www.firstfoundation.ca Open in urlscan Pro
2606:4700:3108::ac42:2b58 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://rrsp-tfsa.ca/
Effective URL:
https://www.firstfoundation.ca/financial/
Submission: On August 15 via api (August 15th 2024, 10:14:36 pm UTC) from US — Scanned from CA

Summary HTTP 67 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 20 IPs in 1 countries across 19 domains to perform 67 HTTP transactions. The main IP is 2606:4700:3108::ac42:2b58, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.firstfoundation.ca.
TLS certificate: Issued by WE1 on July 8th 2024. Valid for: 3 months.

This is the only time www.firstfoundation.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	15.197.225.128 15.197.225.128	16509 (AMAZON-02) (AMAZON-02)
4 31	2606:4700:310... 2606:4700:3108::ac42:2b58	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:809::200a	15169 (GOOGLE) (GOOGLE)
4	35.201.118.58 35.201.118.58	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	142.250.80.98 142.250.80.98	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:4006:823::2008	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2607:f8b0:400... 2607:f8b0:4006:820::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81d::2003	15169 (GOOGLE) (GOOGLE)
1	204.141.43.67 204.141.43.67	2639 (ZOHO-AS) (ZOHO-AS)
2	2607:f8b0:400... 2607:f8b0:4006:80c::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:817::200e	15169 (GOOGLE) (GOOGLE)
1	52.85.61.51 52.85.61.51	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2607:f8b0:400... 2607:f8b0:4006:81d::2004	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81c::2003	15169 (GOOGLE) (GOOGLE)
1	136.143.182.97 136.143.182.97	2639 (ZOHO-AS) (ZOHO-AS)
1	2001:4860:480... 2001:4860:4802:32::181	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c17::9a	15169 (GOOGLE) (GOOGLE)
3	199.67.84.76 199.67.84.76	2639 (ZOHO-AS) (ZOHO-AS)
67	20

1 15.197.225.128 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com

rrsp-tfsa.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2606:4700:3108::ac42:2b58 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

www.firstfoundation.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
firstfoundation.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.201.118.58 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 58.118.201.35.bc.googleusercontent.com

form.jotform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.jotformpro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:823::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::200e (United States)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81d::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.141.43.67 (United States)

ASN2639 (ZOHO-AS, US)

salesiq.zoho.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80c::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.61.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-51.ewr53.r.cloudfront.net

cdn.callrail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81d::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81c::2003 (United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.143.182.97 (United States)

ASN2639 (ZOHO-AS, US)

salesiq.zohopublic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c17::9a (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.67.84.76 (United States)

ASN2639 (ZOHO-AS, US)

css.zohocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.zohocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	firstfoundation.ca 4 redirects www.firstfoundation.ca firstfoundation.ca	472 KB
5	google.com apis.google.com — Cisco Umbrella Rank: 225 www.google.com — Cisco Umbrella Rank: 10 analytics.google.com — Cisco Umbrella Rank: 238	78 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 77 stats.g.doubleclick.net — Cisco Umbrella Rank: 252	3 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	162 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	404 KB
3	zohocdn.com css.zohocdn.com — Cisco Umbrella Rank: 23175 js.zohocdn.com — Cisco Umbrella Rank: 23336	66 KB
3	google.ca www.google.ca — Cisco Umbrella Rank: 9677	191 B
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	2 KB
3	jotform.com form.jotform.com — Cisco Umbrella Rank: 47402	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	21 KB
2	gstatic.com fonts.gstatic.com	24 KB
1	zohopublic.com salesiq.zohopublic.com — Cisco Umbrella Rank: 25661	15 KB
1	callrail.com cdn.callrail.com — Cisco Umbrella Rank: 17209	577 B
1	zoho.com salesiq.zoho.com — Cisco Umbrella Rank: 24049	47 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1223	7 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 176	22 KB
1	jotformpro.com secure.jotformpro.com	3 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	843 B
1	rrsp-tfsa.ca 1 redirects rrsp-tfsa.ca	318 B
67	19

	Domain	Requested by
28	www.firstfoundation.ca	1 redirects www.firstfoundation.ca static.cloudflareinsights.com
4	connect.facebook.net	www.firstfoundation.ca connect.facebook.net
4	www.googletagmanager.com	www.firstfoundation.ca www.googletagmanager.com www.google-analytics.com
3	www.google.ca	www.firstfoundation.ca
3	www.facebook.com	connect.facebook.net www.firstfoundation.ca
3	form.jotform.com	www.firstfoundation.ca form.jotform.com secure.jotformpro.com
3	firstfoundation.ca	3 redirects
2	css.zohocdn.com	salesiq.zoho.com css.zohocdn.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google.com	www.firstfoundation.ca
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	googleads.g.doubleclick.net	www.googleadservices.com www.googletagmanager.com
2	fonts.gstatic.com	fonts.googleapis.com
2	apis.google.com	www.firstfoundation.ca apis.google.com
1	js.zohocdn.com	salesiq.zoho.com
1	analytics.google.com	www.googletagmanager.com
1	salesiq.zohopublic.com	salesiq.zoho.com
1	cdn.callrail.com	www.googletagmanager.com
1	salesiq.zoho.com	www.firstfoundation.ca
1	static.cloudflareinsights.com	www.firstfoundation.ca
1	www.googleadservices.com	www.firstfoundation.ca
1	secure.jotformpro.com	www.firstfoundation.ca
1	fonts.googleapis.com	www.firstfoundation.ca
1	rrsp-tfsa.ca	1 redirects
67	24

This site contains links to these domains. Also see Links.

Domain
first-foundation-mortgages-inc.mtg-app.com
bookings.firstfoundation.ca
firstfoundation.kioskassist.com
goo.gl
my.planswell.com
www.edmontonrealestate.pro
www.layoffinsurance.ca
mortgageproscan.ca
www.linkedin.com
twitter.com
www.youtube.com
www.facebook.com

Subject Issuer	Validity	Valid
www.firstfoundation.ca WE1	`2024-07-08` - `2024-10-06`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
jotform.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-20` - `2024-10-08`	8 months	crt.sh
*.googleadservices.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-07-06` - `2024-10-04`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-25` - `2024-08-23`	3 months	crt.sh
*.apis.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.zoho.com Sectigo RSA Domain Validation Secure Server CA	`2024-03-29` - `2025-03-29`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
swappy.callrail.com Amazon RSA 2048 M03	`2024-06-10` - `2025-07-09`	a year	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google.ca WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
zohopublic.com R11	`2024-07-12` - `2024-10-10`	3 months	crt.sh
*.zohocdn.com Sectigo RSA Domain Validation Secure Server CA	`2024-07-17` - `2025-08-16`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.firstfoundation.ca/financial/
Frame ID: BC2339951B46AB2DAB4CACC343510F06
Requests: 63 HTTP requests in this frame

Frame: https://form.jotform.com/40126763331952?parentURL=https%3A%2F%2Fwww.firstfoundation.ca%2Ffinancial%2F&jsForm=true
Frame ID: E206197E6B7398A06A8E8CE14029AADF
Requests: 1 HTTP requests in this frame

Frame: https://form.jotform.com/21697257863972?parentURL=https%3A%2F%2Fwww.firstfoundation.ca%2Ffinancial%2F&jsForm=true
Frame ID: C6F0ABB23C899937062143C2AF6D697C
Requests: 1 HTTP requests in this frame

Frame: https://www.firstfoundation.ca/cdn-cgi/challenge-platform/h/g/scripts/jsd/ba7376691753/main.js
Frame ID: 0F80F5EF767BA3F90FDE7DEFB174ECE4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Financial Advisor & Planner Services Edmonton Calgary | First Foundation

Page URL History Show full URLs

https://rrsp-tfsa.ca/ HTTP 301
https://www.firstfoundation.ca/financial/ Page URL

Detected technologies

ExpressionEngine (CMS) Expand

Overall confidence: 100%
Detected patterns

CodeIgniter (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

67
Requests

94 %
HTTPS

67 %
IPv6

19
Domains

24
Subdomains

20
IPs

1
Countries

1329 kB
Transfer

3236 kB
Size

21
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://first-foundation-mortgages-inc.mtg-app.com/
Title: Mortgage: Apply Now>>

Search URL Search Domain Scan URL

URL: https://bookings.firstfoundation.ca/#/customer/tyler
Title: Schedule an Appointment »

Search URL Search Domain Scan URL

URL: https://firstfoundation.kioskassist.com/
Title: MyFoundation Client Portal >>

Search URL Search Domain Scan URL

URL: https://goo.gl/P6lk37
Title: Mortgage Blog Category

Search URL Search Domain Scan URL

URL: https://goo.gl/8hCoHZ
Title: Financial Planning Blog Category

Search URL Search Domain Scan URL

URL: https://goo.gl/Miyi5h
Title: Insurance Blog Category

Search URL Search Domain Scan URL

URL: https://my.planswell.com/en-CA/discovery/pw-tylerp
Title: Start Your Financial Plan Online >>

Search URL Search Domain Scan URL

URL: https://bookings.firstfoundation.ca/#/customer/financialplan
Title: Schedule an Appointment With a CFP

Search URL Search Domain Scan URL

URL: http://www.edmontonrealestate.pro/idx/
Title: Advanced Search

Search URL Search Domain Scan URL

URL: http://www.edmontonrealestate.pro/idx/map
Title: Map Search

Search URL Search Domain Scan URL

URL: http://www.layoffinsurance.ca/
Title: Layoff Insurance

Search URL Search Domain Scan URL

URL: https://mortgageproscan.ca/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/first-foundation-mortgages-investments-insurance
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://twitter.com/firstfoundation/
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCQA8xDqcLHl2HQ3E0rdnfrg
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.facebook.com/firstfoundation
Title: Facebook

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://rrsp-tfsa.ca/ HTTP 301
https://www.firstfoundation.ca/financial/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://firstfoundation.ca/assets/images/IIROC_ACPI_LOGO.png HTTP 301
https://www.firstfoundation.ca/assets/images/IIROC_ACPI_LOGO.png

Request Chain 5

https://firstfoundation.ca/media/imagic/Benefits_of_Working_with_a_Certified_Financial_Planner.png HTTP 301
https://www.firstfoundation.ca/media/imagic/Benefits_of_Working_with_a_Certified_Financial_Planner.png

Request Chain 7

https://firstfoundation.ca/uploads/PM/NORTHERN_ALBERTA_2023_6_YRS_TAG.png HTTP 301
https://www.firstfoundation.ca/uploads/PM/NORTHERN_ALBERTA_2023_6_YRS_TAG.png

Request Chain 38

https://www.firstfoundation.ca/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.firstfoundation.ca/cdn-cgi/challenge-platform/h/g/scripts/jsd/ba7376691753/main.js

67 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.firstfoundation.ca/financial/
Redirect Chain

https://rrsp-tfsa.ca/
https://www.firstfoundation.ca/financial/

40 KB
11 KB

441ms
289ms

Document
text/html

2606:4700:3108::ac42:2b58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.firstfoundation.ca/financial/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0290449465263851e107655dae80f99a84b77f76f092e6632c2469e451ac199

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=1, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8b3c89a5ba3a39f5-YYZ
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 15 Aug 2024 22:14:27 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Thu, 15 Aug 2024 22:14:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bB5kAJ3b84KmqjN1tn%2FcDyYknw74lVEkGdncR%2BZTCbJWnjcqqrG21HfKNSEKNKIOOjYq6rXGSwCwbl%2FSSYXGeuifldM%2FdrXlVDqSRcVaaY4Y%2BUGiSibSNxrFV%2F1njwSvJbzgc5wvBtxDHhSgl8Vmpb8Vfg8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-cache-nxaccel: BYPASS
x-frame-options: SAMEORIGIN

Redirect headers

Connection: close
Content-Length: 76
Content-Type: text/html; charset=utf-8
Date: Thu, 15 Aug 2024 22:14:27 GMT
Location: https://www.firstfoundation.ca/financial/
Server: ip-10-123-124-143.ec2.internal
Vary: Accept-Encoding
X-Request-Id: ddfb009a-ed67-4d2a-9f4f-3cd4beb4c36d

GET
H2 200 css
fonts.googleapis.com/ 2 KB
843 B 572ms
83ms Stylesheet
text/css 2607:f8b0:4006:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: www.firstfoundation.ca
URL: https://www.firstfoundation.ca/financial/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c6fdafff5ebb1051a3eeec76fc4ed6988433aee0046e5c7d4a02ee38e9730a15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.firstfoundation.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 15 Aug 2024 22:14:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 15 Aug 2024 21:21:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Aug 2024 22:14:28 GMT

GET
H3 200 above-the-fold.min.1558698904.css
www.firstfoundation.ca/assets/css/ 35 KB
9 KB 44ms
43ms Stylesheet
text/css 2606:4700:3108::ac42:2b58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firstfoundation.ca/assets/css/above-the-fold.min.1558698904.css
Requested by: Host: www.firstfoundation.ca
URL: https://www.firstfoundation.ca/financial/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98fd14a7dd74f7f92b926b55b1ff8fa04856dcfe3229b757910253ee5fa481a8

Request headers

Referer: https://www.firstfoundation.ca/financial/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 22:14:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 118578
x-cache-nxaccel: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 24 May 2019 11:55:04 GMT
server: cloudflare
etag: W/"8c9e-589a0de7c1600"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kv0TzTfgNdw8KDvzIL806w2qZDxKbSlZ56b2RnTf8FC0TOBNA%2Bti45vc0NmuIKwmnYuRIC0i0dII%2FBzahBvBSR9E%2BgKiUPXimzE0iQMNZN%2BVQ1gsyEtfMeiXm4QxO4Z0Pd%2FkUgkcDXFymxavGqmybJ1zZk4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 8b3c89a9dbadaaeb-YYZ
expires: Sun, 18 Aug 2024 14:50:31 GMT

GET
H3 200 logo.png
www.firstfoundation.ca/assets/images/ 2 KB
3 KB 41ms
40ms Image
image/webp 2606:4700:3108::ac42:2b58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.firstfoundation.ca/assets/images/logo.png
Requested by: Host: www.firstfoundation.ca
URL: https://www.firstfoundation.ca/financial/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0020742c62697f7ce1453e65054c48333fa7140961f952b5a2d220020a76771

Request headers

Referer: https://www.firstfoundation.ca/financial/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 22:14:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 204965
cf-polished: origFmt=png, origSize=2793
x-cache-nxaccel: MISS
content-disposition: inline; filename="logo.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2384
cf-bgj: imgq:100,h2pri
last-modified: Tue, 09 Jul 2013 07:29:10 GMT
server: cloudflare
etag: "ae9-4e10f1df1fd80"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jhp5mcQXU6w0uxK6gOlV%2FR6bfJD%2B04KRcsW%2FUg1YDkjyWaeLroH4oJXZhzx3fch7rF8zN8yd9LDKjMtOhs%2Fr0aZkUsvegDcspm6gYzXzkoCNT4SDtCIKESKn%2FApYiTk%2FySRMd70FRNzeEko5js5guaUetFU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8b3c89a9dbafaaeb-YYZ
expires: Tue, 10 Sep 2024 17:09:41 GMT

GET
H3 200 cfp_300x300.png
www.firstfoundation.ca/assets/images/ 9 KB
10 KB 79ms
68ms Image
image/webp 2606:4700:3108::ac42:2b58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.firstfoundation.ca/assets/images/cfp_300x300.png
Requested by: Host: www.firstfoundation.ca
URL: https://www.firstfoundation.ca/financial/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34b152416fba366a6cd9711df7dc744745c0cf8687f845a52fcb17f26c6cb35a

Request headers

Referer: https://www.firstfoundation.ca/financial/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 22:14:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=20395
x-cache-nxaccel: MISS
content-disposition: inline; filename="cfp_300x300.webp"
alt-svc: h3=":443"; ma=86400
content-length: 9138
cf-bgj: imgq:100,h2pri
last-modified: Thu, 28 May 2020 22:34:56 GMT
server: cloudflare
etag: "4fab-5a6bcf01c4400"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e5GO7gsZhFyV6uq0ejWKfjZKS6KT%2BcGXCDe17uxnO7ygnicIVrmkXIJRoP%2Fg%2Ft2TUlLui5S1iWkq7jAH%2BxmexAZtdTeq0Gk9rhNTkizzw%2FqFDsUzuTKYPwb%2BRwqFRjN7b4dWt%2B21Gv6Mq%2BIvJM5RE32JwWE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8b3c89a9ebc0aaeb-YYZ
expires: Wed, 11 Sep 2024 12:28:17 GMT

GET
H3

200

IIROC_ACPI_LOGO.png
www.firstfoundation.ca/assets/images/
Redirect Chain

https://firstfoundation.ca/assets/images/IIROC_ACPI_LOGO.png
https://www.firstfoundation.ca/assets/images/IIROC_ACPI_LOGO.png

14 KB
15 KB

79ms
78ms

Image
image/webp

2606:4700:3108::ac42:2b58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.firstfoundation.ca/assets/images/IIROC_ACPI_LOGO.png
Requested by: Host: www.firstfoundation.ca
URL: https://www.firstfoundation.ca/financial/
Protocol: H3
Server: 2606:4700:3108::ac42:2b58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c902c08b8661f4b92d55e49021b15a5ee1fe2dcf226b3545654832cad3eba17

Request headers

Referer: https://www.firstfoundation.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 22:14:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 77283
cf-polished: origFmt=png, origSize=20350
x-cache-nxaccel: MISS
content-disposition: inline; filename="IIROC_ACPI_LOGO.webp"
alt-svc: h3=":443"; ma=86400
content-length: 14372
cf-bgj: imgq:100,h2pri
last-modified: Sat, 12 Feb 2022 00:00:00 GMT
server: cloudflare
etag: "4f7e-5d7c6dd4f2000"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y36xRHSHBqDKT%2F4PlVE3Gxxf4sKM4%2BoIG9v596vyChUri7mnBDx9mFXNngXS9puLI%2BDZSkgxyYHoDmLLsxaHEiAIKfqPhUSBGiKHKg4dqABtX%2F0QfuFTjWX0mB288aj8pJJzfgcrHzTmCk9pSSSwuQSHSLI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8b3c89b14908aaeb-YYZ
expires: Sat, 07 Sep 2024 18:54:06 GMT

Redirect headers

date: Thu, 15 Aug 2024 22:14:29 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=twrkthA4rriKJlHfkVHHmnR8GjD2VAwxqLnOxrviWuPFfwO5cwMnnKUEej6ZQD%2F9SG5DTgglltuO30q1mSefIJ1FdzboqkWWVSpJq5U3Ph%2BLfJ04GlNWRp31QefYm7EfkeFkPizBbw3yvOvGyAPBUA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-cache-nxaccel: MISS
location: https://www.firstfoundation.ca/assets/images/IIROC_ACPI_LOGO.png
content-type: text/html; charset=iso-8859-1
cache-control: max-age=28800
cf-ray: 8b3c89af3c3836b0-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 15 Aug 2024 22:14:29 GMT

GET
H3

200

Benefits_of_Working_with_a_Certified_Financial_Planner.png
www.firstfoundation.ca/media/imagic/
Redirect Chain

https://firstfoundation.ca/media/imagic/Benefits_of_Working_with_a_Certified_Financial_Planner.png
https://www.firstfoundation.ca/media/imagic/Benefits_of_Working_with_a_Certified_Financial_Planner.png

140 KB
141 KB

70ms
69ms

Image
image/webp

2606:4700:3108::ac42:2b58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.firstfoundation.ca/media/imagic/Benefits_of_Working_with_a_Certified_Financial_Planner.png
Requested by: Host: www.firstfoundation.ca
URL: https://www.firstfoundation.ca/financial/
Protocol: H3
Server: 2606:4700:3108::ac42:2b58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 582843ef3c94fd8ac34f30ec3efeac9ad8f8236f597122d5b8d510f8b559b6f9

Request headers

Referer: https://www.firstfoundation.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 22:14:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=172274
x-cache-nxaccel: MISS
content-disposition: inline; filename="Benefits_of_Working_with_a_Certified_Financial_Planner.webp"
alt-svc: h3=":443"; ma=86400
content-length: 143762
cf-bgj: imgq:100,h2pri
last-modified: Thu, 28 May 2020 22:11:06 GMT
server: cloudflare
etag: "2a0f2-5a6bc9ae03280"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FU8WRyx0apJbMUkK0qughbJpI2b1D6sPBqnMYcxXBjyqofw0Xpj7S%2FNbQ3uKVNkAQLz2KmMRUsJg4iRTxp7hVeLR01RPPaAjdiUTgO1F106eBGUt623NsbxN0g2r69nqTPfqgkcHnM%2BwyF7DKUIhlVAm010%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8b3c89b3eba7aaeb-YYZ
expires: Mon, 09 Sep 2024 04:37:38 GMT

Redirect headers

date: Thu, 15 Aug 2024 22:14:29 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QbT8FRfF57fgw2EM6ZmbYufX46va9OvoYJg5Qh0kZWNL96QgJIbZ754%2FefEr1pRv0ChjV1FpJRBaG6dXAYBMLqU8eoZ3lRH1VEPWV36%2FtDV%2F5UzfjqvOWsioMp9I1nrTmwjyYYI6tXwjMUuzWoqxtA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-cache-nxaccel: MISS
location: https://www.firstfoundation.ca/media/imagic/Benefits_of_Working_with_a_Certified_Financial_Planner.png
content-type: text/html; charset=iso-8859-1
cache-control: max-age=28800
cf-ray: 8b3c89af3c3636b0-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 15 Aug 2024 22:14:29 GMT

GET
H2 200 40126763331952 Show response
form.jotform.com/jsform/ 6 KB
2 KB 681ms
85ms Script
text/javascript 35.201.118.58
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://form.jotform.com/jsform/40126763331952
Requested by: Host: www.firstfoundation.ca
URL: https://www.firstfoundation.ca/financial/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.118.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 58.118.201.35.bc.googleusercontent.com
Software: CacheX v3.3 /
Resource Hash: b6ed81eee6d6ae94d8db1ea024a95f2cf38a25eaa4cc830edf09b599f4c2e833

Request headers

Referer: https://www.firstfoundation.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 22:14:29 GMT
content-encoding: gzip
cache-hit: 1
via: 1.1 google
server: CacheX v3.3
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3

200

NORTHERN_ALBERTA_2023_6_YRS_TAG.png
www.firstfoundation.ca/uploads/PM/
Redirect Chain

https://firstfoundation.ca/uploads/PM/NORTHERN_ALBERTA_2023_6_YRS_TAG.png
https://www.firstfoundation.ca/uploads/PM/NORTHERN_ALBERTA_2023_6_YRS_TAG.png

72 KB
73 KB

35ms
33ms

Image
image/webp

2606:4700:3108::ac42:2b58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.firstfoundation.ca/uploads/PM/NORTHERN_ALBERTA_2023_6_YRS_TAG.png
Requested by: Host: www.firstfoundation.ca
URL: https://www.firstfoundation.ca/financial/
Protocol: H3
Server: 2606:4700:3108::ac42:2b58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b0d69efedfb89da8e26d3f579de61f3ef732629b672b0fd853eabf2e1c4d5e1

Request headers

Referer: https://www.firstfoundation.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 22:14:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 77251
cf-polished: origFmt=png, origSize=115587
x-cache-nxaccel: MISS
content-disposition: inline; filename="NORTHERN_ALBERTA_2023_6_YRS_TAG.webp"
alt-svc: h3=":443"; ma=86400
content-length: 73924
cf-bgj: imgq:100,h2pri
last-modified: Fri, 06 Oct 2023 18:53:34 GMT
server: cloudflare
etag: "1c383-60710c1eb8eda"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8Fsjiw53S6AH3CGyWqDRPRztQtVY4aorM7CEr43%2Be8Y5CIykdT77ES8BnvMvlnXsiVHaNwZAJu9pcI2D%2BqxtSTiiUoyy7GlmDeid7kIacHdhS4aN23yRaX3HMXENiu7oebNOMt2FW9KofoEgdEgx0EAOdxc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8b3c89b0280faaeb-YYZ
expires: Sat, 07 Sep 2024 16:34:25 GMT

Redirect headers

date: Thu, 15 Aug 2024 22:14:29 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FImWqBWdQLQogbWVORkcXtG1v1qppv8DCD%2BPft4I4kMnRn43YJOl4TLscjCVXJRNlaKtmx4vSJ9dLJxMz%2FSOWRakfyijuj6LUe2DrJaVBC1BRlvgUcclmqaYm%2F6GcASlQQ5OZSvvtiU9k3cJAu8EyA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-cache-nxaccel: MISS
location: https://www.firstfoundation.ca/uploads/PM/NORTHERN_ALBERTA_2023_6_YRS_TAG.png
content-type: text/html; charset=iso-8859-1
cache-control: max-age=28800
cf-ray: 8b3c89af2c3536b0-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 15 Aug 2024 22:14:29 GMT

GET
H3 200 Refinancing_Ad_250x300_knockout.jpg
www.firstfoundation.ca/uploads/advertisements/ 41 KB
42 KB 79ms
66ms Image
image/jpeg 2606:4700:3108::ac42:2b58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.firstfoundation.ca/uploads/advertisements/Refinancing_Ad_250x300_knockout.jpg
Requested by: Host: www.firstfoundation.ca
URL: https://www.firstfoundation.ca/financial/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bfdf84c34e436af5cef64f1fb615310ea6433edf98d4c52111521f00714a02b

Request headers

Referer: https://www.firstfoundation.ca/financial/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 22:14:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=46892
x-cache-nxaccel: MISS
alt-svc: h3=":443"; ma=86400
content-length: 41964
cf-bgj: imgq:100,h2pri
last-modified: Mon, 22 Feb 2016 23:46:02 GMT
server: cloudflare
etag: "b72c-52c646f776280"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tZNfrVcTeEqcN%2FlEpx2zo%2FnlFxx0ba5HD2rpfPrqH3RgZetkU%2FyKU4f2pbHlWEtkuy464%2FeU5Q96o5Qsjvgp5EN19qVK3vokEmn9jQr1P3pWyqRnSELiCk7%2FQBVD%2BjhR4mte3bC4gMWZIlX600w1FC06pcQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8b3c89ad9e07aaeb-YYZ
expires: Sat, 14 Sep 2024 13:03:10 GMT

GET
H2 200 21697257863972 Show response
secure.jotformpro.com/jsform/ 6 KB
3 KB 761ms
253ms Script
text/javascript 35.201.118.58
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jotformpro.com/jsform/21697257863972
Requested by: Host: www.firstfoundation.ca
URL: https://www.firstfoundation.ca/financial/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.118.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 58.118.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e16de32eed9c11abecc541412975bfd45421701121274d30cb7523720d04e1e7

Request headers

Referer: https://www.firstfoundation.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Aug 2024 22:14:29 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 15 Aug 2024 22:14:29 GMT
server: nginx
vary: Accept-Encoding
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-type: text/javascript; charset=utf-8
cache-control: no-cache
jf-trace-id: a4a090ae329de6d7
global-router: true
x-raw-uri: /jsform/:id
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 MPC_69x69.png
www.firstfoundation.ca/assets/images/ 2 KB
3 KB 55ms
42ms Image
image/webp 2606:4700:3108::ac42:2b58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.firstfoundation.ca/assets/images/MPC_69x69.png
Requested by: Host: www.firstfoundation.ca
URL: https://www.firstfoundation.ca/financial/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 722d816917f75fb60dfb01bfa0685d0090f009b48eb1c6b602e42f8a51a7d91e

Request headers

Referer: https://www.firstfoundation.ca/financial/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 22:14:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 94217
cf-polished: origFmt=png, origSize=4537
x-cache-nxaccel: MISS
content-disposition: inline; filename="MPC_69x69.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2304
cf-bgj: imgq:100,h2pri
last-modified: Sat, 12 Feb 2022 00:35:10 GMT
server: cloudflare
etag: "11b9-5d7c75b132b80"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BBytwh2D89foCbSLnGD2EpKwOJ8jvUq9BTeGRpUqzgXGCW7RaidtTy1hPdgzmFImblfNvpaqDv9igU0C3of%2BGC60Td4DfuYjMJ%2Bs5Iz6UU%2BVN9RmE2TsU5OUyW6vTIjRy5pSOhR8bYl6Aa9WtCdopf17YK0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8b3c89ad9e09aaeb-YYZ
expires: Sat, 07 Sep 2024 18:18:05 GMT

GET
H3 200 IIROC_ACPI_LOGO_80H.png
www.firstfoundation.ca/assets/images/ 20 KB
21 KB 54ms
42ms Image
image/webp 2606:4700:3108::ac42:2b58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.firstfoundation.ca/assets/images/IIROC_ACPI_LOGO_80H.png
Requested by: Host: www.firstfoundation.ca
URL: https://www.firstfoundation.ca/financial/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0571ad0ecaab62d8ff77c9bbbf39df5188474855b765e8a9d7a3b8694e8671ea

Request headers

Referer: https://www.firstfoundation.ca/financial/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 22:14:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 122987
cf-polished: origFmt=png, origSize=30846
x-cache-nxaccel: MISS
content-disposition: inline; filename="IIROC_ACPI_LOGO_80H.webp"
alt-svc: h3=":443"; ma=86400
content-length: 20780
cf-bgj: imgq:100,h2pri
last-modified: Sat, 12 Feb 2022 00:37:10 GMT
server: cloudflare
etag: "787e-5d7c7623a3980"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CNlb44R1LtkWr5dcK0pFDCommTD4XLyWmvGze0mVB2UCcQRYjtlBNkWm0H1r9bk8nGLFQGcYANB1ea9rOtCoXBUGT%2BglkUi3oMULAtKSfYHbnIVIXLH6ZBdcwqWZiyMc6Pe4OVa8F9Hur0NRPqCy%2Fx%2BN82s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8b3c89ad9e0aaaeb-YYZ
expires: Fri, 06 Sep 2024 18:44:03 GMT

GET
H3 200 site.min.1558698618.js Show response
www.firstfoundation.ca/assets/js/ 118 KB
41 KB 194ms
182ms Script
application/javascript 2606:4700:3108::ac42:2b58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firstfoundation.ca/assets/js/site.min.1558698618.js
Requested by: Host: www.firstfoundation.ca
URL: https://www.firstfoundation.ca/financial/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52857bee99477d24edf782b102f00e242d58e1e754cfb9f0fc60bd86840fdca9

Request headers

Referer: https://www.firstfoundation.ca/financial/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 22:14:28 GMT
content-encoding: gzip
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-nxaccel: HIT
alt-svc: h3=":443"; ma=86400
content-length: 41404
last-modified: Fri, 24 May 2019 11:50:18 GMT
server: cloudflare
etag: "1d8ee-589a0cd701280-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3zNwP4JTCV2%2Fue3Csuloc8g%2FHuQZ%2FYX3H87aHWvpdPPTVp4kImpAO4E9JFifIcW%2Bq2l3tyUfHPb2Knt4F8dCsI9uv9hkOM9Nc%2FmhA%2F%2FqSDSFRyEfvorYFFp1uXpHtgBgctIUlRwER0akJJEtCjqnYCmZkzA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800, private
accept-ranges: bytes
cf-ray: 8b3c89ad9e0baaeb-YYZ
expires: Thu, 22 Aug 2024 22:13:40 GMT

GET
H3 200 conversion.js Show response
www.googleadservices.com/pagead/ 60 KB
22 KB 591ms
103ms Script
text/javascript 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.firstfoundation.ca
URL: https://www.firstfoundation.ca/financial/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

98c015c3d263163c111e2f8f67a53ae3c59bd6be8d529ac1e50359b18127e6b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.firstfoundation.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 22:14:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22334
x-xss-protection: 0
server: cafe
etag: 7683528578010392264
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 15 Aug 2024 22:14:29 GMT

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 676ms
86ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: www.firstfoundation.ca
URL: https://www.firstfoundation.ca/financial/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer: https://www.firstfoundation.ca/
Origin: https://www.firstfoundation.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 22:14:29 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
server: cloudflare
etag: W/"2024.6.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8b3c89b13ff236cb-YYZ

GET
H3 200 the-rest.min.1644947054.css
www.firstfoundation.ca/assets/css/ 112 KB
40 KB 77ms
69ms Stylesheet
text/css 2606:4700:3108::ac42:2b58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firstfoundation.ca/assets/css/the-rest.min.1644947054.css
Requested by: Host: www.firstfoundation.ca
URL: https://www.firstfoundation.ca/financial/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2aad7de9f37c25ab9bba96cd7d4f3dbf5141dce270b4ea93649b0f8e8ad405a

Request headers

Referer: https://www.firstfoundation.ca/financial/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 22:14:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 189591
x-cache-nxaccel: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 15 Feb 2022 17:44:14 GMT
server: cloudflare
etag: W/"1bf22-5d81214d3f780"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1j%2Bk%2FD6swIk%2B2OSsu4k4DIgou0PtqMEDYwnBPDdQ1AfE7naqljVM%2F39r02cLC8CvE8KLRQLnsWJsuyyqY%2Fq38eTLU5ql6Z%2FF3D%2FN9ZpJdPVJLL9PqnDclpVCJI06dT7EQ99C7cCCIEODGystbir5%2FYyHInE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 8b3c89ad9e0caaeb-YYZ
expires: Tue, 20 Aug 2024 03:45:58 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 330 KB
108 KB 602ms
102ms Script
application/javascript 2607:f8b0:4006:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TKV3CR

Requested by

Host: www.firstfoundation.ca
URL: https://www.firstfoundation.ca/financial/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

15cc6272e5865e1cc66b9ab9b1c19d7b568e6070f24028d2938da7502803d175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.firstfoundation.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 22:14:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109705
x-xss-protection: 0
last-modified: Thu, 15 Aug 2024 21:17:43 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 15 Aug 2024 22:14:29 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
4 KB 579ms
79ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: www.firstfoundation.ca
URL: https://www.firstfoundation.ca/financial/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c015c6d5f375e41824fdd538a21e963379d15e4c02af8f28723efd4e5a127d43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.firstfoundation.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 15 Aug 2024 22:14:29 GMT
content-md5: 4/F55OhodGulITbXzQ1KEw==
document-policy: force-load-at-top
x-fb-server-load: 30
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=13, mss=1392, tbw=2789, tp=-1, tpl=-1, uplat=1, ullat=-1
x-fb-debug: SNYKrGRnPsYeQO49Fnt29biYeqjO5lpkFUYGWovYR5YJEnL15gcFm1XUH9QyWX/1LOUxjn+E5PPpw9jGuZGtsQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 51d37b13ee3226426f99a63462fa0e19
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "db097ff1f299b7e08041e2783f25333e"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Thu, 15 Aug 2024 22:33:32 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 55 KB
22 KB 575ms
79ms Script
text/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: www.firstfoundation.ca
URL: https://www.firstfoundation.ca/financial/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5e3093bd5e8a58f04846013ead66d36ca25457a0475c9c72d8cde60e598fc0e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.firstfoundation.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 15 Aug 2024 22:14:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21633
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "1520fff540f9c3ac"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Aug 2024 22:14:29 GMT

GET
H3 200 top_line.gif
www.firstfoundation.ca/assets/images/ 74 B
680 B 135ms
131ms Image
image/webp 2606:4700:3108::ac42:2b58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.firstfoundation.ca/assets/images/top_line.gif
Requested by: Host: www.firstfoundation.ca
URL: https://www.firstfoundation.ca/assets/css/above-the-fold.min.1558698904.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c094182b5cabe9021b8dda00297e5c7c32f83f38619cf094257d5e029299699

Request headers

Referer: https://www.firstfoundation.ca/assets/css/above-the-fold.min.1558698904.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 22:14:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13048
cf-polished: origFmt=gif, origSize=320
x-cache-nxaccel: MISS
content-disposition: inline; filename="top_line.webp"
alt-svc: h3=":443"; ma=86400
content-length: 74
cf-bgj: imgq:100,h2pri
last-modified: Tue, 09 Jul 2013 07:29:10 GMT
server: cloudflare
etag: "140-4e10f1df1fd80"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HAzkJ9Qf3D%2BGo%2B9ETbtci6XPUsFLDdWWlnu3iordmVJjiqJXZv0H6rWrGywzUJJwpA6okvGkwKhaT3YDGiB9G9JkETjM2nWc5jzSabONayUBvJr%2FyirrUEyjwYw6%2BuqbYTKRjtcna3UMFddjDmwr813jhPY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8b3c89ad9e0eaaeb-YYZ
expires: Fri, 13 Sep 2024 22:15:43 GMT

GET
H3 200 icon_search.gif
www.firstfoundation.ca/assets/images/ 176 B
781 B 135ms
131ms Image
image/webp 2606:4700:3108::ac42:2b58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.firstfoundation.ca/assets/images/icon_search.gif
Requested by: Host: www.firstfoundation.ca
URL: https://www.firstfoundation.ca/assets/css/above-the-fold.min.1558698904.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9248f9dcb6b3c9b58999b21bdd10cc2f3a1dd8260679830c5e03db209104d92f

Request headers

Referer: https://www.firstfoundation.ca/assets/css/above-the-fold.min.1558698904.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 22:14:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26502
cf-polished: origFmt=gif, origSize=269
x-cache-nxaccel: MISS
content-disposition: inline; filename="icon_search.webp"
alt-svc: h3=":443"; ma=86400
content-length: 176
cf-bgj: imgq:100,h2pri
last-modified: Tue, 09 Jul 2013 07:29:10 GMT
server: cloudflare
etag: "10d-4e10f1df1fd80"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WTCVo3%2FPDfwKlwNCRz6khf2B0hQK6zc458u%2BNWeWLJbPPqCs9V%2Brx57EZkWbnh0LJiN3kJP6ol4tIka0iPEvKepAjrhob5hVlhrCLUM48ue68qUR7pfh6Hw55V78zQd4iRcauRbzYvi6Ayzo7jgj81vHBUg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8b3c89ad9e0faaeb-YYZ
expires: Sat, 07 Sep 2024 18:17:39 GMT

GET
H3 200 bg_squares_half.gif
www.firstfoundation.ca/assets/images/ 44 B
647 B 135ms
132ms Image
image/webp 2606:4700:3108::ac42:2b58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.firstfoundation.ca/assets/images/bg_squares_half.gif
Requested by: Host: www.firstfoundation.ca
URL: https://www.firstfoundation.ca/assets/css/above-the-fold.min.1558698904.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42094a7705f0d0ea137d847f5636021885167ddd1623c6b0ab54a4862f7722d0

Request headers

Referer: https://www.firstfoundation.ca/assets/css/above-the-fold.min.1558698904.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 22:14:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3555
cf-polished: origFmt=gif, origSize=45
x-cache-nxaccel: MISS
content-disposition: inline; filename="bg_squares_half.webp"
alt-svc: h3=":443"; ma=86400
content-length: 44
cf-bgj: imgq:100,h2pri
last-modified: Tue, 09 Jul 2013 07:29:10 GMT
server: cloudflare
etag: "2d-4e10f1df1fd80"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S%2B7fcazvnAQL2eJJwlkm7Leuh480ZGYNI3nDAMAuc2uYnvZht3Nj6iwLQr7SsZlAZWLhtru5jxKrV9nfLfY6EZKZL3yWlqbuGRxeacqn2WHU9pT5e54ToBSqDjn79PMdG7n4Q52mtHb2%2B2RjKfBTL1h7UgM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8b3c89ad9e11aaeb-YYZ
expires: Sat, 14 Sep 2024 14:47:21 GMT

GET
H2 200 NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v17/ 12 KB
12 KB 580ms
62ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v17/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5c1172f24f4f49f780c65cf5be897527fd08f3662a2ba8db0cfe0057d92e367

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.firstfoundation.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 04:59:44 GMT
x-content-type-options: nosniff
age: 62085
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11796
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:48:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Aug 2025 04:59:44 GMT

GET
H2 200 NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
fonts.gstatic.com/s/titilliumweb/v17/ 12 KB
12 KB 578ms
61ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v17/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.firstfoundation.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 23:18:26 GMT
x-content-type-options: nosniff
age: 82563
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12372
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:30:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Aug 2025 23:18:26 GMT

GET
H3 200 heading_banner.png
www.firstfoundation.ca/assets/images/ 344 B
965 B 35ms
34ms Image
image/webp 2606:4700:3108::ac42:2b58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.firstfoundation.ca/assets/images/heading_banner.png
Requested by: Host: www.firstfoundation.ca
URL: https://www.firstfoundation.ca/assets/css/the-rest.min.1644947054.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64162abc44e064c588108b6ef18dd54fe332b2678a0537168bfb85d762867e77

Request headers

Referer: https://www.firstfoundation.ca/assets/css/the-rest.min.1644947054.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 22:14:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 105513
cf-polished: origFmt=png, origSize=816
x-cache-nxaccel: MISS
content-disposition: inline; filename="heading_banner.webp"
alt-svc: h3=":443"; ma=86400
content-length: 344
cf-bgj: imgq:100,h2pri
last-modified: Tue, 09 Jul 2013 07:29:10 GMT
server: cloudflare
etag: "330-4e10f1df1fd80"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=brKBG1VujXZoz8IhM%2FnPMt6%2F5qCNE3wCpznb43ykyj%2FqDrnG5NbW5KvMbbK37CVzu7kNwU2i0vavWWkFB2%2Blq7Fvl2hZp5fF1Qr6XMuD9P2%2FKqnrmYlwqMX%2FjJ%2B%2BIHY1CTiXv4D%2FfkF8q9aI90D9718mTh8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8b3c89aecef9aaeb-YYZ
expires: Fri, 06 Sep 2024 16:35:10 GMT

GET
H3 200 icon-sprite.png
www.firstfoundation.ca/assets/images/ 46 KB
47 KB 37ms
36ms Image
image/webp 2606:4700:3108::ac42:2b58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.firstfoundation.ca/assets/images/icon-sprite.png
Requested by: Host: www.firstfoundation.ca
URL: https://www.firstfoundation.ca/assets/css/the-rest.min.1644947054.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db352eafbe6951971712c7e287205a431be22c9677558158796ea0b7a83dee61

Request headers

Referer: https://www.firstfoundation.ca/assets/css/the-rest.min.1644947054.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 22:14:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 278760
cf-polished: origFmt=png, origSize=60673
x-cache-nxaccel: MISS
content-disposition: inline; filename="icon-sprite.webp"
alt-svc: h3=":443"; ma=86400
content-length: 47242
cf-bgj: imgq:100,h2pri
last-modified: Tue, 09 Jul 2013 07:29:10 GMT
server: cloudflare
etag: "ed01-4e10f1df1fd80"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gs2tRwJggyFjRSGY7WBRhtGnYKq%2BNUQLtVi1rB7CqlZlXrNuOu3xthLbtbWVR0eOfSYql5M8THn8T2gua7FI1BlWumFgWkUaRwpLXKcQLSJOZn2RPEFtAZs1smHJwKGPFG0%2FtoAAZ9P6wII0I0f955okO%2Bg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8b3c89aecefaaaeb-YYZ
expires: Sat, 07 Sep 2024 03:20:20 GMT

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 307 KB
87 KB 178ms
56ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=81a0da9efb9e47498d6efa20441b8243

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2bad1a97dda2a3d273f500dccfb0e2ebacd349e931f112bac252f69102013c6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.firstfoundation.ca/
Origin: https://www.firstfoundation.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 15 Aug 2024 22:14:29 GMT
content-md5: dyUMF1yaqlNvN7Op9Z3aqw==
document-policy: force-load-at-top
x-fb-server-load: 37
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88656
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=48, rtx=0, c=23, mss=1232, tbw=5569, tp=10, tpl=0, uplat=0, ullat=-1
x-fb-debug: WFi3Zi07didBUS7hfhKUk+s1C04ymeCtmj7fQMai41Ps+ejQq+kaAjbz401/Rj84NG2Nhi9fcc7StP2CWr2l4g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 81703fd5c54ba0c24e62e705c76060e9
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "56c1aa1abceec648848e5bddff586a72"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Fri, 15 Aug 2025 21:14:27 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.pGGAptgAK4s.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo-Cic-4VdRMZ7mFCYOA3wzpF7O-6g/ 162 KB
57 KB 100ms
49ms Script
text/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.pGGAptgAK4s.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo-Cic-4VdRMZ7mFCYOA3wzpF7O-6g/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72888c73c7cbff54c030f2bf084b265196276cbc3bcd96d4bea274fc424322e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.firstfoundation.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 20:27:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92810
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57428
x-xss-protection: 0
last-modified: Thu, 11 Jul 2024 18:55:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Aug 2025 20:27:39 GMT

GET
H2 200 40126763331952
form.jotform.com/ Frame E206 0
0 440ms
260ms Document
text/html 35.201.118.58
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://form.jotform.com/40126763331952?parentURL=https%3A%2F%2Fwww.firstfoundation.ca%2Ffinancial%2F&jsForm=true
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/jsform/40126763331952
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.118.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 58.118.201.35.bc.googleusercontent.com
Software: CacheX v3.3 /
Resource Hash

Request headers

Referer: https://www.firstfoundation.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache
cache-hit: 0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 15 Aug 2024 22:14:29 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
server: CacheX v3.3
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 21697257863972
form.jotform.com/ Frame C6F0 0
0 197ms
72ms Document
text/html 35.201.118.58
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://form.jotform.com/21697257863972?parentURL=https%3A%2F%2Fwww.firstfoundation.ca%2Ffinancial%2F&jsForm=true
Requested by: Host: secure.jotformpro.com
URL: https://secure.jotformpro.com/jsform/21697257863972
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.118.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 58.118.201.35.bc.googleusercontent.com
Software: CacheX v3.3 /
Resource Hash

Request headers

Referer: https://www.firstfoundation.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache
cache-hit: 1
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 15 Aug 2024 22:14:29 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
server: CacheX v3.3
vary: Accept-Encoding
via: 1.1 google

GET
H/1.1 200 widget Show response
salesiq.zoho.com/ 155 KB
47 KB 521ms
178ms Script
text/javascript 204.141.43.67
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://salesiq.zoho.com/widget

Requested by

Host: www.firstfoundation.ca
URL: https://www.firstfoundation.ca/financial/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

204.141.43.67 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

ec63a6725df17fe99453ae38e998181aa8c2449398b41c3665cf21e7df95f1f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.firstfoundation.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 15 Aug 2024 22:14:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000
Transfer-Encoding: chunked
Connection: keep-alive
Pragma
Server: ZGS
ETag: W/429ffa8fd2d384ff0e76b0a725bc2a545e4a0b895bd05e1ac8e20cd3dd61d1b7
X-Frame-Options: SAMEORIGIN
vary: accept-encoding
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate
Encoding: UTF-8
Expires: Thu, 15 Aug 2024 22:19:29 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1061587441/ 3 KB
1 KB 325ms
74ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1061587441/?random=1723760069501&cv=9&fst=1723760069501&num=1&label=wP4UCKeyzwIQ8ZOa-gM&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.firstfoundation.ca%2Ffinancial%2F&tiba=Financial%20Advisor%20%26%20Planner%20Services%20Edmonton%20Calgary%20%7C%20First%20Foundation&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7511c5be5e418fd13c55360659a25135cf38e5773d7eaa94aee8054b6f364d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.firstfoundation.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Aug 2024 22:14:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1432
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bg_squares_blue.gif
www.firstfoundation.ca/assets/images/ 53 B
630 B 125ms
123ms Image
image/gif 2606:4700:3108::ac42:2b58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.firstfoundation.ca/assets/images/bg_squares_blue.gif
Requested by: Host: www.firstfoundation.ca
URL: https://www.firstfoundation.ca/assets/css/the-rest.min.1644947054.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31440826df0ec544530ad0a3f316d2ea03c936cab55c15fc83950d27fcc3353a

Request headers

Referer: https://www.firstfoundation.ca/assets/css/the-rest.min.1644947054.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 22:14:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 189592
cf-polished: origSize=54, status=webp_bigger
x-cache-nxaccel: MISS
alt-svc: h3=":443"; ma=86400
content-length: 53
cf-bgj: imgq:100,h2pri
last-modified: Tue, 09 Jul 2013 07:29:10 GMT
server: cloudflare
etag: "36-4e10f1df1fd80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KrD3xbJRd2L7p%2FwqLFqsZPfD%2BJaDdIILfyxVVQcPLds0YJMoHNxQcQdFPiSyXUFkA0dAMjDhvtWGp4UrgpX6nxUoa6Icudez7aqMz01OrUeiwh%2B987Yumrz5ozD71F9Awd47vrzkoJNyNOPikcivxcVwpOc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8b3c89b2fabaaaeb-YYZ
expires: Thu, 12 Sep 2024 03:36:15 GMT

GET
H3 200 small-arrow.png
www.firstfoundation.ca/assets/images/ 72 B
682 B 124ms
123ms Image
image/webp 2606:4700:3108::ac42:2b58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.firstfoundation.ca/assets/images/small-arrow.png
Requested by: Host: www.firstfoundation.ca
URL: https://www.firstfoundation.ca/assets/css/the-rest.min.1644947054.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 586086be5c643db663891f93064b6dd493c6c5e280cab116f81bcd94bea54e6c

Request headers

Referer: https://www.firstfoundation.ca/assets/css/the-rest.min.1644947054.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 22:14:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1796
cf-polished: origFmt=png, origSize=110
x-cache-nxaccel: MISS
content-disposition: inline; filename="small-arrow.webp"
alt-svc: h3=":443"; ma=86400
content-length: 72
cf-bgj: imgq:100,h2pri
last-modified: Tue, 09 Jul 2013 07:29:10 GMT
server: cloudflare
etag: "6e-4e10f1df1fd80"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UusByL8DX%2FJgnGBregztaCgdlqr4wnnLbxTVklELRAHvuO%2B1HrrQoUzgQNYivSXjSxZX%2BpwCuG2TMrm%2BzfI%2BK60o4NUGyzOX5pf0rWjIj3XvJTvYFkTAPjE0tl069Q4MrKWBt0o12%2FnriPF6tndHhSDdCu4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8b3c89b2fabbaaeb-YYZ
expires: Sun, 08 Sep 2024 19:49:25 GMT

GET
H3 200 bg_squares_blue_half.gif
www.firstfoundation.ca/assets/images/ 37 B
612 B 125ms
124ms Image
image/gif 2606:4700:3108::ac42:2b58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.firstfoundation.ca/assets/images/bg_squares_blue_half.gif
Requested by: Host: www.firstfoundation.ca
URL: https://www.firstfoundation.ca/assets/css/above-the-fold.min.1558698904.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c354a3788639ae9e83bd8fe20b0ddcbe5178ed69ec39fcd7a50183e8695de3f

Request headers

Referer: https://www.firstfoundation.ca/assets/css/above-the-fold.min.1558698904.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 22:14:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 89269
cf-polished: status=not_needed
x-cache-nxaccel: MISS
alt-svc: h3=":443"; ma=86400
content-length: 37
cf-bgj: imgq:100,h2pri
last-modified: Tue, 09 Jul 2013 07:29:10 GMT
server: cloudflare
etag: "25-4e10f1df1fd80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qY%2FnhhtIXrjIlGZ%2B%2F2aIeykutAYrs8GSAKHMFfwclQ%2BPpRXlr9LCVkpx9MUS%2Bm0JNiZDq3g2WaFlupYh%2BuokEUq%2FnXtmsJpjOMS9lOnoT5jrbDcRnH%2FSZftFrVZCvtYB9TUbdoPOzB2NIl%2BTdqvvnb0YXcc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8b3c89b2fabcaaeb-YYZ
expires: Thu, 12 Sep 2024 05:57:07 GMT

GET
H3 200 main-sprite.png
www.firstfoundation.ca/assets/images/ 3 KB
4 KB 124ms
123ms Image
image/webp 2606:4700:3108::ac42:2b58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.firstfoundation.ca/assets/images/main-sprite.png
Requested by: Host: www.firstfoundation.ca
URL: https://www.firstfoundation.ca/assets/css/the-rest.min.1644947054.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11d97aa00e128b5f10a99d3de14eba0ec817751c0548a8aaece7dbbfb77bcb66

Request headers

Referer: https://www.firstfoundation.ca/assets/css/the-rest.min.1644947054.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 22:14:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 189592
cf-polished: origFmt=png, origSize=4894
x-cache-nxaccel: MISS
content-disposition: inline; filename="main-sprite.webp"
alt-svc: h3=":443"; ma=86400
content-length: 3474
cf-bgj: imgq:100,h2pri
last-modified: Tue, 09 Jul 2013 07:29:10 GMT
server: cloudflare
etag: "131e-4e10f1df1fd80"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZxKmhAuCcYVitRF6deAdWRLtyKBAdW%2BzXz7aP6tBLusv96CYyM8Rpy%2BUbYfS0t%2BJ7Atf4bs6tw%2FcRZ4FrAloBAKj9oMswPxCCrqiCt7MyKux4wmsxG5vR36tL8MnvUXLqxoHlxNx8hhHC2ZwP3HGVjHuPwo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8b3c89b2fabdaaeb-YYZ
expires: Sun, 08 Sep 2024 17:11:21 GMT

GET
H3 200 firstfoundation.ttf
www.firstfoundation.ca/assets/fonts/ 1 KB
1 KB 66ms
39ms Font
font/ttf 2606:4700:3108::ac42:2b58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firstfoundation.ca/assets/fonts/firstfoundation.ttf?-l24jn4
Requested by: Host: www.firstfoundation.ca
URL: https://www.firstfoundation.ca/assets/css/above-the-fold.min.1558698904.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d50734aaa7ef52888e0d962d54ae9163d265b61a729c735170653b07691ef3ae

Request headers

Referer: https://www.firstfoundation.ca/assets/css/above-the-fold.min.1558698904.css
Origin: https://www.firstfoundation.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 22:14:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32364
x-cache-nxaccel: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Jul 2015 16:43:34 GMT
server: cloudflare
etag: W/"504-51a5fd6f2b980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x9GcdIcSJP%2B32F4tZ8GHwdnMqLxipm0zOyfHvXKma%2FrSbTDhYlQS6uAX0H2q0n2fnbBwfbzc1XupjVbhK2cdmDX9AeLE0CiIounIhDSYqlo5fVVyPmECZ%2BzvfDh9SH%2B%2BwY2o0yPnM%2F5iGMCL9pYBk%2BQTX04%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 8b3c89b5acfdaaeb-YYZ
expires: Fri, 16 Aug 2024 12:33:05 GMT

GET
H3 200 logo.png
www.firstfoundation.ca/assets/images/ 2 KB
0 44ms
44ms Image
image/webp 2606:4700:3108::ac42:2b58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.firstfoundation.ca/assets/images/logo.png
Requested by: Host: www.firstfoundation.ca
URL: https://www.firstfoundation.ca/financial/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0020742c62697f7ce1453e65054c48333fa7140961f952b5a2d220020a76771

Request headers

Referer: https://www.firstfoundation.ca/financial/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 22:14:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 204965
cf-polished: origFmt=png, origSize=2793
x-cache-nxaccel: MISS
content-disposition: inline; filename="logo.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2384
cf-bgj: imgq:100,h2pri
last-modified: Tue, 09 Jul 2013 07:29:10 GMT
server: cloudflare
etag: "ae9-4e10f1df1fd80"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jhp5mcQXU6w0uxK6gOlV%2FR6bfJD%2B04KRcsW%2FUg1YDkjyWaeLroH4oJXZhzx3fch7rF8zN8yd9LDKjMtOhs%2Fr0aZkUsvegDcspm6gYzXzkoCNT4SDtCIKESKn%2FApYiTk%2FySRMd70FRNzeEko5js5guaUetFU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8b3c89a9dbafaaeb-YYZ
expires: Tue, 10 Sep 2024 17:09:41 GMT

GET
H3

200

main.js Show response
www.firstfoundation.ca/cdn-cgi/challenge-platform/h/g/scripts/jsd/ba7376691753/ Frame 0F80
Redirect Chain

https://www.firstfoundation.ca/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.firstfoundation.ca/cdn-cgi/challenge-platform/h/g/scripts/jsd/ba7376691753/main.js?

8 KB
4 KB

73ms
55ms

Script
application/javascript

2606:4700:3108::ac42:2b58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.firstfoundation.ca/cdn-cgi/challenge-platform/h/g/scripts/jsd/ba7376691753/main.js?

Requested by

Host: www.firstfoundation.ca
URL: https://www.firstfoundation.ca/financial/

Protocol

Server

2606:4700:3108::ac42:2b58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d279170a86cf33088f004ed084943241a91f810ec328125cc426e48876aa0142

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 22:14:30 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bbXXKGZIPS6UfxVX84XDBZkSZnRhg%2FS31TsKu1TLRcLZ7H7ZMqJjJ2jl2fPLEO7YTH53GPZPiM12yqo1APZs5DVdpdo8TYT4MsDj7mHD74YjPMiLqnsGwk0jd8b2HDrEy%2FL%2BZ3B71Qw3lFThe9etnsYZ2uU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8b3c89b8ff44aaeb-YYZ
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 15 Aug 2024 22:14:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W0NX2Ppay67FQk5ZQdS%2BoV9HIKWRgCB7khAqZpBkTazjm8CYYXCYNBUdQ7%2FENkThfJkC8xYw3XJYSAnLYfSkJpuKDcnkL0Got7d9Rp2zoIDDWKah3UyLWrDL1Wgsc%2BLc8czKpiurujirtXtstLFb%2FU8VS64%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/ba7376691753/main.js?
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8b3c89b5acfcaaeb-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 319 KB
106 KB 118ms
116ms Script
application/javascript 2607:f8b0:4006:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CD6W6EB7M8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKV3CR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aa08f15ec6fa5cb8c6b75661569ae48ca6e8de3823681916be9f4c717d2f60d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.firstfoundation.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 22:14:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 108293
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 15 Aug 2024 22:14:30 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 467ms
48ms Script
text/javascript 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKV3CR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.firstfoundation.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 15 Aug 2024 22:06:04 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 506
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 16 Aug 2024 00:06:04 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 231 KB
83 KB 106ms
106ms Script
application/javascript 2607:f8b0:4006:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-1061587441&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKV3CR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f2f420a3b97b51f6bcda87d88d79ae5c1504929f1ed1846639dbc35257a70566

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.firstfoundation.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 22:14:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85219
x-xss-protection: 0
last-modified: Thu, 15 Aug 2024 21:17:43 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 15 Aug 2024 22:14:30 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
58 KB 87ms
84ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.firstfoundation.ca
URL: https://www.firstfoundation.ca/financial/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.firstfoundation.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 15 Aug 2024 22:14:30 GMT
document-policy: force-load-at-top
x-fb-server-load: 43
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58865
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=20, mss=1392, tbw=6638, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: GkpKcOd6/hICTwU6dcPbBXlFYKS7nwRBcIVHrfxTmadHlSScVZMfuvhTb0uqy3LJarBUp8OylWiWvwsoAeRchQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 swap.js Show response
cdn.callrail.com/companies/252477266/acba09b486609447ec77/12/ 32 B
577 B 556ms
158ms Script
text/javascript 52.85.61.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.callrail.com/companies/252477266/acba09b486609447ec77/12/swap.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKV3CR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-51.ewr53.r.cloudfront.net

Software

Resource Hash

d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.firstfoundation.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 22:14:30 GMT
via: 1.1 52b969a4ab7956a248b07efba57c92a4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
content-length: 32
x-xss-protection: 1; mode=block
x-request-id: c2a11303-db0c-422e-ba56-62033c414937
x-runtime: 0.005337
referrer-policy: strict-origin-when-cross-origin
etag: W/"d18beba8a6db32dd84b24258cf6542ac"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600, public
timing-allow-origin: *
x-amz-cf-id: uLrwCRhviV9D4Z_Iw24OruDbTrHikH8cBSVfzzDDiWGI-c5gy1qIVw==

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 455ms
91ms Fetch
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=189113607825569&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.firstfoundation.ca%2Ffinancial%2F&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=81a0da9efb9e47498d6efa20441b8243

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.firstfoundation.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Thu, 15 Aug 2024 22:14:30 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
x-fb-server-load: 18
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7403493127086111521", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=10, mss=1392, tbw=2781, tp=-1, tpl=-1, uplat=12, ullat=0
pragma: no-cache
x-fb-debug: iXJKPHN47VNnV38UM9xq4F/rjrv8tOpgzbE0qoB6JrcmfBmMsE4eudKl1NpFq0KTpsBtKme1bGVwTTEtg/RNQQ==
fb-s: unknown
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7403493127086111521"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.firstfoundation.ca
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1061587441/ 42 B
64 B 455ms
140ms Image
image/gif 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1061587441/?random=1723760069501&cv=9&fst=1723759200000&num=1&label=wP4UCKeyzwIQ8ZOa-gM&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.firstfoundation.ca%2Ffinancial%2F&tiba=Financial%20Advisor%20%26%20Planner%20Services%20Edmonton%20Calgary%20%7C%20First%20Foundation&hn=www.googleadservices.com&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfcPb3ysMa55pKCPMDzGcApH_UdAbZ0Q&random=3897361214&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.firstfoundation.ca
URL: https://www.firstfoundation.ca/financial/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.firstfoundation.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Aug 2024 22:14:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/1061587441/ 42 B
64 B 455ms
140ms Image
image/gif 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/1061587441/?random=1723760069501&cv=9&fst=1723759200000&num=1&label=wP4UCKeyzwIQ8ZOa-gM&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.firstfoundation.ca%2Ffinancial%2F&tiba=Financial%20Advisor%20%26%20Planner%20Services%20Edmonton%20Calgary%20%7C%20First%20Foundation&hn=www.googleadservices.com&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfcPb3ysMa55pKCPMDzGcApH_UdAbZ0Q&random=3897361214&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.firstfoundation.ca
URL: https://www.firstfoundation.ca/financial/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.firstfoundation.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Aug 2024 22:14:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 website Show response
salesiq.zohopublic.com/visitor/v2/channels/ 32 KB
15 KB 615ms
299ms XHR
application/json 136.143.182.97
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://salesiq.zohopublic.com/visitor/v2/channels/website?widgetcode=e9d74e9503923100e2daebc52dbd012f3d02b9e93fac0865dd2f4003e47a260813bd0b925c54d792187683bc6667e379&internal_channel_req=true&language_api=true&browser_language=en&current_domain=https%3A%2F%2Ffirstfoundation.ca&pagetitle=Financial%20Advisor%20%26%20Planner%20Services%20Edmonton%20Calgary%20%7C%20First%20Foundation&include_fields=avuid

Requested by

Host: salesiq.zoho.com
URL: https://salesiq.zoho.com/widget

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

136.143.182.97 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

a7796d41799ce90f793582ff29bc9245c491634481dc1f5f159ea3c713703593

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.firstfoundation.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 15 Aug 2024 22:14:29 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
Server: ZGS
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.firstfoundation.ca
Content-Language: en-CA
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Encoding: UTF-8
Access-Control-Allow-Headers: Content-Type,x-siq-internal-channel

GET
H3 200 773482682778910 Show response
connect.facebook.net/signals/config/ 62 KB
13 KB 102ms
100ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/773482682778910?v=2.9.164&r=stable&domain=www.firstfoundation.ca&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a25353169b8c24bf40c29d2c77bac5a239c8dac509a022bd9272532ce1c6d71f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.firstfoundation.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 15 Aug 2024 22:14:30 GMT
document-policy: force-load-at-top
x-fb-server-load: 20
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13395
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=54, rtx=0, c=23, mss=1232, tbw=5567, tp=10, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: JYqLd5hyLrkswc+So7kKeSIZ725O6qkUrwnuUXpeBJ6F3J8Ed3PNvah452jK71wdDBHgVeieE+FPu68okwWg2A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1061587441/ 3 KB
1 KB 112ms
94ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1061587441/?random=1723760070643&cv=11&fst=1723760070643&bg=ffffff&guid=ON&async=1&gtm=45be48e0z86850853za201zb6850853&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.firstfoundation.ca%2Ffinancial%2F&hn=www.googleadservices.com&frm=0&tiba=Financial%20Advisor%20%26%20Planner%20Services%20Edmonton%20Calgary%20%7C%20First%20Foundation&npa=0&pscdl=noapi&auid=1453784647.1723760070&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-1061587441&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8977f0c34404aa2d54720a16a6d8d14e51c320207d8b446002a6da2bfe0f5074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.firstfoundation.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Aug 2024 22:14:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1408
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 8b3c89a5ba3a39f5 Show response
www.firstfoundation.ca/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 0F80 0
699 B 54ms
39ms XHR
text/plain 2606:4700:3108::ac42:2b58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firstfoundation.ca/cdn-cgi/challenge-platform/h/g/jsd/r/8b3c89a5ba3a39f5
Requested by: Host: www.firstfoundation.ca
URL: https://www.firstfoundation.ca/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Aug 2024 22:14:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GNTlCUb4A0ctk3jb44dXxIgKgTbF0iIdqe%2B5cBUnqbX5BluAYQi8yzerNrAI5Fcv2jF3sQaxMk3z7AarhDW71oqBxuIOas5j8Rapbt13IGUntWC0fNw4Q8zR3pQXSEA3uQRWCOOoj92OdtEo0Wd1WsZlnWE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 8b3c89bcda80aaeb-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 collect
analytics.google.com/g/ 0
0 218ms
100ms Fetch
text/plain 2001:4860:4802:32::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-CD6W6EB7M8&gtm=45je48e0v9116765317z86850853za200zb6850853&_p=1723760068702&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=953973497.1723760071&ecid=1968353391&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723760071&sct=1&seg=0&dl=https%3A%2F%2Fwww.firstfoundation.ca%2Ffinancial%2F&dt=Financial%20Advisor%20%26%20Planner%20Services%20Edmonton%20Calgary%20%7C%20First%20Foundation&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4528
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CD6W6EB7M8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.firstfoundation.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Aug 2024 22:14:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.firstfoundation.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 270ms
74ms Ping
text/plain 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CD6W6EB7M8&cid=953973497.1723760071&gtm=45je48e0v9116765317z86850853za200zb6850853&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CD6W6EB7M8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.firstfoundation.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Aug 2024 22:14:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.firstfoundation.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 107ms
107ms Image
image/gif 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-CD6W6EB7M8&cid=953973497.1723760071&gtm=45je48e0v9116765317z86850853za200zb6850853&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&tag_exp=0&tag_exp=0&z=360224689

Requested by

Host: www.firstfoundation.ca
URL: https://www.firstfoundation.ca/financial/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.firstfoundation.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Aug 2024 22:14:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 floatbutton1_0uA5KIDjSJBNGPeiRDI3YtNcjWJ9mZsPq48NM5iMzp7_jWYVkIHbMtgrDX_xil60_.css
css.zohocdn.com/salesiq/styles/ 60 KB
14 KB 698ms
36ms Stylesheet
text/css 199.67.84.76
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://css.zohocdn.com/salesiq/styles/floatbutton1_0uA5KIDjSJBNGPeiRDI3YtNcjWJ9mZsPq48NM5iMzp7_jWYVkIHbMtgrDX_xil60_.css

Requested by

Host: salesiq.zoho.com
URL: https://salesiq.zoho.com/widget

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

199.67.84.76 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

bb92332c3133a0ff652f4fdffec647032ab9939d320decdee8a6619431dd2dec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.firstfoundation.ca/
Origin: https://www.firstfoundation.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 22:14:32 GMT
strict-transport-security: max-age=15768000, max-age=63072000
x-content-type-options: nosniff
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 13958
last-modified: Thu, 04 Apr 2024 08:43:59 GMT
server: ZGS
nb-request-id: 1402c42f3bfd2d68101be4b36618ffec
etag: "03a6501a22cf0a6bafc47337b71c098a"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
content-language: en-US
z-origin-id: ca1-1059c27c956748dd921905c94f07a7fc
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 floatbutton1_ntOTzijfgIO2NxX8WMJch-kWe1HGIyvhXvC9ZYd6Bf-P-JdEDikGmCycyTnYqYia_.js Show response
js.zohocdn.com/salesiq/js/ 114 KB
43 KB 507ms
38ms Script
text/javascript 199.67.84.76
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://js.zohocdn.com/salesiq/js/floatbutton1_ntOTzijfgIO2NxX8WMJch-kWe1HGIyvhXvC9ZYd6Bf-P-JdEDikGmCycyTnYqYia_.js

Requested by

Host: salesiq.zoho.com
URL: https://salesiq.zoho.com/widget

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

199.67.84.76 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

30fa9a70d29af821672005091907b12f65ee0513c554b207bab2805e095ad3a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.firstfoundation.ca/
Origin: https://www.firstfoundation.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 22:14:31 GMT
strict-transport-security: max-age=15768000, max-age=63072000
x-content-type-options: nosniff
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 43067
last-modified: Fri, 09 Aug 2024 09:49:06 GMT
server: ZGS
nb-request-id: e0c7ebae4af137371b2216f43898873f
etag: "83a71ef2a558d09d76e184c3afd7a6e3"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
content-language: en-US
z-origin-id: ca1-25adafaa86df470c8688f826c4d2d203
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
226 B 58ms
56ms XHR
text/plain 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1468405958&t=pageview&_s=1&dl=https%3A%2F%2Fwww.firstfoundation.ca%2Ffinancial%2F&ul=en-ca&de=UTF-8&dt=Financial%20Advisor%20%26%20Planner%20Services%20Edmonton%20Calgary%20%7C%20First%20Foundation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgUABAAAAACAAI~&jid=1118290843&gjid=2126592248&cid=953973497.1723760071&tid=UA-1432971-1&_gid=698222859.1723760071&_slc=1&gtm=45He48e0n71TKV3CRv6850853za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&z=1279866017

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e44299abb569eac7b8a824ec93d50ee4107ecbacb261607c64fdafbe43134c35

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.firstfoundation.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Aug 2024 22:14:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.firstfoundation.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
351 B 171ms
74ms XHR
text/plain 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-1432971-1&cid=953973497.1723760071&jid=1118290843&gjid=2126592248&_gid=698222859.1723760071&_u=YCDAgUABAAAAAGAAI~&z=1357727448

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.firstfoundation.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 15 Aug 2024 22:14:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.firstfoundation.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1061587441/ 42 B
64 B 65ms
64ms Image
image/gif 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1061587441/?random=1723760070643&cv=11&fst=1723759200000&bg=ffffff&guid=ON&async=1&gtm=45be48e0z86850853za201zb6850853&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.firstfoundation.ca%2Ffinancial%2F&hn=www.googleadservices.com&frm=0&tiba=Financial%20Advisor%20%26%20Planner%20Services%20Edmonton%20Calgary%20%7C%20First%20Foundation&npa=0&pscdl=noapi&auid=1453784647.1723760070&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnf1cmj-Gl2NXkSE1vSp_X2mn1soYwoi7_gLYiB2LtBhhoKgVRZ&random=1339888281&rmt_tld=0&ipr=y

Requested by

Host: www.firstfoundation.ca
URL: https://www.firstfoundation.ca/financial/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.firstfoundation.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Aug 2024 22:14:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/1061587441/ 42 B
64 B 64ms
64ms Image
image/gif 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/1061587441/?random=1723760070643&cv=11&fst=1723759200000&bg=ffffff&guid=ON&async=1&gtm=45be48e0z86850853za201zb6850853&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.firstfoundation.ca%2Ffinancial%2F&hn=www.googleadservices.com&frm=0&tiba=Financial%20Advisor%20%26%20Planner%20Services%20Edmonton%20Calgary%20%7C%20First%20Foundation&npa=0&pscdl=noapi&auid=1453784647.1723760070&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnf1cmj-Gl2NXkSE1vSp_X2mn1soYwoi7_gLYiB2LtBhhoKgVRZ&random=1339888281&rmt_tld=1&ipr=y

Requested by

Host: www.firstfoundation.ca
URL: https://www.firstfoundation.ca/financial/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.firstfoundation.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Aug 2024 22:14:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
174 B 99ms
96ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=773482682778910&ev=PageView&dl=https%3A%2F%2Fwww.firstfoundation.ca&rl=&if=false&ts=1723760071447&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4124&fbp=fb.1.1723760071431.840419902302247142&pm=1&hrl=7fccc4&ler=empty&cdl=API_unavailable&it=1723760070588&coo=false&cs_cc=1&cas=1928093747312596&rqm=GET

Requested by

Host: www.firstfoundation.ca
URL: https://www.firstfoundation.ca/financial/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.firstfoundation.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=10, mss=1392, tbw=4595, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 15 Aug 2024 22:14:31 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
2 KB 274ms
273ms Image
image/png 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=773482682778910&ev=PageView&dl=https%3A%2F%2Fwww.firstfoundation.ca&rl=&if=false&ts=1723760071447&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4124&fbp=fb.1.1723760071431.840419902302247142&pm=1&hrl=7fccc4&ler=empty&cdl=API_unavailable&it=1723760070588&coo=false&cs_cc=1&cas=1928093747312596&rqm=FGET

Requested by

Host: www.firstfoundation.ca
URL: https://www.firstfoundation.ca/financial/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.firstfoundation.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Thu, 15 Aug 2024 22:14:31 GMT
document-policy: force-load-at-top
x-fb-server-load: 22
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7403493132921547005", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=10, mss=1392, tbw=4813, tp=-1, tpl=-1, uplat=199, ullat=0
pragma: no-cache
x-fb-debug: lGL0vanGgTx5rv/vk/AGDKA/p3y4NJLBEJ/ZmUXCVEr8dcJwW8n7i3GBD3XsFpBE1fSqCWT6tDQGGBiVmbQE8w==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7403493132921547005"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 323 KB
108 KB 84ms
83ms Script
application/javascript 2607:f8b0:4006:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CD6W6EB7M8&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c3849cee2cb24dd7d45efad9763e9a48fa0d9da57d32482d1fa03eff371e6e74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.firstfoundation.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 22:14:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 110185
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 15 Aug 2024 22:14:31 GMT

GET
H2 200 siq_mpWsf52LIPg9mU40fjRdjF6WMUs-Q0VNu4KH07GkhNZGQTRxW2eRyFJLAq9VKCYB_.ttf
css.zohocdn.com/salesiq/styles/fonts/float/ 14 KB
10 KB 45ms
44ms Font
font/ttf 199.67.84.76
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://css.zohocdn.com/salesiq/styles/fonts/float/siq_mpWsf52LIPg9mU40fjRdjF6WMUs-Q0VNu4KH07GkhNZGQTRxW2eRyFJLAq9VKCYB_.ttf

Requested by

Host: css.zohocdn.com
URL: https://css.zohocdn.com/salesiq/styles/floatbutton1_0uA5KIDjSJBNGPeiRDI3YtNcjWJ9mZsPq48NM5iMzp7_jWYVkIHbMtgrDX_xil60_.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

199.67.84.76 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

cf1f73b76f318b2d7b59319d22f03d9f40ae8ab9ed942d338aeca9d03860fc15

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://css.zohocdn.com/salesiq/styles/floatbutton1_0uA5KIDjSJBNGPeiRDI3YtNcjWJ9mZsPq48NM5iMzp7_jWYVkIHbMtgrDX_xil60_.css
Origin: https://www.firstfoundation.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 22:14:32 GMT
strict-transport-security: max-age=15768000, max-age=63072000
x-content-type-options: nosniff
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 9343
last-modified: Thu, 04 Apr 2024 08:43:28 GMT
server: ZGS
nb-request-id: 64d8f0205abcfd7ffd1ebddda6631006
etag: "20f374e9afc772f2ce62f64c5b3b772f"
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
content-language: en-US
z-origin-id: ca1-c441827726d849db888c0558ec1a55d5
accept-ranges: bytes
timing-allow-origin: *

POST
H3 204 rum Show response
www.firstfoundation.ca/cdn-cgi/ 0
146 B 38ms
35ms XHR
text/plain 2606:4700:3108::ac42:2b58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.firstfoundation.ca/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2b58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.firstfoundation.ca/financial/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Thu, 15 Aug 2024 22:14:32 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.firstfoundation.ca
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8b3c89c29ef4aaeb-YYZ

GET
H3 200 favicon.png
www.firstfoundation.ca/assets/images/ 320 B
926 B 46ms
43ms Other
image/webp 2606:4700:3108::ac42:2b58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firstfoundation.ca/assets/images/favicon.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f29a6f1cb7b1d47b9737448d5f34e2e6aa7152fa73119953f00f07c6dade9f3e

Request headers

Referer: https://www.firstfoundation.ca/financial/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 22:14:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 115356
cf-polished: origFmt=png, origSize=537
x-cache-nxaccel: MISS
content-disposition: inline; filename="favicon.webp"
alt-svc: h3=":443"; ma=86400
content-length: 320
cf-bgj: imgq:100,h2pri
last-modified: Tue, 09 Jul 2013 07:29:10 GMT
server: cloudflare
etag: "219-4e10f1df1fd80"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k7AZb93G3iF3t57g2AzOPG3112TkKMs35ek1xZ%2FxPlcyjZloKC3MQ4PHhYW03WW0yDzZ3%2BwwmQPw%2BKvadPe%2F8lWuAKJjmwnzDLSI3KCMtzssGu6GgcpmmdsxDFkKDRRDVOCHynoVQYvejkNezGWF59y1f1c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8b3c89c31f5aaaeb-YYZ
expires: Sun, 08 Sep 2024 21:23:37 GMT

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.firstfoundation.ca/	1970-01-21 07:34:56	Name: exp_last_visit Value: 1408400067
www.firstfoundation.ca/	1970-01-21 07:34:56	Name: exp_last_activity Value: 1723760067
www.firstfoundation.ca/	1969-12-31 23:59:59	Name: exp_tracker Value: %7B%220%22%3A%22financial%22%2C%22token%22%3A%22709353540013a321093580ca51131103%22%7D
www.firstfoundation.ca/	1970-01-20 22:49:27	Name: exp_csrf_token Value: f647d6ec932658cf182885f939fd65834872574b
.jotformpro.com/	1970-01-20 23:33:58	Name: userReferer Value: https%3A%2F%2Fwww.firstfoundation.ca%2F
.jotformpro.com/	1970-01-20 23:33:58	Name: guest Value: guest_8cf4f7b6a52089f6
salesiq.zoho.com/	1969-12-31 23:59:59	Name: LS_CSRF_TOKEN Value: b82ce3a0-ac20-49e1-af6b-e5feec2452ab
.firstfoundation.ca/	1970-01-21 00:58:56	Name: _gcl_au Value: 1.1.1453784647.1723760070
.doubleclick.net/	1970-01-21 08:25:20	Name: IDE Value: AHWqTUllkmMHHzQiSbLky-KdKL4aSxoO-geaR08RD54YK6kCHhVzd3Ut7wryLK-H
salesiq.zohopublic.com/	1969-12-31 23:59:59	Name: LS_CSRF_TOKEN Value: 33a68e2c-1081-4282-906e-18dfcad2f090
salesiq.zohopublic.com/	1970-01-20 23:32:32	Name: uesign Value: a679928bdd0b84a3fb2b8daa4b8de8f011483e5fc45519b13030e3cfe4dfe7f9f2a8c7841c36c51280edd2f784060b70
.firstfoundation.ca/	1970-01-21 07:34:56	Name: cf_clearance Value: g3U26iVrvzd8FgaLA7LO.WvffCywWZVZOjy6mVr_W2w-1723760071-1.0.1.1-RhHjLIW.Qmv4HYKbvikoEzSRiRQBpeP8ohDs58IvrU9e7nfRZrT1GIyFeYsRDhPqlevLLxyjb2g0af_pIUOIdg
.firstfoundation.ca/	1970-01-21 08:25:20	Name: _ga_CD6W6EB7M8 Value: GS1.1.1723760071.1.0.1723760071.60.0.1968353391
.firstfoundation.ca/	1970-01-21 08:25:20	Name: _ga Value: GA1.2.953973497.1723760071
.firstfoundation.ca/	1970-01-20 22:50:46	Name: _gid Value: GA1.2.698222859.1723760071
.firstfoundation.ca/	1970-01-20 22:49:20	Name: _dc_gtm_UA-1432971-1 Value: 1
.firstfoundation.ca/	1970-01-21 00:58:56	Name: _fbp Value: fb.1.1723760071431.840419902302247142
.jotform.com/	1970-01-20 23:33:58	Name: userReferer Value: https%3A%2F%2Fform.jotform.com%2F
.jotform.com/	1970-01-20 23:33:58	Name: guest Value: guest_7fbacd2806f05fc1
.firstfoundation.ca/	1970-01-21 08:25:20	Name: firstfoundation-_zldp Value: JarV7Cil1NvEJ04UiMf09rr8cGgUiOoRYTzCmY3e7jpJHxzHjA46ZV8WRcZQmroopRUK595EVd8%3D
.firstfoundation.ca/	1970-01-20 22:50:46	Name: firstfoundation-_zldt Value: e32bcf8a-e722-4cd2-8ab1-0d08440525a7-0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
apis.google.com
cdn.callrail.com
connect.facebook.net
css.zohocdn.com
firstfoundation.ca
fonts.googleapis.com
fonts.gstatic.com
form.jotform.com
googleads.g.doubleclick.net
js.zohocdn.com
rrsp-tfsa.ca
salesiq.zoho.com
salesiq.zohopublic.com
secure.jotformpro.com
static.cloudflareinsights.com
stats.g.doubleclick.net
www.facebook.com
www.firstfoundation.ca
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
136.143.182.97
142.250.80.98
15.197.225.128
199.67.84.76
2001:4860:4802:32::181
204.141.43.67
2606:4700:3108::ac42:2b58
2606:4700::6810:4f49
2607:f8b0:4004:c17::9a
2607:f8b0:4006:809::200a
2607:f8b0:4006:80c::2002
2607:f8b0:4006:817::200e
2607:f8b0:4006:81c::2003
2607:f8b0:4006:81d::2003
2607:f8b0:4006:81d::2004
2607:f8b0:4006:820::200e
2607:f8b0:4006:823::2008
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
35.201.118.58
52.85.61.51
0571ad0ecaab62d8ff77c9bbbf39df5188474855b765e8a9d7a3b8694e8671ea
11d97aa00e128b5f10a99d3de14eba0ec817751c0548a8aaece7dbbfb77bcb66
15cc6272e5865e1cc66b9ab9b1c19d7b568e6070f24028d2938da7502803d175
2bad1a97dda2a3d273f500dccfb0e2ebacd349e931f112bac252f69102013c6b
30fa9a70d29af821672005091907b12f65ee0513c554b207bab2805e095ad3a8
31440826df0ec544530ad0a3f316d2ea03c936cab55c15fc83950d27fcc3353a
34b152416fba366a6cd9711df7dc744745c0cf8687f845a52fcb17f26c6cb35a
3b0d69efedfb89da8e26d3f579de61f3ef732629b672b0fd853eabf2e1c4d5e1
3c354a3788639ae9e83bd8fe20b0ddcbe5178ed69ec39fcd7a50183e8695de3f
42094a7705f0d0ea137d847f5636021885167ddd1623c6b0ab54a4862f7722d0
4c094182b5cabe9021b8dda00297e5c7c32f83f38619cf094257d5e029299699
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
52857bee99477d24edf782b102f00e242d58e1e754cfb9f0fc60bd86840fdca9
557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532
582843ef3c94fd8ac34f30ec3efeac9ad8f8236f597122d5b8d510f8b559b6f9
586086be5c643db663891f93064b6dd493c6c5e280cab116f81bcd94bea54e6c
64162abc44e064c588108b6ef18dd54fe332b2678a0537168bfb85d762867e77
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bfdf84c34e436af5cef64f1fb615310ea6433edf98d4c52111521f00714a02b
722d816917f75fb60dfb01bfa0685d0090f009b48eb1c6b602e42f8a51a7d91e
72888c73c7cbff54c030f2bf084b265196276cbc3bcd96d4bea274fc424322e9
7511c5be5e418fd13c55360659a25135cf38e5773d7eaa94aee8054b6f364d71
8977f0c34404aa2d54720a16a6d8d14e51c320207d8b446002a6da2bfe0f5074
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
9248f9dcb6b3c9b58999b21bdd10cc2f3a1dd8260679830c5e03db209104d92f
98c015c3d263163c111e2f8f67a53ae3c59bd6be8d529ac1e50359b18127e6b4
98fd14a7dd74f7f92b926b55b1ff8fa04856dcfe3229b757910253ee5fa481a8
9c902c08b8661f4b92d55e49021b15a5ee1fe2dcf226b3545654832cad3eba17
a25353169b8c24bf40c29d2c77bac5a239c8dac509a022bd9272532ce1c6d71f
a7796d41799ce90f793582ff29bc9245c491634481dc1f5f159ea3c713703593
aa08f15ec6fa5cb8c6b75661569ae48ca6e8de3823681916be9f4c717d2f60d4
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b2aad7de9f37c25ab9bba96cd7d4f3dbf5141dce270b4ea93649b0f8e8ad405a
b6ed81eee6d6ae94d8db1ea024a95f2cf38a25eaa4cc830edf09b599f4c2e833
bb92332c3133a0ff652f4fdffec647032ab9939d320decdee8a6619431dd2dec
c015c6d5f375e41824fdd538a21e963379d15e4c02af8f28723efd4e5a127d43
c3849cee2cb24dd7d45efad9763e9a48fa0d9da57d32482d1fa03eff371e6e74
c5e3093bd5e8a58f04846013ead66d36ca25457a0475c9c72d8cde60e598fc0e
c6fdafff5ebb1051a3eeec76fc4ed6988433aee0046e5c7d4a02ee38e9730a15
cf1f73b76f318b2d7b59319d22f03d9f40ae8ab9ed942d338aeca9d03860fc15
d0020742c62697f7ce1453e65054c48333fa7140961f952b5a2d220020a76771
d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b
d279170a86cf33088f004ed084943241a91f810ec328125cc426e48876aa0142
d50734aaa7ef52888e0d962d54ae9163d265b61a729c735170653b07691ef3ae
d5c1172f24f4f49f780c65cf5be897527fd08f3662a2ba8db0cfe0057d92e367
db352eafbe6951971712c7e287205a431be22c9677558158796ea0b7a83dee61
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e16de32eed9c11abecc541412975bfd45421701121274d30cb7523720d04e1e7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44299abb569eac7b8a824ec93d50ee4107ecbacb261607c64fdafbe43134c35
ec63a6725df17fe99453ae38e998181aa8c2449398b41c3665cf21e7df95f1f0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0290449465263851e107655dae80f99a84b77f76f092e6632c2469e451ac199
f29a6f1cb7b1d47b9737448d5f34e2e6aa7152fa73119953f00f07c6dade9f3e
f2f420a3b97b51f6bcda87d88d79ae5c1504929f1ed1846639dbc35257a70566

www.firstfoundation.ca Open in urlscan Pro 2606:4700:3108::ac42:2b58 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

67 Requests

94 %HTTPS

67 %IPv6

19 Domains

24 Subdomains

20 IPs

1 Countries

1329 kBTransfer

3236 kBSize

21 Cookies

16 Outgoing links

Page URL History

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.firstfoundation.ca Open in urlscan Pro
2606:4700:3108::ac42:2b58 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

94 %
HTTPS

67 %
IPv6

19
Domains

24
Subdomains

20
IPs

1
Countries

1329 kB
Transfer

3236 kB
Size

21
Cookies

67 HTTP transactions
0 data transactions