urlscan.io logo urlscan.io
SecurityTrails logo

secure.e2rm.com Open in urlscan Pro
52.60.65.93  Public Scan

Go To Rescan Add Verdict Report
URL: https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=art...
Submission: On November 24 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 2 countries across 16 domains to perform 63 HTTP transactions. The main IP is 52.60.65.93, located in Montreal, Canada and belongs to AMAZON-02, US. The main domain is secure.e2rm.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 7th 2022. Valid for: a year.
This is the only time secure.e2rm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

27    52.60.65.93 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-60-65-93.ca-central-1.compute.amazonaws.com
secure.e2rm.com
3    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
5    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    2607:f8b0:4004:c1b::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2600:9000:209c:1800:4:5447:a940:93a1 (United States)

ASN16509 (AMAZON-02, US)
auth.frontstream.com
1    2607:f8b0:4004:c08::61 (Ashburn, United States)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
4    2607:f8b0:4004:c1b::8b (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    23.34.248.81 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-34-248-81.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
m.addthis.com
1    207.236.155.246 (Brampton, Canada)

ASN577 (BACOM, CA)
medias.centraide.org
3    2607:f8b0:4004:c17::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    23.195.101.172 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-101-172.deploy.static.akamaitechnologies.com
z.moatads.com
1    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    162.247.241.14 (Lake Oswego, United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
1    2607:f8b0:4004:c17::9c (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2607:f8b0:4004:c09::68 (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2607:f8b0:4004:c1b::5e (Washington, United States)

ASN15169 (GOOGLE, US)
www.google.ca
Apex Domain
Subdomains		 Transfer
27 e2rm.com
secure.e2rm.com
449 KB
5 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 339
www.google-analytics.com — Cisco Umbrella Rank: 40
38 KB
5 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
19 KB
4 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 1604
m.addthis.com — Cisco Umbrella Rank: 1579
143 KB
3 gstatic.com
fonts.gstatic.com
32 KB
3 frontstream.com
auth.frontstream.com — Cisco Umbrella Rank: 714824
45 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 52
2 KB
3 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 788
93 KB
2 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 252
1 KB
1 google.ca
www.google.ca — Cisco Umbrella Rank: 6976
501 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
501 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 94
441 B
1 addthisedge.com
v1.addthisedge.com — Cisco Umbrella Rank: 1833
207 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 364
18 KB
1 moatads.com
z.moatads.com — Cisco Umbrella Rank: 407
1 KB
1 centraide.org
medias.centraide.org
707 B
63 16
Domain Requested by
27 secure.e2rm.com secure.e2rm.com
5 cdnjs.cloudflare.com secure.e2rm.com
4 www.google-analytics.com secure.e2rm.com
www.google-analytics.com
3 fonts.gstatic.com fonts.googleapis.com
3 s7.addthis.com secure.e2rm.com
s7.addthis.com
3 auth.frontstream.com secure.e2rm.com
auth.frontstream.com
3 fonts.googleapis.com secure.e2rm.com
3 maxcdn.bootstrapcdn.com secure.e2rm.com
maxcdn.bootstrapcdn.com
2 bam.nr-data.net auth.frontstream.com
1 www.google.ca
1 www.google.com
1 stats.g.doubleclick.net www.google-analytics.com
1 m.addthis.com s7.addthis.com
1 v1.addthisedge.com s7.addthis.com
1 js-agent.newrelic.com auth.frontstream.com
1 z.moatads.com s7.addthis.com
1 medias.centraide.org secure.e2rm.com
1 ssl.google-analytics.com secure.e2rm.com
63 18

This site contains no links.

Subject Issuer Validity Valid
*.e2rm.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-07 -
2023-06-07		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.frontstream.com
Amazon		 2022-08-23 -
2023-09-21		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
*.centraide.org
AlphaSSL CA - SHA256 - G2		 2022-02-15 -
2023-03-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-18		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-07-10 -
2023-08-11		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-10 -
2023-02-10		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
Frame ID: 08FE94D899CE99BB44581205846E9639
Requests: 57 HTTP requests in this frame

Frame: https://auth.frontstream.com/static/xdomain_cookie.html
Frame ID: 982577C08E04D2E0D06396D863262AF7
Requests: 4 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: D4489F58CF3BC45A0867E7935B6CE508
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 109EF9D05FE8A0E1B1F9288213443EF5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Centraide Campagne 2022 - Polytechnique - Employés FacebookTwitterLinkedInAddThis

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

63
Requests

98 %
HTTPS

63 %
IPv6

16
Domains

18
Subdomains

17
IPs

2
Countries

843 kB
Transfer

1951 kB
Size

21
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

63 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request DonationPage.aspx
secure.e2rm.com/registrant/ 		398 KB
154 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.60.65.93 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-65-93.ca-central-1.compute.amazonaws.com
Software
nginx/1.21.6 / ASP.NET
Resource Hash
c4e621947675bd36b83208e7d6990da071e392804406a0d61f8941c33b806484

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 24 Nov 2022 23:00:31 GMT
Server
nginx/1.21.6
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-ABC
3
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
normalize.css
secure.e2rm.com/registrant/css/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.e2rm.com/registrant/css/normalize.css
Requested by
Host: secure.e2rm.com
URL: https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.60.65.93 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-65-93.ca-central-1.compute.amazonaws.com
Software
nginx/1.21.6 / ASP.NET
Resource Hash
d6db02267020a83d93f33897324b164f2d7ac040af0981b387aff9aef3211aeb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 24 Nov 2022 23:00:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 19:08:34 GMT
Server
nginx/1.21.6
ETag
"0253f66eded81:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
X-ABC
1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3121
goalMeters.css
secure.e2rm.com/registrant/css/ 		1 KB
834 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.e2rm.com/registrant/css/goalMeters.css
Requested by
Host: secure.e2rm.com
URL: https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.60.65.93 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-65-93.ca-central-1.compute.amazonaws.com
Software
nginx/1.21.6 / ASP.NET
Resource Hash
d1f68569e43bd232554d082a9d37822aae3b3b764111402295221fd7cf71cd3b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 24 Nov 2022 23:00:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 19:08:34 GMT
Server
nginx/1.21.6
ETag
"0253f66eded81:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
X-ABC
3
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
514
shared.css
secure.e2rm.com/registrant/css/ 		12 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.e2rm.com/registrant/css/shared.css
Requested by
Host: secure.e2rm.com
URL: https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.60.65.93 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-65-93.ca-central-1.compute.amazonaws.com
Software
nginx/1.21.6 / ASP.NET
Resource Hash
9b10ad8e3b65cd63fd0fdfa82b0f2590179505961b84e539346523bbf22cd3b8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 24 Nov 2022 23:00:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 19:08:34 GMT
Server
nginx/1.21.6
ETag
"0253f66eded81:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
X-ABC
3
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3999
jquery-1.7.1.min.js
secure.e2rm.com/registrant/javaScript/jQuery/ 		92 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.e2rm.com/registrant/javaScript/jQuery/jquery-1.7.1.min.js
Requested by
Host: secure.e2rm.com
URL: https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.60.65.93 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-65-93.ca-central-1.compute.amazonaws.com
Software
nginx/1.21.6 / ASP.NET
Resource Hash
df82a5e018597829bcfe6385bccc042b178260f32ae125705e26bb4331f5a4fa

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 24 Nov 2022 23:00:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 19:15:22 GMT
Server
nginx/1.21.6
ETag
"016ff96eded81:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
X-ABC
1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42041
jquery.tools.min.js
secure.e2rm.com/registrant/javaScript/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.e2rm.com/registrant/javaScript/jquery.tools.min.js
Requested by
Host: secure.e2rm.com
URL: https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.60.65.93 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-65-93.ca-central-1.compute.amazonaws.com
Software
nginx/1.21.6 / ASP.NET
Resource Hash
a1680219983b1f72283ff05bb103b49a0d6f57fe51c965c285730e655d583af7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 24 Nov 2022 23:00:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 19:15:24 GMT
Server
nginx/1.21.6
ETag
"02ea0fa6eded81:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
X-ABC
2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7312
jquery.simplemodal.1.4.1.min.js
secure.e2rm.com/registrant/javaScript/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.e2rm.com/registrant/javaScript/jquery.simplemodal.1.4.1.min.js
Requested by
Host: secure.e2rm.com
URL: https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.60.65.93 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-65-93.ca-central-1.compute.amazonaws.com
Software
nginx/1.21.6 / ASP.NET
Resource Hash
6d208d26bf76be20cc059beff61d472c05fb54d9a91f1a31fdb4eb20aa8bf938

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 24 Nov 2022 23:00:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 19:15:24 GMT
Server
nginx/1.21.6
ETag
"02ea0fa6eded81:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
X-ABC
1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3484
jquery.datepick.min.js
secure.e2rm.com/registrant/javaScript/external/ 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.e2rm.com/registrant/javaScript/external/jquery.datepick.min.js
Requested by
Host: secure.e2rm.com
URL: https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.60.65.93 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-65-93.ca-central-1.compute.amazonaws.com
Software
nginx/1.21.6 / ASP.NET
Resource Hash
c96909af12b9c4b83fe9692ef20781da73974142d96b63a92357f6fecce70c41

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 24 Nov 2022 23:00:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 19:15:20 GMT
Server
nginx/1.21.6
ETag
"0d43df86eded81:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
X-ABC
2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12577
jquery.datepick-fr.js
secure.e2rm.com/registrant/javaScript/external/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.e2rm.com/registrant/javaScript/external/jquery.datepick-fr.js
Requested by
Host: secure.e2rm.com
URL: https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.60.65.93 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-65-93.ca-central-1.compute.amazonaws.com
Software
nginx/1.21.6 / ASP.NET
Resource Hash
19e47a16c2e35ff03c1b1faf2b3415afcdde44b0a3f4e26255edebe6a15a06c1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 24 Nov 2022 23:00:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 19:15:20 GMT
Server
nginx/1.21.6
ETag
"0d43df86eded81:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
X-ABC
1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
784
jquery.placeholders.js
secure.e2rm.com/registrant/javaScript/jQuery/plugins/ 		1 KB
1007 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.e2rm.com/registrant/javaScript/jQuery/plugins/jquery.placeholders.js
Requested by
Host: secure.e2rm.com
URL: https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.60.65.93 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-65-93.ca-central-1.compute.amazonaws.com
Software
nginx/1.21.6 / ASP.NET
Resource Hash
a536f4022abee5e47a093674b0bd76bdda43dadcba98a7b377300cfdb279fc94

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 24 Nov 2022 23:00:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 19:15:20 GMT
Server
nginx/1.21.6
ETag
"0d43df86eded81:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
X-ABC
1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
672
jquery.datepick.css
secure.e2rm.com/registrant/css/external/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.e2rm.com/registrant/css/external/jquery.datepick.css
Requested by
Host: secure.e2rm.com
URL: https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.60.65.93 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-65-93.ca-central-1.compute.amazonaws.com
Software
nginx/1.21.6 / ASP.NET
Resource Hash
a2716cb5b1867bf3e03cd9b4ddc0124417b6bc0f693ecec5a128964e7e12af50

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 24 Nov 2022 23:00:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 19:08:34 GMT
Server
nginx/1.21.6
ETag
"0253f66eded81:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
X-ABC
2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1161
pictos.css
secure.e2rm.com/registrant/fonts/pictos/ 		776 B
902 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.e2rm.com/registrant/fonts/pictos/pictos.css
Requested by
Host: secure.e2rm.com
URL: https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.60.65.93 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-65-93.ca-central-1.compute.amazonaws.com
Software
nginx/1.21.6 / ASP.NET
Resource Hash
44581d201f3da7a4307fe651701e6eba08232285a2ddfce6ee2b1075c82089cd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 24 Nov 2022 23:00:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 19:08:34 GMT
Server
nginx/1.21.6
ETag
"0253f66eded81:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
X-ABC
1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
582
master.less
secure.e2rm.com/registrant/styles/ 		61 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.e2rm.com/registrant/styles/master.less
Requested by
Host: secure.e2rm.com
URL: https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.60.65.93 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-65-93.ca-central-1.compute.amazonaws.com
Software
nginx/1.21.6 / ASP.NET
Resource Hash
9d7b9cf4c281b8a99632c571456dd5a35e3071ea2b236f2dcdf5b442961235b8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 24 Nov 2022 23:00:31 GMT
Content-Encoding
gzip
Server
nginx/1.21.6
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
*
Content-Type
text/css; charset=utf-8
X-ABC
1
Cache-Control
public
Connection
keep-alive
Content-Length
15354
Expires
Wed, 30 Nov 2022 18:18:55 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: secure.e2rm.com
URL: https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.e2rm.com/
Origin
https://secure.e2rm.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 23:00:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
718
age
18617548
cdn-cachedat
2021-03-10 13:26:19
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cdn-cache
HIT
access-control-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
7fc03dd55a32f3ab1c4c968f1831fee6
timing-allow-origin
*
cdn-requestcountrycode
US
cf-ray
76f5c2e3190e713c-YUL
cdn-requestpullsuccess
True
bootstrap-datepicker.standalone.min.css
cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.4.1/css/ 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.4.1/css/bootstrap-datepicker.standalone.min.css
Requested by
Host: secure.e2rm.com
URL: https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be0fe7ba2ed9f9cc123ff28d526f4bffd74f7d5693588f0b940f452161a1cbce
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 23:00:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4355353
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1831
last-modified
Mon, 04 May 2020 16:06:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d8e-3fd1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R1ivFWHhLm4a1XdTgxBJfd%2B105clo8jXnWu3Mv1OMQgbe4G8QVFRaZwSwZmY6Pcftyfa9lPiolrWHinJcsVTkvco2RpyV%2BUAP4NH0cpV2S5GGP9KBpbjDu4oPHZEO4XdGbXdZki1cRQ6HhbNdmvz7IwP"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
76f5c2e33c227136-YUL
expires
Tue, 14 Nov 2023 23:00:31 GMT
bootstrap-datepicker.min.js
cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.4.1/js/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.4.1/js/bootstrap-datepicker.min.js
Requested by
Host: secure.e2rm.com
URL: https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79b865eae859a35fb0b2c2a5db78a08ba98128ff58829410214aa927b1671340
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 23:00:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6689805
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7875
last-modified
Mon, 04 May 2020 16:06:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d8e-7298"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TKTX1r4swhV1RVOMtefrt3h1ihInuMeaX7cjBMb6ACcipcgetup8LHjYnzKCcjX1c%2Fo5V%2FZszcL55GSl67iVMbfGppbJMCrCp%2BmUyyaXrAghqGrWrKgD%2FduqpodxPhkVWU26qcBZyhA%2BwJ2zaQ%2BuxwEK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
76f5c2e33c267136-YUL
expires
Tue, 14 Nov 2023 23:00:31 GMT
bootstrap-datepicker.fr.min.js
cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.4.1/locales/ 		539 B
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.4.1/locales/bootstrap-datepicker.fr.min.js
Requested by
Host: secure.e2rm.com
URL: https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb433af9d3d81ec486ada2b1f91693d008091c45aef3740c57458dfcfc72fd3f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 23:00:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
174392
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
279
last-modified
Mon, 04 May 2020 16:06:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d8e-21b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nA2lhCOSO7r6LcxjSgkNZHiA6PEMVoilIdW3KdFH%2FPjSfKKE8eesnEqLqpVBFrDZff6iQSEmS3rmjFQgKalVjUTHJSvubdZptFkn4ZQ8pJv6Nw3%2FGNkZ8GozrvblJFFSaVUEaNegKiOHYxUR%2FBQs4uZJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
76f5c2e33c277136-YUL
expires
Tue, 14 Nov 2023 23:00:31 GMT
util.js
secure.e2rm.com/registrant/javaScript/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.e2rm.com/registrant/javaScript/util.js
Requested by
Host: secure.e2rm.com
URL: https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.60.65.93 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-65-93.ca-central-1.compute.amazonaws.com
Software
nginx/1.21.6 / ASP.NET
Resource Hash
b0a72dc2cc33b6ea63c229836cb2cb2872576390e4eee243aa4271fe1f85ba54

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 24 Nov 2022 23:00:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 19:15:24 GMT
Server
nginx/1.21.6
ETag
"02ea0fa6eded81:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
X-ABC
3
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1120
processingFee.js
secure.e2rm.com/registrant/javaScript/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.e2rm.com/registrant/javaScript/processingFee.js
Requested by
Host: secure.e2rm.com
URL: https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.60.65.93 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-65-93.ca-central-1.compute.amazonaws.com
Software
nginx/1.21.6 / ASP.NET
Resource Hash
3cd012b7bd9861cb884d338dfed7cef00884e4df4922bf2efdb8313a118887a5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 24 Nov 2022 23:00:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 19:15:24 GMT
Server
nginx/1.21.6
ETag
"02ea0fa6eded81:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
X-ABC
2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1182
jquery.maskedinput.js
cdnjs.cloudflare.com/ajax/libs/jquery.maskedinput/1.4.1/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.maskedinput/1.4.1/jquery.maskedinput.js
Requested by
Host: secure.e2rm.com
URL: https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ef14a1e070a6a2ec9ff44ccf5e923cb2a460c5861a3db8a9ae1e21557d27020
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 23:00:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
16941348
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2306
last-modified
Mon, 04 May 2020 16:11:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec3-284d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=La15uwU%2BF7ih%2FLG6ULHq%2B%2Bw%2B1vY0mprZph8Xvi9LTZuq89DyadqTvD6sa0qjrRJYhSCXrbgZgB82VX%2FQwiXKs3txiQKTwarog%2BqO%2FwWSqo2HKCeMm%2BgykORnFzN5oPtPfRclUvlwbuAFw8ke7Lyqmv3A"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
76f5c2e33c287136-YUL
expires
Tue, 14 Nov 2023 23:00:31 GMT
emailAddressValid.js
secure.e2rm.com/registrant/javaScript/ 		1005 B
827 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.e2rm.com/registrant/javaScript/emailAddressValid.js
Requested by
Host: secure.e2rm.com
URL: https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.60.65.93 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-65-93.ca-central-1.compute.amazonaws.com
Software
nginx/1.21.6 / ASP.NET
Resource Hash
81d59ce6ed33a6ca684edbabcc60626c8f19fa8d13abcd7c26a78e70c05a93d0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 24 Nov 2022 23:00:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 19:15:24 GMT
Server
nginx/1.21.6
ETag
"02ea0fa6eded81:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
X-ABC
1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
492
fundraising.less
secure.e2rm.com/registrant/styles/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.e2rm.com/registrant/styles/fundraising.less
Requested by
Host: secure.e2rm.com
URL: https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.60.65.93 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-65-93.ca-central-1.compute.amazonaws.com
Software
nginx/1.21.6 / ASP.NET
Resource Hash
c034dc13581a35a92d949a8d459362e5f33760026478a4e93227adde66124fcc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 24 Nov 2022 23:00:31 GMT
Content-Encoding
gzip
Server
nginx/1.21.6
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
*
Content-Type
text/css; charset=utf-8
X-ABC
2
Cache-Control
public
Connection
keep-alive
Content-Length
1615
Expires
Thu, 01 Dec 2022 20:53:36 GMT
global.less
secure.e2rm.com/registrant/assets/less/global/ 		58 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.e2rm.com/registrant/assets/less/global/global.less
Requested by
Host: secure.e2rm.com
URL: https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.60.65.93 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-65-93.ca-central-1.compute.amazonaws.com
Software
nginx/1.21.6 / ASP.NET
Resource Hash
70f5f9616d0a2e534b45d9609a281149edb414c0266695330f1d4adbb0b8b0a9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 24 Nov 2022 23:00:31 GMT
Content-Encoding
gzip
Server
nginx/1.21.6
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
*
Content-Type
text/css; charset=utf-8
X-ABC
1
Cache-Control
public
Connection
keep-alive
Content-Length
6630
Expires
Wed, 30 Nov 2022 21:18:35 GMT
donation-page.less
secure.e2rm.com/registrant/assets/less/page/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.e2rm.com/registrant/assets/less/page/donation-page.less
Requested by
Host: secure.e2rm.com
URL: https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.60.65.93 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-65-93.ca-central-1.compute.amazonaws.com
Software
nginx/1.21.6 / ASP.NET
Resource Hash
b09ac0e445c55c0f39e18f2d5ced9eac53b7dfd3de161a877285114055b8bfc3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 24 Nov 2022 23:00:31 GMT
Content-Encoding
gzip
Server
nginx/1.21.6
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
*
Content-Type
text/css; charset=utf-8
X-ABC
3
Cache-Control
public
Connection
keep-alive
Content-Length
1319
Expires
Thu, 01 Dec 2022 20:53:30 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 		27 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Requested by
Host: secure.e2rm.com
URL: https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 23:00:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
718
age
18621426
cdn-cachedat
2021-03-10 13:26:21
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cdn-cache
HIT
access-control-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
2609b4391e7b366b96c5cfe6a2807af1
timing-allow-origin
*
cdn-requestcountrycode
US
cf-ray
76f5c2e31ecd715a-YUL
cdn-requestpullsuccess
True
EventStyleSheet.ashx
secure.e2rm.com/registrant/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.e2rm.com/registrant/EventStyleSheet.ashx?EventID=380352
Requested by
Host: secure.e2rm.com
URL: https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.60.65.93 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-65-93.ca-central-1.compute.amazonaws.com
Software
nginx/1.21.6 / ASP.NET
Resource Hash
ff124f1b07330ff846c55d78a985d1d2642ac6fb4339d2ee811068f846a7f25d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 24 Nov 2022 23:00:31 GMT
Content-Encoding
gzip
Server
nginx/1.21.6
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
X-ABC
3
Cache-Control
private
Connection
keep-alive
Content-Length
1259
css2
fonts.googleapis.com/ 		1 KB
921 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Jost:wght@800&display=swap
Requested by
Host: secure.e2rm.com
URL: https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3d10933b122249f5945974e2000661827752cec1d015c43f7c46bdfb36c0d605
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 24 Nov 2022 23:00:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 24 Nov 2022 22:59:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 24 Nov 2022 23:00:31 GMT
css2
fonts.googleapis.com/ 		1 KB
538 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Libre+Franklin:wght@500&display=swap
Requested by
Host: secure.e2rm.com
URL: https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
727b7896a52f1720b15b197937d581304db4f6400f709a355aee32faa531d936
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 24 Nov 2022 23:00:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 24 Nov 2022 23:00:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 24 Nov 2022 23:00:31 GMT
css2
fonts.googleapis.com/ 		1 KB
515 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@500&display=swap
Requested by
Host: secure.e2rm.com
URL: https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1acfe3f9dd68798ea9ffe0bac6fa1876df38b08156a4b1855e56d0561df5e579
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 24 Nov 2022 23:00:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 24 Nov 2022 22:30:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 24 Nov 2022 23:00:31 GMT
FSCookies.css
auth.frontstream.com//bundles/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.frontstream.com//bundles/css/FSCookies.css
Requested by
Host: secure.e2rm.com
URL: https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:209c:1800:4:5447:a940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.21.6 / crmwww3
Resource Hash
77db5c6b3e8e368c720bdf3db65007a42564a2e4072e9b0b639902a6f934f63a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 03:37:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 0dba6df37df39d6a0e72a2093df3966e.cloudfront.net (CloudFront)
x-aspnet-version
4.0.30319
x-amz-cf-pop
SLC50-C1
age
69805
x-powered-by
crmwww3
x-cache
Hit from cloudfront
p3p
CP="CAO PSA OUR"
last-modified
Wed, 23 Nov 2022 19:55:08 GMT
server
nginx/1.21.6
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public
x-amz-cf-id
4G3sFjdBwoisQkm4yq-Ja-KhQE1O5oWzQAv9VzEpQ1fxWzoQDeKqUA==
expires
Thu, 23 Nov 2023 19:55:08 GMT
FSCookies
auth.frontstream.com//bundles/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.frontstream.com//bundles/FSCookies
Requested by
Host: secure.e2rm.com
URL: https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:209c:1800:4:5447:a940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.21.6 / crmwww3
Resource Hash
dafb4aaa3aabf5608ce84ed1be5e739ff4d660ab1089d1a7767e6228c68972eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 11:54:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 0dba6df37df39d6a0e72a2093df3966e.cloudfront.net (CloudFront)
x-aspnet-version
4.0.30319
x-amz-cf-pop
SLC50-C1
age
126361
x-powered-by
crmwww3
x-cache
Hit from cloudfront
p3p
CP="CAO PSA OUR"
last-modified
Tue, 22 Nov 2022 12:16:11 GMT
server
nginx/1.21.6
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public
x-amz-cf-id
MkcMLT8ZjbnVYibQgrEyaYWvE2gQcjSDZzlEVM2VUr5aWauvk25Aig==
expires
Wed, 22 Nov 2023 12:16:11 GMT
WebResource.axd
secure.e2rm.com/registrant/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.e2rm.com/registrant/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZIg9gsAoUdSHBGiweUU_auE5Avh3VLYnnqfCzocjI7FUCLaJFsoXk23LrvxvNNLkng2&t=637814653746327080
Requested by
Host: secure.e2rm.com
URL: https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.60.65.93 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-65-93.ca-central-1.compute.amazonaws.com
Software
nginx/1.21.6 / ASP.NET
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 24 Nov 2022 23:00:31 GMT
Content-Encoding
gzip
Last-Modified
Sat, 26 Feb 2022 09:42:54 GMT
Server
nginx/1.21.6
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-ABC
2
Cache-Control
public
Connection
keep-alive
Content-Length
6007
Expires
Thu, 16 Nov 2023 13:39:41 GMT
WebResource.axd
secure.e2rm.com/registrant/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.e2rm.com/registrant/WebResource.axd?d=x2nkrMJGXkMELz33nwnakLZ28aguV2R5Q8vnQZ21NUiRJzzmIRFB_bfRoaDOPtvRga9ff3KpaLYWTbQxoY-6jOUDGlcf1ko7ebJroVY5RrA1&t=637814653746327080
Requested by
Host: secure.e2rm.com
URL: https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.60.65.93 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-65-93.ca-central-1.compute.amazonaws.com
Software
nginx/1.21.6 / ASP.NET
Resource Hash
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 24 Nov 2022 23:00:31 GMT
Content-Encoding
gzip
Last-Modified
Sat, 26 Feb 2022 09:42:54 GMT
Server
nginx/1.21.6
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-ABC
1
Cache-Control
public
Connection
keep-alive
Content-Length
7228
Expires
Thu, 16 Nov 2023 13:41:33 GMT
imageWriter.aspx
secure.e2rm.com/registrant/ 		156 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.e2rm.com/registrant/imageWriter.aspx?ElementPropertyID=45692341
Requested by
Host: secure.e2rm.com
URL: https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.60.65.93 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-65-93.ca-central-1.compute.amazonaws.com
Software
nginx/1.21.6 / ASP.NET
Resource Hash
f7a27515ce4b0cdbfe19d616e60323445dc133e26ea42db71d71560749e96ecd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 24 Nov 2022 23:00:32 GMT
Server
nginx/1.21.6
X-AspNet-Version
4.0.30319
ETag
"gIvahm4pgfaw7cKuOhDq+w=="
X-Powered-By
ASP.NET
Content-Type
image/jpeg
X-ABC
2
Cache-Control
private
Connection
keep-alive
Content-Length
159919
ScrollMagic.min.js
cdnjs.cloudflare.com/ajax/libs/ScrollMagic/2.0.5/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/ScrollMagic/2.0.5/ScrollMagic.min.js
Requested by
Host: secure.e2rm.com
URL: https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9bc2af159f56f6373d66177e46c98091dd63f5ccd06ae805fd3feac847fbe0f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 23:00:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2328118
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5438
last-modified
Mon, 04 May 2020 16:04:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03cf2-438e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QzKgFYIm4ns6d3hVDRLHDonHMVnRMmJPEG4vnmYqqruLjdICbwlQuP5oify8iOm6H4IFw1pps7%2FS9T39cqP97qxx9RxNPFTOsMRjDuJmWG%2BKJKFun23JWN2PWrLiMh7dT7pj%2BFEKBjIxLUcesoHh8fa7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
76f5c2e599b77136-YUL
expires
Tue, 14 Nov 2023 23:00:32 GMT
scrollto.js
secure.e2rm.com/registrant/javascript/ 		323 B
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.e2rm.com/registrant/javascript/scrollto.js
Requested by
Host: secure.e2rm.com
URL: https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.60.65.93 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-65-93.ca-central-1.compute.amazonaws.com
Software
nginx/1.21.6 / ASP.NET
Resource Hash
8cf3e82146f4cef3d56c19a5e87a27422d256d550256d580a14c81d0cf655b09

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 24 Nov 2022 23:00:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 19:15:24 GMT
Server
nginx/1.21.6
ETag
"02ea0fa6eded81:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
X-ABC
2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
299
FBconnect_engine.js
secure.e2rm.com/registrant/javaScript/ 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.e2rm.com/registrant/javaScript/FBconnect_engine.js
Requested by
Host: secure.e2rm.com
URL: https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.60.65.93 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-65-93.ca-central-1.compute.amazonaws.com
Software
nginx/1.21.6 / ASP.NET
Resource Hash
a3af5b8f501ef46c0a56f115e3d8a9f1212fc0abe307976346e906e50f2400b3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 24 Nov 2022 23:00:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 19:15:24 GMT
Server
nginx/1.21.6
ETag
"02ea0fa6eded81:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
X-ABC
3
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6422
font-awesome.min.css
secure.e2rm.com/registrant/assets/lib/font-awesome/css/ 		27 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.e2rm.com/registrant/assets/lib/font-awesome/css/font-awesome.min.css
Requested by
Host: secure.e2rm.com
URL: https://secure.e2rm.com/registrant/assets/less/global/global.less
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.60.65.93 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-65-93.ca-central-1.compute.amazonaws.com
Software
nginx/1.21.6 / ASP.NET
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/registrant/assets/less/global/global.less
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 24 Nov 2022 23:00:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 19:08:34 GMT
Server
nginx/1.21.6
ETag
"0253f66eded81:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
X-ABC
3
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7338
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: secure.e2rm.com
URL: https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 24 Nov 2022 22:40:05 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
1227
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Fri, 25 Nov 2022 00:40:05 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: secure.e2rm.com
URL: https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 24 Nov 2022 21:54:34 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
3958
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 24 Nov 2022 23:54:34 GMT
ArtezAnalytics.js
secure.e2rm.com/registrant/javaScript/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.e2rm.com/registrant/javaScript/ArtezAnalytics.js?_=1669330832259
Requested by
Host: secure.e2rm.com
URL: https://secure.e2rm.com/registrant/javaScript/jQuery/jquery-1.7.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.60.65.93 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-65-93.ca-central-1.compute.amazonaws.com
Software
nginx/1.21.6 / ASP.NET
Resource Hash
924a04e1cdcd6f87d60e7db41ddd2f7bb2d4b750d376e2fda2f0335e82d90176

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 24 Nov 2022 23:00:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 19:15:24 GMT
Server
nginx/1.21.6
ETag
"02ea0fa6eded81:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
X-ABC
1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
871
addthis_widget.js
s7.addthis.com/js/300/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: secure.e2rm.com
URL: https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.34.248.81 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-248-81.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Thu, 24 Nov 2022 23:00:32 GMT
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
x-host
s7.addthis.com
content-length
116388
Tribute-Webpage-bg.jpg
medias.centraide.org/images/Artez/centraide_template/ 		557 B
707 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medias.centraide.org/images/Artez/centraide_template/Tribute-Webpage-bg.jpg
Requested by
Host: secure.e2rm.com
URL: https://secure.e2rm.com/registrant/DonationPage.aspx?eventid=380352&langpref=fr-CA&Referrer=direct%2fnone&utm_source=artez&utm_medium=Campagne_Perso&utm_campaign=Polytechnique_Employees_2022
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
207.236.155.246 Brampton, Canada, ASN577 (BACOM, CA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
dc69575fc593254d6e793b66b62002561c2d2f4884245c49c7097741ca1d8fe8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 23:00:32 GMT
last-modified
Wed, 25 Aug 2021 18:30:26 GMT
server
Microsoft-IIS/10.0
etag
"04de345df99d71:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
557
92zPtBhPNqw79Ij1E865zBUv7mwjIjVBNIg.woff2
fonts.gstatic.com/s/jost/v14/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/jost/v14/92zPtBhPNqw79Ij1E865zBUv7mwjIjVBNIg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Jost:wght@800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7fc2f305a921527b2ab30ca18ae847de10bef47debd8c499e6240e78e3193e9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://secure.e2rm.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 13:13:36 GMT
x-content-type-options
nosniff
age
121616
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10004
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:29:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Nov 2023 13:13:36 GMT
jizOREVItHgc8qDIbSTKq4XkRg8T88bjFuXOnduhHMWkANDJ.woff2
fonts.gstatic.com/s/librefranklin/v13/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/librefranklin/v13/jizOREVItHgc8qDIbSTKq4XkRg8T88bjFuXOnduhHMWkANDJ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Franklin:wght@500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
305d14d65c715c5c749c862bd7cb67c3444efc2ce7f3cf436c05f1737f086ad4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://secure.e2rm.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 13:37:32 GMT
x-content-type-options
nosniff
age
120180
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14176
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:54:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Nov 2023 13:37:32 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/ 		65 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Origin
https://secure.e2rm.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 23:00:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
617, 617, 617
age
7004723
cdn-cachedat
2021-04-13 06:20:47
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
66624
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
a21bd0c0b9d5385416bcd05ee8478362
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
US
cf-ray
76f5c2e5fa474bd0-YUL
cdn-requestpullsuccess
True
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://secure.e2rm.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 00:02:15 GMT
x-content-type-options
nosniff
age
169097
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Nov 2023 00:02:15 GMT
xdomain_cookie.html
auth.frontstream.com/static/ Frame 9825 		34 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.frontstream.com/static/xdomain_cookie.html
Requested by
Host: auth.frontstream.com
URL: https://auth.frontstream.com//bundles/FSCookies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:209c:1800:4:5447:a940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.21.6 / crmwww4
Resource Hash
7ceeef31d467d0099c7a2f14b89cfb2de096d9419c9445623fd41b35bba29eab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://secure.e2rm.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-length
34829
content-type
text/html
date
Thu, 24 Nov 2022 23:00:32 GMT
etag
"1eee8ce6dfd4d81:0"
last-modified
Fri, 30 Sep 2022 15:18:31 GMT
p3p
CP="CAO PSA OUR"
server
nginx/1.21.6
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 0dba6df37df39d6a0e72a2093df3966e.cloudfront.net (CloudFront)
x-amz-cf-id
X0Btw6raXn7Wp8GT6T305oduZJr9_LZVWWbcL6IZ_-G9W7_lzx7tWg==
x-amz-cf-pop
SLC50-C1
x-cache
Miss from cloudfront
x-powered-by
crmwww4
ecommerce.js
www.google-analytics.com/plugins/ua/ 		1 KB
763 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 22:16:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2622
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 24 Nov 2022 23:16:50 GMT
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.101.172 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-101-172.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

unused62
8096267
date
Thu, 24 Nov 2022 23:00:32 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
23B28664DCEA9EF7
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=55296
accept-ranges
bytes
content-length
948
x-amz-id-2
AySDnc4uRjW9Th6WvSZfrFG03ojfW1Xc9SiULhzo6VNG69N0xYQoufNtgaRAnzXIDkZKs4hiwts=
nr-spa-1216.min.js
js-agent.newrelic.com/ Frame 9825 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1216.min.js
Requested by
Host: auth.frontstream.com
URL: https://auth.frontstream.com/static/xdomain_cookie.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://auth.frontstream.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-encoding
gzip
via
1.1 varnish
date
Thu, 24 Nov 2022 23:00:32 GMT
x-amz-request-id
EC4WHCV41J2PG0F8
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
18216
x-amz-id-2
07T07n8uWoNfLUHQgSr5tTGsERPb5Z6DbGl+VfImB1rTQSNe/ORDeUQvbVBUscm/WNI/Ugfb4MM=
x-served-by
cache-yul12831-YUL
last-modified
Thu, 14 Apr 2022 16:45:57 GMT
server
AmazonS3
x-timer
S1669330833.819186,VS0,VE0
etag
"63e2df852d15ab21d7ff8fc4363222e8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
7173
_ate.track.config_resp
v1.addthisedge.com/live/boost/e2rmaddthis/ 		27 B
207 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/e2rmaddthis/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.34.248.81 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-248-81.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
19a26d6046c4fcfe9e3efbc1fb7532f424c6b0b7590b9e193788e30bce8b9836

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 23:00:32 GMT
content-encoding
gzip
cache-control
public, max-age=15, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
47
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
300lo.json
m.addthis.com/live/red_lojson/ 		136 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=637ff790f4ec235a&bkl=0&bl=1&pdt=1069&sid=637ff790f4ec235a&pub=e2rmaddthis&rev=v8.28.8-wp&ln=fr&pc=men&cb=0&ab=-&dp=secure.e2rm.com&fp=registrant%2FDonationPage.aspx%3Feventid%3D380352%26langpref%3Dfr-CA%26Referrer%3Ddirect%252fnone%26utm_source%3Dartez%26utm_medium%3DCampagne_Perso%26utm_campaign%3DPolytechnique_Employees_2022&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=0&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1669330832847&jsl=161&uvs=637ff7902ea7295c000&skipb=1&callback=addthis.cbs.jsonp__53376854778330870
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.34.248.81 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-248-81.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
81ddddcbd39f064f897be6ef5debf8c4744c4237d8b08130d688a67ddbf0ce25

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="NON ADM OUR DEV IND COM STA"
pragma
no-cache
date
Thu, 24 Nov 2022 23:00:32 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
136
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame D448 		0
0
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 109E 		71 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.34.248.81 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-248-81.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://secure.e2rm.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
public, max-age=86313600
content-encoding
gzip
content-length
26421
content-type
text/html
date
Thu, 24 Nov 2022 23:00:32 GMT
etag
W/"5f971164-11adc"
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
p3p
CP="NON ADM OUR DEV IND COM STA"
server
nginx/1.15.8
strict-transport-security
max-age=15724800; includeSubDomains
timing-allow-origin
*
vary
Accept-Encoding
x-host
s7.addthis.com
client.fr.min.json
s7.addthis.com/l10n/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/l10n/client.fr.min.json
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.34.248.81 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-248-81.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
a362f69b2d3a4c7524c423ce51bcee34a234354552e150be760bd91be2f0084b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Thu, 24 Nov 2022 23:00:32 GMT
last-modified
Tue, 10 Sep 2019 15:15:17 GMT
server
nginx/1.15.8
etag
W/"5d77be05-fb9"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public, s-maxage=604800
x-host
s7.addthis.com
timing-allow-origin
*
content-length
1924
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1810227304&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.e2rm.com%2Fregistrant%2FDonationPage.aspx%3Feventid%3D380352%26langpref%3Dfr-CA%26Referrer%3Ddirect%252fnone%26utm_source%3Dartez%26utm_medium%3DCampagne_Perso%26utm_campaign%3DPolytechnique_Employees_2022&ul=en-us&de=UTF-8&dt=Centraide%20Campagne%202022%20-%20Polytechnique%20-%20Employ%C3%A9s&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGDAAEATAAAAACAAI~&jid=993322570&gjid=823611910&cid=898941036.1669330833&tid=UA-3358772-12&_gid=1794728359.1669330833&_r=1&_slc=1&z=1986207095
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.e2rm.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 23:00:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.e2rm.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1810227304&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.e2rm.com%2Fregistrant%2FDonationPage.aspx%3Feventid%3D380352%26langpref%3Dfr-CA%26Referrer%3Ddirect%252fnone%26utm_source%3Dartez%26utm_medium%3DCampagne_Perso%26utm_campaign%3DPolytechnique_Employees_2022&ul=en-us&de=UTF-8&dt=Centraide%20Campagne%202022%20-%20Polytechnique%20-%20Employ%C3%A9s&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGDAAEATAAAAACAAI~&jid=232020334&gjid=1380907037&cid=898941036.1669330833&tid=UA-6726968-5&_gid=1794728359.1669330833&_r=1&_slc=1&z=1491736695
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.e2rm.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 23:00:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.e2rm.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
NRJS-f5d874ad4bd1d3684b9
bam.nr-data.net/1/ Frame 9825 		49 B
625 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/NRJS-f5d874ad4bd1d3684b9?a=940126251&v=1216.487a282&to=ZVcDZBZVVhAEUBIMClwdNEING0sXBEcPBkpKVg5dBV1WPAZcCQ4MVxwJRAlY&rst=564&ck=1&ref=https://auth.frontstream.com/static/xdomain_cookie.html&be=433&fe=454&dc=453&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669330832321,%22n%22:0,%22f%22:2,%22dn%22:2,%22dne%22:2,%22c%22:2,%22ce%22:2,%22rq%22:5,%22rp%22:246,%22rpe%22:281,%22dl%22:320,%22di%22:453,%22ds%22:453,%22de%22:453,%22dc%22:453,%22l%22:454,%22le%22:455%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: auth.frontstream.com
URL: https://auth.frontstream.com/static/xdomain_cookie.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Lake Oswego, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://auth.frontstream.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 24 Nov 2022 23:00:33 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
access-control-allow-credentials
true
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
CF-Ray
76f5c2ea0eaca1f3-YYZ
collect
stats.g.doubleclick.net/j/ 		4 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-6726968-5&cid=898941036.1669330833&jid=232020334&gjid=1380907037&_gid=1794728359.1669330833&_u=KGDAAEATAAAAACAAI~&z=871895000
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.e2rm.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 24 Nov 2022 23:00:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.e2rm.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-6726968-5&cid=898941036.1669330833&jid=232020334&_u=KGDAAEATAAAAACAAI~&z=1733367565
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::68 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 23:00:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-6726968-5&cid=898941036.1669330833&jid=232020334&_u=KGDAAEATAAAAACAAI~&z=1733367565
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secure.e2rm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 23:00:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
NRJS-f5d874ad4bd1d3684b9
bam.nr-data.net/events/1/ Frame 9825 		24 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/NRJS-f5d874ad4bd1d3684b9?a=940126251&v=1216.487a282&to=ZVcDZBZVVhAEUBIMClwdNEING0sXBEcPBkpKVg5dBV1WPAZcCQ4MVxwJRAlY&rst=767&ck=1&ref=https://auth.frontstream.com/static/xdomain_cookie.html
Requested by
Host: auth.frontstream.com
URL: https://auth.frontstream.com/static/xdomain_cookie.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Lake Oswego, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://auth.frontstream.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
content-type
text/plain

Response headers

Date
Thu, 24 Nov 2022 23:00:33 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://auth.frontstream.com
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
76f5c2eae86ba1f3-YYZ
Content-Length
24

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

217 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| $ function| jQuery function| parseFloatStrict object| e2 object| processingFeeSettings function| initializeProcessingFeeHandling function| NewDonationAmountHandler function| CalculateProcessingFee function| calculateProcessingFeeByPgf function| formatCurrency function| getInternetExplorerVersion function| checkVersion function| removeCustomAmountClasses function| removeCustomMonthlyAmountClasses function| resetSuggestedAmountClasses function| resetSuggestedMonthlyAmountClasses function| getUrlParam function| ES6Promise function| xDomainCookie object| FSCookieConsent boolean| FSCookieSetBackwardsCompatibilityOn object| cookieModal function| enableCookieContents function| enableGoogleAnalytics function| addView function| addTransaction string| GoogleAnalyticsObject function| ga object| jQuery171003651246445983425 object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY string| Page_ValidationVer boolean| Page_IsValid boolean| Page_BlockSubmit object| Page_InvalidControlToBeFocused object| Page_TextTypes function| ValidatorUpdateDisplay function| ValidatorUpdateIsValid function| AllValidatorsValid function| ValidatorHookupControlID function| ValidatorHookupControl function| ValidatorHookupEvent function| ValidatorGetValue function| ValidatorGetValueRecursive function| Page_ClientValidate function| ValidatorCommonOnSubmit function| ValidatorEnable function| ValidatorOnChange function| ValidatedTextBoxOnKeyPress function| ValidatedControlOnBlur function| ValidatorValidate function| ValidatorSetFocus function| IsInVisibleContainer function| IsValidationGroupMatch function| ValidatorOnLoad function| ValidatorConvert function| ValidatorCompare function| CompareValidatorEvaluateIsValid function| CustomValidatorEvaluateIsValid function| RegularExpressionValidatorEvaluateIsValid function| ValidatorTrim function| RequiredFieldValidatorEvaluateIsValid function| RangeValidatorEvaluateIsValid function| ValidationSummaryOnSubmit function| WebForm_OnSubmit string| addthis_pub object| addthis_config object| addthis_share object| scriptTag function| DonationAmountRequestHandler function| SendNewDonationAmountValue function| GetSelectedDonationAmount function| GetCustomTextBoxAmount function| cvClientValidatorValidate object| pathParts object| xd_cookie object| ArtezAnalytics function| ScrollMagic string| scrollToElementId function| scrollToElement function| cvEmailValidation function| cvConfirmEmailValidation function| cvPhoneNumberValidation function| cvCellPhoneNumberValidation function| cvPostalCodeValidation function| cvCreditCardVerificationValidation function| cvCreditCardValidDateValidation function| selectedCountryCode number| numGridColumns number| numOneTimeAmounts number| numSuggestedAmounts number| delay object| Page_ValidationSummaries object| Page_Validators object| error object| cvClientValidator object| rfvFirstName object| rfvLastName object| rfvOrganizationName object| rfvAddressLine1 object| cpvProvince object| cpvState object| cpvAUState object| rfvProvince object| rfvCity object| rfvPostalCode object| cvPostalCode object| cvTelephoneNumber object| rfvEmailAddress object| cvEmailAddress object| cvSurveyQuestions object| cvSurveyQuestionMaxLenExceeded object| rfvCreditCardHolderName object| rfvCreditCardNumber object| revCreditCardNumber object| cpvCreditCardExpiryMonth object| cpvCreditCardExpiryYear object| rfvCreditCardVerification object| revCreditCardVerification object| cvCreditCardVerification object| cvCreditCardValidDate object| revCreditCardIssueNumber object| rfvEFTBankName object| rfvEFTBankID object| revEFTBankID object| rfvEFTChequeNumber object| revEFTChequeNumber object| rfvEFTTransitNumber object| revEFTTransitNumber object| rfvEFTAccountNumber boolean| Page_ValidationActive function| ValidatorOnSubmit function| process_sso_login_facebook_fundraiser function| fundraiser_successful_login function| redirect_facebook_fundraiser function| render_successful_login function| process_facebook_logout function| post_to_wall function| performePostToWall function| facebookLogout function| process_sso_login function| UpdateDonateContactFromFacebook function| UpdateRegv2ContactFromFacebook function| UpdatePersonalAddressRegV2FromDB function| UpdatePersonalAddressFromDB function| fbSelectCountry function| postToLoginRegister function| onCountryChange function| GetURLParameter function| fbAsyncInit function| popUp object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| _gat object| _gaq function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto boolean| __@@##MUH object| oattr string| addthis_services_loc string| addthis_services_loc_mob object| addthis_translations

21 Cookies

Domain/Path Name / Value
.secure.e2rm.com/registrant/DonationPage.aspx Name: CSRF-Token
Value: C68803EB8E23584AFF574F1B6046F8259174EEFBFD5424DE049BFC030D95165A
secure.e2rm.com/ Name: ASP.NET_SessionId
Value: 5qbmyreno4gacpn4irfjx4p2
secure.e2rm.com/ Name: FS_Organization_CookieName
Value: FS_cookieconsent_status
secure.e2rm.com/ Name: FS_cookieconsent_status
Value: allowAll
secure.e2rm.com/ Name: FS_bannerDisplayed
Value: true
.e2rm.com/ Name: _ga
Value: GA1.2.898941036.1669330833
.e2rm.com/ Name: _gid
Value: GA1.2.1794728359.1669330833
secure.e2rm.com/ Name: __atuvc
Value: 1%7C47
secure.e2rm.com/ Name: __atuvs
Value: 637ff7902ea7295c000
.e2rm.com/ Name: _gat
Value: 1
.e2rm.com/ Name: _gat_trackerTwo
Value: 1
.addthis.com/ Name: uvc
Value: 1%7C47
.addthis.com/ Name: ouid
Value: 637ff79000017b397d59201c0cd88e37185884e895779f6a6dba
.addthis.com/ Name: di2
Value: aVT~j#%!k#$M`#!AgP2TOFYOFXOFWIPv7LW6Lj6Hq#3$d#1:R#19w
.addthis.com/ Name: bt2
Value: 637ff790001us0002001Hs0002
.addthis.com/ Name: um
Value: j.'2022112423003293900366613159'
.addthis.com/ Name: uid
Value: 637ff7903611c492
.addthis.com/ Name: na_id
Value: 2022112423003293900366613159
.addthis.com/ Name: vc
Value: 2
.addthis.com/ Name: loc
Value: MDAwMDBOQUNBUUMyMjU1MTA2NDQ2MjAwMDBDSA==
.nr-data.net/ Name: JSESSIONID
Value: baa84f19722bdac2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.frontstream.com
bam.nr-data.net
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
m.addthis.com
maxcdn.bootstrapcdn.com
medias.centraide.org
s7.addthis.com
secure.e2rm.com
ssl.google-analytics.com
stats.g.doubleclick.net
v1.addthisedge.com
www.google-analytics.com
www.google.ca
www.google.com
z.moatads.com
s7.addthis.com
151.101.66.137
162.247.241.14
207.236.155.246
23.195.101.172
23.34.248.81
2600:9000:209c:1800:4:5447:a940:93a1
2606:4700::6811:180e
2606:4700::6812:acf
2607:f8b0:4004:c08::61
2607:f8b0:4004:c09::68
2607:f8b0:4004:c17::5e
2607:f8b0:4004:c17::9c
2607:f8b0:4004:c1b::5e
2607:f8b0:4004:c1b::5f
2607:f8b0:4004:c1b::8b
52.60.65.93
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
19a26d6046c4fcfe9e3efbc1fb7532f424c6b0b7590b9e193788e30bce8b9836
19e47a16c2e35ff03c1b1faf2b3415afcdde44b0a3f4e26255edebe6a15a06c1
1acfe3f9dd68798ea9ffe0bac6fa1876df38b08156a4b1855e56d0561df5e579
305d14d65c715c5c749c862bd7cb67c3444efc2ce7f3cf436c05f1737f086ad4
3cd012b7bd9861cb884d338dfed7cef00884e4df4922bf2efdb8313a118887a5
3d10933b122249f5945974e2000661827752cec1d015c43f7c46bdfb36c0d605
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
44581d201f3da7a4307fe651701e6eba08232285a2ddfce6ee2b1075c82089cd
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
6d208d26bf76be20cc059beff61d472c05fb54d9a91f1a31fdb4eb20aa8bf938
70f5f9616d0a2e534b45d9609a281149edb414c0266695330f1d4adbb0b8b0a9
727b7896a52f1720b15b197937d581304db4f6400f709a355aee32faa531d936
77db5c6b3e8e368c720bdf3db65007a42564a2e4072e9b0b639902a6f934f63a
79b865eae859a35fb0b2c2a5db78a08ba98128ff58829410214aa927b1671340
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7ceeef31d467d0099c7a2f14b89cfb2de096d9419c9445623fd41b35bba29eab
7ef14a1e070a6a2ec9ff44ccf5e923cb2a460c5861a3db8a9ae1e21557d27020
7fc2f305a921527b2ab30ca18ae847de10bef47debd8c499e6240e78e3193e9c
81d59ce6ed33a6ca684edbabcc60626c8f19fa8d13abcd7c26a78e70c05a93d0
81ddddcbd39f064f897be6ef5debf8c4744c4237d8b08130d688a67ddbf0ce25
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
8cf3e82146f4cef3d56c19a5e87a27422d256d550256d580a14c81d0cf655b09
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
924a04e1cdcd6f87d60e7db41ddd2f7bb2d4b750d376e2fda2f0335e82d90176
9b10ad8e3b65cd63fd0fdfa82b0f2590179505961b84e539346523bbf22cd3b8
9d7b9cf4c281b8a99632c571456dd5a35e3071ea2b236f2dcdf5b442961235b8
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1680219983b1f72283ff05bb103b49a0d6f57fe51c965c285730e655d583af7
a2716cb5b1867bf3e03cd9b4ddc0124417b6bc0f693ecec5a128964e7e12af50
a362f69b2d3a4c7524c423ce51bcee34a234354552e150be760bd91be2f0084b
a3af5b8f501ef46c0a56f115e3d8a9f1212fc0abe307976346e906e50f2400b3
a536f4022abee5e47a093674b0bd76bdda43dadcba98a7b377300cfdb279fc94
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b09ac0e445c55c0f39e18f2d5ced9eac53b7dfd3de161a877285114055b8bfc3
b0a72dc2cc33b6ea63c229836cb2cb2872576390e4eee243aa4271fe1f85ba54
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bb433af9d3d81ec486ada2b1f91693d008091c45aef3740c57458dfcfc72fd3f
be0fe7ba2ed9f9cc123ff28d526f4bffd74f7d5693588f0b940f452161a1cbce
c034dc13581a35a92d949a8d459362e5f33760026478a4e93227adde66124fcc
c4e621947675bd36b83208e7d6990da071e392804406a0d61f8941c33b806484
c96909af12b9c4b83fe9692ef20781da73974142d96b63a92357f6fecce70c41
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d1f68569e43bd232554d082a9d37822aae3b3b764111402295221fd7cf71cd3b
d6db02267020a83d93f33897324b164f2d7ac040af0981b387aff9aef3211aeb
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dafb4aaa3aabf5608ce84ed1be5e739ff4d660ab1089d1a7767e6228c68972eb
dc69575fc593254d6e793b66b62002561c2d2f4884245c49c7097741ca1d8fe8
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
df82a5e018597829bcfe6385bccc042b178260f32ae125705e26bb4331f5a4fa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f7a27515ce4b0cdbfe19d616e60323445dc133e26ea42db71d71560749e96ecd
f9bc2af159f56f6373d66177e46c98091dd63f5ccd06ae805fd3feac847fbe0f
ff124f1b07330ff846c55d78a985d1d2642ac6fb4339d2ee811068f846a7f25d
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995