment: prod
Content-Length: 33685
X-Request-ID: v-43e81248-ce24-11ee-9885-27e1e55b4fcb
Last-Modified: Tue, 05 Dec 2023 14:16:07 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=1209600
Accept-Ranges: bytes
CF-RAY: 86668e407f1036fc-YYZ
Expires: Mon, 01 Apr 2024 16:21:25 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.6.3/css/ 52 KB
12 KB 511ms
117ms Stylesheet
text/css 2606:4700:e6::ac40:cf26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by: Host: www.unifund.ca
URL: https://www.unifund.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Referer: https://www.unifund.ca/
Origin: https://www.unifund.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 16:21:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:45:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 599912
etag: W/"dc93d584e41f8417f6b7163320d34329"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=52IiYbVRv6iNwvQq2%2FKARm%2BHye8PpBRT4WOQ%2FTzx9FDzyvTMJsY%2B3L1oTPdw2o4RTlBl3KMPDBt2w59eME46B8CB%2FAwEgJzJ6jO9%2FJetbAbUF9tOgrGxjNVxSGEH5ztmGhwtTlxl3FMyzv4%2FePZDv%2Bzl"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 86668e41feef9120-ORD
alt-svc: h3=":443"; ma=86400

GET
H2 200 e84f65de69373b61630dfb290f5a94a4036c1ccd.js Show response
my.hellobar.com/ 9 KB
3 KB 577ms
203ms Script
text/javascript 2606:4700:10::6816:e17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hellobar.com/e84f65de69373b61630dfb290f5a94a4036c1ccd.js
Requested by: Host: www.unifund.ca
URL: https://www.unifund.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:e17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce2e319f9e04631bfa8bd53769b957813f819d76e0a2970f44c0b01d89d12ed6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.unifund.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 16:21:25 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Sun, 17 Mar 2024 22:21:20 GMT
server: cloudflare
x-amz-request-id: SBTA02FGDJ56KS8E
etag: W/"aab909c3d1e70fffc20261d0637d36b7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=86400, must-revalidate, proxy-revalidate, s-maxage=10
cf-ray: 86668e4219c737cf-YYZ
x-amz-id-2: Inw1+mpGgBbMiOKtZLmfp+quFuo2B3i0rd+zPevHm3dZB/Jd6pStyU4u601G+D//HzAUmsU88I4=

GET
H/1.1 200
OK js_14PChvmdAX4UETy6-gbYkoViB3XHoIpo_GMCzujP9Og.js Show response
www.unifund.ca/sites/unifund/files/js/ 228 KB
67 KB 397ms
129ms Script
text/javascript 2606:4700::6812:c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unifund.ca/sites/unifund/files/js/js_14PChvmdAX4UETy6-gbYkoViB3XHoIpo_GMCzujP9Og.js

Requested by

Host: www.unifund.ca
URL: https://www.unifund.ca/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d783c286f99d017e14113cbafa06d89285620775c7a08a68fc6302cee8cff4e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.unifund.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

X-Cache-Hits: 133
Date: Mon, 18 Mar 2024 16:21:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
Via: varnish
Age: 411379
X-Cache: HIT
Connection: keep-alive
X-AH-Environment: prod
Content-Length: 68218
X-Request-ID: v-d98a68dc-ce24-11ee-af6f-9fe3038dbfdb
Last-Modified: Tue, 05 Dec 2023 14:16:07 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=1209600
Accept-Ranges: bytes
CF-RAY: 86668e41691a36fc-YYZ
Expires: Mon, 01 Apr 2024 16:21:25 GMT

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.6/umd/ 20 KB
7 KB 467ms
106ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.6/umd/popper.min.js

Requested by

Host: www.unifund.ca
URL: https://www.unifund.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

587c080125b135d29a931ed371e50ffc1a9641831c1087de2cd74532815f4560

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.unifund.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 16:21:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 419476
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6634
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-51ed"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0GEAoqLu%2B%2B8ioP8mPHb7HKbycPnjJGtW%2Fhr8goU%2FbsMX9LGk%2FK7QU0TktfGfW4A15wifc8HtK3rKSUuL0Luf6giKBYGjQD7%2BEIri2W55nr3eJFT7wQpdWDwlzoqJOMliiweyrrrTBiPfbgwLijpS1zjG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 86668e41fd9b39c3-YYZ
expires: Sat, 08 Mar 2025 16:21:25 GMT

GET
H/1.1 200
OK js_MXiZrOGDdzumlM8z69h2RZrA-lQMfnHsXLjYsUKgFY4.js Show response
www.unifund.ca/sites/unifund/files/js/ 27 KB
7 KB 422ms
109ms Script
text/javascript 2606:4700::6812:c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unifund.ca/sites/unifund/files/js/js_MXiZrOGDdzumlM8z69h2RZrA-lQMfnHsXLjYsUKgFY4.js

Requested by

Host: www.unifund.ca
URL: https://www.unifund.ca/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

317899ace183773ba694cf33ebd876459ac0fa540c7e71ec5cb8d8b142a0158e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.unifund.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

X-Cache-Hits: 144
Date: Mon, 18 Mar 2024 16:21:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
Via: varnish
Age: 417360
X-Cache: HIT
Connection: keep-alive
X-AH-Environment: prod
Content-Length: 6334
X-Request-ID: v-d98ab8be-ce24-11ee-a513-bf31440a2148
Last-Modified: Tue, 05 Dec 2023 14:16:07 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=1209600
Accept-Ranges: bytes
CF-RAY: 86668e41a8a336d6-YYZ
Expires: Mon, 01 Apr 2024 16:21:25 GMT

GET
H/1.1 200
OK landing-img.png
www.unifund.ca/sites/unifund/files/2019-07/ 508 KB
509 KB 116ms
116ms Image
image/png 2606:4700::6812:c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.unifund.ca/sites/unifund/files/2019-07/landing-img.png

Requested by

Host: www.unifund.ca
URL: https://www.unifund.ca/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

592fa74f3de7d785825daeefe0ccfd39407d44efe2a72f27a84892ba507969b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.unifund.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

X-Cache-Hits: 104
Date: Mon, 18 Mar 2024 16:21:25 GMT
Via: varnish
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
Age: 420747
X-Cache: HIT
Connection: keep-alive
X-AH-Environment: prod
Content-Length: 520329
X-Request-ID: v-da32b55a-ce24-11ee-aad9-e3cc2a36d3ba
Last-Modified: Fri, 05 Jul 2019 16:38:28 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=1209600
Accept-Ranges: bytes
CF-RAY: 86668e433c4236fc-YYZ
Expires: Mon, 01 Apr 2024 16:21:25 GMT

GET
H/1.1 200
OK RSASans_Medium.woff
www.unifund.ca/libraries/@rsa/rsa-fonts/fonts/ 40 KB
40 KB 111ms
111ms Font
application/font-woff 2606:4700::6812:c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unifund.ca/libraries/@rsa/rsa-fonts/fonts/RSASans_Medium.woff

Requested by

Host: www.unifund.ca
URL: https://www.unifund.ca/sites/unifund/files/css/css_XEu2iZ58Liz5zDaTHFZoNcJcDVm45gAMeERwZjDxY-U.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9048190d4a81abae03b4375df5ad56ce8f1fa421eb0efe94ed23b387dc5693d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.unifund.ca/sites/unifund/files/css/css_XEu2iZ58Liz5zDaTHFZoNcJcDVm45gAMeERwZjDxY-U.css
Origin: https://www.unifund.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

X-Cache-Hits: 96
Date: Mon, 18 Mar 2024 16:21:25 GMT
Via: varnish
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
Content-Encoding: gzip
Age: 625803
Transfer-Encoding: chunked
X-Cache: HIT
Connection: keep-alive
X-AH-Environment: prod
X-Request-ID: v-5b9e0806-dac3-11ee-ab34-eba3eca3f726
Last-Modified: Fri, 19 Jan 2024 13:53:59 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: application/font-woff
Cache-Control: public, max-age=1209600
CF-RAY: 86668e433cd136d6-YYZ
Expires: Mon, 01 Apr 2024 16:21:25 GMT

GET
H/1.1 200
OK RSASans_Light.woff
www.unifund.ca/libraries/@rsa/rsa-fonts/fonts/ 40 KB
40 KB 117ms
116ms Font
application/font-woff 2606:4700::6812:c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unifund.ca/libraries/@rsa/rsa-fonts/fonts/RSASans_Light.woff

Requested by

Host: www.unifund.ca
URL: https://www.unifund.ca/sites/unifund/files/css/css_XEu2iZ58Liz5zDaTHFZoNcJcDVm45gAMeERwZjDxY-U.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6276b68d98b9572c124a74aa181ebbca37a700889ede7a1f0eb988b9f6026d00

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.unifund.ca/sites/unifund/files/css/css_XEu2iZ58Liz5zDaTHFZoNcJcDVm45gAMeERwZjDxY-U.css
Origin: https://www.unifund.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

X-Cache-Hits: 105
Date: Mon, 18 Mar 2024 16:21:25 GMT
Via: varnish
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
Content-Encoding: gzip
Age: 625803
Transfer-Encoding: chunked
X-Cache: HIT
Connection: keep-alive
X-AH-Environment: prod
X-Request-ID: v-fcb2f2dc-da9c-11ee-8700-c3dff9610980
Last-Modified: Fri, 19 Jan 2024 13:53:59 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: application/font-woff
Cache-Control: public, max-age=1209600
CF-RAY: 86668e43391039e1-YYZ
Expires: Mon, 01 Apr 2024 16:21:25 GMT

GET
H/1.1 200
OK RSASans_Regular.woff
www.unifund.ca/libraries/@rsa/rsa-fonts/fonts/ 39 KB
40 KB 116ms
115ms Font
application/font-woff 2606:4700::6812:c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unifund.ca/libraries/@rsa/rsa-fonts/fonts/RSASans_Regular.woff

Requested by

Host: www.unifund.ca
URL: https://www.unifund.ca/sites/unifund/files/css/css_XEu2iZ58Liz5zDaTHFZoNcJcDVm45gAMeERwZjDxY-U.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

399a73db015e70e8084a126e53125c4bceaed007cd678b81b963b3ce3219bd0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.unifund.ca/sites/unifund/files/css/css_XEu2iZ58Liz5zDaTHFZoNcJcDVm45gAMeERwZjDxY-U.css
Origin: https://www.unifund.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

X-Cache-Hits: 179
Date: Mon, 18 Mar 2024 16:21:25 GMT
Via: varnish
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
Content-Encoding: gzip
Age: 13421
Transfer-Encoding: chunked
X-Cache: HIT
Connection: keep-alive
X-AH-Environment: prod
X-Request-ID: v-141552c8-daa0-11ee-aa24-0b527fdd1932
Last-Modified: Fri, 19 Jan 2024 13:53:59 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: application/font-woff
Cache-Control: public, max-age=1209600
CF-RAY: 86668e433a4039e9-YYZ
Expires: Mon, 01 Apr 2024 16:21:25 GMT

GET
H/1.1 200
OK RSAIcons.woff
www.unifund.ca/libraries/@rsa/rsa-fonts/fonts/ 455 KB
190 KB 123ms
123ms Font
application/font-woff 2606:4700::6812:c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unifund.ca/libraries/@rsa/rsa-fonts/fonts/RSAIcons.woff

Requested by

Host: www.unifund.ca
URL: https://www.unifund.ca/sites/unifund/files/css/css_XEu2iZ58Liz5zDaTHFZoNcJcDVm45gAMeERwZjDxY-U.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af5ef4a4c8cc1b2b5023c9373a4a62245f194850fa439572ecad5514598737d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.unifund.ca/sites/unifund/files/css/css_XEu2iZ58Liz5zDaTHFZoNcJcDVm45gAMeERwZjDxY-U.css
Origin: https://www.unifund.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

X-Cache-Hits: 167
Date: Mon, 18 Mar 2024 16:21:25 GMT
Via: varnish
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
Content-Encoding: gzip
Age: 15621
Transfer-Encoding: chunked
X-Cache: HIT
Connection: keep-alive
X-AH-Environment: prod
X-Request-ID: v-142e2082-daa0-11ee-aae0-2f173d1a70c9
Last-Modified: Fri, 19 Jan 2024 13:53:59 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: application/font-woff
Cache-Control: public, max-age=1209600
CF-RAY: 86668e433d3a542b-YYZ
Expires: Mon, 01 Apr 2024 16:21:25 GMT

GET
H/1.1 200
OK css_aMijO2TCgeDBXd_YpsPxkCw9pDxE0SlA0z7n0Hp9TH4.css Show response
www.unifund.ca/sites/unifund/files/css/ 10 KB
3 KB 265ms
117ms XHR
text/css 2606:4700::6812:c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unifund.ca/sites/unifund/files/css/css_aMijO2TCgeDBXd_YpsPxkCw9pDxE0SlA0z7n0Hp9TH4.css

Requested by

Host: www.unifund.ca
URL: https://www.unifund.ca/sites/unifund/files/js/js_14PChvmdAX4UETy6-gbYkoViB3XHoIpo_GMCzujP9Og.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68c8a33b64c281e0c15ddfd8a6c3f1902c3da43c44d12940d33ee7d07a7d4c7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.unifund.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

X-Cache-Hits: 141
Date: Mon, 18 Mar 2024 16:21:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
Via: varnish
Age: 426453
X-Cache: HIT
Connection: keep-alive
X-AH-Environment: prod
Content-Length: 2718
X-Request-ID: v-da96506a-ce24-11ee-a53a-072faa5ac114
Last-Modified: Tue, 05 Dec 2023 14:16:54 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=1209600
Accept-Ranges: bytes
CF-RAY: 86668e445fb936d6-YYZ
Expires: Mon, 01 Apr 2024 16:21:25 GMT

GET
H/1.1 200
OK css_XEu2iZ58Liz5zDaTHFZoNcJcDVm45gAMeERwZjDxY-U.css Show response
www.unifund.ca/sites/unifund/files/css/ 214 KB
33 KB 273ms
109ms XHR
text/css 2606:4700::6812:c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unifund.ca/sites/unifund/files/css/css_XEu2iZ58Liz5zDaTHFZoNcJcDVm45gAMeERwZjDxY-U.css

Requested by

Host: www.unifund.ca
URL: https://www.unifund.ca/sites/unifund/files/js/js_14PChvmdAX4UETy6-gbYkoViB3XHoIpo_GMCzujP9Og.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c8c54e3c2f4dee1b6a33765bff5cdcd1aa5cecbecd3d07123ba74e12a32b83f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.unifund.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

X-Cache-Hits: 167
Date: Mon, 18 Mar 2024 16:21:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
Via: varnish
Age: 411379
X-Cache: HIT
Connection: keep-alive
X-AH-Environment: prod
Content-Length: 33685
X-Request-ID: v-43e81248-ce24-11ee-9885-27e1e55b4fcb
Last-Modified: Tue, 05 Dec 2023 14:16:07 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=1209600
Accept-Ranges: bytes
CF-RAY: 86668e447c5239e9-YYZ
Expires: Mon, 01 Apr 2024 16:21:25 GMT

GET
H2 200 all.css Show response
use.fontawesome.com/releases/v5.6.3/css/ 52 KB
12 KB 124ms
123ms XHR
text/css 2606:4700:e6::ac40:cf26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by: Host: www.unifund.ca
URL: https://www.unifund.ca/sites/unifund/files/js/js_14PChvmdAX4UETy6-gbYkoViB3XHoIpo_GMCzujP9Og.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.unifund.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 16:21:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:45:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 599912
etag: W/"dc93d584e41f8417f6b7163320d34329"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4BZzL3GfTd3tarGdhkZSZiFafJNN%2F0UP%2BcwWdCP3BKc1v%2BgjBa9Ew1rEUs6EBHvlfhY9p2IBOplIoUkqpWDubN0dEiPZe752EcUd3MCLwoC%2BT5EdjDoUnfJIZQBdcr5jJ27c61JjAGQkhh4wVnZcW7Uj"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 86668e437c869120-ORD
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK deployment.js Show response
c.la1-c1cs-yul.salesforceliveagent.com/content/g/js/48.0/ 42 KB
42 KB 457ms
171ms Script
application/javascript 3.96.121.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.la1-c1cs-yul.salesforceliveagent.com/content/g/js/48.0/deployment.js
Requested by: Host: www.unifund.ca
URL: https://www.unifund.ca/sites/unifund/files/js/js_14PChvmdAX4UETy6-gbYkoViB3XHoIpo_GMCzujP9Og.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.96.121.93 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-96-121-93.ca-central-1.compute.amazonaws.com
Software: envoy /
Resource Hash: 0e32ae2b3787eb6c3cb4517d64a747f5bdeeb40c7203ba6de723de30dcfb698f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.unifund.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 16:21:26 GMT
last-modified: Fri, 01 Mar 2024 22:36:36 GMT
server: envoy
content-type: application/javascript
cache-control: max-age=60, must-revalidate
x-envoy-upstream-service-time: 0
accept-ranges: bytes
content-length: 42736

GET
H2 200 modules-v2.js Show response
my.hellobar.com/ 299 KB
74 KB 117ms
116ms Script
text/javascript 2606:4700:10::6816:e17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hellobar.com/modules-v2.js
Requested by: Host: my.hellobar.com
URL: https://my.hellobar.com/e84f65de69373b61630dfb290f5a94a4036c1ccd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:e17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9888e4460f011771d6eb1fdd78515fafade096f545c94ad95ac92a3e61f8f256

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.unifund.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 16:21:25 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 36WD8PZ2H6HAJPZG
age: 2485
cf-polished: origSize=305970
x-amz-server-side-encryption: AES256
x-amz-id-2: /jl4WNJOFY7qV2RiV3UeYK+jyUFebeSliSfvgRJHGM9ZObP8nqCiQhLoQOxHmrUi8wPdJNygTcE=
cf-bgj: minify
last-modified: Thu, 08 Feb 2024 14:49:05 GMT
server: cloudflare
etag: W/"d1beb1a2aa89f33723ee5bdc1b2d414b"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 86668e438c5837cf-YYZ

GET
H2 200 id Show response
dpm.demdex.net/ 365 B
913 B 453ms
164ms XHR
application/json 54.85.179.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=8879806A585197B50A495EE9%40AdobeOrg&d_nsid=0&ts=1710778885716

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6e1d227ae226/0ce367742ade/launch-7e1acfb263fa.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.85.179.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-85-179-91.compute-1.amazonaws.com

Software

Resource Hash

1e924df8db9f32bd8c6ab3944130c17562bc9eeb7863d7dd9930dc08a83fc0da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.unifund.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

dcs: dcs-prod-va6-1-v057-0fa1191e6.edge-va6.demdex.com 2 ms
pragma: no-cache
date: Mon, 18 Mar 2024 16:21:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: SPIoKGPRTh4=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://www.unifund.ca
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 309
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 216 KB
58 KB 545ms
144ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6e1d227ae226/0ce367742ade/launch-7e1acfb263fa.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4e049bbdc40b8d2e87194216781b7ad54cdb528be6686225e510468c056facb0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.unifund.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 18 Mar 2024 16:21:26 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57659
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=15, mss=1392, tbw=2797, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: +G93gEiKTWRKyGcD2J972wG+E2unFH7TNTSVMLFAEhu2mlcHTwqiMKuguUhzy0jrP8yRxdxT/SFfyUmWdPwX9w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/ 34 KB
13 KB 116ms
114ms Script
application/x-javascript 2600:141b:e800:1182::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6e1d227ae226/0ce367742ade/launch-7e1acfb263fa.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:e800:1182::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 6c789117a5f69b39293256e6899288c8317358589e20c6d08278223f948cd2cf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.unifund.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 16:21:25 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 05:33:26 GMT
server: AkamaiNetStorage
etag: "208eb534ea01036a4fca64e6715ccf3f:1694496806.451282"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.unifund.ca
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12687
expires: Mon, 18 Mar 2024 17:21:25 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/ 3 KB
2 KB 121ms
120ms Script
application/x-javascript 2600:141b:e800:1182::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6e1d227ae226/0ce367742ade/launch-7e1acfb263fa.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:e800:1182::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: bc0bfc50d3ff4175132b7da1ef0adf7761ded5cb2782e55edb1948da3480abd8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.unifund.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 16:21:25 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 05:33:26 GMT
server: AkamaiNetStorage
etag: "f1e098a5dd836ea5fc9726c429c8d71d:1694496806.740373"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.unifund.ca
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1597
expires: Mon, 18 Mar 2024 17:21:25 GMT

GET
H2 200 RCe47eda1e309543579d77564ee5626632-source.min.js Show response
assets.adobedtm.com/6e1d227ae226/0ce367742ade/b6c0397e4c18/ 497 B
529 B 116ms
115ms Script
application/x-javascript 2600:141b:e800:1182::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/6e1d227ae226/0ce367742ade/b6c0397e4c18/RCe47eda1e309543579d77564ee5626632-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6e1d227ae226/0ce367742ade/launch-7e1acfb263fa.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:e800:1182::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b1831eaa2ee35c0c0d6240864dbe5aa7f792d8a61e161526d743ac1382d2a816

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.unifund.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 16:21:25 GMT
content-encoding: gzip
last-modified: Fri, 16 Feb 2024 19:08:01 GMT
server: AkamaiNetStorage
etag: "eea2480795f8f79ae30901d0b9882a74:1708110481.219115"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.unifund.ca
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 273
expires: Mon, 18 Mar 2024 17:21:25 GMT

GET
H2 200 / Show response
zn4mjvfrs2lq3antc-clientexperience.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 9 KB
4 KB 394ms
109ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn4mjvfrs2lq3antc-clientexperience.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_4MJVfRs2Lq3aNtc

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6e1d227ae226/0ce367742ade/launch-7e1acfb263fa.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5353948849f58516850dd9f0b7a4e03207301c1cdfa837ac41d210933d8cf9b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.unifund.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 16:21:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 312628
cf-polished: origSize=9889
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"26a1-ga60m3S77NBYV1qcWI1XU8MXSnM"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 86668e45fd5ba1de-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 RCbce8f55153274100b050148fabd240c1-source.min.js Show response
assets.adobedtm.com/6e1d227ae226/0ce367742ade/b6c0397e4c18/ 629 B
656 B 127ms
126ms Script
application/x-javascript 2600:141b:e800:1182::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/6e1d227ae226/0ce367742ade/b6c0397e4c18/RCbce8f55153274100b050148fabd240c1-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6e1d227ae226/0ce367742ade/launch-7e1acfb263fa.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:e800:1182::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 8dc35c626ef33b036f75a2c7d83be822743233c141608c06a212c28f41175c34

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.unifund.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 16:21:25 GMT
content-encoding: gzip
last-modified: Fri, 16 Feb 2024 19:08:01 GMT
server: AkamaiNetStorage
etag: "eea2480795f8f79ae30901d0b9882a74:1708110481.219115"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.unifund.ca
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 401
expires: Mon, 18 Mar 2024 17:21:25 GMT

GET
H2 200 RC06851986c3e44972bd2a231f0f4fcc6c-source.min.js Show response
assets.adobedtm.com/6e1d227ae226/0ce367742ade/b6c0397e4c18/ 499 B
532 B 127ms
127ms Script
application/x-javascript 2600:141b:e800:1182::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/6e1d227ae226/0ce367742ade/b6c0397e4c18/RC06851986c3e44972bd2a231f0f4fcc6c-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6e1d227ae226/0ce367742ade/launch-7e1acfb263fa.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:e800:1182::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: bee46c983a85a43962ff92188fd5c6ca454d6ae73a072466b6034cb0058c4645

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.unifund.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 16:21:25 GMT
content-encoding: gzip
last-modified: Fri, 16 Feb 2024 19:08:01 GMT
server: AkamaiNetStorage
etag: "eea2480795f8f79ae30901d0b9882a74:1708110481.219115"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.unifund.ca
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 276
expires: Mon, 18 Mar 2024 17:21:25 GMT

GET
H2 200 RC51deaee971c34fd3b6213bd4ed1a3f83-source.min.js Show response
assets.adobedtm.com/6e1d227ae226/0ce367742ade/b6c0397e4c18/ 916 B
745 B 171ms
171ms Script
application/x-javascript 2600:141b:e800:1182::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/6e1d227ae226/0ce367742ade/b6c0397e4c18/RC51deaee971c34fd3b6213bd4ed1a3f83-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6e1d227ae226/0ce367742ade/launch-7e1acfb263fa.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:e800:1182::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 532e7e0606dfc533424aa754bc3ef68aff55b719452b0eb5b775f293bac19335

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.unifund.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 16:21:25 GMT
content-encoding: gzip
last-modified: Fri, 16 Feb 2024 19:08:01 GMT
server: AkamaiNetStorage
etag: "eea2480795f8f79ae30901d0b9882a74:1708110481.219115"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.unifund.ca
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 489
expires: Mon, 18 Mar 2024 17:21:25 GMT

GET
H/1.1 200
OK json Show response
pro.ip-api.com/ 156 B
312 B 531ms
105ms Fetch
application/json 208.95.112.2
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json?key=pAcPOWCUJWo5Gcp&fields=status,country,countryCode,regionName,region,city,timezone,mobile
Requested by: Host: my.hellobar.com
URL: https://my.hellobar.com/modules-v2.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 208.95.112.2 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: c3e22b3259fb10a7fe983e703a406f99aff383bcb57533d001f9ee079e203725

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.unifund.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 18 Mar 2024 16:21:26 GMT
Content-Length: 156
Content-Type: application/json; charset=utf-8

GET
H2 200 hotjar-2995563.js Show response
static.hotjar.com/c/ 9 KB
4 KB 373ms
89ms Script
application/javascript 3.162.3.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2995563.js?sv=6

Requested by

Host: www.unifund.ca
URL: https://www.unifund.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.3.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-3-99.yul62.r.cloudfront.net

Software

Resource Hash

11f497c9d7de46f5947a24108aef3fe6c58e03473540aedd238a12a8af6c6f93

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.unifund.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 18 Mar 2024 16:21:20 GMT
via: 1.1 3c503941ffd955a9223590c80d8af4c2.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P2
age: 6
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/d96305ee4729f0ef2b0d786d2ab950b2
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: d8uYWFKeD6YmSMGCY2b9MG3rKN4OOOC8uLt9XUaokeZZdDOuw6kJFA==

GET
H2 200 dest5.html Show response
intact.demdex.net/ Frame 9017 7 KB
3 KB 155ms
149ms Document
text/html 54.85.179.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://intact.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6e1d227ae226/0ce367742ade/launch-7e1acfb263fa.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.85.179.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-85-179-91.compute-1.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.unifund.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Mon, 18 Mar 2024 16:21:26 GMT
dcs: dcs-prod-va6-2-v057-0c6857395.edge-va6.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Wed, 6 Mar 2024 14:53:54 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: hEeH9KS9Suc=

GET
H2

200

ibs:dpid=411&dpuuid=ZfhqBgAAAJDueQN-
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=82764335984028733540413229704473722417
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZfhqBgAAAJDueQN-

42 B
717 B

94ms
94ms

Image
image/gif

54.85.179.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZfhqBgAAAJDueQN-

Requested by

Host: www.unifund.ca
URL: https://www.unifund.ca/

Protocol

Server

54.85.179.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-85-179-91.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.unifund.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

dcs: dcs-prod-va6-2-v057-0f469e05b.edge-va6.demdex.com 3 ms
pragma: no-cache
date: Mon, 18 Mar 2024 16:21:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: iQ+PElStRgM=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZfhqBgAAAJDueQN-
Date: Mon, 18 Mar 2024 16:21:26 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 delivery Show response
intactfinancialcorpo.tt.omtrdc.net/rest/v1/ 363 B
850 B 544ms
229ms XHR
application/json 63.140.38.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://intactfinancialcorpo.tt.omtrdc.net/rest/v1/delivery?client=intactfinancialcorpo&sessionId=c4482b76b4a3413cb9fe7145286cfc70&version=2.10.3

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6e1d227ae226/0ce367742ade/launch-7e1acfb263fa.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.112 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-112.data.adobedc.net

Software

jag /

Resource Hash

ec7962e2b42618bbf9d0a3eaa07bd7fbf13835b7c28c9ad90b570632a53c1093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.unifund.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 18 Mar 2024 16:21:26 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
server: jag
x-content-type-options: nosniff
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.unifund.ca
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
x-request-id: 23ffb30e-bcdf-4d42-a324-58cff0754827

POST
H2 200 interact Show response
adobedc.demdex.net/ee/v1/ 1 KB
1 KB 480ms
168ms Fetch
application/json 63.140.39.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://adobedc.demdex.net/ee/v1/interact?configId=90b4b638-e26c-4500-b679-3983f487521b&requestId=1f262f18-615d-44e4-ba5f-1e39bc9233aa

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6e1d227ae226/0ce367742ade/launch-7e1acfb263fa.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.39.240 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-39-240.data.adobedc.net

Software

jag /

Resource Hash

389e93e17f31ad5ac45fb26339d737c3b5a34a931b44d4df0a436c7f9552d1cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.unifund.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Mon, 18 Mar 2024 16:21:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
server: jag
vary: Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.unifund.ca
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
x-adobe-edge: VA6;7
access-control-allow-credentials: true
x-konductor: N/A
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-request-id: 1f262f18-615d-44e4-ba5f-1e39bc9233aa

GET
H2 200 12.63c0bdd0617285325764.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 73 KB
22 KB 101ms
100ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/12.63c0bdd0617285325764.chunk.js?Q_CLIENTVERSION=2.2.0&Q_CLIENTTYPE=web&Q_BRANDID=www.unifund.ca

Requested by

Host: zn4mjvfrs2lq3antc-clientexperience.siteintercept.qualtrics.com
URL: https://zn4mjvfrs2lq3antc-clientexperience.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_4MJVfRs2Lq3aNtc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

634c1c2c3fcac967e6355fc2441d91d50d9ffb6931e78e5b8c7ff884942d530c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.unifund.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 16:21:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 562728
cf-polished: origSize=75209
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Mar 2024 19:21:19 GMT
cf-bgj: minify
server: cloudflare
etag: W/"125c9-18e0ae9cf98"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 86668e46eea7a1de-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 modules.a832f5d8f24964da1f4a.js Show response
script.hotjar.com/ 220 KB
55 KB 379ms
100ms Script
application/javascript 3.162.3.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.a832f5d8f24964da1f4a.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2995563.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.3.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-3-90.yul62.r.cloudfront.net

Software

Resource Hash

a25146c544ae821d97ac637e817dae3f4985b7e991d7354cf1d21561a8dfc630

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.unifund.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 17:22:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 39bd4dd36d89ac693c6b532053af59d6.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P2
age: 255560
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55518
last-modified: Fri, 15 Mar 2024 17:21:16 GMT
etag: "8bd905e445d19a6e7c5adc15919ba59b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: sXXOwfg4kASpaI6AzuYLHu6y0okN4x7EKChzrOwWX_-B17zqH81anA==

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 127 B
297 B 181ms
180ms XHR
text/plain 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_4MJVfRs2Lq3aNtc&Q_CLIENTVERSION=2.2.0&Q_CLIENTTYPE=webAdobeLaunch

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.63c0bdd0617285325764.chunk.js?Q_CLIENTVERSION=2.2.0&Q_CLIENTTYPE=web&Q_BRANDID=www.unifund.ca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6e3cac598ee80d6cb0e409a43a0ddb9e8fe75ce4250f7f285e81f2c3b2fa0f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.unifund.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 18 Mar 2024 16:21:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.unifund.ca
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: 8b8f73c50ae86938
timing-allow-origin: *
cf-ray: 86668e47bf43a1de-YYZ

GET
H2 200 139353199887453 Show response
connect.facebook.net/signals/config/ 55 KB
12 KB 163ms
163ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/139353199887453?v=2.9.150&r=stable&domain=www.unifund.ca&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bb499c897e732707b2cd69086dab0aa556b11f5b49bbce7f2a70fb460b53e019

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.unifund.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 18 Mar 2024 16:21:26 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=60, mss=1392, tbw=62793, tp=-1, tpl=-1, uplat=43, ullat=0
pragma: public
x-fb-debug: 6VPfTQJcLyU9VHgQDmpc7gh7EXxsCoU+vy7xzQ4JqQaWaavV+QszOSycJ1rsMwmrZXsaaWuV+Yrh8oOKwPAbmQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 clever_ads.js Show response
my.hellobar.com/ 43 B
296 B 130ms
129ms Script
application/javascript 2606:4700:10::6816:e17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hellobar.com/clever_ads.js
Requested by: Host: my.hellobar.com
URL: https://my.hellobar.com/modules-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:e17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 089de6bf77a7b557e22c6f8d2aa3d1d28bb9c03a302c2de2c96395011d4a9c1f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.unifund.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 16:21:26 GMT
cf-cache-status: HIT
x-amz-request-id: G5HB881NR8APBM55
age: 2049
cf-polished: origSize=45
x-amz-server-side-encryption: AES256
content-length: 43
x-amz-id-2: ScJRQ8JYvseRaP63iDnjr7WpCTd0y173xvWMwzIdQZk0rJIIo9vlCW3PwjcsAvKSKg5/S+ngrKU=
cf-bgj: minify
last-modified: Fri, 04 Aug 2023 07:47:23 GMT
server: cloudflare
etag: "7e9ec97ef70197804a968a2b2c74d155"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86668e489dc837cf-YYZ

GET
H2 200 css
fonts.googleapis.com/ 16 KB
2 KB 541ms
151ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i|Open+Sans:400,400i|Source+Sans+Pro:400,400i

Requested by

Host: my.hellobar.com
URL: https://my.hellobar.com/modules-v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7399147af7baf4243033513fb3458b4d3c10ebbaaef2985ef8ac7a25345c5bb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.unifund.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 18 Mar 2024 16:21:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 16:20:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Mar 2024 16:21:27 GMT

GET
H2 200 RCcca8ce4d040642888f0491093c435309-source.min.js Show response
assets.adobedtm.com/6e1d227ae226/0ce367742ade/b6c0397e4c18/ 488 B
542 B 113ms
112ms Script
application/x-javascript 2600:141b:e800:1182::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/6e1d227ae226/0ce367742ade/b6c0397e4c18/RCcca8ce4d040642888f0491093c435309-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6e1d227ae226/0ce367742ade/launch-7e1acfb263fa.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:e800:1182::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 345597ee7ef5139641713f593f2ff76d2a17a470cad67e456af75d66c9da001a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.unifund.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 16:21:26 GMT
content-encoding: gzip
last-modified: Fri, 16 Feb 2024 19:08:01 GMT
server: AkamaiNetStorage
etag: "eea2480795f8f79ae30901d0b9882a74:1708110481.219115"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.unifund.ca
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 286
expires: Mon, 18 Mar 2024 17:21:26 GMT

POST
H2 204 delivery
intactfinancialcorpo.tt.omtrdc.net/rest/v1/ 0
98 B 103ms
102ms Ping
text/plain 63.140.38.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://intactfinancialcorpo.tt.omtrdc.net/rest/v1/delivery?client=intactfinancialcorpo&sessionId=c4482b76b4a3413cb9fe7145286cfc70&version=2.10.3

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6e1d227ae226/0ce367742ade/launch-7e1acfb263fa.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.112 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-112.data.adobedc.net

Software

jag /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.unifund.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 18 Mar 2024 16:21:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: jag
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin: https://www.unifund.ca
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 01e783d4-2d55-41be-85e3-8b3a95ecd044

GET
H2 200 s59866606419860
intactglobal.112.2o7.net/b/ss/intactglobal/1/JS-2.25.0-LDQM/ 43 B
345 B 582ms
231ms Image
image/gif 63.140.39.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://intactglobal.112.2o7.net/b/ss/intactglobal/1/JS-2.25.0-LDQM/s59866606419860?AQB=1&ndh=1&pf=1&t=18%2F2%2F2024%209%3A21%3A26%201%20420&sdid=65758EF2F5D0A875-11FD73C82D7AA403&ts=2024-03-18T16%3A21%3A26.830Z&mid=82259251164138836310382667379646317268&aamlh=7&ce=UTF-8&pageName=Welcome%20to%20unifund&g=https%3A%2F%2Fwww.unifund.ca%2F&cc=CAD&server=unifund.ca&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=Welcome%20to%20unifund&c2=0.0&c4=Responsive&c5=Website&c11=Personal&c17=0&v17=English&v18=Unknown&c21=2024-03-18%2016%3A21%3A25&v21=1&c24=0&c26=https%3A%2F%2Fwww.unifund.ca%2F&v96=Production&v97=External&v99=Unifund&v151=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F122.0.6261.128%20Safari%2F537.36&v158=Not%20applicable&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=8879806A585197B50A495EE9%40AdobeOrg&AQE=1

Requested by

Host: www.unifund.ca
URL: https://www.unifund.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.39.240 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-39-240.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.unifund.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 16:21:27 GMT
x-content-type-options: nosniff
last-modified: Tue, 19 Mar 2024 16:21:27 GMT
server: jag
etag: 3673869685677752320-4617717081890847542
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 17 Mar 2024 16:21:27 GMT

GET
H2 200 nr-rum-1.253.0.min.js Show response
js-agent.newrelic.com/ 45 KB
16 KB 505ms
97ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-rum-1.253.0.min.js

Requested by

Host: www.unifund.ca
URL: https://www.unifund.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::649 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6d7aa6bb298937661d993695e32a86a9c891b3cb77e46cda3831bc8ca616c55c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.unifund.ca/
Origin: https://www.unifund.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: TgvqgvoYAHsERQ1.OBrfuMt0ieYpGWt5
content-encoding: br
via: 1.1 varnish
date: Mon, 18 Mar 2024 16:21:27 GMT
strict-transport-security: max-age=300
x-amz-request-id: PFX0N39DR2G67QYY
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 15820
x-amz-id-2: KkqVHvdCEJWH9/1KNjvFmF3++N/EkJoLmasBiBlkCSsYX5I/qwecbJVPtipu/pZfnJKO0d9fesg=
x-served-by: cache-yyz4562-YYZ
last-modified: Wed, 13 Mar 2024 21:07:25 GMT
server: AmazonS3
etag: "25a03a86ccddb342618e06f726d40778"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 75535

GET
H/1.1 200
OK MultiNoun.jsonp Show response
d.la1-c1cs-yul.salesforceliveagent.com/chat/rest/System/ 594 B
742 B 414ms
136ms Script
text/javascript 35.183.88.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la1-c1cs-yul.salesforceliveagent.com/chat/rest/System/MultiNoun.jsonp?nouns=VisitorId,Settings&VisitorId.prefix=Visitor&Settings.prefix=Visitor&Settings.buttonIds=[5735X000000001r]&Settings.updateBreadcrumb=1&Settings.urlPrefix=undefined&callback=liveagent._.handlePing&deployment_id=5725X000000001h&org_id=00D1I000002JVvk&version=48

Requested by

Host: c.la1-c1cs-yul.salesforceliveagent.com
URL: https://c.la1-c1cs-yul.salesforceliveagent.com/content/g/js/48.0/deployment.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

35.183.88.173 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-183-88-173.ca-central-1.compute.amazonaws.com

Software

envoy /

Resource Hash

f7ccc1072b7e6f4f392ff0572e23908556deff7b0f0acee286d3cedbb46689a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.unifund.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 16:21:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: envoy
transfer-encoding: chunked
content-type: text/javascript
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4
expires: -1

GET
H2 200 YwAsNiFavgdeIxJFdWAcPrMQHRSSp6-1ZELLAff7qWDg0MUpK6S6Zm
hi.hellobar.com/v/6RHYLXVMA93ZpS-dOb6IW6zbWkcu7B54SD6uL6z5VjTbv6Pd0XFp/ 35 B
387 B 768ms
266ms Image
image/gif 2600:9000:244d:3000:1b:45dc:7080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.hellobar.com/v/6RHYLXVMA93ZpS-dOb6IW6zbWkcu7B54SD6uL6z5VjTbv6Pd0XFp/YwAsNiFavgdeIxJFdWAcPrMQHRSSp6-1ZELLAff7qWDg0MUpK6S6Zm?f=i&t=1710778888&s=4b8235ae3f291db80c9bb8419f6bbfa18524eadc20f06d9b385ebdbf384f83eea176f4102b128975109fde5c5bf7b0f6194df31f2617b628919281228764658f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:244d:3000:1b:45dc:7080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.unifund.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 09:01:47 GMT
via: 1.1 8dd4c7f1d7b55b5ac0fc5b7f8532cf32.cloudfront.net (CloudFront)
last-modified: Tue, 10 Apr 2018 13:15:02 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P2
age: 26390
etag: "c2196de8ba412c60c22ab491af7b1409"
x-cache: Error from cloudfront
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 35
x-amz-cf-id: wBepPULmzllCkIN5qU0bnpxiXRlBYMg25x3NHKAx66MSFGA9Hb0P6Q==

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 540ms
138ms Font
font/woff2 2607:f8b0:4004:c1f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i|Open+Sans:400,400i|Source+Sans+Pro:400,400i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.unifund.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 13:49:00 GMT
x-content-type-options: nosniff
age: 527548
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Mar 2025 13:49:00 GMT

GET
H/1.1 200
OK chat-rsa.woff
www.unifund.ca/sites/unifund/themes/custom/unifund_theme/img/font-icon/ 7 KB
4 KB 180ms
180ms Font
application/font-woff 2606:4700::6812:c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unifund.ca/sites/unifund/themes/custom/unifund_theme/img/font-icon/chat-rsa.woff

Requested by

Host: www.unifund.ca
URL: https://www.unifund.ca/sites/unifund/files/css/css_XEu2iZ58Liz5zDaTHFZoNcJcDVm45gAMeERwZjDxY-U.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e1556a0c5ed189a320ea609349c02e3050cb93b3b07236382d33d6784562ce2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.unifund.ca/sites/unifund/files/css/css_XEu2iZ58Liz5zDaTHFZoNcJcDVm45gAMeERwZjDxY-U.css
Origin: https://www.unifund.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 16:21:28 GMT
Via: varnish
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
Content-Encoding: gzip
Age: 13423
Transfer-Encoding: chunked
X-Cache: MISS
Connection: keep-alive
X-AH-Environment: prod
X-Request-ID: v-51e789b6-e524-11ee-8b79-2f66aa86a4c0
Last-Modified: Fri, 19 Jan 2024 13:54:03 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: application/font-woff
Cache-Control: public, max-age=1209600
CF-RAY: 86668e52496c542b-YYZ
Expires: Mon, 01 Apr 2024 16:21:28 GMT

POST
H/1.1 200 82125d6533 Show response
bam.nr-data.net/1/ 48 B
487 B 436ms
119ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/82125d6533?a=577918611&v=1.253.0&to=YgZUMkVUCERZAE1ZWFtMdwVDXAlZFxNYV1JqAFcFX1A%3D&rst=5095&ck=0&s=8606fd3e451970bf&ref=https://www.unifund.ca/&hr=0&qt=10&ap=35&be=2005&fe=2566&dc=666&at=TkFDRA1OGxsaAhsKTEge&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1710778882962,%22n%22:0,%22f%22:1413,%22dn%22:1414,%22dne%22:1414,%22c%22:1414,%22s%22:1451,%22ce%22:1803,%22rq%22:1803,%22rp%22:2006,%22rpe%22:2076,%22di%22:2663,%22ds%22:2663,%22de%22:2671,%22dc%22:4564,%22l%22:4564,%22le%22:4571%7D,%22navigation%22:%7B%7D%7D&fp=2673&fcp=2673
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-rum-1.253.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a38658c68b4204d22c51011a7d922041fb5a1749343f09af2ed99a6bd32738a3

Request headers

Referer: https://www.unifund.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 18 Mar 2024 16:21:28 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.unifund.ca
access-control-expose-headers: Date
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: close
timing-allow-origin: https://www.unifund.ca
Content-Length: 48
x-served-by: cache-chi-kigq8000135-CHI

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.unifund.ca/	1969-12-31 23:59:59	Name: at_check Value: true
.demdex.net/	1970-01-20 23:32:10	Name: demdex Value: 82764335984028733540413229704473722417
.unifund.ca/	1969-12-31 23:59:59	Name: AMCVS_8879806A585197B50A495EE9%40AdobeOrg Value: 1
.unifund.ca/	1970-01-20 19:13:00	Name: kndctr_8879806A585197B50A495EE9_AdobeOrg_cluster Value: va6
.unifund.ca/	1970-01-21 04:41:46	Name: kndctr_8879806A585197B50A495EE9_AdobeOrg_identity Value: CiY4MjI1OTI1MTE2NDEzODgzNjMxMDM4MjY2NzM3OTY0NjMxNzI2OFIQCKLT-JLlMRgBKgNWQTYwA_ABotP4kuUx
.everesttech.net/	1970-01-21 03:58:34	Name: everest_g_v2 Value: g_surferid~ZfhqBgAAAJDueQN-
.unifund.ca/	1970-01-21 03:58:34	Name: _hjSessionUser_2995563 Value: eyJpZCI6ImQ2YjZkYWU1LTg1YjctNTZjNy1hYjRkLWZiZjcyNzY5NTJkNiIsImNyZWF0ZWQiOjE3MTA3Nzg4ODY3OTIsImV4aXN0aW5nIjpmYWxzZX0=
.unifund.ca/	1970-01-20 19:13:00	Name: _hjSession_2995563 Value: eyJpZCI6IjUzNGI4YzNmLTI3NDktNGExZi05YzIxLTgxMTlhZTZlODM1YyIsImMiOjE3MTA3Nzg4ODY3OTMsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.dpm.demdex.net/	1970-01-20 23:32:10	Name: dpm Value: 82764335984028733540413229704473722417
.unifund.ca/	1970-01-21 04:48:58	Name: AMCV_8879806A585197B50A495EE9%40AdobeOrg Value: 179643557%7CMCIDTS%7C19801%7CMCMID%7C82259251164138836310382667379646317268%7CMCAAMLH-1711383686%7C7%7CMCAAMB-1711383686%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1710786086s%7CNONE%7CMCSYNCSOP%7C411-19808%7CvVersion%7C5.5.0
.unifund.ca/	1970-01-21 04:48:58	Name: mbox Value: session#c4482b76b4a3413cb9fe7145286cfc70#1710780747\|PC#c4482b76b4a3413cb9fe7145286cfc70.34_0#1774023687
.unifund.ca/	1970-01-20 19:13:00	Name: gpv_pn Value: Welcome%20to%20unifund
.unifund.ca/	1970-01-20 19:13:00	Name: s_gpv Value: Website
.unifund.ca/	1969-12-31 23:59:59	Name: s_cc Value: true
www.unifund.ca/	1970-01-21 03:58:34	Name: liveagent_oref Value:
www.unifund.ca/	1969-12-31 23:59:59	Name: liveagent_sid Value: e5f1fa36-59e8-4363-a0b8-263d90e3b886
www.unifund.ca/	1970-01-21 03:58:34	Name: liveagent_vc Value: 2
www.unifund.ca/	1970-01-21 03:58:34	Name: liveagent_ptid Value: e5f1fa36-59e8-4363-a0b8-263d90e3b886

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.unifund.ca/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.unifund.ca/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.unifund.ca/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.unifund.ca/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/139353199887453?v=2.9.150&r=stable&domain=www.unifund.ca&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101(Line 82) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.unifund.ca/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.unifund.ca/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.unifund.ca/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.unifund.ca/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.unifund.ca/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.unifund.ca/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.unifund.ca/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adobedc.demdex.net
assets.adobedtm.com
bam.nr-data.net
c.la1-c1cs-yul.salesforceliveagent.com
cdnjs.cloudflare.com
cm.everesttech.net
connect.facebook.net
d.la1-c1cs-yul.salesforceliveagent.com
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
hi.hellobar.com
intact.demdex.net
intactfinancialcorpo.tt.omtrdc.net
intactglobal.112.2o7.net
js-agent.newrelic.com
my.hellobar.com
pro.ip-api.com
script.hotjar.com
siteintercept.qualtrics.com
static.hotjar.com
unifund.ca
use.fontawesome.com
www.unifund.ca
zn4mjvfrs2lq3antc-clientexperience.siteintercept.qualtrics.com
104.17.209.240
162.247.243.29
18.207.56.13
208.95.112.2
2600:141b:e800:1182::1e80
2600:9000:244d:3000:1b:45dc:7080:93a1
2606:4700:10::6816:e17
2606:4700::6811:190e
2606:4700::6812:c5f
2606:4700::6812:d5f
2606:4700:e6::ac40:cf26
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c1f::5e
2a03:2880:f003:c0e:face:b00c:0:3
2a04:4e42::649
3.162.3.90
3.162.3.99
3.96.121.93
35.183.88.173
54.85.179.91
63.140.38.112
63.140.39.240
089de6bf77a7b557e22c6f8d2aa3d1d28bb9c03a302c2de2c96395011d4a9c1f
0e32ae2b3787eb6c3cb4517d64a747f5bdeeb40c7203ba6de723de30dcfb698f
11f497c9d7de46f5947a24108aef3fe6c58e03473540aedd238a12a8af6c6f93
1e924df8db9f32bd8c6ab3944130c17562bc9eeb7863d7dd9930dc08a83fc0da
317899ace183773ba694cf33ebd876459ac0fa540c7e71ec5cb8d8b142a0158e
345597ee7ef5139641713f593f2ff76d2a17a470cad67e456af75d66c9da001a
389e93e17f31ad5ac45fb26339d737c3b5a34a931b44d4df0a436c7f9552d1cc
399a73db015e70e8084a126e53125c4bceaed007cd678b81b963b3ce3219bd0d
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
4e049bbdc40b8d2e87194216781b7ad54cdb528be6686225e510468c056facb0
4e1556a0c5ed189a320ea609349c02e3050cb93b3b07236382d33d6784562ce2
532e7e0606dfc533424aa754bc3ef68aff55b719452b0eb5b775f293bac19335
5353948849f58516850dd9f0b7a4e03207301c1cdfa837ac41d210933d8cf9b2
587c080125b135d29a931ed371e50ffc1a9641831c1087de2cd74532815f4560
592fa74f3de7d785825daeefe0ccfd39407d44efe2a72f27a84892ba507969b9
5c4bb6899e7c2e2cf9cc36931c566835c25c0d59b8e6000c7844706630f163e5
6276b68d98b9572c124a74aa181ebbca37a700889ede7a1f0eb988b9f6026d00
634c1c2c3fcac967e6355fc2441d91d50d9ffb6931e78e5b8c7ff884942d530c
68c8a33b64c281e0c15ddfd8a6c3f1902c3da43c44d12940d33ee7d07a7d4c7e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c789117a5f69b39293256e6899288c8317358589e20c6d08278223f948cd2cf
6d7aa6bb298937661d993695e32a86a9c891b3cb77e46cda3831bc8ca616c55c
7399147af7baf4243033513fb3458b4d3c10ebbaaef2985ef8ac7a25345c5bb5
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
875d748db75616431091a0cdbbfa344ce599e19daf8ec2adfdb4aee938777623
8dc35c626ef33b036f75a2c7d83be822743233c141608c06a212c28f41175c34
9048190d4a81abae03b4375df5ad56ce8f1fa421eb0efe94ed23b387dc5693d1
9888e4460f011771d6eb1fdd78515fafade096f545c94ad95ac92a3e61f8f256
9c8c54e3c2f4dee1b6a33765bff5cdcd1aa5cecbecd3d07123ba74e12a32b83f
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a25146c544ae821d97ac637e817dae3f4985b7e991d7354cf1d21561a8dfc630
a38658c68b4204d22c51011a7d922041fb5a1749343f09af2ed99a6bd32738a3
af5ef4a4c8cc1b2b5023c9373a4a62245f194850fa439572ecad5514598737d0
b1831eaa2ee35c0c0d6240864dbe5aa7f792d8a61e161526d743ac1382d2a816
b6e3cac598ee80d6cb0e409a43a0ddb9e8fe75ce4250f7f285e81f2c3b2fa0f1
bb499c897e732707b2cd69086dab0aa556b11f5b49bbce7f2a70fb460b53e019
bc0bfc50d3ff4175132b7da1ef0adf7761ded5cb2782e55edb1948da3480abd8
bee46c983a85a43962ff92188fd5c6ca454d6ae73a072466b6034cb0058c4645
c3e22b3259fb10a7fe983e703a406f99aff383bcb57533d001f9ee079e203725
ce2e319f9e04631bfa8bd53769b957813f819d76e0a2970f44c0b01d89d12ed6
d6a425f06c2f97cef9340dd1fba862608616b36cae3a726a1e5589e28e8f04d6
d783c286f99d017e14113cbafa06d89285620775c7a08a68fc6302cee8cff4e8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec7962e2b42618bbf9d0a3eaa07bd7fbf13835b7c28c9ad90b570632a53c1093
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7ccc1072b7e6f4f392ff0572e23908556deff7b0f0acee286d3cedbb46689a2

www.unifund.ca Open in urlscan Pro 2606:4700::6812:c5f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

98 %HTTPS

50 %IPv6

18 Domains

25 Subdomains

20 IPs

3 Countries

1510 kBTransfer

3590 kBSize

18 Cookies

2 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.unifund.ca Open in urlscan Pro
2606:4700::6812:c5f Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

98 %
HTTPS

50 %
IPv6

18
Domains

25
Subdomains

20
IPs

3
Countries

1510 kB
Transfer

3590 kB
Size

18
Cookies

49 HTTP transactions
0 data transactions