mnpdebt.ca Open in urlscan Pro
2606:4700:20::6819:6e25 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bankruptcysask.ca/
Effective URL:
https://mnpdebt.ca/en/offices/saskatoon
Submission: On August 18 via automatic, source certstream-suspicious (August 18th 2024, 1:18:18 pm UTC) — Scanned from CA

Summary HTTP 75 Redirects Behaviour Indicators

Summary

This website contacted 31 IPs in 2 countries across 24 domains to perform 75 HTTP transactions. The main IP is 2606:4700:20::6819:6e25, located in United States and belongs to CLOUDFLARENET, US. The main domain is mnpdebt.ca.
TLS certificate: Issued by WE1 on August 17th 2024. Valid for: 3 months.

This is the only time mnpdebt.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3036::6815:1eb9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	2606:4700:20:... 2606:4700:20::6819:6e25	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
3	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.251.40.164 142.251.40.164	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:820::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
4	2607:f8b0:400... 2607:f8b0:4006:820::2008	15169 (GOOGLE) (GOOGLE)
1	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	192.229.163.53 192.229.163.53	15133 (EDGECAST) (EDGECAST)
1	2607:f8b0:400... 2607:f8b0:4006:80c::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80e::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.65.234 142.250.65.234	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80e::200e	15169 (GOOGLE) (GOOGLE)
3	2a02:6ea0:c40... 2a02:6ea0:c400::11	60068 (CDN77 _) (CDN77 _)
2	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	108.139.33.128 108.139.33.128	16509 (AMAZON-02) (AMAZON-02)
1 2	146.75.36.157 146.75.36.157	54113 (FASTLY) (FASTLY)
1	2620:116:800b... 2620:116:800b:21:b08a:1dc5:659b:4055	14618 (AMAZON-AES) (AMAZON-AES)
2	2620:1ec:29:1... 2620:1ec:29:1::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	142.251.40.230 142.251.40.230	15169 (GOOGLE) (GOOGLE)
1	142.250.65.198 142.250.65.198	15169 (GOOGLE) (GOOGLE)
3	142.250.81.238 142.250.81.238	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21d... 2600:9000:21dd:8c00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4004:c06::9a	15169 (GOOGLE) (GOOGLE)
1	72.21.81.130 72.21.81.130	15133 (EDGECAST) (EDGECAST)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	2600:1f14:5db... 2600:1f14:5db:eb00:708b:bb4d:b8aa:d9eb	16509 (AMAZON-02) (AMAZON-02)
2	20.231.53.73 20.231.53.73	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
75	31

1 2606:4700:3036::6815:1eb9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

bankruptcysask.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2606:4700:20::6819:6e25 (United States)

ASN13335 (CLOUDFLARENET, US)

mnpdebt.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.40.164 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::200a (United States)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:820::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.163.53 (United States)

ASN15133 (EDGECAST, US)

static.olark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.234 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f10.1e100.net

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80e::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6ea0:c400::11 (New York, United States)

ASN60068 (CDN77 _, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.33.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-33-128.jfk50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.75.36.157 (Reston, United States) 1 redirects

ASN54113 (FASTLY, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800b:21:b08a:1dc5:659b:4055 (United States)

ASN14618 (AMAZON-AES, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:29:1::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.230 (Queens, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f6.1e100.net

4653320.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.198 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.81.238 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21dd:8c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::9a (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.21.81.130 (United States)

ASN15133 (EDGECAST, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f14:5db:eb00:708b:bb4d:b8aa:d9eb (Boardman, United States)

ASN16509 (AMAZON-02, US)

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.231.53.73 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

q.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	mnpdebt.ca mnpdebt.ca	1 MB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	22 KB
4	doubleclick.net 1 redirects 4653320.fls.doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 210 stats.g.doubleclick.net — Cisco Umbrella Rank: 252	1 KB
4	clarity.ms www.clarity.ms — Cisco Umbrella Rank: 1114 q.clarity.ms — Cisco Umbrella Rank: 8520	28 KB
4	userway.org cdn.userway.org — Cisco Umbrella Rank: 6941 api.userway.org — Cisco Umbrella Rank: 6788	49 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	396 KB
4	google.com www.google.com — Cisco Umbrella Rank: 10	2 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 410	13 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110 maps.googleapis.com — Cisco Umbrella Rank: 567	75 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	4 KB
2	twitter.com 1 redirects platform.twitter.com — Cisco Umbrella Rank: 1868 analytics.twitter.com — Cisco Umbrella Rank: 1356	526 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	74 KB
2	gstatic.com fonts.gstatic.com www.gstatic.com	336 KB
1	t.co t.co — Cisco Umbrella Rank: 979	376 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 2075	1 KB
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 2337 pixel-ssn.quantserve.com Failed	10 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1253	15 KB
1	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 2631	5 KB
1	olark.com static.olark.com — Cisco Umbrella Rank: 31751	3 KB
1	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4988	199 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 1211	30 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	6 KB
1	bankruptcysask.ca 1 redirects bankruptcysask.ca	632 B
0	krxd.net Failed usermatch.krxd.net Failed
75	24

	Domain	Requested by
27	mnpdebt.ca	mnpdebt.ca code.jquery.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	www.googletagmanager.com	mnpdebt.ca www.googletagmanager.com
4	www.google.com	mnpdebt.ca www.gstatic.com
3	cdn.userway.org	www.googletagmanager.com cdn.userway.org
3	cdn.jsdelivr.net	mnpdebt.ca
2	www.facebook.com	mnpdebt.ca
2	q.clarity.ms	www.clarity.ms
2	4653320.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.clarity.ms	mnpdebt.ca www.clarity.ms
2	connect.facebook.net	mnpdebt.ca connect.facebook.net
2	maps.googleapis.com	mnpdebt.ca maps.googleapis.com
1	api.userway.org	cdn.userway.org
1	analytics.twitter.com	mnpdebt.ca
1	t.co	mnpdebt.ca
1	stats.g.doubleclick.net	www.google-analytics.com
1	rules.quantcount.com	secure.quantserve.com
1	ad.doubleclick.net	mnpdebt.ca
1	secure.quantserve.com	mnpdebt.ca
1	static.ads-twitter.com	mnpdebt.ca
1	platform.twitter.com	1 redirects
1	js.adsrvr.org	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	fonts.gstatic.com	fonts.googleapis.com
1	static.olark.com	mnpdebt.ca
1	dev.visualwebsiteoptimizer.com	mnpdebt.ca
1	code.jquery.com	mnpdebt.ca
1	cdnjs.cloudflare.com	mnpdebt.ca
1	fonts.googleapis.com	mnpdebt.ca
1	bankruptcysask.ca	1 redirects
0	pixel-ssn.quantserve.com Failed	mnpdebt.ca
0	usermatch.krxd.net Failed	mnpdebt.ca
75	32

This site contains no links.

Subject Issuer	Validity	Valid
mnpdebt.ca WE1	`2024-08-17` - `2024-11-15`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2024-06-29` - `2025-07-31`	a year	crt.sh
static.olark.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-08-30`	a year	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
1667503734.rsc.cdn77.org E5	`2024-07-16` - `2024-10-14`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-27` - `2024-08-25`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
quantserve.com R10	`2024-06-24` - `2024-09-22`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-08` - `2025-05-07`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-11-05`	a year	crt.sh
api.userway.org Amazon RSA 2048 M02	`2024-08-02` - `2025-08-31`	a year	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://mnpdebt.ca/en/offices/saskatoon
Frame ID: 3D8C66386174F6A6DBE92DD315064780
Requests: 72 HTTP requests in this frame

Frame: data://truncated
Frame ID: 708362450C1AF5426C51F30C0399F46A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LchOswZAAAAAExqv__mYOvUeAutmKH1O2lM_u57&co=aHR0cHM6Ly9tbnBkZWJ0LmNhOjQ0Mw..&hl=en&v=hfUfsXWZFeg83qqxrK27GB8P&size=invisible&cb=5ypmtlt43d6
Frame ID: ECC22E56A281B7B08714143717805DA5
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LchOswZAAAAAExqv__mYOvUeAutmKH1O2lM_u57&co=aHR0cHM6Ly9tbnBkZWJ0LmNhOjQ0Mw..&hl=en&v=hfUfsXWZFeg83qqxrK27GB8P&size=invisible&cb=s2mi1yinuly6
Frame ID: 183997DA909810E0E300D7095E58583D
Requests: 1 HTTP requests in this frame

Frame: https://4653320.fls.doubleclick.net/activityi;dc_pre=CPC9zKLQ_ocDFVwcdgYdTX8F9w;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=5145706921721;npa=0;auiddc=1761448276.1723987059;ps=1;pcor=471597299;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48e0v9181660592z872010953za201zb72010953;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen%2Foffices%2Fsaskatoon
Frame ID: 2CEAF46E17D2194FB943749247DA5779
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://bankruptcysask.ca/ HTTP 301
https://mnpdebt.ca/en/offices/saskatoon Page URL

Page Statistics

75
Requests

96 %
HTTPS

58 %
IPv6

24
Domains

32
Subdomains

31
IPs

2
Countries

2510 kB
Transfer

5038 kB
Size

30
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bankruptcysask.ca/ HTTP 301
https://mnpdebt.ca/en/offices/saskatoon Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://platform.twitter.com/oct.js HTTP 301
https://static.ads-twitter.com/oct.js

Request Chain 49

https://insight.adsrvr.org/track/evnt/?adv=i4v66ce&ct=0:8qk2i4k&fmt=3&gtmcb=1601772541 HTTP 302
https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=a4681777-2bd9-40a5-b326-cf9a19c23f88

Request Chain 56

https://4653320.fls.doubleclick.net/activityi;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=5145706921721;npa=0;auiddc=1761448276.1723987059;ps=1;pcor=471597299;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48e0v9181660592z872010953za201zb72010953;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen%2Foffices%2Fsaskatoon HTTP 302
https://4653320.fls.doubleclick.net/activityi;dc_pre=CPC9zKLQ_ocDFVwcdgYdTX8F9w;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=5145706921721;npa=0;auiddc=1761448276.1723987059;ps=1;pcor=471597299;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48e0v9181660592z872010953za201zb72010953;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen%2Foffices%2Fsaskatoon

Request Chain 70

https://pixel.quantserve.com/pixel;r=872761469;labels=_fp.event.PageView;rf=0;a=p-ZvkjxaQPZCZrY;url=https%3A%2F%2Fmnpdebt.ca%2Fen%2Foffices%2Fsaskatoon;uht=2;fpan=1;fpa=P0-639477815-1723987060095;pbc=;ns=0;ce=1;qjs=1;qv=15f23c9a-20240703164903;cm=;gdpr=0;ref=;d=mnpdebt.ca;dst=1;et=1723987060356;tzo=420;ogl=;ses=9cb0b989-035e-4c81-abc2-9e79f7d4fdcb;mdl= HTTP 0
https://pixel-ssn.quantserve.com/pixel;r=872761469;labels=_fp.event.PageView;rf=0;a=p-ZvkjxaQPZCZrY;url=https%3A%2F%2Fmnpdebt.ca%2Fen%2Foffices%2Fsaskatoon;uht=2;fpan=1;fpa=P0-639477815-1723987060095;pbc=;ns=0;ce=1;qjs=1;qv=15f23c9a-20240703164903;cm=;gdpr=0;ref=;d=mnpdebt.ca;dst=1;et=1723987060356;tzo=420;ogl=;ses=9cb0b989-035e-4c81-abc2-9e79f7d4fdcb;mdl=;dip=3edb5f8a-64e5-4856-9612-0d339347ffde

75 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request saskatoon Show response
mnpdebt.ca/en/offices/
Redirect Chain

https://bankruptcysask.ca/
https://mnpdebt.ca/en/offices/saskatoon

92 KB
22 KB

673ms
585ms

Document
text/html

2606:4700:20::6819:6e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mnpdebt.ca/en/offices/saskatoon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:6e25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa0414d21b2e89c8f5ae54e85cb293957bf2b1c7c7276d47240a8193c893159b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' blob: .mnp.ca cdn.designer-images.com d1mj578wat5n4o.cloudfront.net cdn.jsdelivr.net polyfill.io js.zi-scripts.com .ceros.com .moosend.com .postescanada-canadapost.ca .azurefd.net .azureedge.net .stat-track.com .ghostretail.com .userway.org .clearbitjs.com .evidon.com .clearbitscripts.com .bing.com .clarity.ms qvdt3feo.com .esnlocco.com .google.ca .zscalerthree.net .googlesyndication.com .fontawesome.com .demandbase.com .6sc.co cdnjs.cloudflare.com .actonsoftware.com .mnp.ca .callrail.com .adnxs.com .hscollectedforms.net .hs-banner.com .hsadspixel.net .hs-analytics.net .hs-scripts.com .googleadservices.com gtm.js .olark.com .visualwebsiteoptimizer.com .wufoo.com .hsforms.com .hsforms.net data.processwebsitedata.com .calendly.com .ubembed.com .js.ubembed.com .googleapis.com .hubspot.com .youtube.com .vimeocdn.com .stackadapt.com .simpli.fi .sharethis.com .licdn.com .hotjar.com .googletagmanager.com .jquery.com .google.com www.gstatic.com www.google-analytics.com connect.facebook.net js.adsrvr.org platform.twitter.com secure.quantserve.com static.ads-twitter.com rules.quantcount.com insight.adsrvr.org analytics.twitter.com .doubleclick.net; style-src 'unsafe-inline' 'self' cdn.jsdelivr.net .bootstrapcdn.com .moosend.com .postescanada-canadapost.ca .azurefd.net .userway.org cdnjs.cloudflare.com .actonsoftware.com .mnp.ca .googletagmanager.com .olark.com .typekit.net fonts.googleapis.com; font-src cdn.jsdelivr.net .bootstrapcdn.com .postescanada-canadapost.ca .azurefd.net .userway.org cdnjs.cloudflare.com .mnp.ca .fontawesome.com .olark.com fonts.gstatic.com use.typekit.net; img-src 'self' data: moosendimages.imgix.net cdn.designer-images.eu mnpdebt.ca .dynamics.com obs.esnlocco.com .designer-images.net .postescanada-canadapost.ca .azurefd.net .ghostretail.com cdn.jsdelivr.net .krxd.net .userway.org .evidon.com .clarity.ms .bing.com .zscalerthree.net .website-files.com .rlcdn.com .company-target.com .bidr.io .6sc.co .sharethis.com .twitter.com .adnxs.com .hsforms.com .atedra.com .olark.com .visualwebsiteoptimizer.com .gstatic.com .googleapis.com .hubspot.com .googletagmanager.com .facebook.net .adsymptotic.com .linkedin.com .stackadapt.com .google.ca .google.com .google.co.in .doubleclick.net .adsrvr.org pixel.quantserve.com www.google-analytics.com www.facebook.com dpm.demdex.net t.co; connect-src 'self' ws: bat.bing.com .sitecorecloud.io members-utilities-service-web.m-operations.com server-side-tagging-i5xuhybifq-uc.a.run.app js.zi-scripts.com obs.esnlocco.com .postescanada-canadapost.ca .azurefd.net .googlesyndication.com .m-pages.com .stat-track.com .hscollectedforms.net .googleadservices.com .dynamics.com .evidon.com .linkedin.com .ghostretail.com .userway.org .clearbit.com .clarity.ms .facebook.com bcp.crwdcntrl.net .google.com .linkedin.oribi.io .google.ca .fontawesome.com .adnxs.com .company-target.com .6sc.co .callrail.com .visualwebsiteoptimizer.com app.vwo.com .hubapi.com .hubspot.com .olark.com .events.ubembed.com .hsforms.com .s3.amazonaws.com .hotjar.com .hotjar.io .sharethis.com .google-analytics.com analytics.google.com .googleapis.com .doubleclick.net; frame-src 'self' .ceros.com .postescanada-canadapost.ca .azurefd.net .dynamics.com .userway.org .evidon.com .ghostretail.com .googlesyndication.com .hsforms.net .mnp.ca .podcasts.apple.com .spotify.com .olark.com .pages.ubembed.com .hsforms.com calendly.com .sendthisfile.com .sharethis.com .hotjar.com .consensu.org .adsrvr.org .youtube.com .vimeo.com .wufoo.com .doubleclick.net insight.adsrvr.org www.facebook.com www.google.com; form-action 'self' .postescanada-canadapost.ca .azurefd.net .mnp.ca www.facebook.com .hsforms.com; media-src 'unsafe-inline' 'self' *.ghostretail.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8b522f660d9436ac-YYZ
content-encoding: br
content-security-policy: default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' blob: *.mnp.ca cdn.designer-images.com d1mj578wat5n4o.cloudfront.net cdn.jsdelivr.net polyfill.io js.zi-scripts.com *.ceros.com *.moosend.com *.postescanada-canadapost.ca *.azurefd.net *.azureedge.net *.stat-track.com *.ghostretail.com *.userway.org *.clearbitjs.com *.evidon.com *.clearbitscripts.com *.bing.com *.clarity.ms qvdt3feo.com *.esnlocco.com *.google.ca *.zscalerthree.net *.googlesyndication.com *.fontawesome.com *.demandbase.com *.6sc.co cdnjs.cloudflare.com *.actonsoftware.com *.mnp.ca *.callrail.com *.adnxs.com *.hscollectedforms.net *.hs-banner.com *.hsadspixel.net *.hs-analytics.net *.hs-scripts.com *.googleadservices.com gtm.js *.olark.com *.visualwebsiteoptimizer.com *.wufoo.com *.hsforms.com *.hsforms.net data.processwebsitedata.com *.calendly.com *.ubembed.com *.js.ubembed.com *.googleapis.com *.hubspot.com *.youtube.com *.vimeocdn.com *.stackadapt.com *.simpli.fi *.sharethis.com *.licdn.com *.hotjar.com *.googletagmanager.com *.jquery.com *.google.com www.gstatic.com www.google-analytics.com connect.facebook.net js.adsrvr.org platform.twitter.com secure.quantserve.com static.ads-twitter.com rules.quantcount.com insight.adsrvr.org analytics.twitter.com *.doubleclick.net; style-src 'unsafe-inline' 'self' cdn.jsdelivr.net *.bootstrapcdn.com *.moosend.com *.postescanada-canadapost.ca *.azurefd.net *.userway.org cdnjs.cloudflare.com *.actonsoftware.com *.mnp.ca *.googletagmanager.com *.olark.com *.typekit.net fonts.googleapis.com; font-src cdn.jsdelivr.net *.bootstrapcdn.com *.postescanada-canadapost.ca *.azurefd.net *.userway.org cdnjs.cloudflare.com *.mnp.ca *.fontawesome.com *.olark.com fonts.gstatic.com use.typekit.net; img-src 'self' data: moosendimages.imgix.net cdn.designer-images.eu mnpdebt.ca *.dynamics.com obs.esnlocco.com *.designer-images.net *.postescanada-canadapost.ca *.azurefd.net *.ghostretail.com cdn.jsdelivr.net *.krxd.net *.userway.org *.evidon.com *.clarity.ms *.bing.com *.zscalerthree.net *.website-files.com *.rlcdn.com *.company-target.com *.bidr.io *.6sc.co *.sharethis.com *.twitter.com *.adnxs.com *.hsforms.com *.atedra.com *.olark.com *.visualwebsiteoptimizer.com *.gstatic.com *.googleapis.com *.hubspot.com *.googletagmanager.com *.facebook.net *.adsymptotic.com *.linkedin.com *.stackadapt.com *.google.ca *.google.com *.google.co.in *.doubleclick.net *.adsrvr.org pixel.quantserve.com www.google-analytics.com www.facebook.com dpm.demdex.net t.co; connect-src 'self' ws: bat.bing.com *.sitecorecloud.io members-utilities-service-web.m-operations.com server-side-tagging-i5xuhybifq-uc.a.run.app js.zi-scripts.com obs.esnlocco.com *.postescanada-canadapost.ca *.azurefd.net *.googlesyndication.com *.m-pages.com *.stat-track.com *.hscollectedforms.net *.googleadservices.com *.dynamics.com *.evidon.com *.linkedin.com *.ghostretail.com *.userway.org *.clearbit.com *.clarity.ms *.facebook.com bcp.crwdcntrl.net *.google.com *.linkedin.oribi.io *.google.ca *.fontawesome.com *.adnxs.com *.company-target.com *.6sc.co *.callrail.com *.visualwebsiteoptimizer.com app.vwo.com *.hubapi.com *.hubspot.com *.olark.com *.events.ubembed.com *.hsforms.com *.s3.amazonaws.com *.hotjar.com *.hotjar.io *.sharethis.com *.google-analytics.com analytics.google.com *.googleapis.com *.doubleclick.net; frame-src 'self' *.ceros.com *.postescanada-canadapost.ca *.azurefd.net *.dynamics.com *.userway.org *.evidon.com *.ghostretail.com *.googlesyndication.com *.hsforms.net *.mnp.ca *.podcasts.apple.com *.spotify.com *.olark.com *.pages.ubembed.com *.hsforms.com calendly.com *.sendthisfile.com *.sharethis.com *.hotjar.com *.consensu.org *.adsrvr.org *.youtube.com *.vimeo.com *.wufoo.com *.doubleclick.net insight.adsrvr.org www.facebook.com www.google.com; form-action 'self' *.postescanada-canadapost.ca *.azurefd.net *.mnp.ca www.facebook.com *.hsforms.com; media-src 'unsafe-inline' 'self' *.ghostretail.com
content-type: text/html; charset=utf-8
date: Sun, 18 Aug 2024 13:17:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: geolocation=(self)
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UXj4qVjaAo4bdHo%2FuLBp5L4%2FPhwXPm%2BaAiCjSKom9H%2FDdbwyznjgsSxcqcQCid%2BzXqEzKA7UT2TNZoQrQD%2BhnYCBaN3Lhyxxf2lWjDMrwirtwB%2FVo2FS0X5npQDancP5E1SIGifvKmY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

cache-control: max-age=3600
cf-ray: 8b522f63dc6f5413-YYZ
content-length: 167
content-type: text/html
date: Sun, 18 Aug 2024 13:17:37 GMT
expires: Sun, 18 Aug 2024 14:17:37 GMT
location: https://mnpdebt.ca/en/offices/saskatoon
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=miHx1itCHCma1ttE3t%2BCrawrNeT6EoB6UaOTJdiUWTZOexuv0YioXUlmeWzB48oiFvgsRLeEu4fJBoG2DC9ugtzr8VEQ5xAhttnj2v0VxfTxL25keafoxydv37oHER0em4Glit69DSXn4oTfmrQ3oA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 VisitorIdentification.js Show response
mnpdebt.ca/layouts/system/ 2 KB
1 KB 99ms
78ms Script
application/x-javascript 2606:4700:20::6819:6e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mnpdebt.ca/layouts/system/VisitorIdentification.js

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/offices/saskatoon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:6e25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7941c043b215ecc58d18e696d42abbd225eb0baa075cb5e31027725cc5312fce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://mnpdebt.ca/en/offices/saskatoon
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 13:17:38 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains
age: 44
content-length: 910
last-modified: Fri, 22 Nov 2019 01:16:17 GMT
server: cloudflare
etag: "85992271d2a0d51:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3oNDhpU%2Bg%2Fk841Gi6TOlI1lFqLliuFV%2BGulXK39a2ju%2F06X1brrArXlAm%2Flt82cbE9oAvC54g7hsqevcjOHwUeSuD00OewlG%2BTh6mJ08JhWBHpQf4Wdq1nqvBliKgQdRtVljl1ZT5bY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b522f6b595536ac-YYZ

GET
H2 200 icon
fonts.googleapis.com/ 569 B
775 B 147ms
46ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/offices/saskatoon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 18 Aug 2024 13:17:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 18 Aug 2024 13:17:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Aug 2024 13:17:38 GMT

GET
H2 200 website.min.css
mnpdebt.ca/Assets/ 625 KB
126 KB 73ms
53ms Stylesheet
text/css 2606:4700:20::6819:6e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mnpdebt.ca/Assets/website.min.css?v=Ojd-yg30mLH_x_vKdeDn531gqFG4TBkmnmjrB7MC9pQ1

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/offices/saskatoon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:6e25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

069f7391913410b9868753914bcc1b773ae9cfb2a5bede9c5b1fa2935c9f17a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://mnpdebt.ca/en/offices/saskatoon
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 13:17:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 29 Apr 2024 14:53:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains
age: 9584674
server: cloudflare
vary: User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IqKVm76KwCd9Fbf8FgKdy9Q3atkPZ6bCv%2FVgphCuwDynvRvyDZL3DP6D%2Fy6tkZrvsZyQyDZD5aLzxM87IClW2tksXJp2Pf%2BIA%2B%2Bh9mkQb4%2B6R8dtvNsM1OGGnNxlP1nX0pOUdKjE%2BJc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 8b522f6b595436ac-YYZ
expires: Tue, 29 Apr 2025 14:53:04 GMT

GET
H2 200 slick-theme.css
cdn.jsdelivr.net/gh/kenwheeler/slick@1.8.1/slick/ 3 KB
1 KB 116ms
19ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/kenwheeler/slick@1.8.1/slick/slick-theme.css

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/offices/saskatoon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 18 Aug 2024 13:17:38 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2903502
x-jsd-version: 1.8.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 928
x-served-by: cache-fra-eddf8230103-FRA, cache-yul1970027-YUL
x-jsd-version-type: version
etag: W/"c49-gaQ0+U8rESTzIyu4bylE+C+yOsA"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 slick.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 2 KB
947 B 111ms
15ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/offices/saskatoon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 18 Aug 2024 13:17:38 GMT
x-content-type-options: nosniff
content-encoding: br
age: 3395193
x-jsd-version: 1.8.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 484
x-served-by: cache-fra-etou8220022-FRA, cache-yul1970027-YUL
x-jsd-version-type: version
etag: W/"6f0-qUoFmzF4tK3sCeMoGs4oGaMAlaQ"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 92ms
53ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/offices/saskatoon

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 13:17:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 852733
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MdoN2%2FgplUs3Qsg%2BAMRSeAP4j6%2Ba24WGReLyMVC2gT5Bnp4CZiaN1qiL%2FwVehGQ2VyCnjtjIJYuGNAwb5Ovpi09ulzZWFY9sCUaorL2bYjTeOv2OKqCxFrZ2EwOAjhibw%2BYgnRFf"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b522f6b7abaac78-YYZ
expires: Fri, 08 Aug 2025 13:17:38 GMT

GET
H2 200 slick.min.js Show response
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 42 KB
11 KB 109ms
18ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/offices/saskatoon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 18 Aug 2024 13:17:38 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1740161
x-jsd-version: 1.8.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 11325
x-served-by: cache-fra-eddf8230159-FRA, cache-yul1970027-YUL
x-jsd-version-type: version
etag: W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 mnp-310_logo_343-png.png
mnpdebt.ca/-/media/images/mnpdebt/branding/ 10 KB
10 KB 129ms
118ms Image
image/png 2606:4700:20::6819:6e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mnpdebt.ca/-/media/images/mnpdebt/branding/mnp-310_logo_343-png.png?h=259&w=490&hash=4298041970DAA3BF90E29F6498AA67D2

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/offices/saskatoon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:6e25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae2dd162276f1df1698417c864ff91071a120fbd15c4a2d6949f3b0e7a064df9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://mnpdebt.ca/en/offices/saskatoon
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 13:17:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: BYPASS
last-modified: Tue, 22 Sep 2020 19:46:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fgjsso%2B9MhvSci6RbXkAJewMx0ER25EyFhJf41J8C3g2hZ6qmfORMudLUOOT2w083cuBlaBSPxueO0q8NasKyjIqkC6EBdwBWlHe3gxBL9ZYYVPG9L2x%2B6Vf6TRG8WhvNHgwxlKrJ3w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private, max-age=604800
content-disposition: inline; filename="MNP-310_logo_343 png.png"
accept-ranges: bytes
cf-ray: 8b522f6b595636ac-YYZ
content-length: 9998

GET
H2 200 consumer-mobile-logo.png
mnpdebt.ca/-/media/images/mnpdebt/branding/ 3 KB
4 KB 162ms
152ms Image
image/png 2606:4700:20::6819:6e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mnpdebt.ca/-/media/images/mnpdebt/branding/consumer-mobile-logo.png?h=55&w=125&hash=9CCA7CA96776EF7F851B95A459513470

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/offices/saskatoon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:6e25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca7a6a06db46658d14b6c4e22c3a5f956dcb2d25da236e2ef03e1a8daaa670ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://mnpdebt.ca/en/offices/saskatoon
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 13:17:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: BYPASS
last-modified: Tue, 22 Sep 2020 19:48:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fJ4LfA2qaW6h7pnUc6XWQ6V%2B9pxhGNjCBarhFJIeEGBK4%2BOfUDZOkmhZtQ%2FEQBxcGnOFp5OkK9M%2BxhfS2yKbUfNOOKERGH1USxS%2FNfYuC7IxNBwv2BwPqk7AloOti4aFSr1udl0urxs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private, max-age=604800
content-disposition: inline; filename="consumer mobile logo.png"
accept-ranges: bytes
cf-ray: 8b522f6b595736ac-YYZ
content-length: 3411

GET
H2 200 calgary_638211070-copy-jpg.jpg
mnpdebt.ca/-/media/images/mnpdebt/hero-banner-backgrounds/offices/ab/ 184 KB
185 KB 129ms
128ms Image
image/jpeg 2606:4700:20::6819:6e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mnpdebt.ca/-/media/images/mnpdebt/hero-banner-backgrounds/offices/ab/calgary_638211070-copy-jpg.jpg

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/offices/saskatoon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:6e25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76eea4bd978fa1b33ea455310626fa5455fbf90cf88ca65a48d360ca612dadea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://mnpdebt.ca/en/offices/saskatoon
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 13:17:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: BYPASS
last-modified: Mon, 28 Sep 2020 19:02:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YFkXQfr5gmdpRpC7kWqsIo04%2F9a2lN%2Fz7iOg5VaYyk4aQ5bXrMTulVeL3KUrVZX5eP0mHvWP7ga1j6CWNzIWuub61rnzpGvR8x22RcRbMKcW6u6ph9VVQnlVhdpwCNMC2VeLozji9ic%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private, max-age=604800
content-disposition: inline; filename="Calgary_638211070 copy jpg.jpg"
accept-ranges: bytes
cf-ray: 8b522f6c4a3a36ac-YYZ
content-length: 188640

GET
H2 200 media-block-5---mature-man-jpg.jpg
mnpdebt.ca/-/media/images/mnpdebt/consumer/home-page/call-outs/ 33 KB
34 KB 133ms
111ms Image
image/jpeg 2606:4700:20::6819:6e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mnpdebt.ca/-/media/images/mnpdebt/consumer/home-page/call-outs/media-block-5---mature-man-jpg.jpg

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/offices/saskatoon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:6e25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e58019bec5dcd8d0d8a8012a9a66bc0583c5caa160e5667700fc911a5e0f8879

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://mnpdebt.ca/en/offices/saskatoon
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 13:17:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: BYPASS
last-modified: Fri, 23 Oct 2020 20:55:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lNrQEr2VVC3NXklAS58FKnlZYBKYhRLdlJN%2B7CGonbjTIYJj4AHwj4q6%2FC%2Bb5i0eTDCOYt0rxmN%2B8%2BNb7xeLeN%2BzCF9XaRzKl1UI1Db8pF%2B587Qz6wuuxgvj%2B1KsTs7g%2B1%2B%2FJLOoQDo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private, max-age=604800
content-disposition: inline; filename="Media-Block-5 - Mature Man jpg.jpg"
accept-ranges: bytes
cf-ray: 8b522f6c7a8536ac-YYZ
content-length: 34124

GET
H2 200 media-block-pillars-diy-debt-solutions-jpg.jpg
mnpdebt.ca/-/media/images/mnpdebt/consumer/landing-pages/ 29 KB
30 KB 131ms
109ms Image
image/jpeg 2606:4700:20::6819:6e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mnpdebt.ca/-/media/images/mnpdebt/consumer/landing-pages/media-block-pillars-diy-debt-solutions-jpg.jpg

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/offices/saskatoon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:6e25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8e1f6211c190443fd6bafdc485b9dc339e700bde83352a3aa6b18c695c4c7d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://mnpdebt.ca/en/offices/saskatoon
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 13:17:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: BYPASS
last-modified: Fri, 23 Oct 2020 21:00:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xe7pb5m%2FpJ11awHQEMqXMBp96HZNSgPViO4HywVBDEYFQI3nmr5Wtavb0HKhZUftNgzuBFupiaRXsvaZJlyjqWTMcFsp65pbok3TPtSwSTvlcqt%2BilAWLzXDNdQzfAEp2wFf37jn8KI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private, max-age=604800
content-disposition: inline; filename="Media-Block-Pillars-DIY Debt Solutions jpg.jpg"
accept-ranges: bytes
cf-ray: 8b522f6c7a8636ac-YYZ
content-length: 30202

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
989 B 148ms
63ms Script
text/javascript 142.251.40.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LchOswZAAAAAExqv__mYOvUeAutmKH1O2lM_u57

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/offices/saskatoon

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.164 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f4.1e100.net

Software

GSE /

Resource Hash

6ad9f80ea6ec0ffbad32e55579b96f35202f8b2627b932d0ca9bfeb07a76e33d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 13:17:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sun, 18 Aug 2024 13:17:38 GMT

GET
H2 200 saskatoon-shutterstock_451491634-jpg.jpg
mnpdebt.ca/-/media/images/mnpdebt/hero-banner-backgrounds/offices/sk/ 128 KB
129 KB 146ms
132ms Image
image/jpeg 2606:4700:20::6819:6e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mnpdebt.ca/-/media/images/mnpdebt/hero-banner-backgrounds/offices/sk/saskatoon-shutterstock_451491634-jpg.jpg

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/offices/saskatoon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:6e25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e740888040619beab82a42b898cad48e839dc3275f2e559835f2df4d190b7b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://mnpdebt.ca/en/offices/saskatoon
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 13:17:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: BYPASS
last-modified: Tue, 29 Sep 2020 15:37:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FWNwXvidqnfewmnRXrO3py568vivZcUfR5mwtrcHm9D5PSGorPqfhSmOmquvwhHRKoNlU4x44V5pvfOcifaUq%2BONzmb1IT8fPFZm%2FaRu9GrCLH8FEdvdADzaB6MGr1%2Bgu6TzVXUdPqg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private, max-age=604800
content-disposition: inline; filename="Saskatoon shutterstock_451491634 jpg.jpg"
accept-ranges: bytes
cf-ray: 8b522f6c7a8e36ac-YYZ
content-length: 131089

GET
H2 200 consumer-choice-award-2024-saskatoon.png
mnpdebt.ca/-/media/images/mnpdebt/consumer/offices/business-excellence-awards/2024/ 41 KB
41 KB 281ms
266ms Image
image/png 2606:4700:20::6819:6e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mnpdebt.ca/-/media/images/mnpdebt/consumer/offices/business-excellence-awards/2024/consumer-choice-award-2024-saskatoon.png

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/offices/saskatoon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:6e25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

154106418f64a9a712d1e110792a0af4bbd92ba75ce7d7516fa2026a209fd016

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://mnpdebt.ca/en/offices/saskatoon
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 13:17:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: BYPASS
last-modified: Wed, 27 Mar 2024 19:25:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DoPCBPFo%2BUENB3PYUpfehfNZj9xi4zGKEvwk%2BfTlx915qGIFKGPmBIDzCHIa8JPZBTpsR6YBfEyG%2BciofNyzXWNr1u1hYfPf6iGYiV5mo%2FvioXdBo8KjlGb6pMWQynUZlLLqUtQMpLg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private, max-age=604800
content-disposition: inline; filename="Consumer-Choice-Award-2024-Saskatoon.png"
accept-ranges: bytes
cf-ray: 8b522f6c9a9936ac-YYZ
content-length: 41505

GET
H2 200 saskatoon-office-jpg.jpg
mnpdebt.ca/-/media/images/mnpdebt/consumer/offices/page-images/sk/ 201 KB
202 KB 237ms
223ms Image
image/jpeg 2606:4700:20::6819:6e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mnpdebt.ca/-/media/images/mnpdebt/consumer/offices/page-images/sk/saskatoon-office-jpg.jpg

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/offices/saskatoon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:6e25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

950cd2457c0a1d347ce836df9a69cfc7a9cd77196b001a3563efdb4862483831

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://mnpdebt.ca/en/offices/saskatoon
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 13:17:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: BYPASS
last-modified: Fri, 23 Jul 2021 20:15:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4jWPSud8dUmXp1wGooIHDM3uZwUKTf7Ql3ZJg1wo1ji4Z2Un9Vc3ZfBaZ%2FsGeGeURZHZMUjA4Sfe1rKbxWKoLWiceCJi6FRSU7oGG4YNipZlSYnneonRFT7aanj62Afi8b7WEjSgGpg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private, max-age=604800
content-disposition: inline; filename="Saskatoon-Office jpg.jpg"
accept-ranges: bytes
cf-ray: 8b522f6c9a9a36ac-YYZ
content-length: 205959

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 217 KB
74 KB 198ms
76ms Script
text/javascript 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyAZAtMxqlWtzItDherGP4BatdWddLWily0

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/offices/saskatoon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

8bb1e36477c87393c0594fb16ee879e81152904395c243d25095da5d5d74e64b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 13:17:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75468
x-xss-protection: 0

GET
H2 200 personnel-image-13850.jpg
mnpdebt.ca/-/media/foundation/integrations/personnel/2021/11/03/01/12/ 184 KB
185 KB 280ms
267ms Image
image/jpeg 2606:4700:20::6819:6e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mnpdebt.ca/-/media/foundation/integrations/personnel/2021/11/03/01/12/personnel-image-13850.jpg

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/offices/saskatoon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:6e25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65172c31e06abcf9a1d61a2c3bbd59c41d321198673e69eee8a056b068baceb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://mnpdebt.ca/en/offices/saskatoon
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 13:17:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: BYPASS
last-modified: Mon, 06 Mar 2023 16:21:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3euLU50nJ9bv4PZXHxoA%2B3n0jaTro7p47l1ZAnibrvvxXpni%2BiAeiWgva4xEAhNAPC29vW5qzGLYVH2Bc0VhQVg%2BhQ83TNJjQo79yVSQqR55D91pvKJUaG0Tu0N3g8SzD3ZNcKFRiGA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private, max-age=604800
content-disposition: inline; filename="Personnel image 13850.jpg"
accept-ranges: bytes
cf-ray: 8b522f6c9a9b36ac-YYZ
content-length: 188657

GET
H2 200 personnel-image-6474.jpg
mnpdebt.ca/-/media/foundation/integrations/personnel/2019/10/15/15/03/ 168 KB
168 KB 283ms
271ms Image
image/jpeg 2606:4700:20::6819:6e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mnpdebt.ca/-/media/foundation/integrations/personnel/2019/10/15/15/03/personnel-image-6474.jpg

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/offices/saskatoon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:6e25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0471403e0b155db846d68798ab868b53dd2dfb3c346672d9b83961465795fec9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://mnpdebt.ca/en/offices/saskatoon
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 13:17:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: BYPASS
last-modified: Wed, 16 Dec 2020 13:59:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CDcJDxW%2Fv6SUhbZLOfMMxDzrEfTueM6WxXx%2FbLcix0lxLUGZLHNtBVclE4VGMy3HZLdUGGn%2Fi9zbR2lAB2Pt2dk40uQvub%2BxuZq7ICteUG2fJL8QD3CsQKsuMiQ5tySZvcfWmn1SEVQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private, max-age=604800
content-disposition: inline; filename="Personnel image 6474.jpg"
accept-ranges: bytes
cf-ray: 8b522f6c9a9c36ac-YYZ
content-length: 171886

GET
H2 200 personnel-image-6471.jpg
mnpdebt.ca/-/media/foundation/integrations/personnel/2019/10/15/15/04/ 177 KB
177 KB 274ms
263ms Image
image/jpeg 2606:4700:20::6819:6e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mnpdebt.ca/-/media/foundation/integrations/personnel/2019/10/15/15/04/personnel-image-6471.jpg

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/offices/saskatoon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:6e25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc855c23697eb2e3645db98b9a655fa2a4e7e3184fccca83e63444cffbef5973

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://mnpdebt.ca/en/offices/saskatoon
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 13:17:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: BYPASS
last-modified: Wed, 23 Mar 2022 16:36:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JPa3TsBIe9umAgQC6%2BFzeTlljcL3%2FCXgFrAXMLZ%2FHcXH3dtjsFIb8TSkVpKkpJMUxX64DIYL5ppcoBOj2EQ%2Be0GgXugReiItV88TsBNzTzAs%2BY2q9iZ%2FjRoNHFB82pEXTISJOMZwWVc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private, max-age=604800
content-disposition: inline; filename="Personnel image 6471.jpg"
accept-ranges: bytes
cf-ray: 8b522f6c9a9d36ac-YYZ
content-length: 181018

GET
H2 200 4155-24-corp-enfr-mnpdebtca_footer---update-cca-award-logo.png
mnpdebt.ca/-/media/images/mnpdebt/datasourceimages/consumer/mnp_businessexcellence_2022_black/ 59 KB
59 KB 185ms
174ms Image
image/png 2606:4700:20::6819:6e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mnpdebt.ca/-/media/images/mnpdebt/datasourceimages/consumer/mnp_businessexcellence_2022_black/4155-24-corp-enfr-mnpdebtca_footer---update-cca-award-logo.png?h=271&w=540&hash=4652A4E98B0DEDD6CB786E383B9E1729

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/offices/saskatoon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:6e25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc19f2681ed461c22ced42a2a7b4f8a59b627a9983329f8dac237f8c4352a1aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://mnpdebt.ca/en/offices/saskatoon
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 13:17:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: BYPASS
last-modified: Mon, 10 Jul 2023 18:48:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6LqKjWGT3K98HNSfgDaIPDO0pqsTUsyijebkvSBJGbZF41%2BNADc13D0Y%2B6E1r0UMo0NoC%2Fv9TBHmbBgjwto5NNZk%2FqmUKh%2F9r7%2FtPe54HwAl2Idq5n8CV%2Fr1z6XL9jU%2FrfOF%2BJFEbI8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private, max-age=604800
content-disposition: inline; filename="4155-24-CORP ENFR MNPDebtca_Footer - Update CCA Award Logo.png"
accept-ranges: bytes
cf-ray: 8b522f6c9a9e36ac-YYZ
content-length: 60429

GET
H2 200 email-decode.min.js Show response
mnpdebt.ca/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 49ms
27ms Script
application/javascript 2606:4700:20::6819:6e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mnpdebt.ca/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/offices/saskatoon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:6e25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://mnpdebt.ca/en/offices/saskatoon
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 13:17:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 09 Aug 2024 15:30:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: gzip
etag: W/"66b635fa-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qi58ic%2F%2BTfsxH8igY3E69QbeL2hbKavkmZ2BdI7dUDKXZGEQhB9F8d30XXICYado7l4qzBalWXy78YDNCFBwKF%2FiWzVHU%2BVuuUyTkBkdcWgZ%2BqN%2BXiypEumH0Z7nNeGAJIBgPTOmmPk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8b522f6c7a8836ac-YYZ
expires: Tue, 20 Aug 2024 13:17:38 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
962 B 151ms
73ms Script
text/javascript 142.251.40.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/offices/saskatoon

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.164 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f4.1e100.net

Software

GSE /

Resource Hash

70925c4bda48e2ae325950aab67fe70a75dc2984b9e4f5844f4858c5adf6ef2b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 13:17:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sun, 18 Aug 2024 13:17:38 GMT

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ 86 KB
30 KB 91ms
22ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/offices/saskatoon
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer
Origin: https://mnpdebt.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 13:17:38 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 4080795
x-cache: HIT, HIT
content-length: 30638
x-served-by: cache-lga21965-LGA, cache-yul1970046-YUL
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1723987059.680920,VS0,VE0
etag: W/"28feccc0-15851"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 141379, 153344

GET
H2 200 bootstrap.min.js Show response
mnpdebt.ca/Assets/Project/ 57 KB
21 KB 56ms
36ms Script
application/x-javascript 2606:4700:20::6819:6e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mnpdebt.ca/Assets/Project/bootstrap.min.js

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/offices/saskatoon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:6e25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bcd802e9f77849e7c1e93c87279fbbb04d45949d2be79b03566ceacde29b158

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://mnpdebt.ca/en/offices/saskatoon
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 13:17:38 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains
age: 44
content-length: 21407
last-modified: Fri, 03 May 2024 05:25:48 GMT
server: cloudflare
etag: "016dd5a1a9dda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5d01ZtPm%2F5KR1Zi7N7FZy0zbUdB1bFy97WzxuVUAA6FC9%2BJqe7hJFvubdeH49qITzRIsA8EBM7wjyWf%2F84oPYEEKFpdg3D9m6J3bBNg0l0iAoDJH0cvI7MdJZFaJ9HeFDTo05OTPGJ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b522f6c7a8936ac-YYZ

GET
H2 200 website.min.js Show response
mnpdebt.ca/Assets/ 28 KB
6 KB 52ms
32ms Script
text/javascript 2606:4700:20::6819:6e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mnpdebt.ca/Assets/website.min.js?v=VkAy7dnUVaIS2-bckki_HcRRtBqpqFM44vQ48paYxL01

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/offices/saskatoon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:6e25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54c8f9143b9c1dca56c7383e1e47a92645920ed6a622843de5aefcb56984a1f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://mnpdebt.ca/en/offices/saskatoon
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 13:17:38 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains
age: 9584673
content-length: 6183
last-modified: Mon, 29 Apr 2024 14:53:05 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mfIpuG8RGxs3Qm8d0%2F4AB2KTOrfq2FIItu6rRCLxg9Xu7%2BlHBAYz5pPI5bJps2QtNyNH0V45xaly7ABYfFz6Pcb1z2N92jPYDPD%2FBdl%2B09CJM0TpaZHEZoznaqY8ylwUV1r6tQ56IZM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8b522f6c7a8a36ac-YYZ
expires: Tue, 29 Apr 2025 14:53:05 GMT

GET
H2 200 jquery.basictable.min.js Show response
mnpdebt.ca/Assets/Project/ 3 KB
2 KB 53ms
37ms Script
application/x-javascript 2606:4700:20::6819:6e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mnpdebt.ca/Assets/Project/jquery.basictable.min.js

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/offices/saskatoon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:6e25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

634422c5d20bcf9f20b94ea44d0bffb0ce9265285d0a7b58da5c0fda06612808

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://mnpdebt.ca/en/offices/saskatoon
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 13:17:38 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains
age: 44
content-length: 1307
last-modified: Fri, 03 May 2024 05:25:48 GMT
server: cloudflare
etag: "016dd5a1a9dda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7cYzfOLt%2Fze%2FUuTqZDYLpxALb4a9reMY3n8DKmHxp4aAdQamtAATkfBc83sfoMsDNWQb8nUVebKZPjMIQMr3KZeGhoqI7Nm2LzBUQOd1i3UNsSfigY8aG9%2FpqvgQz4CYxEATZHRrrms%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b522f6c7a8b36ac-YYZ

GET
H2 200 slick.min.js Show response
mnpdebt.ca/Assets/Project/ 42 KB
14 KB 53ms
37ms Script
application/x-javascript 2606:4700:20::6819:6e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mnpdebt.ca/Assets/Project/slick.min.js

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/offices/saskatoon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:6e25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1a52c0a06fa9f65e015b02e7ec463fd621211a9d2ae44b6660597900e927fbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://mnpdebt.ca/en/offices/saskatoon
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 13:17:38 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains
age: 44
content-length: 14348
last-modified: Fri, 03 May 2024 05:25:48 GMT
server: cloudflare
etag: "016dd5a1a9dda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tj7EAUh1s5vtZp7nIRpN4X%2FzviZkuCnwXqePplifHQ37DEnj1UEVBpwNGBneOAHdboivNzn%2B%2FRMDHj%2BXPW5z6CZDgAVf4P3xgliKONXaPCzPrDLIvjlet3pbW8UTed%2Be3xpB2mNyH58%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b522f6c7a8c36ac-YYZ

GET
H2 200 common.js Show response
mnpdebt.ca/Assets/ 32 KB
8 KB 51ms
36ms Script
text/javascript 2606:4700:20::6819:6e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mnpdebt.ca/Assets/common.js?v=jMO9BIy1xlShIJ0QQ2yHSAkC6AdoLGKZByLpieBCxcI1

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/offices/saskatoon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:6e25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da977ec0e3d46db3e50bf3921789e96d0fe919b1782ba9f997668ef9d05a49c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://mnpdebt.ca/en/offices/saskatoon
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 13:17:38 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains
age: 9584673
content-length: 7960
last-modified: Mon, 29 Apr 2024 14:53:05 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E7RDmZoE7xc4z6tyac0fbK4TtHXiROIuiNDDKlzT%2Fqp2LGlF%2BlFe1xibWoZs26aYqReP8zoVZLbKlcoPW0%2BZypcVJ7KujyJslGx7GYZRNUPgvHB12oX%2FQWW%2BVuhUnm0QWZu6O9D6osw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8b522f6c7a8d36ac-YYZ
expires: Tue, 29 Apr 2025 14:53:05 GMT

GET
H2 200 calender_mnpdebt_cta.png
mnpdebt.ca/Assets/Project/img/ 469 B
764 B 69ms
60ms Image
image/png 2606:4700:20::6819:6e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mnpdebt.ca/Assets/Project/img/calender_mnpdebt_cta.png

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/offices/saskatoon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:6e25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb4fb26239c02838068a708dec6b5959c69877629d1502b010eae023c5d7723

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://mnpdebt.ca/en/offices/saskatoon
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 13:17:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
last-modified: Fri, 03 May 2024 05:25:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5411
etag: "016dd5a1a9dda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5vxE7JBk6WEFeg0pMAFC6J8s0HWTnbvopP%2F4P75z%2Fka6LCgIljX7EH3Adi6LyEYgDDjQL%2F7mBTu8xkUgBzwZLBRCCxNXUxQs8kbyZtWA1FgyWxlJGsmhO8KN8PTmD9QPQhN08WoZ4tM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b522f6c9a9f36ac-YYZ
content-length: 469

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 387 KB
121 KB 176ms
97ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KSKXSV

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/offices/saskatoon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ba030b220d89655148542b94eb8366bee34cb6b495f71f862fb9cc7cd79f7759

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 13:17:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123166
x-xss-protection: 0
last-modified: Sun, 18 Aug 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 18 Aug 2024 13:17:38 GMT

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 19 B
199 B 157ms
101ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=578014&u=https%3A%2F%2Fmnpdebt.ca%2Fen%2Foffices%2Fsaskatoon&f=1&r=0.4549276204682595
Requested by: Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/offices/saskatoon
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gnv2 /
Resource Hash: 651b22eb1f250e8f7cb27f8221098a3644768e70b5bd8d8912428f2c89093fb0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 13:17:38 GMT
content-encoding: gzip
via: 1.1 google
server: gnv2
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 loader.js Show response
static.olark.com/jsclient/ 9 KB
3 KB 207ms
24ms Script
application/javascript 192.229.163.53
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olark.com/jsclient/loader.js
Requested by: Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/offices/saskatoon
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.163.53 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyd/D155) /
Resource Hash: 40ab11a0125e4e13c9917405e1bea96dd7da69017f437a2ed6939cf88572d617

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 13:17:38 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 15 Aug 2024 15:27:40 GMT
server: ECS (nyd/D155)
age: 2906
etag: W/"66be1e6c-2242"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
content-length: 3130
expires: Sun, 18 Aug 2024 16:17:38 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 125 KB
126 KB 98ms
27ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mnpdebt.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 01:47:01 GMT
x-content-type-options: nosniff
age: 300638
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Aug 2025 01:47:01 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/ 531 KB
210 KB 152ms
28ms Script
text/javascript 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e96a5e1e04ee3d7ffd8118f853ec2c0bcbf73b571cfa1c710238557baf5dd896

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://mnpdebt.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 03:43:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34471
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 214556
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 04:00:39 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 18 Aug 2025 03:43:08 GMT

GET
H2 200 regionsoffices Show response
mnpdebt.ca/api/feature/forms/ 11 KB
3 KB 620ms
619ms XHR
application/json 2606:4700:20::6819:6e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mnpdebt.ca/api/feature/forms/regionsoffices

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:6e25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2720a35256fd5fe041783f690733e21e2118fe703be1189f06a68ab8dfe15890

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://mnpdebt.ca/en/offices/saskatoon
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 13:17:39 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6%2FG6HLusj%2B%2FyjV%2Fz49BbQJ70JKn6f%2BlRQeOmwrmWK0%2FPJMr%2Fj0KsU7vbWfqBdvRigS7DG70IoKy0dshAnBYtLji%2FjLA7Em8sUyzX00QvKfeEcKnhBdoSiWMJIdRyTbTLaiFQyqyrR3o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cache-control: private
cf-ray: 8b522f703d7136ac-YYZ
content-length: 2801

GET
H2 200 regionsoffices Show response
mnpdebt.ca/api/feature/forms/ 11 KB
3 KB 707ms
89ms XHR
application/json 2606:4700:20::6819:6e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mnpdebt.ca/api/feature/forms/regionsoffices

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:6e25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2720a35256fd5fe041783f690733e21e2118fe703be1189f06a68ab8dfe15890

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://mnpdebt.ca/en/offices/saskatoon
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 13:17:39 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rR4VIfLvaZdmrqqrk9B42dImNm4mUJEVjeRukgMif5iHsE32DU1QWJPmJAT%2FQNLDH%2Fmh2hb5fcin%2BD2wpwdG4KTtobsxl%2FKuMXosKn2%2BUqNfqyS1wJIH2XBhHCK6cXvrNcTy5wHa5es%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cache-control: private
cf-ray: 8b522f74183836ac-YYZ
content-length: 2801

GET
H2 200 testimonialratings Show response
mnpdebt.ca/api/feature/forms/ 331 B
713 B 71ms
70ms XHR
application/json 2606:4700:20::6819:6e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mnpdebt.ca/api/feature/forms/testimonialratings

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:6e25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddb7aa10eb158d87b05d5c3ad89d6dd5dc12fc61732277e22c9a8929b85bb96d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://mnpdebt.ca/en/offices/saskatoon
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 13:17:39 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ymwxFhxqwvc9aCRhLFksajzdDJqLFmA0qBN8CO08ExaAHq3ElbmGIWhhKp5hJ5%2Fsm6VteCXFbreebZp0wAfZ05od9pfnaCNiER9izJknfe5%2FBGMopJAve%2FBYGPO7DRz1S1VZ7Tgjsng%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cache-control: private
cf-ray: 8b522f703d7336ac-YYZ
content-length: 372

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 103ms
50ms XHR
application/json 142.250.65.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAZAtMxqlWtzItDherGP4BatdWddLWily0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.234 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f10.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 13:17:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://mnpdebt.ca
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 259 KB
92 KB 71ms
70ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6RC3RCYLF9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSKXSV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e9ab702de78b9cbc95b3dd549c49060d6aa6a31800d97a93a505fa4363f14e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 13:17:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94490
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 18 Aug 2024 13:17:39 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 319 KB
105 KB 70ms
70ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W5EX2YL3V5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSKXSV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7ced3ea077b00cda7825c09914d69b15c6a20dee085b0bf439d342b74199ad70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 13:17:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 107486
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 18 Aug 2024 13:17:39 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 103ms
26ms Script
text/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSKXSV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 18 Aug 2024 12:06:04 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4295
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 18 Aug 2024 14:06:04 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 218 KB
78 KB 81ms
81ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-4653320&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSKXSV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

754ecfc7052392712ffafea3a34dbf151eb24a5dbd6433b1563a8cac4f6d7c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 13:17:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80015
x-xss-protection: 0
last-modified: Sun, 18 Aug 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 18 Aug 2024 13:17:39 GMT

GET
H2 200 widget.js Show response
cdn.userway.org/ 2 KB
2 KB 132ms
33ms Script
application/javascript 2a02:6ea0:c400::11
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widget.js?account=ji8h8EuQGB
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSKXSV
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 89d42bdb845add68e076a9d0029445e08b2381db423e982ac42e1d203305aad8

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Sun, 18 Aug 2024 13:17:39 GMT
via: 1.1 f6acfb143216fabf7be9b3a603a486ae.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: JFK50-P7
age: 366
x-amz-server-side-encryption: AES256
x-accel-date-max: 1723525435
x-77-cache: HIT
x-cache: HIT
x-age: 311
x-accel-date: 1723986748
x-77-nzt: EgwBnJIkFgH3NwEAAAwBuTvfFAH3HgAAAA
x-accel-expires: @1723990348
x-77-age: 311
last-modified: Tue, 13 Aug 2024 05:02:16 GMT
server: CDN77-Turbo
etag: W/"e1c98bb1f500e32cbedc5bfd13b3083e"
x-77-nzt-ray: 1e192d08b5e14ebf73f4c166d3d24120
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=3600, public
vary: Accept-Encoding
x-amz-cf-id: ZN1iwf7uCKzTfDjN-7GGPvxgRoz-w845Ma7HEANmDN3WYjLqx_zmPA==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
60 KB 85ms
25ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/offices/saskatoon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 18 Aug 2024 13:17:39 GMT
document-policy: force-load-at-top
content-security-policy-report-only: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
x-fb-server-load: 26
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58865
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=12, mss=1297, tbw=2799, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: bJ5rGy+FNJpTPG1x14XtF8OAfcbWV+BIm/onhF3hQ3CFj5oxMkP2oA0plSknddwZXn9cA3Hz+XTuF1GmWt5HnQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 12 KB
5 KB 96ms
25ms Script
application/x-javascript 108.139.33.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSKXSV
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.33.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-33-128.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sat, 17 Aug 2024 18:28:09 GMT
Content-Encoding: gzip
Via: 1.1 b601959712c1f21193a489b5759f70ba.cloudfront.net (CloudFront)
Last-Modified: Fri, 07 Jun 2024 09:20:53 GMT
Server: AmazonS3
X-Amz-Cf-Pop: JFK50-P2
Age: 67771
x-amz-server-side-encryption: AES256
ETag: W/"a7eb6794e868fe870db350518165c868"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: TFrrzt5r2yXwQgpGBO64lH-6AsRLvsyZilxFXkk92MZst5AWyFiksA==

GET
H2

200

oct.js Show response
static.ads-twitter.com/
Redirect Chain

https://platform.twitter.com/oct.js
https://static.ads-twitter.com/oct.js

56 KB
15 KB

367ms
37ms

Script
application/javascript

146.75.36.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/oct.js
Requested by: Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/offices/saskatoon
Protocol: H2
Server: 146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 13:17:40 GMT
content-encoding: gzip
last-modified: Fri, 15 Mar 2024 03:07:08 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kcgs7200163-IAD

Redirect headers

date: Sun, 18 Aug 2024 13:17:39 GMT
vary
x-cache: HIT
location: https://static.ads-twitter.com/oct.js
accept-ranges: bytes
tw-cdn: FT
content-length: 0
retry-after: 0
x-served-by: cache-iad-kcgs7200104-IAD

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
10 KB 173ms
44ms Script
application/javascript 2620:116:800b:21:b08a:1dc5:659b:4055
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/offices/saskatoon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 76c46df9a6ba94318fafe8023e3f52e28b1b9a1eaf16dcd4d7ce95ab6942859b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 13:17:39 GMT
content-encoding: gzip
etag: "tIg8n6xaLBY4WwNLLw9OGA=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sun, 25 Aug 2024 13:17:39 GMT

GET
H2 200 gbo8rwj6yl Show response
www.clarity.ms/tag/ 688 B
1 KB 193ms
95ms Script
application/x-javascript 2620:1ec:29:1::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/gbo8rwj6yl
Requested by: Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/offices/saskatoon
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1afc1cf2c8efa9cb9a5a20b64288b32086681117ba5a7f2d44638e862313ea69

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
date: Sun, 18 Aug 2024 13:17:39 GMT
x-azure-ref: 20240818T131739Z-16c77878df596bspk34vdxdg9n00000003rg0000000014z5
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 688
expires: -1

GET

v2
usermatch.krxd.net/um/
Redirect Chain

https://insight.adsrvr.org/track/evnt/?adv=i4v66ce&ct=0:8qk2i4k&fmt=3&gtmcb=1601772541
https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=a4681777-2bd9-40a5-b326-cf9a19c23f88

0
0

GET
DATA 200
OK truncated
/ Frame 7083 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7083 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7083 155 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame ECC2 0
0 113ms
62ms Document
text/html 142.251.40.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LchOswZAAAAAExqv__mYOvUeAutmKH1O2lM_u57&co=aHR0cHM6Ly9tbnBkZWJ0LmNhOjQ0Mw..&hl=en&v=hfUfsXWZFeg83qqxrK27GB8P&size=invisible&cb=5ypmtlt43d6

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.164 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-d-JbhJ3-T8cDlxB5alTeXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-d-JbhJ3-T8cDlxB5alTeXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 18 Aug 2024 13:17:39 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 1839 0
0 109ms
75ms Document
text/html 142.251.40.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LchOswZAAAAAExqv__mYOvUeAutmKH1O2lM_u57&co=aHR0cHM6Ly9tbnBkZWJ0LmNhOjQ0Mw..&hl=en&v=hfUfsXWZFeg83qqxrK27GB8P&size=invisible&cb=s2mi1yinuly6

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.164 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tYW8D4aJEIwKr9vw09jyBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-tYW8D4aJEIwKr9vw09jyBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 18 Aug 2024 13:17:39 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 27ms
26ms Script
text/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 12:33:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2659
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 18 Aug 2024 13:33:20 GMT

GET
H2

200

activityi;dc_pre=CPC9zKLQ_ocDFVwcdgYdTX8F9w;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=5145706921721;npa=0;auiddc=1761448276.1723987059;ps=1;pcor=471597299;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uap...
4653320.fls.doubleclick.net/ Frame 2CEA
Redirect Chain

https://4653320.fls.doubleclick.net/activityi;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=5145706921721;npa=0;auiddc=1761448276.1723987059;ps=1;pcor=471597299;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;u...
https://4653320.fls.doubleclick.net/activityi;dc_pre=CPC9zKLQ_ocDFVwcdgYdTX8F9w;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=5145706921721;npa=0;auiddc=1761448276.1723987059;ps=1;pcor=471597299;u...

0
0

108ms
100ms

Document
text/html

142.251.40.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4653320.fls.doubleclick.net/activityi;dc_pre=CPC9zKLQ_ocDFVwcdgYdTX8F9w;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=5145706921721;npa=0;auiddc=1761448276.1723987059;ps=1;pcor=471597299;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48e0v9181660592z872010953za201zb72010953;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen%2Foffices%2Fsaskatoon?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-4653320&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.230 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 1775
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Aug 2024 13:17:40 GMT
expires: Sun, 18 Aug 2024 13:17:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Aug 2024 13:17:40 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://4653320.fls.doubleclick.net/activityi;dc_pre=CPC9zKLQ_ocDFVwcdgYdTX8F9w;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=5145706921721;npa=0;auiddc=1761448276.1723987059;ps=1;pcor=471597299;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48e0v9181660592z872010953za201zb72010953;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen%2Foffices%2Fsaskatoon?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=5145706921721;npa=0;auiddc=1761448276.1723987059;ps=1;pcor=471597299;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscd...
ad.doubleclick.net/ 0
23 B 342ms
95ms Image
image/png 142.250.65.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=5145706921721;npa=0;auiddc=1761448276.1723987059;ps=1;pcor=471597299;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48e0v9181660592z872010953za201zb72010953;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen%2Foffices%2Fsaskatoon?

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/offices/saskatoon

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.198 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Aug 2024 13:17:40 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"10902256223951526123"}],"aggregatable_trigger_data":[{"filters":[{"14":["2131827"]}],"key_piece":"0x8e0cec2785889f20","source_keys":["12","13","14","15","16","17","18","19","20","21","16259928","16259929","16259930","16259931","640965372","640965373","640965374","640965375","640992940","640992941","640992942","640992943","900099428","900099429","900099430","900099431","900178100","900178101","900178102","900178103"]},{"key_piece":"0x746a277618954bba","not_filters":{"14":["2131827"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","16259928","16259929","16259930","16259931","640965372","640965373","640965374","640965375","640992940","640992941","640992942","640992943","900099428","900099429","900099430","900099431","900178100","900178101","900178102","900178103"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"16259928":327,"16259929":327,"16259930":327,"16259931":31784,"17":65,"18":6356,"19":65,"20":65,"21":6356,"640965372":655,"640965373":655,"640965374":655,"640965375":63569,"640992940":218,"640992941":218,"640992942":218,"640992943":21189,"900099428":163,"900099429":163,"900099430":163,"900099431":15892,"900178100":163,"900178101":163,"900178102":163,"900178103":15892},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"11642175592515986495","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"10902256223951526123","filters":[{"14":["2131827"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"10902256223951526123","filters":[{"14":["2131827"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"10902256223951526123","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"10902256223951526123","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["4653320"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 50ms
50ms Fetch
text/plain 142.250.81.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-W5EX2YL3V5&gtm=45je48e0v870702077z872010953za200zb72010953&_p=1723987058495&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1587575722.1723987060&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723987059&sct=1&seg=0&dl=https%3A%2F%2Fmnpdebt.ca%2Fen%2Foffices%2Fsaskatoon&dt=Saskatoon%20%7C%20MNP%20LTD%20%7C%20Licensed%20Insolvency%20Trustees%2C%20Bankruptcy%20%26%20Consumer%20Proposals&en=page_view&_fv=1&_ss=1&up.client_id=&tfd=2818
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W5EX2YL3V5&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.81.238 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s74-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Aug 2024 13:17:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mnpdebt.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 50ms
49ms Fetch
text/plain 142.250.81.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-6RC3RCYLF9&gtm=45je48e0z872010953za200zb72010953&_p=1723987058495&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1587575722.1723987060&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723987060&sct=1&seg=0&dl=https%3A%2F%2Fmnpdebt.ca%2Fen%2Foffices%2Fsaskatoon&dt=Saskatoon%20%7C%20MNP%20LTD%20%7C%20Licensed%20Insolvency%20Trustees%2C%20Bankruptcy%20%26%20Consumer%20Proposals&en=page_view&_fv=1&_ss=1&tfd=2886
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6RC3RCYLF9&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.81.238 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s74-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Aug 2024 13:17:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mnpdebt.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 713135758770782 Show response
connect.facebook.net/signals/config/ 60 KB
13 KB 362ms
360ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/713135758770782?v=2.9.164&r=stable&domain=mnpdebt.ca&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cc6b035ef9861184d4ed02db0063a719734829a29b27512e23dc952b9b23eb07

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 18 Aug 2024 13:17:40 GMT
document-policy: force-load-at-top
x-fb-server-load: 53
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=30, rtx=0, c=66, mss=1297, tbw=64878, tp=-1, tpl=-1, uplat=330, ullat=0
pragma: public
x-fb-debug: QkS8pCIi9VlczanNJcExMUuL1gxO8qwovdAMyhJ3MxmetelyZI8qhMXvVMBFcnXgNZtxJ98N/DCIY8H+aL3XNg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 widget_app_base_1723524817692.js Show response
cdn.userway.org/widgetapp/2024-08-13-04-53-37/ 154 KB
44 KB 126ms
55ms Script
application/javascript 2a02:6ea0:c400::11
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-08-13-04-53-37/widget_app_base_1723524817692.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js?account=ji8h8EuQGB
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f9a1545f12c049d0f052930204a4ed71df2a4ce5f418cb8147d0492fc150e883

Request headers

Referer
Origin: https://mnpdebt.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Sun, 18 Aug 2024 13:17:40 GMT
via: 1.1 4da3e729faec3d2f5eeca39813785c2c.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: JFK50-P7
x-accel-date-max: 1723525794
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 461266
x-accel-date: 1723525794
x-77-nzt: EgwBnJIkFgH30gkHAAwBnJI74gH3ZwEAAA
x-accel-expires: @1749445435
x-77-age: 461266
last-modified: Tue, 13 Aug 2024 05:02:04 GMT
server: CDN77-Turbo
etag: W/"9f380f55c4f65e8ae119189202ed3991"
x-77-nzt-ray: 1e192d089df27ace74f4c16673349809
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: h9kRsf_ua-1vPYaRbWtYYxDSAHfRCJh-1YnQ2JtAFo7cN7Db8c9QDA==

GET
H2 200 rules-p-ZvkjxaQPZCZrY.js Show response
rules.quantcount.com/ 1 KB
1 KB 120ms
31ms Script
application/javascript 2600:9000:21dd:8c00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-ZvkjxaQPZCZrY.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:8c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3de5d95c37f68113fb797eae0e47636ff7a87b0e2bb7a6381d0d47f50c9ab389

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 12:37:42 GMT
content-encoding: gzip
via: 1.1 80bad22a3308bca7ca55a6da6a46dad4.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
age: 3341
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Fri, 14 Oct 2022 00:49:51 GMT
server: AmazonS3
etag: W/"336d8197e360a7b8c004b582ec9a5cfa"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: YzZsR8JuU2la0C0IQHv1zz3au6HOdHgiqu1Vjoho-dbgxwMwMqZYug==

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.44/ 64 KB
27 KB 68ms
64ms Script
application/javascript 2620:1ec:29:1::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.44/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/gbo8rwj6yl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9dbecbadaa08e0d16aab217984189ff2cef37b1d741038db5a4aceba05eb1470

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 13:17:40 GMT
content-encoding: br
last-modified: Sun, 18 Aug 2024 06:43:59 GMT
etag: W/"0x8DCBF51240602D7"
vary: Accept-Encoding
x-azure-ref: 20240818T131740Z-16c77878df596bspk34vdxdg9n00000003rg0000000014z6
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 4786367b-201e-0051-2e41-f1b357000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2 200 regionsoffices Show response
mnpdebt.ca/api/feature/forms/ 11 KB
3 KB 97ms
93ms XHR
application/json 2606:4700:20::6819:6e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mnpdebt.ca/api/feature/forms/regionsoffices

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:6e25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2720a35256fd5fe041783f690733e21e2118fe703be1189f06a68ab8dfe15890

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://mnpdebt.ca/en/offices/saskatoon
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 13:17:40 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Cml1rZycdkoqSVIrO4%2FDjV8QrQovMmc2srBdzwwMTosp7J4naCJtthjue8oQEmWrG4YmteDops99BB8j3SMKzFZlpFgv9OYAYAC0oYuqfL2pQEWj5ml0Sq%2BF2Th70F93qZqmDP16Fo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cache-control: private
cf-ray: 8b522f75b95b36ac-YYZ
content-length: 2801

GET
H2 200 regionsoffices Show response
mnpdebt.ca/api/feature/forms/ 11 KB
3 KB 209ms
110ms XHR
application/json 2606:4700:20::6819:6e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mnpdebt.ca/api/feature/forms/regionsoffices

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:6e25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2720a35256fd5fe041783f690733e21e2118fe703be1189f06a68ab8dfe15890

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://mnpdebt.ca/en/offices/saskatoon
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 13:17:40 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FVRnZYbl81N3AXJHPU0Br8MjivBqW1rxjd5QScmy1H%2BojmoQNuhYu1%2FE4H7l7rcZaMtfPJTj9vILcykqcJJM1ZnaO5vK6WykINYTPvBdIzn31sfXWFoBBUy0MqbA5jOwTSQnZb9U53I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cache-control: private
cf-ray: 8b522f7659bd36ac-YYZ
content-length: 2801

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 45ms
44ms XHR
text/plain 142.250.81.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1450955866&t=pageview&_s=1&dl=https%3A%2F%2Fmnpdebt.ca%2Fen%2Foffices%2Fsaskatoon&ul=en-ca&de=UTF-8&dt=Saskatoon%20%7C%20MNP%20LTD%20%7C%20Licensed%20Insolvency%20Trustees%2C%20Bankruptcy%20%26%20Consumer%20Proposals&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgUAjAAAAACAAI~&jid=830146930&gjid=1871668895&cid=1587575722.1723987060&tid=UA-2003895-43&_gid=633653776.1723987060&_slc=1&gtm=45He48e0n71KSKXSVv72010953za200&cd1=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F127.0.0.0%20Safari%2F537.36&cd3=0&gcd=13l3l3l3l1&dma=0&tag_exp=0&z=2060895096

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 18 Aug 2024 13:17:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mnpdebt.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
342 B 116ms
40ms XHR
text/plain 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2003895-43&cid=1587575722.1723987060&jid=830146930&gjid=1871668895&_gid=633653776.1723987060&_u=aGBAgUAjAAAAAGAAI~&z=1515787785

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 18 Aug 2024 13:17:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mnpdebt.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
376 B 241ms
143ms Image
image/gif 72.21.81.130
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=1&eci=1&event_id=90d4f872-f7be-450d-94b5-d96e67bf15af&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=a3019315-5c88-4fbc-bc02-099ffd421b61&tw_document_href=https%3A%2F%2Fmnpdebt.ca%2Fen%2Foffices%2Fsaskatoon&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nyul5&type=javascript&version=2.3.30

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/offices/saskatoon

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.21.81.130 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-response-time: 75
date: Sun, 18 Aug 2024 13:17:39 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: d6cb0b3a8def8cdc
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 27fb0f3302e3d70c79d2b50612e62bb41ff0bb87e2ec54876925203bc45e84d4
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
394 B 334ms
158ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=1&eci=1&event_id=90d4f872-f7be-450d-94b5-d96e67bf15af&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=a3019315-5c88-4fbc-bc02-099ffd421b61&tw_document_href=https%3A%2F%2Fmnpdebt.ca%2Fen%2Foffices%2Fsaskatoon&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nyul5&type=javascript&version=2.3.30

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/offices/saskatoon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-response-time: 78
date: Sun, 18 Aug 2024 13:17:39 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 293839e971fc2df5
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: aa15ff8cf41f34ddd9d8691aff7cdd756c058df4b8f3943e168fdb3c1e0a8b9a
content-length: 43

GET

pixel;r=872761469;labels=_fp.event.PageView;rf=0;a=p-ZvkjxaQPZCZrY;url=https%3A%2F%2Fmnpdebt.ca%2Fen%2Foffices%2Fsaskatoon;uht=2;fpan=1;fpa=P0-639477815-1723987060095;pbc=;ns=0;ce=1;qjs=1;qv=15f23c...
pixel-ssn.quantserve.com/
Redirect Chain

https://pixel.quantserve.com/pixel;r=872761469;labels=_fp.event.PageView;rf=0;a=p-ZvkjxaQPZCZrY;url=https%3A%2F%2Fmnpdebt.ca%2Fen%2Foffices%2Fsaskatoon;uht=2;fpan=1;fpa=P0-639477815-1723987060095;p...
https://pixel-ssn.quantserve.com/pixel;r=872761469;labels=_fp.event.PageView;rf=0;a=p-ZvkjxaQPZCZrY;url=https%3A%2F%2Fmnpdebt.ca%2Fen%2Foffices%2Fsaskatoon;uht=2;fpan=1;fpa=P0-639477815-17239870600...

0
0

POST
H2 200 ji8h8EuQGB Show response
api.userway.org/api/tunings/ 2 KB
3 KB 302ms
96ms XHR
application/json 2600:1f14:5db:eb00:708b:bb4d:b8aa:d9eb
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/ji8h8EuQGB
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-08-13-04-53-37/widget_app_base_1723524817692.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb00:708b:bb4d:b8aa:d9eb Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: acc36746ad8bae604ae7d19dce7c5a4c7d7a4d5abd86b4eb8cbe05e68b6fd31b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 18 Aug 2024 13:17:40 GMT
etag: W/"89c-bYeH/qZynRWb3eTlvV9uvNuWiHo"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-service-request-id: usrd12a3f0dd1ff48b
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 2204
x-service-version: uw-pr

POST
H/1.1 204
No Content collect Show response
q.clarity.ms/ 0
274 B 189ms
73ms XHR
text/plain 20.231.53.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://q.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.44/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.231.53.73 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://mnpdebt.ca
Date: Sun, 18 Aug 2024 13:17:40 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 115ms
26ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=713135758770782&ev=PageView&dl=https%3A%2F%2Fmnpdebt.ca&rl=&if=false&ts=1723987060558&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4124&fbp=fb.1.1723987060544.730704089809502017&pm=1&hrl=6acc0c&ler=empty&cdl=API_unavailable&it=1723987060078&coo=false&cs_cc=1&cas=1156925621096571%2C7565501993507484%2C2328865240514132%2C1844122155687419%2C2036132049740310&rqm=GET

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/offices/saskatoon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://mnpdebt.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=10, mss=1297, tbw=2806, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 18 Aug 2024 13:17:40 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 220ms
132ms Image
image/png 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=713135758770782&ev=PageView&dl=https%3A%2F%2Fmnpdebt.ca&rl=&if=false&ts=1723987060558&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4124&fbp=fb.1.1723987060544.730704089809502017&pm=1&hrl=6acc0c&ler=empty&cdl=API_unavailable&it=1723987060078&coo=false&cs_cc=1&cas=1156925621096571%2C7565501993507484%2C2328865240514132%2C1844122155687419%2C2036132049740310&rqm=FGET

Requested by

Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/offices/saskatoon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://mnpdebt.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x269cf36a45f41189","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["24:7594861550530502","24:6461774333932684","24:9454145694610555","24:6371502142862678","24:6008431972557833","7830:7594861550530502","7830:6461774333932684","7830:9454145694610555","7830:6371502142862678","7830:6008431972557833","10853:7594861550530502","10853:6461774333932684","10853:9454145694610555","10853:6371502142862678","10853:6008431972557833","41:7594861550530502","41:6461774333932684","41:9454145694610555","41:6371502142862678","41:6008431972557833","8046:7594861550530502","8046:6461774333932684","8046:9454145694610555","8046:6371502142862678","8046:6008431972557833"]},"debug_reporting":true,"debug_key":"1"}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sun, 18 Aug 2024 13:17:40 GMT
x-fb-server-load: 52
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7404468041651805126", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=10, mss=1297, tbw=3124, tp=-1, tpl=-1, uplat=105, ullat=0
pragma: no-cache
x-fb-debug: CmbT1uCBOXdb7fPCrM9PDe30E6UCEYIM1EuAfS5mcJkfJHhciVZacfocGNCieWWcXNxvkawUktsu1TwtgWH9Vw==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7404468041651805126"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7404468041651805126"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 en-US.json Show response
cdn.userway.org/widgetapp/2024-08-13-04-53-37/locales/ 607 B
1 KB 30ms
29ms XHR
application/json 2a02:6ea0:c400::11
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-08-13-04-53-37/locales/en-US.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-08-13-04-53-37/widget_app_base_1723524817692.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c46936850cfa993988f2c32b0b04a5c4b0f94c30d36aca502626befbd2b802de

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Sun, 18 Aug 2024 13:17:40 GMT
via: 1.1 3b596e6534b28f6cf60d32fc6bf542dc.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: JFK50-P7
x-accel-date-max: 1723525794
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 461266
x-accel-date: 1723525794
x-77-nzt: EgwBnJIkFgH30gkHAAwBnJI73wH3ZgEAAA
x-accel-expires: @1749445436
x-77-age: 461266
last-modified: Tue, 13 Aug 2024 05:02:03 GMT
server: CDN77-Turbo
etag: W/"971644f50e2020e1ff22e37edcad46f6"
x-77-nzt-ray: 1e192d089df27ace74f4c166c46b8229
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: 49ctpyUlgTxNSSfWyDHx6yqX1fMKTba7M5ZDmfLAnFYOc-g0cvYf2A==

POST
H/1.1 204
No Content collect Show response
q.clarity.ms/ 0
274 B 89ms
81ms XHR
text/plain 20.231.53.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://q.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.44/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.231.53.73 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://mnpdebt.ca
Date: Sun, 18 Aug 2024 13:17:40 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: usermatch.krxd.net
URL: https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=a4681777-2bd9-40a5-b326-cf9a19c23f88

Domain: pixel-ssn.quantserve.com
URL: https://pixel-ssn.quantserve.com/pixel;r=872761469;labels=_fp.event.PageView;rf=0;a=p-ZvkjxaQPZCZrY;url=https%3A%2F%2Fmnpdebt.ca%2Fen%2Foffices%2Fsaskatoon;uht=2;fpan=1;fpa=P0-639477815-1723987060095;pbc=;ns=0;ce=1;qjs=1;qv=15f23c9a-20240703164903;cm=;gdpr=0;ref=;d=mnpdebt.ca;dst=1;et=1723987060356;tzo=420;ogl=;ses=9cb0b989-035e-4c81-abc2-9e79f7d4fdcb;mdl=;dip=3edb5f8a-64e5-4856-9612-0d339347ffde

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mnpdebt.ca/	1970-01-20 22:53:10	Name: TiPMix Value: 49.48538248644152
.mnpdebt.ca/	1970-01-20 22:53:10	Name: x-ms-routing-name Value: self
mnpdebt.ca/	1969-12-31 23:59:59	Name: website#lang Value: en
mnpdebt.ca/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: kqfgzbd1rtqdfizoh3jl1rdc
mnpdebt.ca/	1970-01-21 08:29:07	Name: SC_ANALYTICS_GLOBAL_COOKIE Value: 31c8b8ea3675401b876fd4593aec11d9\|False
mnpdebt.ca/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: 34eN81Yq4lcBDKPrIV1qWybnchcPNfANE4dzrtrWVV55zxFpw4g2A6TyNYt77wKQ3gKcmzd3wckfGQbbAadPCA5bxdjTIr-JdSFnNgYqgV01
.mnpdebt.ca/	1969-12-31 23:59:59	Name: ARRAffinity Value: f3ed5018e9c50e027739a3ff83f3a4faca76a68b4a1e0741a72c3ab10bac3b2c
.mnpdebt.ca/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: f3ed5018e9c50e027739a3ff83f3a4faca76a68b4a1e0741a72c3ab10bac3b2c
.mnpdebt.ca/	1970-01-21 01:02:43	Name: _gcl_au Value: 1.1.1761448276.1723987059
.adsrvr.org/	1970-01-21 07:38:43	Name: TDID Value: a4681777-2bd9-40a5-b326-cf9a19c23f88
www.clarity.ms/	1970-01-21 07:38:43	Name: CLID Value: 844a2aad1b9f4b6bb7036a2fc8f2f605.20240818.20250818
.mnpdebt.ca/	1970-01-20 22:54:33	Name: _gid Value: GA1.2.633653776.1723987060
.mnpdebt.ca/	1970-01-21 08:29:07	Name: _ga Value: GA1.1.1587575722.1723987060
.mnpdebt.ca/	1970-01-21 08:29:07	Name: _ga_W5EX2YL3V5 Value: GS1.1.1723987059.1.1.1723987059.0.0.0
.mnpdebt.ca/	1970-01-21 08:29:07	Name: _ga_6RC3RCYLF9 Value: GS1.1.1723987060.1.0.1723987060.0.0.0
.mnpdebt.ca/	1970-01-20 22:53:07	Name: _dc_gtm_UA-2003895-43 Value: 1
.mnpdebt.ca/	1970-01-21 07:38:43	Name: _clck Value: 15sc7as%7C2%7Cfof%7C0%7C1691
.doubleclick.net/	1970-01-20 23:36:19	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 08:29:07	Name: IDE Value: AHWqTUnS9FgkalrXOzhOdvdwrrY_E1OqbQS6bgeGKlB7RJibtvi_JtBXTvnERIFUOM8
.doubleclick.net/	1970-01-21 03:12:19	Name: receive-cookie-deprecation Value: 1
.quantserve.com/	1970-01-21 08:23:21	Name: mc Value: 66c1f474-63820-e9629-f270b
.mnpdebt.ca/	1970-01-21 08:17:35	Name: __qca Value: P0-639477815-1723987060095
.mnpdebt.ca/	1970-01-21 01:02:43	Name: _fbp Value: fb.1.1723987060544.730704089809502017
.t.co/	1970-01-21 08:29:07	Name: muc_ads Value: 9f33f7af-bc69-408f-b08f-ccfbba60209c
.mnpdebt.ca/	1970-01-20 22:54:33	Name: _clsk Value: 10o176e%7C1723987060599%7C1%7C1%7Cq.clarity.ms%2Fcollect
.twitter.com/	1970-01-21 08:29:07	Name: personalization_id Value: "v1_yzVFfIg8kvgbRJy7Kj0KpA=="
.demdex.net/	1970-01-21 03:12:19	Name: demdex Value: 13463627138832336062430075995320095197
.dpm.demdex.net/	1970-01-21 03:12:19	Name: dpm Value: 13463627138832336062430075995320095197
.adsrvr.org/	1970-01-21 07:38:43	Name: TDCPM Value: CAESEwoEa3J1eBILCNS4pc2LspQ9EAUSEgoDYWFtEgsIkvGR34uylD0QBRIXCghhcHBuZXh1cxILCOqZ_eCLspQ9EAUYBSABKAEyCwj8xerr2-SfPRAFOAFCBCICCAFaB3YwYTgzeGZgAXIIYXBwbmV4dXM.
.adnxs.com/	1970-01-21 08:29:07	Name: receive-cookie-deprecation Value: 1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://static.olark.com/ Message: Refused to frame 'blob:https://mnpdebt.ca/ac9aa4eb-5738-4179-8043-99e623143e8f' because it violates the following Content Security Policy directive: "frame-src 'self' .ceros.com .postescanada-canadapost.ca .azurefd.net .dynamics.com .userway.org .evidon.com .ghostretail.com .googlesyndication.com .hsforms.net .mnp.ca .podcasts.apple.com .spotify.com .olark.com .pages.ubembed.com .hsforms.com calendly.com .sendthisfile.com .sharethis.com .hotjar.com .consensu.org .adsrvr.org .youtube.com .vimeo.com .wufoo.com .doubleclick.net insight.adsrvr.org www.facebook.com www.google.com".
network	error	URL: https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=a4681777-2bd9-40a5-b326-cf9a19c23f88 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	error	URL: https://mnpdebt.ca/en/offices/saskatoon Message: Refused to load the image 'https://pixel-ssn.quantserve.com/pixel;r=872761469;labels=_fp.event.PageView;rf=0;a=p-ZvkjxaQPZCZrY;url=https%3A%2F%2Fmnpdebt.ca%2Fen%2Foffices%2Fsaskatoon;uht=2;fpan=1;fpa=P0-639477815-1723987060095;pbc=;ns=0;ce=1;qjs=1;qv=15f23c9a-20240703164903;cm=;gdpr=0;ref=;d=mnpdebt.ca;dst=1;et=1723987060356;tzo=420;ogl=;ses=9cb0b989-035e-4c81-abc2-9e79f7d4fdcb;mdl=;dip=3edb5f8a-64e5-4856-9612-0d339347ffde' because it violates the following Content Security Policy directive: "img-src 'self' data: moosendimages.imgix.net cdn.designer-images.eu mnpdebt.ca .dynamics.com obs.esnlocco.com .designer-images.net .postescanada-canadapost.ca .azurefd.net .ghostretail.com cdn.jsdelivr.net .krxd.net .userway.org .evidon.com .clarity.ms .bing.com .zscalerthree.net .website-files.com .rlcdn.com .company-target.com .bidr.io .6sc.co .sharethis.com .twitter.com .adnxs.com .hsforms.com .atedra.com .olark.com .visualwebsiteoptimizer.com .gstatic.com .googleapis.com .hubspot.com .googletagmanager.com .facebook.net .adsymptotic.com .linkedin.com .stackadapt.com .google.ca .google.com .google.co.in .doubleclick.net .adsrvr.org pixel.quantserve.com www.google-analytics.com www.facebook.com dpm.demdex.net t.co".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' blob: .mnp.ca cdn.designer-images.com d1mj578wat5n4o.cloudfront.net cdn.jsdelivr.net polyfill.io js.zi-scripts.com .ceros.com .moosend.com .postescanada-canadapost.ca .azurefd.net .azureedge.net .stat-track.com .ghostretail.com .userway.org .clearbitjs.com .evidon.com .clearbitscripts.com .bing.com .clarity.ms qvdt3feo.com .esnlocco.com .google.ca .zscalerthree.net .googlesyndication.com .fontawesome.com .demandbase.com .6sc.co cdnjs.cloudflare.com .actonsoftware.com .mnp.ca .callrail.com .adnxs.com .hscollectedforms.net .hs-banner.com .hsadspixel.net .hs-analytics.net .hs-scripts.com .googleadservices.com gtm.js .olark.com .visualwebsiteoptimizer.com .wufoo.com .hsforms.com .hsforms.net data.processwebsitedata.com .calendly.com .ubembed.com .js.ubembed.com .googleapis.com .hubspot.com .youtube.com .vimeocdn.com .stackadapt.com .simpli.fi .sharethis.com .licdn.com .hotjar.com .googletagmanager.com .jquery.com .google.com www.gstatic.com www.google-analytics.com connect.facebook.net js.adsrvr.org platform.twitter.com secure.quantserve.com static.ads-twitter.com rules.quantcount.com insight.adsrvr.org analytics.twitter.com .doubleclick.net; style-src 'unsafe-inline' 'self' cdn.jsdelivr.net .bootstrapcdn.com .moosend.com .postescanada-canadapost.ca .azurefd.net .userway.org cdnjs.cloudflare.com .actonsoftware.com .mnp.ca .googletagmanager.com .olark.com .typekit.net fonts.googleapis.com; font-src cdn.jsdelivr.net .bootstrapcdn.com .postescanada-canadapost.ca .azurefd.net .userway.org cdnjs.cloudflare.com .mnp.ca .fontawesome.com .olark.com fonts.gstatic.com use.typekit.net; img-src 'self' data: moosendimages.imgix.net cdn.designer-images.eu mnpdebt.ca .dynamics.com obs.esnlocco.com .designer-images.net .postescanada-canadapost.ca .azurefd.net .ghostretail.com cdn.jsdelivr.net .krxd.net .userway.org .evidon.com .clarity.ms .bing.com .zscalerthree.net .website-files.com .rlcdn.com .company-target.com .bidr.io .6sc.co .sharethis.com .twitter.com .adnxs.com .hsforms.com .atedra.com .olark.com .visualwebsiteoptimizer.com .gstatic.com .googleapis.com .hubspot.com .googletagmanager.com .facebook.net .adsymptotic.com .linkedin.com .stackadapt.com .google.ca .google.com .google.co.in .doubleclick.net .adsrvr.org pixel.quantserve.com www.google-analytics.com www.facebook.com dpm.demdex.net t.co; connect-src 'self' ws: bat.bing.com .sitecorecloud.io members-utilities-service-web.m-operations.com server-side-tagging-i5xuhybifq-uc.a.run.app js.zi-scripts.com obs.esnlocco.com .postescanada-canadapost.ca .azurefd.net .googlesyndication.com .m-pages.com .stat-track.com .hscollectedforms.net .googleadservices.com .dynamics.com .evidon.com .linkedin.com .ghostretail.com .userway.org .clearbit.com .clarity.ms .facebook.com bcp.crwdcntrl.net .google.com .linkedin.oribi.io .google.ca .fontawesome.com .adnxs.com .company-target.com .6sc.co .callrail.com .visualwebsiteoptimizer.com app.vwo.com .hubapi.com .hubspot.com .olark.com .events.ubembed.com .hsforms.com .s3.amazonaws.com .hotjar.com .hotjar.io .sharethis.com .google-analytics.com analytics.google.com .googleapis.com .doubleclick.net; frame-src 'self' .ceros.com .postescanada-canadapost.ca .azurefd.net .dynamics.com .userway.org .evidon.com .ghostretail.com .googlesyndication.com .hsforms.net .mnp.ca .podcasts.apple.com .spotify.com .olark.com .pages.ubembed.com .hsforms.com calendly.com .sendthisfile.com .sharethis.com .hotjar.com .consensu.org .adsrvr.org .youtube.com .vimeo.com .wufoo.com .doubleclick.net insight.adsrvr.org www.facebook.com www.google.com; form-action 'self' .postescanada-canadapost.ca .azurefd.net .mnp.ca www.facebook.com .hsforms.com; media-src 'unsafe-inline' 'self' *.ghostretail.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4653320.fls.doubleclick.net
ad.doubleclick.net
analytics.twitter.com
api.userway.org
bankruptcysask.ca
cdn.jsdelivr.net
cdn.userway.org
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
dev.visualwebsiteoptimizer.com
fonts.googleapis.com
fonts.gstatic.com
js.adsrvr.org
maps.googleapis.com
mnpdebt.ca
pixel-ssn.quantserve.com
platform.twitter.com
q.clarity.ms
rules.quantcount.com
secure.quantserve.com
static.ads-twitter.com
static.olark.com
stats.g.doubleclick.net
t.co
usermatch.krxd.net
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
pixel-ssn.quantserve.com
usermatch.krxd.net
104.17.25.14
104.244.42.67
108.139.33.128
142.250.65.198
142.250.65.234
142.250.81.238
142.251.40.164
142.251.40.230
146.75.36.157
192.229.163.53
20.231.53.73
2600:1f14:5db:eb00:708b:bb4d:b8aa:d9eb
2600:9000:21dd:8c00:6:44e3:f8c0:93a1
2606:4700:20::6819:6e25
2606:4700:3036::6815:1eb9
2607:f8b0:4004:c06::9a
2607:f8b0:4006:80c::2003
2607:f8b0:4006:80e::2003
2607:f8b0:4006:80e::200e
2607:f8b0:4006:81c::200a
2607:f8b0:4006:820::2008
2607:f8b0:4006:820::200a
2620:116:800b:21:b08a:1dc5:659b:4055
2620:1ec:29:1::40
2a02:6ea0:c400::11
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42:400::649
2a04:4e42:600::485
34.96.102.137
72.21.81.130
0471403e0b155db846d68798ab868b53dd2dfb3c346672d9b83961465795fec9
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747
069f7391913410b9868753914bcc1b773ae9cfb2a5bede9c5b1fa2935c9f17a7
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
154106418f64a9a712d1e110792a0af4bbd92ba75ce7d7516fa2026a209fd016
1afc1cf2c8efa9cb9a5a20b64288b32086681117ba5a7f2d44638e862313ea69
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2720a35256fd5fe041783f690733e21e2118fe703be1189f06a68ab8dfe15890
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
3bcd802e9f77849e7c1e93c87279fbbb04d45949d2be79b03566ceacde29b158
3de5d95c37f68113fb797eae0e47636ff7a87b0e2bb7a6381d0d47f50c9ab389
3eb4fb26239c02838068a708dec6b5959c69877629d1502b010eae023c5d7723
40ab11a0125e4e13c9917405e1bea96dd7da69017f437a2ed6939cf88572d617
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
4e740888040619beab82a42b898cad48e839dc3275f2e559835f2df4d190b7b2
54c8f9143b9c1dca56c7383e1e47a92645920ed6a622843de5aefcb56984a1f9
634422c5d20bcf9f20b94ea44d0bffb0ce9265285d0a7b58da5c0fda06612808
65172c31e06abcf9a1d61a2c3bbd59c41d321198673e69eee8a056b068baceb5
651b22eb1f250e8f7cb27f8221098a3644768e70b5bd8d8912428f2c89093fb0
6ad9f80ea6ec0ffbad32e55579b96f35202f8b2627b932d0ca9bfeb07a76e33d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70925c4bda48e2ae325950aab67fe70a75dc2984b9e4f5844f4858c5adf6ef2b
754ecfc7052392712ffafea3a34dbf151eb24a5dbd6433b1563a8cac4f6d7c11
76c46df9a6ba94318fafe8023e3f52e28b1b9a1eaf16dcd4d7ce95ab6942859b
76eea4bd978fa1b33ea455310626fa5455fbf90cf88ca65a48d360ca612dadea
7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521
7941c043b215ecc58d18e696d42abbd225eb0baa075cb5e31027725cc5312fce
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
7ced3ea077b00cda7825c09914d69b15c6a20dee085b0bf439d342b74199ad70
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
89d42bdb845add68e076a9d0029445e08b2381db423e982ac42e1d203305aad8
8bb1e36477c87393c0594fb16ee879e81152904395c243d25095da5d5d74e64b
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
950cd2457c0a1d347ce836df9a69cfc7a9cd77196b001a3563efdb4862483831
9dbecbadaa08e0d16aab217984189ff2cef37b1d741038db5a4aceba05eb1470
aa0414d21b2e89c8f5ae54e85cb293957bf2b1c7c7276d47240a8193c893159b
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acc36746ad8bae604ae7d19dce7c5a4c7d7a4d5abd86b4eb8cbe05e68b6fd31b
ae2dd162276f1df1698417c864ff91071a120fbd15c4a2d6949f3b0e7a064df9
ba030b220d89655148542b94eb8366bee34cb6b495f71f862fb9cc7cd79f7759
c46936850cfa993988f2c32b0b04a5c4b0f94c30d36aca502626befbd2b802de
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca7a6a06db46658d14b6c4e22c3a5f956dcb2d25da236e2ef03e1a8daaa670ca
cc6b035ef9861184d4ed02db0063a719734829a29b27512e23dc952b9b23eb07
d8e1f6211c190443fd6bafdc485b9dc339e700bde83352a3aa6b18c695c4c7d8
da977ec0e3d46db3e50bf3921789e96d0fe919b1782ba9f997668ef9d05a49c4
ddb7aa10eb158d87b05d5c3ad89d6dd5dc12fc61732277e22c9a8929b85bb96d
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1a52c0a06fa9f65e015b02e7ec463fd621211a9d2ae44b6660597900e927fbb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2
e58019bec5dcd8d0d8a8012a9a66bc0583c5caa160e5667700fc911a5e0f8879
e96a5e1e04ee3d7ffd8118f853ec2c0bcbf73b571cfa1c710238557baf5dd896
e9ab702de78b9cbc95b3dd549c49060d6aa6a31800d97a93a505fa4363f14e27
f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5
f9a1545f12c049d0f052930204a4ed71df2a4ce5f418cb8147d0492fc150e883
fc19f2681ed461c22ced42a2a7b4f8a59b627a9983329f8dac237f8c4352a1aa
fc855c23697eb2e3645db98b9a655fa2a4e7e3184fccca83e63444cffbef5973

mnpdebt.ca Open in urlscan Pro 2606:4700:20::6819:6e25 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

75 Requests

96 %HTTPS

58 %IPv6

24 Domains

32 Subdomains

31 IPs

2 Countries

2510 kBTransfer

5038 kBSize

30 Cookies

0 Outgoing links

Page URL History

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mnpdebt.ca Open in urlscan Pro
2606:4700:20::6819:6e25 Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

96 %
HTTPS

58 %
IPv6

24
Domains

32
Subdomains

31
IPs

2
Countries

2510 kB
Transfer

5038 kB
Size

30
Cookies

75 HTTP transactions
3 data transactions