visasavecanada.com Open in urlscan Pro
2606:4700:30::681b:9b55 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://visasavecanada.com/
Effective URL:
http://visasavecanada.com/fr
Submission: On January 14 via automatic, source certstream-suspicious (January 14th 2019, 4:59:17 pm UTC)

Summary HTTP 35 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 35 HTTP transactions. The main IP is 2606:4700:30::681b:9b55, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is visasavecanada.com.

This is the only time visasavecanada.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	2606:4700:30:... 2606:4700:30::681b:9a55	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	2606:4700:30:... 2606:4700:30::681b:9b55	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	209.197.3.15 209.197.3.15	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
2	2606:4700:30:... 2606:4700:30::681b:b4c7	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	54.230.202.227 54.230.202.227	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	205.185.208.52 205.185.208.52	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
2	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:b6e0:1:2... 2a00:b6e0:1:200:161::1	60362 (ALWAYSDATA) (ALWAYSDATA)
5	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
3	13.35.254.185 13.35.254.185	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
35	10

14 2606:4700:30::681b:9a55 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

visasavecanada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:30::681b:9b55 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

visasavecanada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.197.3.15 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:30::681b:b4c7 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

funnelstalk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.230.202.227 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-202-227.fra50.r.cloudfront.net

cl.avis-verifies.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.208.52 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip052.ssl.hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:b6e0:1:200:161::1 (France)

ASN60362 (ALWAYSDATA, FR)

usaestavisas.innocraft.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81f::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.35.254.185 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-254-185.fra6.r.cloudfront.net

djtflbt20bdde.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	visasavecanada.com 1 redirects visasavecanada.com	3 MB
5	gstatic.com fonts.gstatic.com	66 KB
3	cloudfront.net djtflbt20bdde.cloudfront.net	85 KB
2	innocraft.cloud usaestavisas.innocraft.cloud	38 KB
2	googleapis.com fonts.googleapis.com	2 KB
2	avis-verifies.com cl.avis-verifies.com	45 KB
2	funnelstalk.com funnelstalk.com	2 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	82 KB
1	jquery.com code.jquery.com	30 KB
35	9

	Domain	Requested by
17	visasavecanada.com	1 redirects visasavecanada.com
5	fonts.gstatic.com	visasavecanada.com
3	djtflbt20bdde.cloudfront.net	visasavecanada.com djtflbt20bdde.cloudfront.net
2	usaestavisas.innocraft.cloud	visasavecanada.com
2	fonts.googleapis.com	visasavecanada.com djtflbt20bdde.cloudfront.net
2	cl.avis-verifies.com	visasavecanada.com cl.avis-verifies.com
2	funnelstalk.com	visasavecanada.com funnelstalk.com
2	maxcdn.bootstrapcdn.com	visasavecanada.com
1	code.jquery.com	visasavecanada.com
35	9

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-01-14` - `2020-01-14`	a year	crt.sh
*.bootstrapcdn.com COMODO RSA Domain Validation Secure Server CA	`2018-10-03` - `2019-10-12`	a year	crt.sh
sni253013.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-01-14` - `2019-07-23`	6 months	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
*.googleapis.com Google Internet Authority G3	`2018-12-19` - `2019-03-13`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2018-12-19` - `2019-03-13`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2018-10-08` - `2019-10-09`	a year	crt.sh

This page contains 3 frames:

Primary Page: http://visasavecanada.com/fr
Frame ID: 851961D6695D2BACE01F83420B03BA1B
Requests: 32 HTTP requests in this frame

Frame: https://djtflbt20bdde.cloudfront.net/css/styles.8db41f0a.css
Frame ID: 0F467843CEC8C856819EDCEC21642846
Requests: 2 HTTP requests in this frame

Frame: https://djtflbt20bdde.cloudfront.net/img/email-sent.61f9143c.svg
Frame ID: 3C22D299DC7F8226405A78C5BA1071B0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://visasavecanada.com/ HTTP 302
http://visasavecanada.com/fr Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Piwik () Expand

Overall confidence: 100%
Detected patterns

script /piwik\.js|piwik\.php/i
env /^Piwik$/i
env /^_paq$/i

Page Statistics

35
Requests

74 %
HTTPS

60 %
IPv6

9
Domains

9
Subdomains

10
IPs

3
Countries

3159 kB
Transfer

3853 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://visasavecanada.com/ HTTP 302
http://visasavecanada.com/fr Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set fr Show response
visasavecanada.com/
Redirect Chain

https://visasavecanada.com/
http://visasavecanada.com/fr

29 KB
6 KB

76ms
69ms

Document
text/html

2606:4700:30::681b:9b55
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://visasavecanada.com/fr
Protocol: HTTP/1.1
Server: 2606:4700:30::681b:9b55 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74656b8ee4919c51aadddf190abc70cd67bbecd8172ef704ef818e1dc773d6af

Request headers

Host: visasavecanada.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Cookie: __cfduid=db787a560b7559831909adc81d78ce70d1547485138; XSRF-TOKEN=eyJpdiI6ImRxUGI0WHlMdytJVTRlVjYzc0l1ckE9PSIsInZhbHVlIjoiYTlmdzZrdm9uekluT0p6YUJNeitmMG13czV0bUNEcUxMWlh0WjFqMm5tbXc1ZDRpbjRaazNtdGI4MndtM2FFRHNXSVRlUXAzU0xVSzMycitQUG9ZbEE9PSIsIm1hYyI6IjEyZThmYWY3YWVmMzYyMmRiNDI3ZDZlODBhMGMyNjM3OTRiZDkwMjRmMmY0NjQwNTlmOWY3ZmJiMjIyZDYzZGIifQ%3D%3D; ave_canada_session=eyJpdiI6IjFNbTNWeHhQbjI1RGdZelU5c1dqTEE9PSIsInZhbHVlIjoiY0o5VDR1QTQycXhOSm1IRUxnU0wrc0REbE1yem1PbEt3QU9kd1NCell5cmxaeVpXTE1uSnFmbmQxTldReDE2cjRUNjZIam9iaENWdUhGYjR6RGJpZ1E9PSIsIm1hYyI6ImVjNWRkYzVlOGQ3N2FiNWY4MTkwOWZmZDJlMDY0OTU1YjZhM2VjNDY0ZjQzOWQ1ODVkMzNhMmYwN2ZiODBlMzYifQ%3D%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 14 Jan 2019 16:58:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6IjgrV0J3QUdlSVR3ZUVZOWltcTQrWWc9PSIsInZhbHVlIjoibjJpVU1rMXJHYWNhaUtwOTlvanhhWUxqWjJ4UTZnT0FGdUM3Q2o5b21ZbFRvU09nUmpkSnZUNHZ4ajR3UU9Pd2tJZGdtNmdjYW9jb3B5a2dJMHlqK3c9PSIsIm1hYyI6ImU0Y2NhODk1ODlhOTY5YjIxODAxZmNiOTJmMTc0NDVkMjgzOTlhY2VlNjhjNmI5MmEwNjk0NGE0Mjg1YTAyNWYifQ%3D%3D; expires=Mon, 14-Jan-2019 18:58:58 GMT; Max-Age=7200; path=/ ave_canada_session=eyJpdiI6IkNiTnEzNDhObEx3elFQTXVKU0FNREE9PSIsInZhbHVlIjoiWHV3YXNxQnBEU01GbjVVWCtya3kzUnpTMEgrKzlpQkJHTUxWeHhHbEVaWXVTM0NIbk1mak10T3VLdzArUWp6aFJEbWtWMXU5K0lTWFVIRGNDRTBtWFE9PSIsIm1hYyI6IjZjZjJmNTI3MDMxY2YwODljZDlmMTMzZGY1MjY0MmJmOThmMzY1OThlYzNhZjc3YWI4ZWNlZmYwMmUxMGQyNTYifQ%3D%3D; expires=Mon, 14-Jan-2019 18:58:58 GMT; Max-Age=7200; path=/; HttpOnly
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4991a684b09c234e-FRA
Content-Encoding: gzip

Redirect headers

status: 302
date: Mon, 14 Jan 2019 16:58:58 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=db787a560b7559831909adc81d78ce70d1547485138; expires=Tue, 14-Jan-20 16:58:58 GMT; path=/; domain=.visasavecanada.com; HttpOnly XSRF-TOKEN=eyJpdiI6ImRxUGI0WHlMdytJVTRlVjYzc0l1ckE9PSIsInZhbHVlIjoiYTlmdzZrdm9uekluT0p6YUJNeitmMG13czV0bUNEcUxMWlh0WjFqMm5tbXc1ZDRpbjRaazNtdGI4MndtM2FFRHNXSVRlUXAzU0xVSzMycitQUG9ZbEE9PSIsIm1hYyI6IjEyZThmYWY3YWVmMzYyMmRiNDI3ZDZlODBhMGMyNjM3OTRiZDkwMjRmMmY0NjQwNTlmOWY3ZmJiMjIyZDYzZGIifQ%3D%3D; expires=Mon, 14-Jan-2019 18:58:58 GMT; Max-Age=7200; path=/ ave_canada_session=eyJpdiI6IjFNbTNWeHhQbjI1RGdZelU5c1dqTEE9PSIsInZhbHVlIjoiY0o5VDR1QTQycXhOSm1IRUxnU0wrc0REbE1yem1PbEt3QU9kd1NCell5cmxaeVpXTE1uSnFmbmQxTldReDE2cjRUNjZIam9iaENWdUhGYjR6RGJpZ1E9PSIsIm1hYyI6ImVjNWRkYzVlOGQ3N2FiNWY4MTkwOWZmZDJlMDY0OTU1YjZhM2VjNDY0ZjQzOWQ1ODVkMzNhMmYwN2ZiODBlMzYifQ%3D%3D; expires=Mon, 14-Jan-2019 18:58:58 GMT; Max-Age=7200; path=/; HttpOnly
vary: Accept-Language
cache-control: no-cache, private
location: http://visasavecanada.com/fr
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4991a6842ea0c2ec-FRA

GET
H2 200 app.css
visasavecanada.com/css/ 177 KB
20 KB 82ms
81ms Stylesheet
text/css 2606:4700:30::681b:9a55
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://visasavecanada.com/css/app.css
Requested by: Host: visasavecanada.com
URL: http://visasavecanada.com/fr
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681b:9a55 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2440e92c6ff7850922edf3104e6efeb3c3f7257fdebf37b675ed6a76f836ae6

Request headers

Referer: http://visasavecanada.com/fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 14 Jan 2019 16:58:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 2019 11:47:50 GMT
server: cloudflare
etag: W/"2c394-57e64195e1bfc-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=14400
cf-ray: 4991a6853a92c2ec-FRA
expires: Mon, 14 Jan 2019 20:58:58 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 29ms
18ms Stylesheet
text/css 209.197.3.15
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by: Host: visasavecanada.com
URL: http://visasavecanada.com/fr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip0x00f.map2.ssl.hwcdn.net
Software: /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer: http://visasavecanada.com/fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 14 Jan 2019 16:58:58 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
access-control-allow-origin: *
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 7050

GET
H2 200 stalker.js Show response
funnelstalk.com/ 2 KB
1 KB 135ms
56ms Script
application/javascript 2606:4700:30::681b:b4c7
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://funnelstalk.com/stalker.js?sid=1
Requested by: Host: visasavecanada.com
URL: http://visasavecanada.com/fr
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681b:b4c7 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33cd09342082bbbf8732bd3ac0af9547907825ba6e863fd2c9a6e4a52f9c78f8

Request headers

Referer: http://visasavecanada.com/fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 14 Jan 2019 16:58:58 GMT
content-encoding: br
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: no-cache, private
cf-ray: 4991a685bebdc288-FRA

GET
H2 200 ave-canada-white-red.png
visasavecanada.com/img/ 49 KB
49 KB 106ms
106ms Image
image/png 2606:4700:30::681b:9a55
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visasavecanada.com/img/ave-canada-white-red.png
Requested by: Host: visasavecanada.com
URL: http://visasavecanada.com/fr
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681b:9a55 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00a107afbd263e4269c1a45178ee271b13133eb583145a0b148277db4765d597

Request headers

Referer: http://visasavecanada.com/fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 14 Jan 2019 16:58:58 GMT
cf-cache-status: MISS
last-modified: Tue, 01 Jan 2019 11:47:50 GMT
server: cloudflare
etag: "c554-57e64195e3b3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 4991a6853a93c2ec-FRA
content-length: 50516
expires: Mon, 14 Jan 2019 20:58:58 GMT

GET
H2 200 home-step-1.png
visasavecanada.com/img/ 20 KB
21 KB 1002ms
999ms Image
image/png 2606:4700:30::681b:9a55
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visasavecanada.com/img/home-step-1.png
Requested by: Host: visasavecanada.com
URL: http://visasavecanada.com/fr
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681b:9a55 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ce7453061184288241fa99e8e818b2ed21485ecfe6279a54f122fde3a9223e2

Request headers

Referer: http://visasavecanada.com/fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 14 Jan 2019 16:58:59 GMT
cf-cache-status: MISS
last-modified: Tue, 01 Jan 2019 11:47:51 GMT
server: cloudflare
etag: "517c-57e64195eb83c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 4991a685ed63c2ec-FRA
content-length: 20860
expires: Mon, 14 Jan 2019 20:58:59 GMT

GET
H2 200 home-step-2.png
visasavecanada.com/img/ 25 KB
25 KB 1946ms
1944ms Image
image/png 2606:4700:30::681b:9a55
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visasavecanada.com/img/home-step-2.png
Requested by: Host: visasavecanada.com
URL: http://visasavecanada.com/fr
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681b:9a55 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd7eee978ca17e9f80531c2ed3c73d3451d3679efe30ea727afc5a7245867313

Request headers

Referer: http://visasavecanada.com/fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 14 Jan 2019 16:59:00 GMT
cf-cache-status: MISS
last-modified: Tue, 01 Jan 2019 11:47:51 GMT
server: cloudflare
etag: "6556-57e64195eb83c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 4991a685ed67c2ec-FRA
content-length: 25942
expires: Mon, 14 Jan 2019 20:59:00 GMT

GET
H2 200 home-step-3.png
visasavecanada.com/img/ 20 KB
20 KB 108ms
106ms Image
image/png 2606:4700:30::681b:9a55
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visasavecanada.com/img/home-step-3.png
Requested by: Host: visasavecanada.com
URL: http://visasavecanada.com/fr
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681b:9a55 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9aa9332a1393baf4d5ac92b40bdcba317002a6ccc6b357b7b389aa4c4f6578c

Request headers

Referer: http://visasavecanada.com/fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 14 Jan 2019 16:58:58 GMT
cf-cache-status: MISS
last-modified: Tue, 01 Jan 2019 11:47:51 GMT
server: cloudflare
etag: "4f9c-57e64195eb83c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 4991a685ed6ac2ec-FRA
content-length: 20380
expires: Mon, 14 Jan 2019 20:58:58 GMT

GET
H2 200 home-step-4.png
visasavecanada.com/img/ 20 KB
20 KB 102ms
100ms Image
image/png 2606:4700:30::681b:9a55
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visasavecanada.com/img/home-step-4.png
Requested by: Host: visasavecanada.com
URL: http://visasavecanada.com/fr
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681b:9a55 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83176693006e72b6b83db91b3aed997731a2309e7eb2d0506a37d0c0350620d3

Request headers

Referer: http://visasavecanada.com/fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 14 Jan 2019 16:58:58 GMT
cf-cache-status: MISS
last-modified: Tue, 01 Jan 2019 11:47:51 GMT
server: cloudflare
etag: "5160-57e64195eb83c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 4991a685ed6cc2ec-FRA
content-length: 20832
expires: Mon, 14 Jan 2019 20:58:58 GMT

GET
H2 200 ave-canada-red-white.png
visasavecanada.com/img/ 58 KB
58 KB 108ms
106ms Image
image/png 2606:4700:30::681b:9a55
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visasavecanada.com/img/ave-canada-red-white.png
Requested by: Host: visasavecanada.com
URL: http://visasavecanada.com/fr
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681b:9a55 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86db16ef4edcf16c257fb869c7ecc18905f591c7838e1cf18a4aa22352c6f73c

Request headers

Referer: http://visasavecanada.com/fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 14 Jan 2019 16:58:58 GMT
cf-cache-status: MISS
last-modified: Tue, 01 Jan 2019 11:47:50 GMT
server: cloudflare
etag: "e8e8-57e64195e3b3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 4991a685ed70c2ec-FRA
content-length: 59624
expires: Mon, 14 Jan 2019 20:58:58 GMT

GET
H/1.1 200
OK widget22.min.js Show response
cl.avis-verifies.com/fr/widget4/ 133 KB
45 KB 52ms
9ms Script
application/javascript 54.230.202.227
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://cl.avis-verifies.com/fr/widget4/widget22.min.js
Requested by: Host: visasavecanada.com
URL: http://visasavecanada.com/fr
Protocol: HTTP/1.1
Server: 54.230.202.227 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-202-227.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a55328de0033c5a20ce654366bb6371690ccbef3eea1a15c1f7566a5bbd140e5

Request headers

Referer: http://visasavecanada.com/fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 14 Jan 2019 12:32:16 GMT
Content-Encoding: gzip
Last-Modified: Thu, 22 Nov 2018 06:10:57 GMT
Server: AmazonS3
Age: 16003
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 1415e6a9d308119037d1fa89386da72a.cloudfront.net (CloudFront)
Cache-Control: max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
X-Amz-Cf-Id: YUdPhdQj0P_mA3d-EUr_XUNhQbJLqREgOdH8_zN0tnlZ0deVKmanoA==
Expires: Mon, 14 Jan 2019 08:50:00 GMT

GET
H2 200 fb-footer.png
visasavecanada.com/img/ 18 KB
18 KB 100ms
98ms Image
image/png 2606:4700:30::681b:9a55
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visasavecanada.com/img/fb-footer.png
Requested by: Host: visasavecanada.com
URL: http://visasavecanada.com/fr
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681b:9a55 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40edfd58109877e4836f54e74c7a04eeb8f8f900fc0989952f2f8483ae3e1f0d

Request headers

Referer: http://visasavecanada.com/fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 14 Jan 2019 16:58:58 GMT
cf-cache-status: MISS
last-modified: Tue, 01 Jan 2019 11:47:50 GMT
server: cloudflare
etag: "48a9-57e64195e4adc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 4991a685ed73c2ec-FRA
content-length: 18601
expires: Mon, 14 Jan 2019 20:58:58 GMT

GET
H2 200 tw-footer.png
visasavecanada.com/img/ 19 KB
19 KB 1941ms
1940ms Image
image/png 2606:4700:30::681b:9a55
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visasavecanada.com/img/tw-footer.png
Requested by: Host: visasavecanada.com
URL: http://visasavecanada.com/fr
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681b:9a55 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9867990024c313e890f1c30aac4003493b593b774a1392b863ff320e2eda5eb

Request headers

Referer: http://visasavecanada.com/fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 14 Jan 2019 16:59:00 GMT
cf-cache-status: MISS
last-modified: Tue, 01 Jan 2019 11:47:51 GMT
server: cloudflare
etag: "4a10-57e64195f547c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 4991a685ed74c2ec-FRA
content-length: 18960
expires: Mon, 14 Jan 2019 20:59:00 GMT

GET
H2 200 yt-footer.png
visasavecanada.com/img/ 19 KB
19 KB 103ms
102ms Image
image/png 2606:4700:30::681b:9a55
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visasavecanada.com/img/yt-footer.png
Requested by: Host: visasavecanada.com
URL: http://visasavecanada.com/fr
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681b:9a55 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48f70e99862f12708f26271c8fc729f6def3b0c3e767ecd0bf2ef1b41fa746ec

Request headers

Referer: http://visasavecanada.com/fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 14 Jan 2019 16:58:58 GMT
cf-cache-status: MISS
last-modified: Tue, 01 Jan 2019 11:47:51 GMT
server: cloudflare
etag: "4abf-57e64195f73bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 4991a685ed75c2ec-FRA
content-length: 19135
expires: Mon, 14 Jan 2019 20:58:58 GMT

GET
H/1.1 200
OK jquery-3.2.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 68ms
20ms Script
application/javascript 205.185.208.52
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: visasavecanada.com
URL: http://visasavecanada.com/fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip052.ssl.hwcdn.net
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://visasavecanada.com/fr
Origin: http://visasavecanada.com

Response headers

Date: Mon, 14 Jan 2019 16:58:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Mar 2017 19:01:15 GMT
Server: nginx
ETag: W/"58d026fb-15283"
Vary: Accept-Encoding
X-HW: 1547485138.dop007.pa1.shc,1547485138.dop007.pa1.t,1547485138.cds021.pa1.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 30125

GET
H/1.1 200
OK popper.min.js Show response
visasavecanada.com/js/ 19 KB
7 KB 75ms
73ms Script
application/javascript 2606:4700:30::681b:9b55
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://visasavecanada.com/js/popper.min.js
Requested by: Host: visasavecanada.com
URL: http://visasavecanada.com/fr
Protocol: HTTP/1.1
Server: 2606:4700:30::681b:9b55 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5292e677fe712c80863414e9e73f3678d86d409f751392b6803b70a949fc1017

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: visasavecanada.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://visasavecanada.com/fr
Cookie: __cfduid=db787a560b7559831909adc81d78ce70d1547485138; XSRF-TOKEN=eyJpdiI6IjgrV0J3QUdlSVR3ZUVZOWltcTQrWWc9PSIsInZhbHVlIjoibjJpVU1rMXJHYWNhaUtwOTlvanhhWUxqWjJ4UTZnT0FGdUM3Q2o5b21ZbFRvU09nUmpkSnZUNHZ4ajR3UU9Pd2tJZGdtNmdjYW9jb3B5a2dJMHlqK3c9PSIsIm1hYyI6ImU0Y2NhODk1ODlhOTY5YjIxODAxZmNiOTJmMTc0NDVkMjgzOTlhY2VlNjhjNmI5MmEwNjk0NGE0Mjg1YTAyNWYifQ%3D%3D; ave_canada_session=eyJpdiI6IkNiTnEzNDhObEx3elFQTXVKU0FNREE9PSIsInZhbHVlIjoiWHV3YXNxQnBEU01GbjVVWCtya3kzUnpTMEgrKzlpQkJHTUxWeHhHbEVaWXVTM0NIbk1mak10T3VLdzArUWp6aFJEbWtWMXU5K0lTWFVIRGNDRTBtWFE9PSIsIm1hYyI6IjZjZjJmNTI3MDMxY2YwODljZDlmMTMzZGY1MjY0MmJmOThmMzY1OThlYzNhZjc3YWI4ZWNlZmYwMmUxMGQyNTYifQ%3D%3D
Connection: keep-alive
Cache-Control: no-cache
Referer: http://visasavecanada.com/fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 14 Jan 2019 16:58:58 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Tue, 01 Jan 2019 11:47:51 GMT
Server: cloudflare
ETag: "4a59-57e64195f92fd-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4991a685e0d3234e-FRA
Content-Length: 6853
Expires: Mon, 14 Jan 2019 20:58:58 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
visasavecanada.com/js/ 50 KB
13 KB 2936ms
2929ms Script
application/javascript 2606:4700:30::681b:9a55
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://visasavecanada.com/js/bootstrap.min.js
Requested by: Host: visasavecanada.com
URL: http://visasavecanada.com/fr
Protocol: HTTP/1.1
Server: 2606:4700:30::681b:9a55 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e25895d7caaf355a53d19c37c69a06198f668e5422b211d27597ed93983b80b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: visasavecanada.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://visasavecanada.com/fr
Cookie: __cfduid=db787a560b7559831909adc81d78ce70d1547485138; XSRF-TOKEN=eyJpdiI6IjgrV0J3QUdlSVR3ZUVZOWltcTQrWWc9PSIsInZhbHVlIjoibjJpVU1rMXJHYWNhaUtwOTlvanhhWUxqWjJ4UTZnT0FGdUM3Q2o5b21ZbFRvU09nUmpkSnZUNHZ4ajR3UU9Pd2tJZGdtNmdjYW9jb3B5a2dJMHlqK3c9PSIsIm1hYyI6ImU0Y2NhODk1ODlhOTY5YjIxODAxZmNiOTJmMTc0NDVkMjgzOTlhY2VlNjhjNmI5MmEwNjk0NGE0Mjg1YTAyNWYifQ%3D%3D; ave_canada_session=eyJpdiI6IkNiTnEzNDhObEx3elFQTXVKU0FNREE9PSIsInZhbHVlIjoiWHV3YXNxQnBEU01GbjVVWCtya3kzUnpTMEgrKzlpQkJHTUxWeHhHbEVaWXVTM0NIbk1mak10T3VLdzArUWp6aFJEbWtWMXU5K0lTWFVIRGNDRTBtWFE9PSIsIm1hYyI6IjZjZjJmNTI3MDMxY2YwODljZDlmMTMzZGY1MjY0MmJmOThmMzY1OThlYzNhZjc3YWI4ZWNlZmYwMmUxMGQyNTYifQ%3D%3D
Connection: keep-alive
Cache-Control: no-cache
Referer: http://visasavecanada.com/fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 14 Jan 2019 16:59:01 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Tue, 01 Jan 2019 11:47:51 GMT
Server: cloudflare
ETag: "c7c7-57e64195f73bd-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4991a685f6c0c2e7-FRA
Content-Length: 12980
Expires: Mon, 14 Jan 2019 20:59:01 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
776 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:808::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700|Montserrat:400,600,800

Requested by

Host: visasavecanada.com
URL: http://visasavecanada.com/fr

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:808::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

9852398504127bb64c2c22a30bca85062a0533734d44ecbf3fbaa9bbfe34a244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://visasavecanada.com/fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 14 Jan 2019 16:58:58 GMT
server: ESF
access-control-allow-origin: *
date: Mon, 14 Jan 2019 16:58:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Mon, 14 Jan 2019 16:58:58 GMT

GET
H/1.1 200
OK piwik.js Show response
usaestavisas.innocraft.cloud/ 122 KB
37 KB 91ms
30ms Script
application/javascript 2a00:b6e0:1:200:161::1
ALWAYSDATA

General

Check archive.org

Show headers Download Go to

Full URL: http://usaestavisas.innocraft.cloud/piwik.js
Requested by: Host: visasavecanada.com
URL: http://visasavecanada.com/fr
Protocol: HTTP/1.1
Server: 2a00:b6e0:1:200:161::1 , France, ASN60362 (ALWAYSDATA, FR),
Reverse DNS
Software: Apache/2.2 /
Resource Hash: d6fc08299f2deaaaba86fbf5f7ef3175b1dcc4fda994cef699457e97d92a4931

Request headers

Referer: http://visasavecanada.com/fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 14 Jan 2019 16:58:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 Dec 2018 23:15:50 GMT
Server: Apache/2.2
ETag: "1e8c7-57d3ff630df5b"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Via: 1.1 alproxy, 1.1 alproxy
Cache-Control: max-age=691200
Accept-Ranges: bytes
Content-Length: 37906
Expires: Tue, 22 Jan 2019 16:58:58 GMT

GET
H2 200 home-header-background.png
visasavecanada.com/img/ 2 MB
2 MB 3020ms
3020ms Image
image/png 2606:4700:30::681b:9a55
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visasavecanada.com/img/home-header-background.png
Requested by: Host: visasavecanada.com
URL: http://visasavecanada.com/fr
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681b:9a55 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0132115f7c04846511c99bdeb3861b1b9c7689aa101d601d4bc588084f885c4c

Request headers

Referer: https://visasavecanada.com/css/app.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 14 Jan 2019 16:59:01 GMT
cf-cache-status: MISS
last-modified: Tue, 01 Jan 2019 11:47:51 GMT
server: cloudflare
etag: "2368cf-57e64195eb83c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 4991a685fd9ec2ec-FRA
content-length: 2320591
expires: Mon, 14 Jan 2019 20:59:01 GMT

GET
H/1.1 200
OK home-separator.jpg
visasavecanada.com/img/ 140 KB
140 KB 2994ms
2988ms Image
image/jpeg 2606:4700:30::681b:9b55
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visasavecanada.com/img/home-separator.jpg
Requested by: Host: visasavecanada.com
URL: http://visasavecanada.com/fr
Protocol: HTTP/1.1
Server: 2606:4700:30::681b:9b55 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bfd89b240a38818b7fc0e7455c6da4a0f12242ac1cf7216a78a76d8a6ba7d12

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: visasavecanada.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://visasavecanada.com/fr
Cookie: __cfduid=db787a560b7559831909adc81d78ce70d1547485138; XSRF-TOKEN=eyJpdiI6IjgrV0J3QUdlSVR3ZUVZOWltcTQrWWc9PSIsInZhbHVlIjoibjJpVU1rMXJHYWNhaUtwOTlvanhhWUxqWjJ4UTZnT0FGdUM3Q2o5b21ZbFRvU09nUmpkSnZUNHZ4ajR3UU9Pd2tJZGdtNmdjYW9jb3B5a2dJMHlqK3c9PSIsIm1hYyI6ImU0Y2NhODk1ODlhOTY5YjIxODAxZmNiOTJmMTc0NDVkMjgzOTlhY2VlNjhjNmI5MmEwNjk0NGE0Mjg1YTAyNWYifQ%3D%3D; ave_canada_session=eyJpdiI6IkNiTnEzNDhObEx3elFQTXVKU0FNREE9PSIsInZhbHVlIjoiWHV3YXNxQnBEU01GbjVVWCtya3kzUnpTMEgrKzlpQkJHTUxWeHhHbEVaWXVTM0NIbk1mak10T3VLdzArUWp6aFJEbWtWMXU5K0lTWFVIRGNDRTBtWFE9PSIsIm1hYyI6IjZjZjJmNTI3MDMxY2YwODljZDlmMTMzZGY1MjY0MmJmOThmMzY1OThlYzNhZjc3YWI4ZWNlZmYwMmUxMGQyNTYifQ%3D%3D
Connection: keep-alive
Cache-Control: no-cache
Referer: http://visasavecanada.com/fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 14 Jan 2019 16:59:01 GMT
CF-Cache-Status: MISS
Last-Modified: Tue, 01 Jan 2019 11:47:51 GMT
Server: cloudflare
ETag: "2302d-57e64195eb83c"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4991a685f7fa9786-FRA
Content-Length: 143405
Expires: Mon, 14 Jan 2019 20:59:01 GMT

GET
H/1.1 200
OK home-map-dots.png
visasavecanada.com/img/ 103 KB
104 KB 2982ms
2976ms Image
image/png 2606:4700:30::681b:9a55
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visasavecanada.com/img/home-map-dots.png
Requested by: Host: visasavecanada.com
URL: http://visasavecanada.com/fr
Protocol: HTTP/1.1
Server: 2606:4700:30::681b:9a55 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b273725603a2dd69917aab78e03edc59f83088dd5576dee5bafa4d0c2f7e0f9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: visasavecanada.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://visasavecanada.com/fr
Cookie: __cfduid=db787a560b7559831909adc81d78ce70d1547485138; XSRF-TOKEN=eyJpdiI6IjgrV0J3QUdlSVR3ZUVZOWltcTQrWWc9PSIsInZhbHVlIjoibjJpVU1rMXJHYWNhaUtwOTlvanhhWUxqWjJ4UTZnT0FGdUM3Q2o5b21ZbFRvU09nUmpkSnZUNHZ4ajR3UU9Pd2tJZGdtNmdjYW9jb3B5a2dJMHlqK3c9PSIsIm1hYyI6ImU0Y2NhODk1ODlhOTY5YjIxODAxZmNiOTJmMTc0NDVkMjgzOTlhY2VlNjhjNmI5MmEwNjk0NGE0Mjg1YTAyNWYifQ%3D%3D; ave_canada_session=eyJpdiI6IkNiTnEzNDhObEx3elFQTXVKU0FNREE9PSIsInZhbHVlIjoiWHV3YXNxQnBEU01GbjVVWCtya3kzUnpTMEgrKzlpQkJHTUxWeHhHbEVaWXVTM0NIbk1mak10T3VLdzArUWp6aFJEbWtWMXU5K0lTWFVIRGNDRTBtWFE9PSIsIm1hYyI6IjZjZjJmNTI3MDMxY2YwODljZDlmMTMzZGY1MjY0MmJmOThmMzY1OThlYzNhZjc3YWI4ZWNlZmYwMmUxMGQyNTYifQ%3D%3D
Connection: keep-alive
Cache-Control: no-cache
Referer: http://visasavecanada.com/fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 14 Jan 2019 16:59:01 GMT
CF-Cache-Status: MISS
Last-Modified: Tue, 01 Jan 2019 11:47:51 GMT
Server: cloudflare
ETag: "19d08-57e64195eb83c"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4991a685f373c2e2-FRA
Content-Length: 105736
Expires: Mon, 14 Jan 2019 20:59:01 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v12/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v12/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: visasavecanada.com
URL: http://visasavecanada.com/fr

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

50e7e16fa947036ed479023375a7a44597c72dcc780c110ddb87a28cfa7fd16c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:400,700|Montserrat:400,600,800
Origin: http://visasavecanada.com

Response headers

date: Fri, 21 Dec 2018 06:21:17 GMT
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2017 15:24:13 GMT
server: sffe
age: 2111861
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13248
x-xss-protection: 1; mode=block
expires: Sat, 21 Dec 2019 06:21:17 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v12/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2

Requested by

Host: visasavecanada.com
URL: http://visasavecanada.com/fr

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0d18b4bafb15e54b797456bb5688463e8a302996a32273efb4ab1de84a91fb92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:400,700|Montserrat:400,600,800
Origin: http://visasavecanada.com

Response headers

date: Wed, 19 Dec 2018 07:32:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2017 15:24:46 GMT
server: sffe
age: 2280375
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13092
x-xss-protection: 1; mode=block
expires: Thu, 19 Dec 2019 07:32:43 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_c5H3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v12/ 13 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_c5H3gnD_vx3rCs.woff2

Requested by

Host: visasavecanada.com
URL: http://visasavecanada.com/fr

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

afbb84cb7e96fc786163fff39f0e3971ece8dfb940479c8fac5bd4e37ccea520

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:400,700|Montserrat:400,600,800
Origin: http://visasavecanada.com

Response headers

date: Wed, 02 Jan 2019 16:19:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2017 15:25:45 GMT
server: sffe
age: 1039196
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 12968
x-xss-protection: 1; mode=block
expires: Thu, 02 Jan 2020 16:19:02 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v14/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v14/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: visasavecanada.com
URL: http://visasavecanada.com/fr

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

52726fb580d6bffc46615863ddbf4c319524b5a68fb484be2972bdad4fd0310d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:400,700|Montserrat:400,600,800
Origin: http://visasavecanada.com

Response headers

date: Wed, 02 Jan 2019 16:22:28 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:23:20 GMT
server: sffe
age: 1038990
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13944
x-xss-protection: 1; mode=block
expires: Thu, 02 Jan 2020 16:22:28 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v14/ 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: visasavecanada.com
URL: http://visasavecanada.com/fr

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a3b3c4f67bf2b44294215e2be76f12794e6b142edec201e199c93c38739f2bfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:400,700|Montserrat:400,600,800
Origin: http://visasavecanada.com

Response headers

date: Thu, 03 Jan 2019 07:05:18 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:24:00 GMT
server: sffe
age: 986020
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14076
x-xss-protection: 1; mode=block
expires: Fri, 03 Jan 2020 07:05:18 GMT

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 18ms
18ms Font
font/woff2 209.197.3.15
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: visasavecanada.com
URL: http://visasavecanada.com/fr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip0x00f.map2.ssl.hwcdn.net
Software: /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: http://visasavecanada.com

Response headers

date: Mon, 14 Jan 2019 16:58:58 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:36:18 GMT
access-control-allow-origin: *
etag: "1544639778"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 77171

GET
H/1.1 200
OK piwik.php
usaestavisas.innocraft.cloud/ 43 B
312 B 51ms
51ms Image
image/gif 2a00:b6e0:1:200:161::1
ALWAYSDATA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://usaestavisas.innocraft.cloud/piwik.php?action_name=Make%20your%20request%20for%20eTA%20in%20just%20a%20few%20clicks!%20%2F%20AVE%20Canada&idsite=2&rec=1&r=042574&h=16&m=58&s=59&url=http%3A%2F%2Fvisasavecanada.com%2Ffr&_id=2f2ddc3ec7008800&_idts=1547485139&_idvc=1&_idn=0&_refts=0&_viewts=1547485139&send_image=1&cookie=1&res=1600x1200&gt_ms=75&pv_id=XKSpnD
Requested by: Host: visasavecanada.com
URL: http://visasavecanada.com/fr
Protocol: HTTP/1.1
Server: 2a00:b6e0:1:200:161::1 , France, ASN60362 (ALWAYSDATA, FR),
Reverse DNS
Software: Apache/2.2 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: http://visasavecanada.com/fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 14 Jan 2019 16:58:59 GMT
Via: 1.1 alproxy, 1.1 alproxy
Server: Apache/2.2
Cache-Control: no-store, max-age=31536000
Content-Type: image/gif
Transfer-Encoding: chunked
Expires: Tue, 14 Jan 2020 16:58:59 GMT

GET
H/1.1 200
OK / Show response
djtflbt20bdde.cloudfront.net/ 259 KB
73 KB 65ms
7ms Script
application/javascript 13.35.254.185
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://djtflbt20bdde.cloudfront.net/
Requested by: Host: visasavecanada.com
URL: http://visasavecanada.com/fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.254.185 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-35-254-185.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cad3ac46cf285542aa6b5a562729efc9f43dfef2daa022b1bf253585be664380

Request headers

Referer: http://visasavecanada.com/fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 14 Jan 2019 13:24:46 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Jul 2018 13:25:30 GMT
Server: AmazonS3
Age: 31772
ETag: "07f2589b84722e02eeb7d745402869be"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 c26b8e74df43cd99786e716221463d0c.cloudfront.net (CloudFront)
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 74191
X-Amz-Cf-Id: YLNX38XVzvlfHzvu9ohadbMyGSHWkKpnz-boCS9jiswlVgNSIfY-4Q==

GET
H2 200 report Show response
funnelstalk.com/ 0
740 B 405ms
405ms Script
application/json 2606:4700:30::681b:b4c7
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://funnelstalk.com/report?sid=1&tid=_9c9mijf6s&dl=http%3A%2F%2Fvisasavecanada.com%2Ffr&dr=&dt=Make%20your%20request%20for%20eTA%20in%20just%20a%20few%20clicks!%20%2F%20AVE%20Canada&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_13_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F67.0.3396.87%20Safari%2F537.36&pl=Linux%20x86_64&sr=1600x1200
Requested by: Host: funnelstalk.com
URL: https://funnelstalk.com/stalker.js?sid=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681b:b4c7 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://visasavecanada.com/fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H/1.1 403
Forbidden widget22-13948_script.js
cl.avis-verifies.com/fr/cache/d/b/b/dbba45ed-e45c-c0a4-d189-9fdf79016a6d/widget4/ 0
0 44ms
44ms Script
application/xml 54.230.202.227
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://cl.avis-verifies.com/fr/cache/d/b/b/dbba45ed-e45c-c0a4-d189-9fdf79016a6d/widget4/widget22-13948_script.js?_=1547485138986
Requested by: Host: cl.avis-verifies.com
URL: http://cl.avis-verifies.com/fr/widget4/widget22.min.js
Protocol: HTTP/1.1
Server: 54.230.202.227 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-202-227.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: http://visasavecanada.com/fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H/1.1 200
OK styles.8db41f0a.css
djtflbt20bdde.cloudfront.net/css/ Frame 0F46 32 KB
12 KB 10ms
9ms Stylesheet
text/css 13.35.254.185
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://djtflbt20bdde.cloudfront.net/css/styles.8db41f0a.css
Requested by: Host: djtflbt20bdde.cloudfront.net
URL: https://djtflbt20bdde.cloudfront.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.254.185 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-35-254-185.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5282bbb0e3afcf5cd9fdebd3d50a0cf1b9dc557a560168fe637ff78f1ac0cad7

Request headers

Referer: http://visasavecanada.com/fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 14 Jan 2019 07:39:12 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Jul 2018 13:25:28 GMT
Server: AmazonS3
Age: 100212
ETag: "ae1f5e612253c556d90f1e7ec7888ff8"
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 c26b8e74df43cd99786e716221463d0c.cloudfront.net (CloudFront)
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11905
X-Amz-Cf-Id: Ar70os06hgQjhWs9zmbabd1XY_RGDT2clcSOPXxWwngbiY3WvNtYAg==

GET
H2 200 css
fonts.googleapis.com/ Frame 0F46 9 KB
797 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:808::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300

Requested by

Host: djtflbt20bdde.cloudfront.net
URL: https://djtflbt20bdde.cloudfront.net/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:808::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

c5e4ca72bae51e4f9d92854fc100003908a8774fa9723baa6fdb71252f18551e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://visasavecanada.com/fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 14 Jan 2019 16:59:07 GMT
server: ESF
access-control-allow-origin: *
date: Mon, 14 Jan 2019 16:59:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Mon, 14 Jan 2019 16:59:07 GMT

GET
H/1.1 200
OK email-sent.61f9143c.svg
djtflbt20bdde.cloudfront.net/img/ Frame 3C22 0
0 10ms
7ms Document
image/svg+xml 13.35.254.185
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://djtflbt20bdde.cloudfront.net/img/email-sent.61f9143c.svg
Requested by: Host: djtflbt20bdde.cloudfront.net
URL: https://djtflbt20bdde.cloudfront.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.254.185 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-35-254-185.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Host: djtflbt20bdde.cloudfront.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://visasavecanada.com/fr
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://visasavecanada.com/fr

Response headers

Content-Type: image/svg+xml
Content-Length: 435
Connection: keep-alive
Last-Modified: Mon, 16 Jul 2018 13:25:27 GMT
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
Date: Mon, 14 Jan 2019 12:07:58 GMT
ETag: "bb5df29cd362d831c65e1676045b900f"
Age: 78213
X-Cache: Hit from cloudfront
Via: 1.1 c26b8e74df43cd99786e716221463d0c.cloudfront.net (CloudFront)
X-Amz-Cf-Id: GduEZChtEK7VhThuhnsOwp3E4s_tgPLhtGBJ-COCRCIu1MrpvO7Vyw==

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			visasavecanada.com/	1970-01-19 21:49:58	Name: __tsuid Value: _9c9mijf6s

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://funnelstalk.com/stalker.js?sid=1(Line 36) Message: %c(ST) %cHash : _9c9mijf6s

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cl.avis-verifies.com
code.jquery.com
djtflbt20bdde.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
funnelstalk.com
maxcdn.bootstrapcdn.com
usaestavisas.innocraft.cloud
visasavecanada.com
13.35.254.185
205.185.208.52
209.197.3.15
2606:4700:30::681b:9a55
2606:4700:30::681b:9b55
2606:4700:30::681b:b4c7
2a00:1450:4001:808::200a
2a00:1450:4001:81f::2003
2a00:b6e0:1:200:161::1
54.230.202.227
00a107afbd263e4269c1a45178ee271b13133eb583145a0b148277db4765d597
0132115f7c04846511c99bdeb3861b1b9c7689aa101d601d4bc588084f885c4c
0d18b4bafb15e54b797456bb5688463e8a302996a32273efb4ab1de84a91fb92
0e25895d7caaf355a53d19c37c69a06198f668e5422b211d27597ed93983b80b
1b273725603a2dd69917aab78e03edc59f83088dd5576dee5bafa4d0c2f7e0f9
1ce7453061184288241fa99e8e818b2ed21485ecfe6279a54f122fde3a9223e2
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
33cd09342082bbbf8732bd3ac0af9547907825ba6e863fd2c9a6e4a52f9c78f8
40edfd58109877e4836f54e74c7a04eeb8f8f900fc0989952f2f8483ae3e1f0d
48f70e99862f12708f26271c8fc729f6def3b0c3e767ecd0bf2ef1b41fa746ec
50e7e16fa947036ed479023375a7a44597c72dcc780c110ddb87a28cfa7fd16c
52726fb580d6bffc46615863ddbf4c319524b5a68fb484be2972bdad4fd0310d
5282bbb0e3afcf5cd9fdebd3d50a0cf1b9dc557a560168fe637ff78f1ac0cad7
5292e677fe712c80863414e9e73f3678d86d409f751392b6803b70a949fc1017
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5bfd89b240a38818b7fc0e7455c6da4a0f12242ac1cf7216a78a76d8a6ba7d12
74656b8ee4919c51aadddf190abc70cd67bbecd8172ef704ef818e1dc773d6af
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
83176693006e72b6b83db91b3aed997731a2309e7eb2d0506a37d0c0350620d3
86db16ef4edcf16c257fb869c7ecc18905f591c7838e1cf18a4aa22352c6f73c
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
9852398504127bb64c2c22a30bca85062a0533734d44ecbf3fbaa9bbfe34a244
a3b3c4f67bf2b44294215e2be76f12794e6b142edec201e199c93c38739f2bfc
a55328de0033c5a20ce654366bb6371690ccbef3eea1a15c1f7566a5bbd140e5
afbb84cb7e96fc786163fff39f0e3971ece8dfb940479c8fac5bd4e37ccea520
bd7eee978ca17e9f80531c2ed3c73d3451d3679efe30ea727afc5a7245867313
c5e4ca72bae51e4f9d92854fc100003908a8774fa9723baa6fdb71252f18551e
cad3ac46cf285542aa6b5a562729efc9f43dfef2daa022b1bf253585be664380
d6fc08299f2deaaaba86fbf5f7ef3175b1dcc4fda994cef699457e97d92a4931
d9867990024c313e890f1c30aac4003493b593b774a1392b863ff320e2eda5eb
e2440e92c6ff7850922edf3104e6efeb3c3f7257fdebf37b675ed6a76f836ae6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f9aa9332a1393baf4d5ac92b40bdcba317002a6ccc6b357b7b389aa4c4f6578c

visasavecanada.com Open in urlscan Pro 2606:4700:30::681b:9b55 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

35 Requests

74 %HTTPS

60 %IPv6

9 Domains

9 Subdomains

10 IPs

3 Countries

3159 kBTransfer

3853 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

visasavecanada.com Open in urlscan Pro
2606:4700:30::681b:9b55 Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

74 %
HTTPS

60 %
IPv6

9
Domains

9
Subdomains

10
IPs

3
Countries

3159 kB
Transfer

3853 kB
Size

1
Cookies

35 HTTP transactions
0 data transactions