urlscan.io logo urlscan.io
SecurityTrails logo

paylesstoconnect.ca Open in urlscan Pro
206.248.173.171  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bit.ly/paylesstoconnect-invoice
Effective URL: https://paylesstoconnect.ca/
Submission: On August 19 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 6 countries across 15 domains to perform 54 HTTP transactions. The main IP is 206.248.173.171, located in Stittsville, Canada and belongs to TEKSAVVY, CA. The main domain is paylesstoconnect.ca.
TLS certificate: Issued by RapidSSL RSA CA 2018 on February 26th 2020. Valid for: a year.
This is the only time paylesstoconnect.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    67.199.248.10 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly
bit.ly
16    206.248.173.171 (Stittsville, Canada)

ASN5645 (TEKSAVVY, CA)
PTR: 206-248-173-171.dsl.teksavvy.com
paylesstoconnect.ca
1    2a00:1450:4001:81b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:2182:f600:d:9da0:f1c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
d1tdp7z6w94jbb.cloudfront.net
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2600:9000:214f:1200:6:848:5140:93a1 (United States)

ASN16509 (AMAZON-02, US)
engage.newmode.net
4    2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
16    2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700:20::ac43:452d (United States)

ASN13335 (CLOUDFLARENET, US)
c.shpg.org
1    185.199.110.153 (United States)

ASN54113 (FASTLY, US)
blog.apps.npr.org
1    2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    92.122.252.179 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-252-179.deploy.static.akamaitechnologies.com
s.adroll.com
2    3.248.28.111 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-28-111.eu-west-1.compute.amazonaws.com
d.adroll.mgr.consensu.org
d.adroll.com
Domain Requested by
20 fonts.gstatic.com fonts.googleapis.com
16 paylesstoconnect.ca paylesstoconnect.ca
4 s.adroll.com 1 redirects paylesstoconnect.ca
s.adroll.com
2 www.facebook.com paylesstoconnect.ca
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 engage.newmode.net paylesstoconnect.ca
blog.apps.npr.org
2 connect.facebook.net paylesstoconnect.ca
connect.facebook.net
1 d.adroll.com
1 d.adroll.mgr.consensu.org 1 redirects
1 stats.g.doubleclick.net paylesstoconnect.ca
1 blog.apps.npr.org engage.newmode.net
1 c.shpg.org engage.newmode.net
1 fonts.googleapis.com ajax.googleapis.com
1 d1tdp7z6w94jbb.cloudfront.net paylesstoconnect.ca
1 www.googletagmanager.com paylesstoconnect.ca
1 ajax.googleapis.com paylesstoconnect.ca
1 bit.ly 1 redirects
54 17

This site contains links to these domains. Also see Links.

Domain
www.ic.gc.ca
www.canada.ca
mobilesyrup.com
www.cbc.ca
twitter.com
www.facebook.com
Subject Issuer Validity Valid
paylesstoconnect.ca
RapidSSL RSA CA 2018		 2020-02-26 -
2021-04-26		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-08-11 -
2020-11-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-07-21 -
2020-10-12		 3 months crt.sh
engage.newmode.net
Let's Encrypt Authority X3		 2020-08-18 -
2020-11-16		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-17 -
2021-07-17		 a year crt.sh
blog.apps.npr.org
Let's Encrypt Authority X3		 2020-07-09 -
2020-10-07		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
*.adroll.com
DigiCert SHA2 Secure Server CA		 2020-01-29 -
2021-04-29		 a year crt.sh
adroll.mgr.consensu.org
Amazon		 2019-11-06 -
2020-12-06		 a year crt.sh

This page contains 2 frames:

Primary Page: https://paylesstoconnect.ca/
Frame ID: 9E75471D49EF68C6B80C8B023682D1C6
Requests: 53 HTTP requests in this frame

Frame: https://engage.newmode.net/nm-letter/9614/15331?initialWidth=606&childId=newmode-embed-9614-15331&parentTitle=Pay%20Less%20To%20Connect&parentUrl=https%3A%2F%2Fpaylesstoconnect.ca%2F
Frame ID: 5367C1014D3BE93CE5CE0D02BA72B215
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://bit.ly/paylesstoconnect-invoice HTTP 301
    https://paylesstoconnect.ca/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

54
Requests

100 %
HTTPS

71 %
IPv6

15
Domains

17
Subdomains

16
IPs

6
Countries

1512 kB
Transfer

2220 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bit.ly/paylesstoconnect-invoice HTTP 301
    https://paylesstoconnect.ca/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1084247797&t=pageview&_s=1&dl=https%3A%2F%2Fpaylesstoconnect.ca%2F&ul=en-us&de=UTF-8&dt=Pay%20Less%20To%20Connect&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=956093104&gjid=2138779917&cid=335672351.1597867150&tid=UA-137276941-1&_gid=777805828.1597867150&_r=1&gtm=2ou8c0&z=1850671303 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-137276941-1&cid=335672351.1597867150&jid=956093104&_gid=777805828.1597867150&gjid=2138779917&_v=j83&z=1850671303
Request Chain 50
  • https://s.adroll.com/j/exp/UUVLSG5ARBEWJL7WWPIHPY/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 52
  • https://d.adroll.mgr.consensu.org/consent/iabcheck/UUVLSG5ARBEWJL7WWPIHPY?_s=138e84ae9f7a6ba4a9e1ce8e822662be&_b=2 HTTP 302
  • https://d.adroll.com/consent/check/UUVLSG5ARBEWJL7WWPIHPY/?_s=138e84ae9f7a6ba4a9e1ce8e822662be&_b=2

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
paylesstoconnect.ca/
Redirect Chain
  • http://bit.ly/paylesstoconnect-invoice
  • https://paylesstoconnect.ca/
18 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://paylesstoconnect.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
206.248.173.171 Stittsville, Canada, ASN5645 (TEKSAVVY, CA),
Reverse DNS
206-248-173-171.dsl.teksavvy.com
Software
nginx / PleskLin
Resource Hash
70935b43ee74d4943396de054b7c4698be4aed14cad98dc4de7482bda1e5b8a5

Request headers

Host
paylesstoconnect.ca
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Date
Wed, 19 Aug 2020 19:59:08 GMT
Content-Type
text/html
Content-Length
18748
Last-Modified
Fri, 14 Feb 2020 22:15:59 GMT
Connection
keep-alive
ETag
"5e471c1f-493c"
X-Powered-By
PleskLin
Accept-Ranges
bytes

Redirect headers

Server
nginx
Date
Wed, 19 Aug 2020 19:59:08 GMT
Content-Type
text/html; charset=utf-8
Content-Length
115
Cache-Control
private, max-age=90
Location
https://paylesstoconnect.ca/
Set-Cookie
_bit=k7jjX8-7858185e40e9c958c4-009; Domain=bit.ly; Expires=Mon, 15 Feb 2021 19:59:08 GMT
Via
1.1 google
normalize.css
paylesstoconnect.ca/styles/ 		8 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paylesstoconnect.ca/styles/normalize.css
Requested by
Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
206.248.173.171 Stittsville, Canada, ASN5645 (TEKSAVVY, CA),
Reverse DNS
206-248-173-171.dsl.teksavvy.com
Software
nginx / PleskLin
Resource Hash
5c4a6fe64efc5d07833c35af9630d0f9b3d4d09a63f9358e441374e9102c9e81

Request headers

Referer
https://paylesstoconnect.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 19 Aug 2020 19:59:08 GMT
Last-Modified
Tue, 28 Jan 2020 21:21:24 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"5e30a5d4-1e5c"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7772
webflow.css
paylesstoconnect.ca/styles/ 		38 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paylesstoconnect.ca/styles/webflow.css
Requested by
Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
206.248.173.171 Stittsville, Canada, ASN5645 (TEKSAVVY, CA),
Reverse DNS
206-248-173-171.dsl.teksavvy.com
Software
nginx / PleskLin
Resource Hash
1fc1e65f0dbc2881f6619299254b21f89aa2fd728ef50425ab859c2a12f37888

Request headers

Referer
https://paylesstoconnect.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 19 Aug 2020 19:59:09 GMT
Last-Modified
Tue, 28 Jan 2020 21:21:25 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"5e30a5d5-99eb"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
39403
main.css
paylesstoconnect.ca/styles/ 		21 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paylesstoconnect.ca/styles/main.css
Requested by
Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
206.248.173.171 Stittsville, Canada, ASN5645 (TEKSAVVY, CA),
Reverse DNS
206-248-173-171.dsl.teksavvy.com
Software
nginx / PleskLin
Resource Hash
2d9caa0f3e1b2fbadb101075bca254be6f724c995afd1624115b5c3c520a09b5

Request headers

Referer
https://paylesstoconnect.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 19 Aug 2020 19:59:09 GMT
Last-Modified
Tue, 28 Jan 2020 21:21:23 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"5e30a5d3-546b"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21611
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.4.7/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.4.7/webfont.js
Requested by
Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d142a29dfc233602672353f1bfaf7d8e72331ec6902d8dd12cb56e5eaf794fc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paylesstoconnect.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 10 Aug 2020 15:03:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
795343
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6756
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Aug 2021 15:03:25 GMT
js
www.googletagmanager.com/gtag/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-137276941-1
Requested by
Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
12242466b68462b6b4b2aec4c2eaf9279a07c75eaa4c5e4ced8b6ddf31cf6c91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://paylesstoconnect.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 19:59:09 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35797
x-xss-protection
0
last-modified
Wed, 19 Aug 2020 19:37:47 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 19 Aug 2020 19:59:09 GMT
payless-logo-red.svg
paylesstoconnect.ca/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paylesstoconnect.ca/images/payless-logo-red.svg
Requested by
Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
206.248.173.171 Stittsville, Canada, ASN5645 (TEKSAVVY, CA),
Reverse DNS
206-248-173-171.dsl.teksavvy.com
Software
nginx / PleskLin
Resource Hash
3aaffecb7b1290375fca7efb9ad634afb4df44b708a1969049792cf4f4ce8951

Request headers

Referer
https://paylesstoconnect.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 19 Aug 2020 19:59:09 GMT
Last-Modified
Fri, 29 Mar 2019 11:48:09 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"5c9e05f9-147c"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5244
theif.svg
paylesstoconnect.ca/images/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paylesstoconnect.ca/images/theif.svg
Requested by
Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
206.248.173.171 Stittsville, Canada, ASN5645 (TEKSAVVY, CA),
Reverse DNS
206-248-173-171.dsl.teksavvy.com
Software
nginx / PleskLin
Resource Hash
d1cd692c452edccd384d1d8997d3ab24ee9f6c2f7a947f75ef7ebb47cd358755

Request headers

Referer
https://paylesstoconnect.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 19 Aug 2020 19:59:09 GMT
Last-Modified
Fri, 29 Mar 2019 11:48:09 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"5c9e05f9-7195"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29077
chevron-down.svg
paylesstoconnect.ca/images/ 		375 B
669 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paylesstoconnect.ca/images/chevron-down.svg
Requested by
Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
206.248.173.171 Stittsville, Canada, ASN5645 (TEKSAVVY, CA),
Reverse DNS
206-248-173-171.dsl.teksavvy.com
Software
nginx / PleskLin
Resource Hash
6fcedb9e973c1d3a06b531532596efb93fdcae291b24087dfd09cf24b4362fa3

Request headers

Referer
https://paylesstoconnect.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 19 Aug 2020 19:59:09 GMT
ETag
"9c0798-177-5853a3e9990ac"
Last-Modified
Fri, 29 Mar 2019 11:48:08 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/svg+xml
X-Accel-Version
0.01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
375
theif-phone-long.svg
paylesstoconnect.ca/images/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paylesstoconnect.ca/images/theif-phone-long.svg
Requested by
Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
206.248.173.171 Stittsville, Canada, ASN5645 (TEKSAVVY, CA),
Reverse DNS
206-248-173-171.dsl.teksavvy.com
Software
nginx / PleskLin
Resource Hash
1272aea91a142584d88e3e9cce723c357cd6388a3a944e16752848e640650a73

Request headers

Referer
https://paylesstoconnect.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 19 Aug 2020 19:59:09 GMT
Last-Modified
Fri, 29 Mar 2019 11:48:08 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"5c9e05f8-71c7"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29127
phone-hero.svg
paylesstoconnect.ca/images/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paylesstoconnect.ca/images/phone-hero.svg
Requested by
Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
206.248.173.171 Stittsville, Canada, ASN5645 (TEKSAVVY, CA),
Reverse DNS
206-248-173-171.dsl.teksavvy.com
Software
nginx / PleskLin
Resource Hash
1df7710816a924d4be5d1b4ab795be52cdfcc09f475c09ed131442305be57a37

Request headers

Referer
https://paylesstoconnect.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 19 Aug 2020 19:59:09 GMT
Last-Modified
Mon, 20 Jan 2020 03:52:42 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"5e25240a-9828"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
38952
piggy-bank.svg
paylesstoconnect.ca/images/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paylesstoconnect.ca/images/piggy-bank.svg
Requested by
Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
206.248.173.171 Stittsville, Canada, ASN5645 (TEKSAVVY, CA),
Reverse DNS
206-248-173-171.dsl.teksavvy.com
Software
nginx / PleskLin
Resource Hash
f831a25fbbca0882b2309a1179df4a1cb9fca3ab92b2ce42cd7d78c07ea25efc

Request headers

Referer
https://paylesstoconnect.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 19 Aug 2020 19:59:09 GMT
Last-Modified
Mon, 20 Jan 2020 03:51:39 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"5e2523cb-6189"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24969
money-phone.svg
paylesstoconnect.ca/images/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paylesstoconnect.ca/images/money-phone.svg
Requested by
Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
206.248.173.171 Stittsville, Canada, ASN5645 (TEKSAVVY, CA),
Reverse DNS
206-248-173-171.dsl.teksavvy.com
Software
nginx / PleskLin
Resource Hash
a8015c630d7acace1be380151b5f3c105ea8ad3503532ba2b6c5e094c026dea7

Request headers

Referer
https://paylesstoconnect.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 19 Aug 2020 19:59:09 GMT
Last-Modified
Fri, 29 Mar 2019 11:48:08 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"5c9e05f8-54ee"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21742
corporate-devil.svg
paylesstoconnect.ca/images/ 		158 KB
159 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paylesstoconnect.ca/images/corporate-devil.svg
Requested by
Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
206.248.173.171 Stittsville, Canada, ASN5645 (TEKSAVVY, CA),
Reverse DNS
206-248-173-171.dsl.teksavvy.com
Software
nginx / PleskLin
Resource Hash
861d150c3603263ac323df08b64c09e019b4b7fd3ac9ca90df32ccfc3d389e5b

Request headers

Referer
https://paylesstoconnect.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 19 Aug 2020 19:59:09 GMT
Last-Modified
Mon, 20 Jan 2020 03:51:39 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"5e2523cb-279fb"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
162299
phone-jail.svg
paylesstoconnect.ca/images/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paylesstoconnect.ca/images/phone-jail.svg
Requested by
Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
206.248.173.171 Stittsville, Canada, ASN5645 (TEKSAVVY, CA),
Reverse DNS
206-248-173-171.dsl.teksavvy.com
Software
nginx / PleskLin
Resource Hash
529fd382bf5a7f90bc915851b9b9c4b628e4daf856377376e5bc6cbd786355e1

Request headers

Referer
https://paylesstoconnect.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 19 Aug 2020 19:59:09 GMT
Last-Modified
Fri, 29 Mar 2019 11:48:09 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"5c9e05f9-91fe"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37374
jquery-3.3.1.min.js
d1tdp7z6w94jbb.cloudfront.net/js/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1tdp7z6w94jbb.cloudfront.net/js/jquery-3.3.1.min.js
Requested by
Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:f600:d:9da0:f1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Origin
https://paylesstoconnect.ca
Referer
https://paylesstoconnect.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 19:59:10 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop
DUS51-C1
x-cache
Miss from cloudfront
status
200
access-control-allow-origin
*
last-modified
Thu, 03 Jan 2019 19:14:11 GMT
server
AmazonS3
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
cHtYhk1pPpTGdBKn5DyitHVFUrRwlEdb
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
cache-control
max-age=84600, must-revalidate
content-type
application/javascript
x-amz-cf-id
5NCleP5e9DBZWhnuO8jIHG4qFNcVQXlaTpTeFAqHjZZEjXUsoeZlBQ==
webflow2.js
paylesstoconnect.ca/js/ 		538 KB
539 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paylesstoconnect.ca/js/webflow2.js
Requested by
Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
206.248.173.171 Stittsville, Canada, ASN5645 (TEKSAVVY, CA),
Reverse DNS
206-248-173-171.dsl.teksavvy.com
Software
nginx / PleskLin
Resource Hash
da47d3c0011ae4fbcf315bfdad6ea681e35ce11a9dbf35ccb60ffca994251c65

Request headers

Referer
https://paylesstoconnect.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 19 Aug 2020 19:59:09 GMT
Last-Modified
Tue, 28 Jan 2020 21:36:42 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"5e30a96a-86965"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
551269
css
fonts.googleapis.com/ 		26 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CCabin:regular,500,600,700
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.4.7/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
87c18f39efa380401767f0c160132583718a8a9b5acea0dfd1aad041cb384c9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://paylesstoconnect.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 19 Aug 2020 19:59:09 GMT
server
ESF
date
Wed, 19 Aug 2020 19:59:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Aug 2020 19:59:09 GMT
fbevents.js
connect.facebook.net/en_US/ 		134 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
893df2b9ceb653f94333139d561d363bf4c365e651a0a3ade839d96200942e37
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://paylesstoconnect.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
34269
x-xss-protection
0
pragma
public
x-fb-debug
/NWgTnKebDv9EidUc2xh4WouoiXa6TQNUkaUG9WlFoHH3DoIVmc3KG/7CVBwCgpDdnl7wcg9irgwsX7fYos0LQ==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Wed, 19 Aug 2020 19:59:09 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
15331.js
engage.newmode.net/embed/9614/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.newmode.net/embed/9614/15331.js
Requested by
Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:1200:6:848:5140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
fa854590e6bc6158d3a4e292c25db7d723ba8a4313ccf639d2ae079d2a7239b3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://paylesstoconnect.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 19:59:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
status
200
last-modified
Wed, 19 Aug 2020 19:59:09 GMT
server
Apache/2.4.29 (Ubuntu)
etag
"1597867149-1"
vary
Cookie,Accept-Encoding
content-language
en
via
1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-drupal-cache
MISS
content-type
application/javascript
x-amz-cf-id
yBJWkvcr9zIa7UshinSJ0lKUuTUxy2PcX1R6Xc_OQhaQ8MoNz8Y8QA==
expires
Sun, 19 Nov 1978 05:00:00 GMT
twitter.svg
paylesstoconnect.ca/images/ 		756 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paylesstoconnect.ca/images/twitter.svg
Requested by
Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/styles/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
206.248.173.171 Stittsville, Canada, ASN5645 (TEKSAVVY, CA),
Reverse DNS
206-248-173-171.dsl.teksavvy.com
Software
nginx / PleskLin
Resource Hash
599828568ef738aaed9c7f2d2a9c95913a6f8248e7dc3bbcf92299a7db05c532

Request headers

Referer
https://paylesstoconnect.ca/styles/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 19 Aug 2020 19:59:10 GMT
ETag
"9c07a2-2f4-5853a3ea51db4"
Last-Modified
Fri, 29 Mar 2019 11:48:09 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/svg+xml
X-Accel-Version
0.01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
756
facebook.svg
paylesstoconnect.ca/images/ 		341 B
635 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paylesstoconnect.ca/images/facebook.svg
Requested by
Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/styles/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
206.248.173.171 Stittsville, Canada, ASN5645 (TEKSAVVY, CA),
Reverse DNS
206-248-173-171.dsl.teksavvy.com
Software
nginx / PleskLin
Resource Hash
e5a737c1570531598b54aebd4bbe6be27a7578576a075862bee99edeb08c9b42

Request headers

Referer
https://paylesstoconnect.ca/styles/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 19 Aug 2020 19:59:10 GMT
ETag
"9c079e-155-5853a3ea07e1c"
Last-Modified
Fri, 29 Mar 2019 11:48:08 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/svg+xml
X-Accel-Version
0.01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
341
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CCabin:regular,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://paylesstoconnect.ca
Referer
https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CCabin:regular,500,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 11 Aug 2020 23:41:53 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:55 GMT
server
sffe
age
677836
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14044
x-xss-protection
0
expires
Wed, 11 Aug 2021 23:41:53 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CCabin:regular,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://paylesstoconnect.ca
Referer
https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CCabin:regular,500,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 01:55:50 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
583399
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Fri, 13 Aug 2021 01:55:50 GMT
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CCabin:regular,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://paylesstoconnect.ca
Referer
https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CCabin:regular,500,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 11 Aug 2020 20:03:34 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:54 GMT
server
sffe
age
690935
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14176
x-xss-protection
0
expires
Wed, 11 Aug 2021 20:03:34 GMT
S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CCabin:regular,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://paylesstoconnect.ca
Referer
https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CCabin:regular,500,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 10 Aug 2020 18:33:57 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:39 GMT
server
sffe
age
782712
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13912
x-xss-protection
0
expires
Tue, 10 Aug 2021 18:33:57 GMT
S6u8w4BMUTPHh30AXC-qNiXg7Q.woff2
fonts.gstatic.com/s/lato/v16/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u8w4BMUTPHh30AXC-qNiXg7Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CCabin:regular,500,600,700
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://paylesstoconnect.ca
Referer
https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CCabin:regular,500,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 11 Aug 2020 05:58:51 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:33 GMT
server
sffe
age
741618
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13336
x-xss-protection
0
expires
Wed, 11 Aug 2021 05:58:51 GMT
S6u-w4BMUTPHjxsIPx-oPCLC79U1.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u-w4BMUTPHjxsIPx-oPCLC79U1.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CCabin:regular,500,600,700
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://paylesstoconnect.ca
Referer
https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CCabin:regular,500,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 10 Aug 2020 22:30:34 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:49 GMT
server
sffe
age
768515
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14116
x-xss-protection
0
expires
Tue, 10 Aug 2021 22:30:34 GMT
S6u_w4BMUTPHjxsI9w2_Gwftx9897g.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u_w4BMUTPHjxsI9w2_Gwftx9897g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CCabin:regular,500,600,700
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://paylesstoconnect.ca
Referer
https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CCabin:regular,500,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 11 Aug 2020 06:00:18 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:45 GMT
server
sffe
age
741531
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14768
x-xss-protection
0
expires
Wed, 11 Aug 2021 06:00:18 GMT
S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2
fonts.gstatic.com/s/lato/v16/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CCabin:regular,500,600,700
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://paylesstoconnect.ca
Referer
https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CCabin:regular,500,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 12 Aug 2020 20:54:24 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:51 GMT
server
sffe
age
601485
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14864
x-xss-protection
0
expires
Thu, 12 Aug 2021 20:54:24 GMT
S6u_w4BMUTPHjxsI5wq_Gwftx9897g.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u_w4BMUTPHjxsI5wq_Gwftx9897g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CCabin:regular,500,600,700
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://paylesstoconnect.ca
Referer
https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CCabin:regular,500,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 10 Aug 2020 15:15:53 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:44 GMT
server
sffe
age
794596
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14836
x-xss-protection
0
expires
Tue, 10 Aug 2021 15:15:53 GMT
S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CCabin:regular,500,600,700
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://paylesstoconnect.ca
Referer
https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CCabin:regular,500,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 11 Aug 2020 16:32:34 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:45 GMT
server
sffe
age
703595
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13732
x-xss-protection
0
expires
Wed, 11 Aug 2021 16:32:34 GMT
S6u_w4BMUTPHjxsI3wi_Gwftx9897g.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u_w4BMUTPHjxsI3wi_Gwftx9897g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CCabin:regular,500,600,700
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://paylesstoconnect.ca
Referer
https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CCabin:regular,500,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 11 Aug 2020 06:17:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:48 GMT
server
sffe
age
740481
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14508
x-xss-protection
0
expires
Wed, 11 Aug 2021 06:17:48 GMT
KFOkCnqEu92Fr1MmgVxIIzIXKMny.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOkCnqEu92Fr1MmgVxIIzIXKMny.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CCabin:regular,500,600,700
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://paylesstoconnect.ca
Referer
https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CCabin:regular,500,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 07 Aug 2020 05:05:25 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:40 GMT
server
sffe
age
1090424
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10984
x-xss-protection
0
expires
Sat, 07 Aug 2021 05:05:25 GMT
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CCabin:regular,500,600,700
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://paylesstoconnect.ca
Referer
https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CCabin:regular,500,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 10 Aug 2020 15:00:47 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
795502
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11180
x-xss-protection
0
expires
Tue, 10 Aug 2021 15:00:47 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CCabin:regular,500,600,700
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://paylesstoconnect.ca
Referer
https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CCabin:regular,500,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 11 Aug 2020 09:53:02 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
727567
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Wed, 11 Aug 2021 09:53:02 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CCabin:regular,500,600,700
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://paylesstoconnect.ca
Referer
https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CCabin:regular,500,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 10 Aug 2020 15:05:55 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
795194
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11056
x-xss-protection
0
expires
Tue, 10 Aug 2021 15:05:55 GMT
KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CCabin:regular,500,600,700
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://paylesstoconnect.ca
Referer
https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CCabin:regular,500,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 10 Aug 2020 22:21:13 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:19:08 GMT
server
sffe
age
769076
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11012
x-xss-protection
0
expires
Tue, 10 Aug 2021 22:21:13 GMT
u-4x0qWljRw-Pd8w__1ImSRu.woff2
fonts.gstatic.com/s/cabin/v14/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cabin/v14/u-4x0qWljRw-Pd8w__1ImSRu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CCabin:regular,500,600,700
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://paylesstoconnect.ca
Referer
https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CCabin:regular,500,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 11 Aug 2020 16:32:16 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:23:50 GMT
server
sffe
age
703613
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13440
x-xss-protection
0
expires
Wed, 11 Aug 2021 16:32:16 GMT
u-480qWljRw-PdfD3OhluylEeQ5J.woff2
fonts.gstatic.com/s/cabin/v14/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cabin/v14/u-480qWljRw-PdfD3OhluylEeQ5J.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CCabin:regular,500,600,700
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://paylesstoconnect.ca
Referer
https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CCabin:regular,500,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 07 Aug 2020 05:14:37 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:22:38 GMT
server
sffe
age
1089872
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13684
x-xss-protection
0
expires
Sat, 07 Aug 2021 05:14:37 GMT
u-480qWljRw-Pdfv2-hluylEeQ5J.woff2
fonts.gstatic.com/s/cabin/v14/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cabin/v14/u-480qWljRw-Pdfv2-hluylEeQ5J.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CCabin:regular,500,600,700
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://paylesstoconnect.ca
Referer
https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CCabin:regular,500,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 10 Aug 2020 22:33:12 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:17:38 GMT
server
sffe
age
768357
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13668
x-xss-protection
0
expires
Tue, 10 Aug 2021 22:33:12 GMT
u-480qWljRw-PdeL2uhluylEeQ5J.woff2
fonts.gstatic.com/s/cabin/v14/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cabin/v14/u-480qWljRw-PdeL2uhluylEeQ5J.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CCabin:regular,500,600,700
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://paylesstoconnect.ca
Referer
https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CCabin:regular,500,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 10 Aug 2020 15:03:20 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:22:05 GMT
server
sffe
age
795349
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12928
x-xss-protection
0
expires
Tue, 10 Aug 2021 15:03:20 GMT
1458126871017398
connect.facebook.net/signals/config/ 		524 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1458126871017398?v=2.9.23&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4c09bff9650118b4bdfe726ec198f6a54747c270bba3ba1d8ef89f996509f9dd
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://paylesstoconnect.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
yfx7LEcHzoieJ4CL62Couvva+ZqqbjengBCyTBRlL2t/jt84TskhqfyCTuCHgD8ucRBd8NWpbyAqkC2oWDQ3xQ==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Wed, 19 Aug 2020 19:59:10 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137276941-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://paylesstoconnect.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
5129
date
Wed, 19 Aug 2020 18:33:41 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Wed, 19 Aug 2020 20:33:41 GMT
sp.js
c.shpg.org/392/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.shpg.org/392/sp.js
Requested by
Host: engage.newmode.net
URL: https://engage.newmode.net/embed/9614/15331.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:452d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a3a4621eea5e188b694310b35a7296017d1d6398c39f63c90f780338e813561
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://paylesstoconnect.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 19:59:10 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
HIT
age
3244
cf-polished
origSize=34926
status
200
content-encoding
br
cf-request-id
04a9e6e35f0000d8d13f850200000001
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
max-age=1800
cf-ray
5c5674189ff1d8d1-AMS
pym.v1.min.js
blog.apps.npr.org/pym.js/dist/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.apps.npr.org/pym.js/dist/pym.v1.min.js
Requested by
Host: engage.newmode.net
URL: https://engage.newmode.net/embed/9614/15331.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
b7f736144a4c3c86a1e620f94d91b3c0eedcadac33888203e554dc2e7c3cfa66

Request headers

Referer
https://paylesstoconnect.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
beba4a67b96e5855f825b097b2b62fbc34898b58
date
Wed, 19 Aug 2020 19:59:10 GMT
content-encoding
gzip
age
0
x-cache
MISS
status
200
content-length
2831
x-served-by
cache-cph20646-CPH
access-control-allow-origin
*
last-modified
Fri, 15 Feb 2019 17:52:08 GMT
server
GitHub.com
x-github-request-id
5566:7E0D:1050D3:145D9E:5F3D6BCD
x-timer
S1597867150.296128,VS0,VE103
etag
W/"5c66fc48-234a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Wed, 19 Aug 2020 18:23:36 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
0
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1084247797&t=pageview&_s=1&dl=https%3A%2F%2Fpaylesstoconnect.ca%2F&ul=en-us&de=UTF-8&dt=Pay%20Less%20To%20Connect&sd=24-bit&sr=1600x1200&vp=1...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-137276941-1&cid=335672351.1597867150&jid=956093104&_gid=777805828.1597867150&gjid=2138779917&_v=j83&z=1850671303
35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-137276941-1&cid=335672351.1597867150&jid=956093104&_gid=777805828.1597867150&gjid=2138779917&_v=j83&z=1850671303
Requested by
Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://paylesstoconnect.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 19 Aug 2020 19:59:10 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 19 Aug 2020 19:59:10 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-137276941-1&cid=335672351.1597867150&jid=956093104&_gid=777805828.1597867150&gjid=2138779917&_v=j83&z=1850671303
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
418
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1458126871017398&ev=PageView&dl=https%3A%2F%2Fpaylesstoconnect.ca%2F&rl=&if=false&ts=1597867150193&sw=1600&sh=1200&v=2.9.23&r=stable&ec=0&o=30&fbp=fb.1.1597867150187.1037328792&it=1597867150063&coo=false&rqm=GET
Requested by
Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://paylesstoconnect.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 19:59:10 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 19 Aug 2020 19:59:10 GMT
15331
engage.newmode.net/nm-letter/9614/ Frame 5367 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://engage.newmode.net/nm-letter/9614/15331?initialWidth=606&childId=newmode-embed-9614-15331&parentTitle=Pay%20Less%20To%20Connect&parentUrl=https%3A%2F%2Fpaylesstoconnect.ca%2F
Requested by
Host: blog.apps.npr.org
URL: https://blog.apps.npr.org/pym.js/dist/pym.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:1200:6:848:5140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
engage.newmode.net
:scheme
https
:path
/nm-letter/9614/15331?initialWidth=606&childId=newmode-embed-9614-15331&parentTitle=Pay%20Less%20To%20Connect&parentUrl=https%3A%2F%2Fpaylesstoconnect.ca%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://paylesstoconnect.ca/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://paylesstoconnect.ca/

Response headers

status
200
content-type
text/html; charset=utf-8
date
Wed, 19 Aug 2020 19:59:11 GMT
set-cookie
AWSALB=weoQT3rW/Jcgy8qSYjtskIrQPKhnXF51LrTvdiN7a5kJeoluolY524HatKB9QqFlnT6iWu2xi9yFfeAzlTvsdRqJhbXkhiBVRf09HZEZwYN8xZ9/8IK9xH0dhUOY; Expires=Wed, 26 Aug 2020 19:59:10 GMT; Path=/ AWSALBCORS=weoQT3rW/Jcgy8qSYjtskIrQPKhnXF51LrTvdiN7a5kJeoluolY524HatKB9QqFlnT6iWu2xi9yFfeAzlTvsdRqJhbXkhiBVRf09HZEZwYN8xZ9/8IK9xH0dhUOY; Expires=Wed, 26 Aug 2020 19:59:10 GMT; Path=/; SameSite=None; Secure SSESS48a9de829d6e99069e9769e50b1ab5e2=BVNS39afi_nGXgdyXRoKSJrml-RJigwnTRAB2T7P-zw; expires=Fri, 11-Sep-2020 23:32:31 GMT; Max-Age=2000000; path=/; domain=.engage.newmode.net; secure; HttpOnly
server
Apache/2.4.29 (Ubuntu)
x-drupal-cache
MISS
x-content-type-options
nosniff
content-language
en
x-generator
Drupal 7 (https://www.drupal.org)
link
<https://engage.newmode.net/nm-letter/9614/15331>; rel="canonical",<https://engage.newmode.net/nm-letter/9614/15331>; rel="shortlink"
cache-control
public, max-age=3600
expires
Sun, 19 Nov 1978 05:00:00 GMT
content-encoding
gzip
etag
"1597867150-1"
last-modified
Wed, 19 Aug 2020 19:59:10 GMT
vary
Cookie,Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
Wc7rGWPRnrKea1vi39FPNrct5m1ey5TH8kUmvxui5l0XsTDqoGWT6w==
/
www.facebook.com/tr/ 		44 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1458126871017398&ev=Microdata&dl=https%3A%2F%2Fpaylesstoconnect.ca%2F&rl=&if=false&ts=1597867150697&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Pay%20Less%20To%20Connect%22%2C%22meta%3Adescription%22%3A%22Tired%20of%20being%20gouged%3F%20It%27s%20time%20to%20lower%20Canadian%20internet%20and%20cell%20phone%20bills.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Pay%20Less%20To%20Connect%22%2C%22og%3Adescription%22%3A%22Tired%20of%20being%20gouged%3F%20It%27s%20time%20to%20cut%20Canadian%20internet%20and%20cell%20phone%20bills.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fcdn2.hubspot.net%2Fhubfs%2F2173091%2FPLTC%25202020%2FPLTC2020-facebook.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.23&r=stable&ec=1&o=30&fbp=fb.1.1597867150187.1037328792&it=1597867150063&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://paylesstoconnect.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 19:59:10 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 19 Aug 2020 19:59:10 GMT
roundtrip.js
s.adroll.com/j/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.252.179 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-252-179.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e3707edca98715fc3fe7ea36b15c506641b4c380e7e6c4d8ebb9e288f1438ff8

Request headers

Referer
https://paylesstoconnect.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
CeVUvvucPy3Id6wu3pm.U9kY8oddI4fW
Content-Encoding
gzip
ETag
"d78a05d3ec6a770650daa2185ccbc352"
x-amz-request-id
78B79C77AEECF183
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
11962
x-amz-id-2
9EIP5t58tYk5aHpP+gyecEJPoQv76P8l36TdELHpQu4dmDgyGvQmesZywo/fjoAT21O78RpVlCM=
Last-Modified
Wed, 19 Aug 2020 17:39:39 GMT
Server
AmazonS3
Date
Wed, 19 Aug 2020 19:59:12 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/UUVLSG5ARBEWJL7WWPIHPY/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/exp/index.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.252.179 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-252-179.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer
https://paylesstoconnect.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
2U8XMvdFINXJNFsilaXONuSvqmREKV3.
Content-Encoding
gzip
ETag
"5816cced8568d223aa09d889f300692b"
x-amz-request-id
4A7C980A1D715EE4
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
48
x-amz-id-2
LpPYq3vxiuCnj9E4VT3ibXWXHfL6OQJ/hpaKw0agFXNtLCkcrI9O8bI1esL8N46DyFhEkvcGRyw=
Last-Modified
Fri, 31 Jul 2020 16:11:15 GMT
Server
AmazonS3
Date
Wed, 19 Aug 2020 19:59:12 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*

Redirect headers

Date
Wed, 19 Aug 2020 19:59:12 GMT
Server
AkamaiGHost
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
index.js
s.adroll.com/j/pre/UUVLSG5ARBEWJL7WWPIHPY/RG3SYZBR6ZBAVD4QHCHDSQ/ 		0
773 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/UUVLSG5ARBEWJL7WWPIHPY/RG3SYZBR6ZBAVD4QHCHDSQ/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.252.179 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-252-179.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://paylesstoconnect.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
EfqN6r5YE.i6P1nqfxXx07UPWh5bjtMS
Content-Encoding
gzip
ETag
"d41d8cd98f00b204e9800998ecf8427e"
x-amz-request-id
72A551A727972D23
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
x-amz-id-2
gmBfG0/3eztBQiakJNjEJr476gVnRs/RybyvPEWnidIcUYoqAWDsQp53L7aSsk263XXtqUF430M=
Last-Modified
Wed, 19 Aug 2020 18:47:41 GMT
Server
AmazonS3
Date
Wed, 19 Aug 2020 19:59:13 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
/
d.adroll.com/consent/check/UUVLSG5ARBEWJL7WWPIHPY/
Redirect Chain
  • https://d.adroll.mgr.consensu.org/consent/iabcheck/UUVLSG5ARBEWJL7WWPIHPY?_s=138e84ae9f7a6ba4a9e1ce8e822662be&_b=2
  • https://d.adroll.com/consent/check/UUVLSG5ARBEWJL7WWPIHPY/?_s=138e84ae9f7a6ba4a9e1ce8e822662be&_b=2
395 B
487 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/UUVLSG5ARBEWJL7WWPIHPY/?_s=138e84ae9f7a6ba4a9e1ce8e822662be&_b=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.28.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-28-111.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
427c7d6b3f2f8ca2019536dda116a605f99fc3bdd94a0259f1c9e18ea05e7aa9

Request headers

Referer
https://paylesstoconnect.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Wed, 19 Aug 2020 19:59:12 GMT
server
nginx/1.16.1
content-length
395
content-type
application/javascript

Redirect headers

status
302
date
Wed, 19 Aug 2020 19:59:12 GMT
server
nginx/1.16.1
content-length
105
location
https://d.adroll.com/consent/check/UUVLSG5ARBEWJL7WWPIHPY/?_s=138e84ae9f7a6ba4a9e1ce8e822662be&_b=2

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes boolean| Ba object| webfont object| WebFont function| gtag object| dataLayer function| fbq function| _fbq string| adroll_adv_id string| adroll_pix_id object| google_tag_manager function| $ function| jQuery object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData string| $p_url string| $p_cached_url number| $p_org_id boolean| $p_session_only boolean| $p_supports_do_not_track number| $p_fb_app_id string| $p_fb_app_domain object| $p_source_param function| get_link_param function| strTrim object| SharePop object| pym function| tram object| Webflow object| request object| preset_pages boolean| __adroll_loaded string| adroll_sid object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks function| adroll_tpc_callback boolean| __adroll_consent boolean| __adroll_consent_is_gdpr object| __adroll_consent_data string| __adroll_consent_user_country string| __adroll_consent_adv_country object| adroll_exp_list

12 Cookies

Domain/Path Name / Value
engage.newmode.net/ Name: AWSALBCORS
Value: bg/kOcVmbvWbXWlYLRWbnX3VQBpbemhOvb5+NIyP8b0Rj+PvmYW1rwfly7Wp9m8dtwgC8/dObIj14jotsvTtyj1DuIGB8nMY8tcjV6bN/DZFhnDsUfSx1HY+K842
engage.newmode.net/ Name: AWSALB
Value: bg/kOcVmbvWbXWlYLRWbnX3VQBpbemhOvb5+NIyP8b0Rj+PvmYW1rwfly7Wp9m8dtwgC8/dObIj14jotsvTtyj1DuIGB8nMY8tcjV6bN/DZFhnDsUfSx1HY+K842
.newmode.net/ Name: _gid
Value: GA1.2.405976857.1597867152
.newmode.net/ Name: _ga
Value: GA1.2.2051379442.1597867152
engage.newmode.net/ Name: has_js
Value: 1
.newmode.net/ Name: _dc_gtm_UA-62738104-2
Value: 1
.paylesstoconnect.ca/ Name: _gid
Value: GA1.2.777805828.1597867150
.engage.newmode.net/ Name: SSESS48a9de829d6e99069e9769e50b1ab5e2
Value: BVNS39afi_nGXgdyXRoKSJrml-RJigwnTRAB2T7P-zw
.paylesstoconnect.ca/ Name: _ga
Value: GA1.2.335672351.1597867150
.newmode.net/ Name: _dc_gtm_UA-137276941-1
Value: 1
.paylesstoconnect.ca/ Name: _gat_gtag_UA_137276941_1
Value: 1
.paylesstoconnect.ca/ Name: _fbp
Value: fb.1.1597867150187.1037328792

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bit.ly
blog.apps.npr.org
c.shpg.org
connect.facebook.net
d.adroll.com
d.adroll.mgr.consensu.org
d1tdp7z6w94jbb.cloudfront.net
engage.newmode.net
fonts.googleapis.com
fonts.gstatic.com
paylesstoconnect.ca
s.adroll.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
185.199.110.153
206.248.173.171
2600:9000:214f:1200:6:848:5140:93a1
2600:9000:2182:f600:d:9da0:f1c0:93a1
2606:4700:20::ac43:452d
2a00:1450:4001:801::2008
2a00:1450:4001:802::200e
2a00:1450:4001:806::200a
2a00:1450:4001:81a::2003
2a00:1450:4001:81b::2003
2a00:1450:4001:81b::200a
2a00:1450:400c:c0c::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.248.28.111
67.199.248.10
92.122.252.179
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12242466b68462b6b4b2aec4c2eaf9279a07c75eaa4c5e4ced8b6ddf31cf6c91
1272aea91a142584d88e3e9cce723c357cd6388a3a944e16752848e640650a73
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1df7710816a924d4be5d1b4ab795be52cdfcc09f475c09ed131442305be57a37
1fc1e65f0dbc2881f6619299254b21f89aa2fd728ef50425ab859c2a12f37888
2d9caa0f3e1b2fbadb101075bca254be6f724c995afd1624115b5c3c520a09b5
3aaffecb7b1290375fca7efb9ad634afb4df44b708a1969049792cf4f4ce8951
427c7d6b3f2f8ca2019536dda116a605f99fc3bdd94a0259f1c9e18ea05e7aa9
4a3a4621eea5e188b694310b35a7296017d1d6398c39f63c90f780338e813561
4c09bff9650118b4bdfe726ec198f6a54747c270bba3ba1d8ef89f996509f9dd
529fd382bf5a7f90bc915851b9b9c4b628e4daf856377376e5bc6cbd786355e1
599828568ef738aaed9c7f2d2a9c95913a6f8248e7dc3bbcf92299a7db05c532
5c4a6fe64efc5d07833c35af9630d0f9b3d4d09a63f9358e441374e9102c9e81
6fcedb9e973c1d3a06b531532596efb93fdcae291b24087dfd09cf24b4362fa3
70935b43ee74d4943396de054b7c4698be4aed14cad98dc4de7482bda1e5b8a5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
861d150c3603263ac323df08b64c09e019b4b7fd3ac9ca90df32ccfc3d389e5b
87c18f39efa380401767f0c160132583718a8a9b5acea0dfd1aad041cb384c9f
893df2b9ceb653f94333139d561d363bf4c365e651a0a3ade839d96200942e37
a8015c630d7acace1be380151b5f3c105ea8ad3503532ba2b6c5e094c026dea7
b7f736144a4c3c86a1e620f94d91b3c0eedcadac33888203e554dc2e7c3cfa66
d142a29dfc233602672353f1bfaf7d8e72331ec6902d8dd12cb56e5eaf794fc2
d1cd692c452edccd384d1d8997d3ab24ee9f6c2f7a947f75ef7ebb47cd358755
da47d3c0011ae4fbcf315bfdad6ea681e35ce11a9dbf35ccb60ffca994251c65
e3707edca98715fc3fe7ea36b15c506641b4c380e7e6c4d8ebb9e288f1438ff8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a737c1570531598b54aebd4bbe6be27a7578576a075862bee99edeb08c9b42
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f831a25fbbca0882b2309a1179df4a1cb9fca3ab92b2ce42cd7d78c07ea25efc
fa854590e6bc6158d3a4e292c25db7d723ba8a4313ccf639d2ae079d2a7239b3
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955