www.springfinancial.ca Open in urlscan Pro
172.67.69.83 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://spgfl.ca/99w8
Effective URL:
https://www.springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO
Submission: On December 20 via api (December 20th 2023, 2:55:15 am UTC) from LU — Scanned from CA

Summary HTTP 64 Redirects Behaviour Indicators

Summary

This website contacted 23 IPs in 3 countries across 19 domains to perform 64 HTTP transactions. The main IP is 172.67.69.83, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.springfinancial.ca.
TLS certificate: Issued by GTS CA 1P5 on December 8th 2023. Valid for: 3 months.

This is the only time www.springfinancial.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.21.19.216 104.21.19.216	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 9	172.67.69.83 172.67.69.83	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.251.111.97 142.251.111.97	15169 (GOOGLE) (GOOGLE)
4	23.199.55.63 23.199.55.63	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.199.55.39 23.199.55.39	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	104.26.9.146 104.26.9.146	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.26.9.83 104.26.9.83	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	204.79.197.200 204.79.197.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	146.75.36.157 146.75.36.157	54113 (FASTLY) (FASTLY)
3	31.13.66.19 31.13.66.19	32934 (FACEBOOK) (FACEBOOK)
5	23.44.203.84 23.44.203.84	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.85.132.123 52.85.132.123	16509 (AMAZON-02) (AMAZON-02)
3	35.201.112.186 35.201.112.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
12	15.156.55.21 15.156.55.21	16509 (AMAZON-02) (AMAZON-02)
3	172.253.63.139 172.253.63.139	15169 (GOOGLE) (GOOGLE)
1	142.251.167.154 142.251.167.154	15169 (GOOGLE) (GOOGLE)
1	142.250.31.94 142.250.31.94	15169 (GOOGLE) (GOOGLE)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
3	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
2	31.13.66.35 31.13.66.35	32934 (FACEBOOK) (FACEBOOK)
2	13.110.84.158 13.110.84.158	14340 (SALESFORCE) (SALESFORCE)
2	3.97.95.115 3.97.95.115	16509 (AMAZON-02) (AMAZON-02)
64	23

1 104.21.19.216 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spgfl.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.67.69.83 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

springfinancial.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.springfinancial.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.111.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.199.55.63 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-199-55-63.deploy.static.akamaitechnologies.com

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.199.55.39 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-199-55-39.deploy.static.akamaitechnologies.com

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.9.146 (None, )

ASN13335 (CLOUDFLARENET, US)

api.springfinancial.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.9.83 (None, )

ASN13335 (CLOUDFLARENET, US)

app.varify.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.36.157 (Reston, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.44.203.84 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-203-84.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.132.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-132-123.iad50.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 15.156.55.21 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-156-55-21.ca-central-1.compute.amazonaws.com

canada-drives.my.salesforce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.63.139 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f139.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.167.154 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.31.94 (Oxford, United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f94.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.66.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-iad3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.110.84.158 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl13-ncg0-iad3.la3-c1-ia2.salesforceliveagent.com

d.la3-c1-ia2.salesforceliveagent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.97.95.115 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-97-95-115.ca-central-1.compute.amazonaws.com

d.la1-core1.sfdc-58ktaz.salesforceliveagent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	salesforce.com canada-drives.my.salesforce.com	40 KB
11	springfinancial.ca 1 redirects springfinancial.ca www.springfinancial.ca api.springfinancial.ca	424 KB
6	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2024 rs.fullstory.com — Cisco Umbrella Rank: 2033	88 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 617	146 KB
5	typekit.net use.typekit.net — Cisco Umbrella Rank: 446 p.typekit.net — Cisco Umbrella Rank: 559	121 KB
4	salesforceliveagent.com d.la3-c1-ia2.salesforceliveagent.com — Cisco Umbrella Rank: 31734 d.la1-core1.sfdc-58ktaz.salesforceliveagent.com — Cisco Umbrella Rank: 74946	6 KB
3	google.com analytics.google.com — Cisco Umbrella Rank: 152	367 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	121 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 329	14 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	216 B
2	varify.io app.varify.io — Cisco Umbrella Rank: 91986	15 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	189 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 713	720 B
1	t.co t.co — Cisco Umbrella Rank: 589	376 B
1	google.ca www.google.ca — Cisco Umbrella Rank: 9252	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 75	259 B
1	trustpilot.com widget.trustpilot.com — Cisco Umbrella Rank: 4867	7 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 678	15 KB
1	spgfl.ca 1 redirects spgfl.ca	778 B
64	19

	Domain	Requested by
12	canada-drives.my.salesforce.com	www.springfinancial.ca canada-drives.my.salesforce.com
8	www.springfinancial.ca	www.springfinancial.ca
5	analytics.tiktok.com	www.springfinancial.ca analytics.tiktok.com
4	use.typekit.net	www.springfinancial.ca use.typekit.net
3	rs.fullstory.com	edge.fullstory.com
3	analytics.google.com	www.googletagmanager.com
3	edge.fullstory.com	www.springfinancial.ca edge.fullstory.com rs.fullstory.com
3	connect.facebook.net	www.springfinancial.ca connect.facebook.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.springfinancial.ca
2	d.la1-core1.sfdc-58ktaz.salesforceliveagent.com	canada-drives.my.salesforce.com
2	d.la3-c1-ia2.salesforceliveagent.com	canada-drives.my.salesforce.com
2	www.facebook.com	www.springfinancial.ca
2	app.varify.io	www.googletagmanager.com www.springfinancial.ca
2	api.springfinancial.ca	www.springfinancial.ca
2	www.googletagmanager.com	www.springfinancial.ca www.googletagmanager.com
1	analytics.twitter.com	www.springfinancial.ca
1	t.co	www.springfinancial.ca
1	www.google.ca	www.springfinancial.ca
1	stats.g.doubleclick.net	www.googletagmanager.com
1	widget.trustpilot.com	www.springfinancial.ca
1	static.ads-twitter.com	www.googletagmanager.com
1	p.typekit.net	use.typekit.net
1	springfinancial.ca	1 redirects
1	spgfl.ca	1 redirects
64	24

This site contains no links.

Subject Issuer	Validity	Valid
springfinancial.ca GTS CA 1P5	`2023-12-08` - `2024-03-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-21` - `2024-10-21`	a year	crt.sh
varify.io E1	`2023-12-02` - `2024-03-01`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-28` - `2023-12-27`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.trustpilot.com Amazon RSA 2048 M02	`2023-02-02` - `2024-03-02`	a year	crt.sh
edge.fullstory.com GTS CA 1D4	`2023-11-14` - `2024-02-12`	3 months	crt.sh
can44.sfdc-58ktaz.salesforce.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-08` - `2024-04-08`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2023-02-01` - `2024-02-01`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-11-05`	a year	crt.sh
rs.fullstory.com GTS CA 1D4	`2023-11-10` - `2024-02-08`	3 months	crt.sh
la3-c1-ia2.salesforceliveagent.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-15` - `2024-03-13`	a year	crt.sh
la1-core1.sfdc-58ktaz.salesforceliveagent.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-15` - `2024-11-13`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO
Frame ID: 633C9DD111D8E565C8D0DBB6FBC49687
Requests: 57 HTTP requests in this frame

Frame: https://canada-drives.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO
Frame ID: F44442533DFED6FBDA19B4B11FC12D0D
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Spring Financial

Page URL History Show full URLs

https://spgfl.ca/99w8 HTTP 301
https://springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO HTTP 301
https://www.springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

64
Requests

98 %
HTTPS

0 %
IPv6

19
Domains

24
Subdomains

23
IPs

3
Countries

1187 kB
Transfer

4062 kB
Size

24
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://spgfl.ca/99w8 HTTP 301
https://springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO HTTP 301
https://www.springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

64 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request optin Show response
www.springfinancial.ca/dashboard/
Redirect Chain

https://spgfl.ca/99w8
https://springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO
https://www.springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO

126 KB
23 KB

278ms
269ms

Document
text/html

172.67.69.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe41b3cd86ee64f93dfa5789ecd8f463ec60f4ae3f70f5b58fa09c9132c9a4cd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-requested-with, X-Auth-Token, Content-Type, origin, authorization, accept, client-security-token
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-allow-origin: *
access-control-expose-headers: Content-Security-Policy, Location
access-control-max-age: 600
cf-cache-status: DYNAMIC
cf-ray: 83849ad38deca205-YYZ
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 20 Dec 2023 02:55:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BDKaN4%2FVS%2F940Ukm7bx2jWG39Pq3vw5YhqIGxGoy%2F62ZMx0Fkwux1U2l0j0tXBlycNHOLGAkq87cBxGRUJRolWGPF4Za8qeWGcTte17OsX3GPRm2hcgF%2FJxmbqMKJFm2PlFDqaA9fO0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 83849ad1fae6a205-YYZ
content-type: text/html; charset=iso-8859-1
date: Wed, 20 Dec 2023 02:55:09 GMT
location: https://www.springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2FEHMfqSXXPzM4vQcknPN8ZpEVscYcSKAUsqfh6zcsKS91xf8fAoygjpdznMRJk9Hjdb9Q6KHovI9TOSVCn3C3LgqYov%2FCsUVNekuTiJH9uR%2BkQdetEMJLSJOA%2FohzbLykCYaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 387 KB
96 KB 159ms
84ms Script
application/javascript 142.251.111.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K597F9T&l=dataLayer

Requested by

Host: www.springfinancial.ca
URL: https://www.springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

48b1d094e30e8fcb3648240ec028b3a4243e487a8635febfbbd5da8ddfda1500

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.springfinancial.ca/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

date: Wed, 20 Dec 2023 02:55:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97788
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 20 Dec 2023 02:55:09 GMT

GET
H2 200 3fd5f0c.js Show response
www.springfinancial.ca/_nuxt/ 5 KB
3 KB 107ms
105ms Script
application/javascript 172.67.69.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.springfinancial.ca/_nuxt/3fd5f0c.js
Requested by: Host: www.springfinancial.ca
URL: https://www.springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb96aea9c665ba66e65009173bcdda5a83c9de3622d57658d20fce82508f7575

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

date: Wed, 20 Dec 2023 02:55:09 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Thu, 14 Dec 2023 18:15:18 GMT
server: cloudflare
etag: W/"12aa-18c698a43d9"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HKIcUhvzXeODCRI3y4ZeKVMnV0lklePs1KYhKOhqRlvSBq6zeH%2BasRHkjc5VP0tQt47WV11zpLONTBHy0Z2TSlz6ZXLWUW4wZyCRO7o6srjloonrozrioxu3o%2FC%2FDBpwTfZIuecdDD0%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Security-Policy, Location
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 600
cf-ray: 83849ad5c97ba205-YYZ
access-control-allow-headers: x-requested-with, X-Auth-Token, Content-Type, origin, authorization, accept, client-security-token

GET
H2 200 175be5e.js Show response
www.springfinancial.ca/_nuxt/ 218 KB
76 KB 123ms
122ms Script
application/javascript 172.67.69.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.springfinancial.ca/_nuxt/175be5e.js
Requested by: Host: www.springfinancial.ca
URL: https://www.springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c20abb5192d8f679785e4ace448cfaa3c4dbc9ca388eee0de055ca5bed0a9e25

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

date: Wed, 20 Dec 2023 02:55:09 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Thu, 14 Dec 2023 18:15:18 GMT
server: cloudflare
etag: W/"3697d-18c698a43c9"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n35JmSAUFtkb676p%2F5ZUyAQaMdHmueGSiSOPQIMi3HXtSsDWWk6FWWsI2LbYf41I8tiCGWhiiP4mOvxYEr4h5%2FLAdW1uAuvUqhPq6ell3BJYqYS4hxYgdMBvkEKv5fEGL6eoNakg4PE%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Security-Policy, Location
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 600
cf-ray: 83849ad5c980a205-YYZ
access-control-allow-headers: x-requested-with, X-Auth-Token, Content-Type, origin, authorization, accept, client-security-token

GET
H2 200 456a9f2.js Show response
www.springfinancial.ca/_nuxt/ 906 KB
244 KB 110ms
109ms Script
application/javascript 172.67.69.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.springfinancial.ca/_nuxt/456a9f2.js
Requested by: Host: www.springfinancial.ca
URL: https://www.springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d3c7d3bf70f3c02c8f95dbb8ba5f5143973411d719e617fca4e89553a866533

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

date: Wed, 20 Dec 2023 02:55:09 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Thu, 14 Dec 2023 18:15:18 GMT
server: cloudflare
etag: W/"e27a0-18c698a43d9"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7JTBkumvteuEeiymUqBKxHS3Ur3QCn4YmMssnexUiVCDPYH6tr879Z5lbx%2FYB1wmUvj89jEDtxK8QblHlQqKBIcrzx8swscWYmluwMBuyr9qJfdyf1i3KU6KtcWrl7LSIDX34In24H8%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Security-Policy, Location
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 600
cf-ray: 83849ad5c981a205-YYZ
access-control-allow-headers: x-requested-with, X-Auth-Token, Content-Type, origin, authorization, accept, client-security-token

GET
H2 200 a670373.js Show response
www.springfinancial.ca/_nuxt/ 375 KB
69 KB 121ms
121ms Script
application/javascript 172.67.69.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.springfinancial.ca/_nuxt/a670373.js
Requested by: Host: www.springfinancial.ca
URL: https://www.springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e23b584c69882ed74e0cd2cd6e32b3e259b773ac59e7c8f620952d391145bd32

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

date: Wed, 20 Dec 2023 02:55:09 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Thu, 14 Dec 2023 18:15:18 GMT
server: cloudflare
etag: W/"5ddbf-18c698a43c9"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pzBAzUYDXjD3M9NwgI4XVEMZp8qATSgosOqQoUU%2FzWsltQ%2FSbPa07QQT4Q8%2FADvCtgvTIiydPnOd1%2BzklexO%2BbfXS2UaylVQ8TIQqeL6ZEI325zuexd356ocxL5NMgvoTvkjXVmgors%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Security-Policy, Location
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 600
cf-ray: 83849ad5c982a205-YYZ
access-control-allow-headers: x-requested-with, X-Auth-Token, Content-Type, origin, authorization, accept, client-security-token

GET
H2 200 9aa7553.js Show response
www.springfinancial.ca/_nuxt/ 13 KB
5 KB 231ms
231ms Script
application/javascript 172.67.69.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.springfinancial.ca/_nuxt/9aa7553.js
Requested by: Host: www.springfinancial.ca
URL: https://www.springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c1e6c4f4859bdae42f7074782e321b3601b019201a39a468281895c4fce3142

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

date: Wed, 20 Dec 2023 02:55:09 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Thu, 14 Dec 2023 18:15:18 GMT
server: cloudflare
etag: W/"33f3-18c698a43d1"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IOgu0L5XVWzJX66e5w0qedbzIYGZCN3h3saJIccH48JhGGJOm2t4hbCKkaomk%2BHNoxq2J0u83U9R5F5JlrbrRTk3bRSOa7pFaBUHuYxWleWLDijjw3yBVgb%2FUYxXuZTV1bM1yLdo8gQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Security-Policy, Location
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 600
cf-ray: 83849ad5d984a205-YYZ
access-control-allow-headers: x-requested-with, X-Auth-Token, Content-Type, origin, authorization, accept, client-security-token

GET
H2 200 default.png
www.springfinancial.ca/lazy/ 68 B
743 B 109ms
109ms Image
image/png 172.67.69.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.springfinancial.ca/lazy/default.png
Requested by: Host: www.springfinancial.ca
URL: https://www.springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

date: Wed, 20 Dec 2023 02:55:09 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 68
last-modified: Thu, 14 Dec 2023 18:14:12 GMT
server: cloudflare
etag: W/"44-18c69894154"
access-control-max-age: 600
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hsFp9789gEfMMwaxb9Nafa1UoLIR%2FgYvZ4v1q0tZ5XbT7uWwTBpzvzb%2FMrAdgGfDcDTLbyVIhTsimKlLpAu9tIqho1rmv3OBM0x3Bbc004DfB8Ib01lb5JAVTXDEf9M7l9mlBYubEL8%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Security-Policy, Location
cache-control: public, max-age=0
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 83849ad5f9caa205-YYZ
access-control-allow-headers: x-requested-with, X-Auth-Token, Content-Type, origin, authorization, accept, client-security-token

GET
H2 200 owb4fan.css
use.typekit.net/ 3 KB
979 B 129ms
47ms Stylesheet
text/css 23.199.55.63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/owb4fan.css

Requested by

Host: www.springfinancial.ca
URL: https://www.springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.199.55.63 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-199-55-63.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

2700138265d83981a90c8049cbab5eaa2a8e9bcada08626a8dc7c7d0d98bebc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.springfinancial.ca/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Wed, 20 Dec 2023 02:55:09 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 756

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 116ms
33ms Stylesheet
text/css 23.199.55.39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=owb4fan&ht=tk&f=7859.14541.14548.14549&a=8303809&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/owb4fan.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.199.55.39 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-199-55-39.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

date: Wed, 20 Dec 2023 02:55:09 GMT
last-modified: Fri, 14 Jul 2023 12:54:09 GMT
server: nginx
etag: "64b14571-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

OPTIONS
H2 204 send-code
api.springfinancial.ca/v4/ Frame 0
0 200ms
130ms Preflight 104.26.9.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.springfinancial.ca/v4/send-code
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.146 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.springfinancial.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 0
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 83849ad8ca4b53dd-YYZ
date: Wed, 20 Dec 2023 02:55:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f9LlGzm65SF8a5wkRrn442noJ6Ieo5fOH4MRO4jqXGm8Ppat1iaMhmy3Rk8D0WXhRLQL2NuptugKyU0GlYX9tsl4yLp6HUJVZUugzTlBfsDNlD4l%2FBj1ZAxL7JAVmq0FR0DtYOKqS3g%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Access-Control-Request-Method,Access-Control-Request-Headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 290 KB
93 KB 56ms
55ms Script
application/javascript 142.251.111.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HPFKPP4K8S&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K597F9T&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

ee4cffde16352cdf7a6a831136c5905d26c88faa8f21a3820ff70dc8b24c8563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.springfinancial.ca/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

date: Wed, 20 Dec 2023 02:55:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95162
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 20 Dec 2023 02:55:10 GMT

GET
H2 200 varify.js Show response
app.varify.io/ 37 KB
11 KB 77ms
32ms Script
application/javascript 104.26.9.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.varify.io/varify.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K597F9T&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.9.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69bb63c94fbe355f31e642a8628279a188fa53b9bedfa01ae4bde05049ded40f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.springfinancial.ca/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

date: Wed, 20 Dec 2023 02:55:10 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 14 Dec 2023 15:39:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 110
etag: W/"657b2198-94ae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mvvORocNkJGinuHXiPxENg7GXPjgkft%2FEwAufsO8THzWFVIBuwRDBWY5rdE%2FoEhigjORyVeHhcW%2BauViBazcFq9ztWpngPpQOwG88kKAlkXzjCclD812rtwlMEsbYE0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=120
cf-ray: 83849ad86b6e36af-YYZ
expires: Wed, 20 Dec 2023 02:55:20 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 117ms
49ms Script
application/javascript 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K597F9T&l=dataLayer

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0001.a-msedge.net

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.springfinancial.ca/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 20 Dec 2023 02:55:10 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0BCDBBE4108A49EAB50EFFBD4C092762 Ref B: YTO01EDGE0813 Ref C: 2023-12-20T02:55:10Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 107ms
34ms Script
application/javascript 146.75.36.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K597F9T&l=dataLayer
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.springfinancial.ca/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

date: Wed, 20 Dec 2023 02:55:10 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 15:55:14 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kcgs7200025-IAD

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 104ms
35ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.springfinancial.ca
URL: https://www.springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.springfinancial.ca/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 20 Dec 2023 02:55:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: FqlYiHsr3ObskOBWdqayzdw0ZonLR9ZGUfbYyBOBTMhbVYX8+FPk1pj7p33QdSPtXjT5H6mNC1gYJDDa1gw08w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 112ms
50ms Script
application/javascript 23.44.203.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHN84ERC77UFB57T9DEG&lib=ttq
Requested by: Host: www.springfinancial.ca
URL: https://www.springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.203.84 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-203-84.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 28941f7c124eeda102bd51d937528d08c36df24d874e5b5f0e6396846f2d24c0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.springfinancial.ca/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

x-akamai-request-id: 32b4af8c.dce29371
date: Wed, 20 Dec 2023 02:55:10 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231220025510DA4C886B669352C73798-269AA3D5A0FAEEA9-00
x-cache: TCP_MISS from a23-200-89-52.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 19,23.200.89.52
server-timing: cdn-cache; desc=MISS, edge; dur=12, origin; dur=7, inner; dur=2
content-length: 1345
pragma: no-cache
server: nginx
x-tt-logid: 20231220025510DA4C886B669352C73798
x-cache-remote: TCP_MISS from a23-48-100-43.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.48.100.43
x-tt-trace-host: 01dc3437e496b91caedd05e7248e6e873b329ec8e77b80eb03ca60f59ab3b06db87a0df72ab1efde877dc75bb5c7afc7bdeb0b08a1e5b426592b559ec75b524da8561e850d757f8ae2a71f4e6e09872e3b394c5042159b969d0e88f86a7057190978e52f455e88187c3c9201f7e2c90d5b
expires: Wed, 20 Dec 2023 02:55:10 GMT

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 21 KB
7 KB 128ms
37ms Script
application/x-javascript 52.85.132.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: www.springfinancial.ca
URL: https://www.springfinancial.ca/_nuxt/a670373.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.132.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-132-123.iad50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.springfinancial.ca/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 19 Dec 2023 10:07:43 GMT
via: 1.1 e67eec39bafe7d4b59266632bc2a9886.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD50-C2
age: 60448
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6759
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Oct 2023 12:27:20 GMT
server: AmazonS3
etag: "15864ce88fa79a3e954417d0c3396798"
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: RBV-KHwyFYtGtcoMiKPetYj5RwGDhf64WzoscvYxxflUO89d-JfXtQ==

GET
H2 200 l
use.typekit.net/af/f18587/00000000000000007735a07a/30/ 17 KB
18 KB 114ms
34ms Font
application/font-woff2 23.199.55.63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/f18587/00000000000000007735a07a/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/owb4fan.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.199.55.63 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-199-55-63.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c70be61ebf5ebc5fb158df7bcc05e1a645c16c863901eb8487fc3d14d2ac801a

Request headers

Referer: https://use.typekit.net/owb4fan.css
Origin: https://www.springfinancial.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

date: Wed, 20 Dec 2023 02:55:10 GMT
server: nginx
etag: "ec65454125f52ade60a7a7dba7db35136a0a5833"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17756

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 248 KB
69 KB 56ms
19ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: www.springfinancial.ca
URL: https://www.springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cd138cb8d1483ae8b41c3516e2001b12ac70368c411c9a6a5727d42f7162ab30

Request headers

Referer: https://www.springfinancial.ca/
Origin: https://www.springfinancial.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

date: Wed, 20 Dec 2023 02:33:08 GMT
content-encoding: br
age: 1322
x-guploader-uploadid: ABPtcPouvXziI1TLZTfvkGgGV5wGcSN1IQM37kgzYPCQoakjhlF0q8Er-qjoCbPMQNb0jkE79AlSKhVeH8fcnkd2ymRL9w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69593
last-modified: Tue, 12 Dec 2023 16:27:20 GMT
server: UploadServer
etag: "20e8f197ce31d0a16939988b0de6f7d0"
vary: Accept-Encoding
x-goog-generation: 1702398440850044
x-goog-hash: crc32c=bnuCPg==, md5=IOjxl84x0KFpOZiLDeb30A==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 69593
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 20 Dec 2023 03:33:08 GMT

POST
H2 200 send-code Show response
api.springfinancial.ca/v4/ 129 B
836 B 2247ms
2247ms XHR
application/json 104.26.9.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.springfinancial.ca/v4/send-code
Requested by: Host: www.springfinancial.ca
URL: https://www.springfinancial.ca/_nuxt/175be5e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.146 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2205e1d381eaeed299d7e77876d6406b879f7a32165d32c8ddcca6b17336077d

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.springfinancial.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0
Content-Type: application/json

Response headers

date: Wed, 20 Dec 2023 02:55:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-ratelimit-remaining: 59
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8LY85j%2FrmLQtS3eUw4HODZHR3jdaa%2FipXYE9IVi%2FgCTYRe%2FSKrJ8u1aaEMsZ8%2B8caFSk5EVDfkTfqmOQKI7TRJ87vPo6RSc1kaSy89%2FaQFh%2BRnINcWPiB4ynJLfIjbpnAb1yrUKVDJw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, private
x-ratelimit-limit: 60
cf-ray: 83849ad99bcd53dd-YYZ
access-control-allow-headers: Content-Type, X-Auth-Token, Origin

GET
H2 200 esw.min.js Show response
canada-drives.my.salesforce.com/embeddedservice/5.0/ 30 KB
9 KB 96ms
30ms Script
application/x-javascript 15.156.55.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://canada-drives.my.salesforce.com/embeddedservice/5.0/esw.min.js

Requested by

Host: www.springfinancial.ca
URL: https://www.springfinancial.ca/_nuxt/a670373.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.156.55.21 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-156-55-21.ca-central-1.compute.amazonaws.com

Software

Resource Hash

ef4dcc4dab4d780f44939c455d4720cab662b2f5fabc36ebc33a21f4cdbecd4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.springfinancial.ca/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

date: Wed, 20 Dec 2023 02:55:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 04 Jul 2023 00:26:54 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public,max-age=86400
accept-ranges: bytes
x-robots-tag: none
expires: Thu, 21 Dec 2023 02:55:10 GMT

GET
H2 200 logo.e882b07.svg
www.springfinancial.ca/_nuxt/img/ 2 KB
2 KB 107ms
107ms Image
image/svg+xml 172.67.69.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.springfinancial.ca/_nuxt/img/logo.e882b07.svg
Requested by: Host: www.springfinancial.ca
URL: https://www.springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5a487cf29986023e3927bc774fea6fcda900fb5bf9d3ef130c2d3a4d6970413

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

date: Wed, 20 Dec 2023 02:55:10 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Thu, 14 Dec 2023 18:15:18 GMT
server: cloudflare
etag: W/"8c9-18c698a43b9"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UYU2iT0sdHMOUFt7eGrDUJt1GcETP1Tf73lE1Bn1O9MGgXiyD34gyq6yHoAOsVsvAfDL%2BtpIZXW04xuZnNfeqbKtLhMVbO0elcccSIU3%2BLCVGgDDCTLvCavp1dOppSRuMz2g0QBjHkY%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Security-Policy, Location
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 600
cf-ray: 83849ad86d88a205-YYZ
access-control-allow-headers: x-requested-with, X-Auth-Token, Content-Type, origin, authorization, accept, client-security-token

POST
H2 204 collect
analytics.google.com/g/ 0
259 B 116ms
42ms Ping
text/plain 172.253.63.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-HPFKPP4K8S&gtm=45je3bt0v893274488z8813372716&_p=1703040910079&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1341375148.1703040910&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1703040910&sct=1&seg=0&dl=https%3A%2F%2Fwww.springfinancial.ca%2Fdashboard%2Foptin%3Foppid%3D0063Z00000rDSBiQAO&dt=Spring%20Financial&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_group=Other&tfd=1594
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HPFKPP4K8S&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.63.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bi-in-f139.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.springfinancial.ca/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 02:55:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.springfinancial.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
259 B 118ms
43ms Ping
text/plain 142.251.167.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-HPFKPP4K8S&cid=1341375148.1703040910&gtm=45je3bt0v893274488z8813372716&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HPFKPP4K8S&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.167.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ww-in-f154.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.springfinancial.ca/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 02:55:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.springfinancial.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
408 B 120ms
47ms Image
image/gif 142.250.31.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HPFKPP4K8S&cid=1341375148.1703040910&gtm=45je3bt0v893274488z8813372716&aip=1&dma=0&gcd=11l1l1l1l1&z=386070530

Requested by

Host: www.springfinancial.ca
URL: https://www.springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.94 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.springfinancial.ca/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 02:55:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 92ms
43ms Ping
text/plain 172.253.63.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-HPFKPP4K8S&gtm=45je3bt0v893274488z8813372716&_p=1703040910079&gcd=11l1l1l1l1&dma=0&cid=1341375148.1703040910&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=2&sid=1703040910&sct=1&seg=0&dl=https%3A%2F%2Fwww.springfinancial.ca%2Fdashboard%2Foptin%3Foppid%3D0063Z00000rDSBiQAO&dt=Spring%20Financial&en=credit_score_page_landed&ep.content_group=Other&_et=3&tfd=1619
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HPFKPP4K8S&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.63.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bi-in-f139.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.springfinancial.ca/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 02:55:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.springfinancial.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web Show response
edge.fullstory.com/s/settings/125NBH/v1/ 5 KB
2 KB 93ms
92ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/125NBH/v1/web
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c6111fb50a9610ca36bf71d683cce3e7beef60395adfe1e0b691784e6221b767

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.springfinancial.ca/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

date: Wed, 20 Dec 2023 02:55:10 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABPtcPrxBx3H5EJzKV5tmFHtCuizXxTkI66qkgSeXFAaF4Z0LDup-KQTSX-pZSxPKEpkYf8amI01f5wkHD4EqHRx40wxGL-rSjSe
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1407
last-modified: Wed, 20 Dec 2023 02:52:56 GMT
server: UploadServer
etag: "2f5be39cb97c17b645ced15740ba343c"
x-goog-generation: 1703038976323282
x-goog-hash: crc32c=w9DI9g==, md5=L1vjnLl8F7ZFztFXQLo0PA==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=900,no-transform
x-goog-stored-content-length: 1407
accept-ranges: bytes
content-type: application/json
expires: Wed, 20 Dec 2023 03:10:10 GMT

GET
H2 200 600 Show response
app.varify.io/v/ 13 KB
3 KB 30ms
30ms Fetch
application/json 104.26.9.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.varify.io/v/600

Requested by

Host: www.springfinancial.ca
URL: https://www.springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.9.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.33

Resource Hash

8f36ecd4052c2f8f9c868cf91a582dba43d724d61a2f336b721e7a74fb68d912

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept: application/json
Referer: https://www.springfinancial.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

date: Wed, 20 Dec 2023 02:55:10 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 97
x-powered-by: PHP/7.4.33
server: cloudflare
etag: W/"6416110b1e198242610198fada88f8cd"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.springfinancial.ca
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ooqEKQqvjUSPeou0o%2BpNpKWXzTUqPtbZG7wqykbY%2F9M9IAIh3RTEJuehmktRQnnY%2BxxzmTHXMB%2BOCBuEvu9OuhOrqaU5H7P6Q5FimFyPkzI2aFkC6UZ45y%2Fc3tElLD8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=120, public
access-control-allow-credentials: true
x-ratelimit-limit: 60
cf-ray: 83849ad95d0d36af-YYZ
access-control-allow-headers: X-Requested-With, Content-Type, X-Token-Auth, Authorization, X-Xsrf-Token
x-ratelimit-remaining: 59

GET
H2 200 main.MTdjYzNiZDU2MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 397 KB
106 KB 31ms
31ms Script
application/javascript 23.44.203.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHN84ERC77UFB57T9DEG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.203.84 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-203-84.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 62723060de0c92d89ec49f9b3bc1fd54b786111e8ad3451a6cf7ebc8553e7b74

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.springfinancial.ca/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

x-akamai-request-id: dce295bd
date: Wed, 20 Dec 2023 02:55:10 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202311090815094007F5A1FF871BFCBB1B
vary: Accept-Encoding
x-cache: TCP_HIT from a23-200-89-52.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01044622d44e80ba63890faa7d4422df73bd1467799a6ff31cd5e64f87cd4073e8be8ee0af7d1a86e5e6c7fa2fc30e5e4339aa358a003afc8175cf1ed08e4ef967a6ef941d87e4acba552537eaa3d0f402e2019697cb470d870eda401cf2807161
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length: 108183

GET
H2 200 adsct
t.co/1/i/ 43 B
376 B 169ms
59ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=9422608b-5d12-4142-a766-de39b975fd87&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=1f564469-c88d-4921-9f80-34051d5a5747&tw_document_href=https%3A%2F%2Fwww.springfinancial.ca%2Fdashboard%2Foptin%3Foppid%3D0063Z00000rDSBiQAO&tw_iframe_status=0&txn_id=od6el&type=javascript&version=2.3.29

Requested by

Host: www.springfinancial.ca
URL: https://www.springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.springfinancial.ca/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

x-response-time: 6
date: Wed, 20 Dec 2023 02:55:10 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: e79e44f7096c953a
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 0e36b2d8f35be7e9e3dc76703b941951c8f6b8db13c47a47acafb9ac00b881e6
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
720 B 174ms
62ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=9422608b-5d12-4142-a766-de39b975fd87&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=1f564469-c88d-4921-9f80-34051d5a5747&tw_document_href=https%3A%2F%2Fwww.springfinancial.ca%2Fdashboard%2Foptin%3Foppid%3D0063Z00000rDSBiQAO&tw_iframe_status=0&txn_id=od6el&type=javascript&version=2.3.29

Requested by

Host: www.springfinancial.ca
URL: https://www.springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.springfinancial.ca/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

x-response-time: 8
date: Wed, 20 Dec 2023 02:55:10 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: a09caf6fd0f7fea1
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: ae78011a14a06e653c290a6b43f5684a77c2829108f70feb5913048e0c122632
content-length: 43

GET
H2 200 common.min.js Show response
canada-drives.my.salesforce.com/embeddedservice/5.0/utils/ 5 KB
2 KB 29ms
29ms Script
application/x-javascript 15.156.55.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://canada-drives.my.salesforce.com/embeddedservice/5.0/utils/common.min.js

Requested by

Host: canada-drives.my.salesforce.com
URL: https://canada-drives.my.salesforce.com/embeddedservice/5.0/esw.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.156.55.21 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-156-55-21.ca-central-1.compute.amazonaws.com

Software

Resource Hash

7c273510050e27ad1e0a533b0a766c6c597575710d578a104e60d4810e173648

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.springfinancial.ca/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

date: Wed, 20 Dec 2023 02:55:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 17 Feb 2022 23:57:31 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public,max-age=86400
accept-ranges: bytes
x-robots-tag: none
expires: Thu, 21 Dec 2023 02:55:10 GMT

GET
H2 200 238470100011481 Show response
connect.facebook.net/signals/config/ 122 KB
32 KB 374ms
371ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/238470100011481?v=2.9.138&r=stable&domain=www.springfinancial.ca

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

deaeaa1148cde2528abeba8441b00219e065b996d05ef4990bfe442643cec391

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.springfinancial.ca/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 20 Dec 2023 02:55:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: VZJKhkvEC5maJKCANV8UVo6Ms94+esCCvO/X4x54Lz30mEulRNokMFlS8WkNjZ5p/otxCTZTeZX8SDxZnbrvEg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 14006182.js Show response
bat.bing.com/p/action/ 0
117 B 48ms
47ms Script
text/plain 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/14006182.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0001.a-msedge.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.springfinancial.ca/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 20 Dec 2023 02:55:10 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0C39158133E943FEA1F6F62A622D3EE9 Ref B: YTO01EDGE0813 Ref C: 2023-12-20T02:55:10Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
360 B 98ms
97ms Image
text/plain 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=14006182&tm=gtm002&Ver=2&mid=e5e98393-cb6b-4857-b115-727a4c229a74&sid=307a3f309ee311eeae7dedba17d82a07&vid=307a64909ee311eeb1193f3b01fc5182&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Spring%20Financial&p=https%3A%2F%2Fwww.springfinancial.ca%2Fdashboard%2Foptin%3Foppid%3D0063Z00000rDSBiQAO&r=&lt=1489&evt=pageLoad&sv=1&rn=868710

Requested by

Host: www.springfinancial.ca
URL: https://www.springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0001.a-msedge.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.springfinancial.ca/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 20 Dec 2023 02:55:10 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 874B35456D234DB4B857219B434FBDAE Ref B: YTO01EDGE0813 Ref C: 2023-12-20T02:55:10Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 esw.min.css
canada-drives.my.salesforce.com/embeddedservice/5.0/ 9 KB
4 KB 31ms
30ms Stylesheet
text/css 15.156.55.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://canada-drives.my.salesforce.com/embeddedservice/5.0/esw.min.css

Requested by

Host: canada-drives.my.salesforce.com
URL: https://canada-drives.my.salesforce.com/embeddedservice/5.0/esw.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.156.55.21 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-156-55-21.ca-central-1.compute.amazonaws.com

Software

Resource Hash

721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.springfinancial.ca/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

date: Wed, 20 Dec 2023 02:55:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 27 Aug 2021 14:11:57 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/css
cache-control: public,max-age=86400
accept-ranges: bytes
x-robots-tag: none
expires: Thu, 21 Dec 2023 02:55:10 GMT

GET
H2 200 liveagent.esw.min.js Show response
canada-drives.my.salesforce.com/embeddedservice/5.0/client/ 20 KB
6 KB 32ms
30ms Script
application/x-javascript 15.156.55.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://canada-drives.my.salesforce.com/embeddedservice/5.0/client/liveagent.esw.min.js

Requested by

Host: canada-drives.my.salesforce.com
URL: https://canada-drives.my.salesforce.com/embeddedservice/5.0/esw.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.156.55.21 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-156-55-21.ca-central-1.compute.amazonaws.com

Software

Resource Hash

1df96aff7c1a0b4a1f03d51ec741df8d542fcf32eddee1a0295068e4a7f0017b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.springfinancial.ca/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

date: Wed, 20 Dec 2023 02:55:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 17 Aug 2022 20:11:19 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public,max-age=86400
accept-ranges: bytes
x-robots-tag: none
expires: Thu, 21 Dec 2023 02:55:10 GMT

GET
H2 200 identify_bb163.js Show response
analytics.tiktok.com/i18n/pixel/static/ 135 KB
36 KB 32ms
32ms Script
application/javascript 23.44.203.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.203.84 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-203-84.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.springfinancial.ca/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

x-akamai-request-id: dce297dc
date: Wed, 20 Dec 2023 02:55:10 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202311090813330823F988293868EDB9DF
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-200-89-52.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 012f6c1f0055b60436964bf82cfe9d81cac5b5743867c792cd296eb5eb88d851a94b7fcfa3024afae67cf338d806dbe58bfb6717442a6768474e469f97b12b4f5da03676345cae7c28f14d76a38a9b87bacb46519bea945ee5feaf23d51ec692cc
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length: 36115

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
696 B 91ms
90ms Ping
text/plain 23.44.203.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.203.84 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-203-84.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.springfinancial.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: dce29875
date: Wed, 20 Dec 2023 02:55:10 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=dyn
x-tt-trace-id: 00-231220025510152D1024BD02CACB61F8-67F00D3CD46D2DA1-00
x-cache: TCP_MISS from a23-200-89-52.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=43, cdn-cache; desc=MISS, edge; dur=9, origin; dur=52
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231220025510152D1024BD02CACB61F8
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 52,23.200.89.52
x-tt-trace-host: 01dc3437e496b91caedd05e7248e6e873b2670884576b2a6ba94edc8987ff611d28fc9cb98cd501ae9db560bab2b9c4a3552dde1c7c1b07944aae4b33a5ab0ad51be45cf5ae7ceb2a991508f9c218819c525370fd3bdaabb745a72b91047aa2cb5
access-control-allow-headers: Authorization,*
expires: Wed, 20 Dec 2023 02:55:10 GMT

POST
H2 200 page Show response
rs.fullstory.com/rec/ 5 KB
2 KB 90ms
53ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: ce1bab1918293cde1a50b23793f2fac4591c03efade989915bb74902a6e9d263

Request headers

Referer: https://www.springfinancial.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0
Content-Type: text/plain

Response headers

date: Wed, 20 Dec 2023 02:55:10 GMT
content-encoding: gzip
via: 1.1 google
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.springfinancial.ca
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1617

GET
H2 200 integrations Show response
rs.fullstory.com/rec/ 4 KB
4 KB 53ms
52ms Script
text/javascript 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/integrations?OrgId=125NBH
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 628420217183058858ec7090d4ee21140b8630f24626b13a9f229f5351ecfdd8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.springfinancial.ca/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

date: Wed, 20 Dec 2023 02:55:10 GMT
via: 1.1 google
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/javascript; charset=utf-8

GET
H3 200 latest.js Show response
edge.fullstory.com/datalayer/v4/ 43 KB
12 KB 54ms
18ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/datalayer/v4/latest.js
Requested by: Host: rs.fullstory.com
URL: https://rs.fullstory.com/rec/integrations?OrgId=125NBH
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e9cb2dafa252ae54afb3b91b1c30d12761a37459d7e03741268408d9bd106bb6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.springfinancial.ca/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

date: Wed, 20 Dec 2023 02:00:50 GMT
content-encoding: gzip
age: 3260
x-guploader-uploadid: ABPtcPpJYN6_sPBt1MQTaICHDk6TtF3LauY-_1VSmseHXLf2YRumn3j1PXqLCllEKgvipudhZm2TtUuja4iDRCdXLFVFkP2KrDqp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11988
last-modified: Thu, 07 Dec 2023 18:14:04 GMT
server: UploadServer
etag: "74c222ff037de470a8a0cd171d91eac1"
x-goog-generation: 1701972844172525
x-goog-hash: crc32c=3HpAxw==, md5=dMIi/wN95HCooM0XHZHqwQ==
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 11988
accept-ranges: bytes
expires: Wed, 20 Dec 2023 03:00:50 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
697 B 67ms
67ms Ping
text/plain 23.44.203.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.203.84 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-203-84.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.springfinancial.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: dce29c2c
date: Wed, 20 Dec 2023 02:55:10 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=dyn
x-tt-trace-id: 00-231220025510F30979D1041B96846F60-3B6423487B7DB1A2-00
x-cache: TCP_MISS from a23-200-89-52.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=21, cdn-cache; desc=MISS, edge; dur=7, origin; dur=30
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231220025510F30979D1041B96846F60
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 31,23.200.89.52
x-tt-trace-host: 01dc3437e496b91caedd05e7248e6e873b2670884576b2a6ba94edc8987ff611d2a72e6ed3dc11b95d4f3641a9a795e51a24e9fe7ad9e571859e270af7d2dcee845138aa9da3befb7bd551e9aea83db32722045c437c349c0232e4f4b9b49be6ff
access-control-allow-headers: Authorization,*
expires: Wed, 20 Dec 2023 02:55:10 GMT

GET
H3 200 652810226652961 Show response
connect.facebook.net/signals/config/ 135 KB
35 KB 93ms
93ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/652810226652961?v=2.9.138&r=stable&domain=www.springfinancial.ca

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

c1b4e273105c08f500611f4c7c3e3741069ad9f4d72662d24654a946dd640f36

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.springfinancial.ca/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 20 Dec 2023 02:55:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 1gcM20s1+1nS8izQfBEua9bONf/IkBXR+3I/pWJDIiTmPc/HipesPgUcKPNbR2t0EzAJtP9pFUh4lbUue2rjnQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 108ms
34ms Image
text/plain 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=238470100011481&ev=PageView&dl=https%3A%2F%2Fwww.springfinancial.ca&rl=&if=false&ts=1703040910707&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4124&fbp=fb.1.1703040910705.19631317&pm=1&hrl=d10a20&ler=empty&it=1703040910308&coo=false&cs_cc=1&cas=6758747360888361%2C6811904742263065%2C7061885950512922%2C9026425584041603%2C4689355284453702&rqm=GET

Requested by

Host: www.springfinancial.ca
URL: https://www.springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.springfinancial.ca/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 20 Dec 2023 02:55:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 36ms
35ms Image
text/plain 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=652810226652961&ev=PageView&dl=https%3A%2F%2Fwww.springfinancial.ca%2Fdashboard%2Foptin%3Foppid%3D0063Z00000rDSBiQAO&rl=&if=false&ts=1703040910842&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1703040910705.19631317&ler=empty&it=1703040910308&coo=false&rqm=GET

Requested by

Host: www.springfinancial.ca
URL: https://www.springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.springfinancial.ca/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 20 Dec 2023 02:55:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 esw.html Show response
canada-drives.my.salesforce.com/embeddedservice/5.0/ Frame F444 379 B
635 B 29ms
29ms Document
text/html 15.156.55.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://canada-drives.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO

Requested by

Host: canada-drives.my.salesforce.com
URL: https://canada-drives.my.salesforce.com/embeddedservice/5.0/esw.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.156.55.21 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-156-55-21.ca-central-1.compute.amazonaws.com

Software

Resource Hash

f0fd989d3d400af9d0e449aecf31cef85e4ed7394306b79f8d8fde69bc907750

Security Headers

Name	Value
Content-Security-Policy	referrer origin-when-cross-origin; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.springfinancial.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: public,max-age=86400
content-encoding: gzip
content-security-policy: referrer origin-when-cross-origin; upgrade-insecure-requests
content-type: text/html;charset=UTF-8
date: Wed, 20 Dec 2023 02:55:10 GMT
expires: Thu, 21 Dec 2023 02:55:10 GMT
last-modified: Thu, 14 Sep 2023 00:07:47 GMT
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-robots-tag: none

GET
H2 200 eswFrame.min.js Show response
canada-drives.my.salesforce.com/embeddedservice/5.0/ Frame F444 5 KB
2 KB 31ms
31ms Script
application/x-javascript 15.156.55.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://canada-drives.my.salesforce.com/embeddedservice/5.0/eswFrame.min.js

Requested by

Host: canada-drives.my.salesforce.com
URL: https://canada-drives.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.156.55.21 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-156-55-21.ca-central-1.compute.amazonaws.com

Software

Resource Hash

0284b82fc74f4fd666a234fc2df3c7be10d49e40d9f5d238594f69b63c5d794d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://canada-drives.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

date: Wed, 20 Dec 2023 02:55:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 06 Oct 2022 23:37:30 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public,max-age=86400
accept-ranges: bytes
x-robots-tag: none
expires: Thu, 21 Dec 2023 02:55:10 GMT

GET
H2 200 session.esw.min.js Show response
canada-drives.my.salesforce.com/embeddedservice/5.0/frame/ Frame F444 2 KB
1 KB 30ms
30ms Script
application/x-javascript 15.156.55.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://canada-drives.my.salesforce.com/embeddedservice/5.0/frame/session.esw.min.js

Requested by

Host: canada-drives.my.salesforce.com
URL: https://canada-drives.my.salesforce.com/embeddedservice/5.0/eswFrame.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.156.55.21 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-156-55-21.ca-central-1.compute.amazonaws.com

Software

Resource Hash

f2863821119660d61dea8c3d9024b49b3cf368a87f54fada27a95379f20ce92b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://canada-drives.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

date: Wed, 20 Dec 2023 02:55:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 17 Aug 2022 20:10:21 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public,max-age=86400
accept-ranges: bytes
x-robots-tag: none
expires: Thu, 21 Dec 2023 02:55:10 GMT

GET
H2 200 broadcast.esw.min.js Show response
canada-drives.my.salesforce.com/embeddedservice/5.0/frame/ Frame F444 2 KB
1 KB 29ms
29ms Script
application/x-javascript 15.156.55.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://canada-drives.my.salesforce.com/embeddedservice/5.0/frame/broadcast.esw.min.js

Requested by

Host: canada-drives.my.salesforce.com
URL: https://canada-drives.my.salesforce.com/embeddedservice/5.0/eswFrame.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.156.55.21 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-156-55-21.ca-central-1.compute.amazonaws.com

Software

Resource Hash

ecb244f676677252c58d2eccb58f1b0b87b5dd6baab45d29d46dba74c823b7f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://canada-drives.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

date: Wed, 20 Dec 2023 02:55:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 18 Feb 2021 00:07:25 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public,max-age=86400
accept-ranges: bytes
x-robots-tag: none
expires: Thu, 21 Dec 2023 02:55:10 GMT

GET
H2 200 chasitor.esw.min.js Show response
canada-drives.my.salesforce.com/embeddedservice/5.0/frame/ Frame F444 23 KB
5 KB 31ms
30ms Script
application/x-javascript 15.156.55.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://canada-drives.my.salesforce.com/embeddedservice/5.0/frame/chasitor.esw.min.js

Requested by

Host: canada-drives.my.salesforce.com
URL: https://canada-drives.my.salesforce.com/embeddedservice/5.0/eswFrame.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.156.55.21 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-156-55-21.ca-central-1.compute.amazonaws.com

Software

Resource Hash

2b18192a287debcac96ef5cf0ffc45f720594a3c52a9c06a4478117871b21208

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://canada-drives.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

date: Wed, 20 Dec 2023 02:55:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 01 Feb 2023 22:50:33 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public,max-age=86400
accept-ranges: bytes
x-robots-tag: none
expires: Thu, 21 Dec 2023 02:55:11 GMT

GET
H/1.1 200
OK EmbeddedServiceConfig.jsonp Show response
d.la3-c1-ia2.salesforceliveagent.com/chat/rest/EmbeddedService/ 174 B
568 B 140ms
35ms Script
text/javascript 13.110.84.158
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la3-c1-ia2.salesforceliveagent.com/chat/rest/EmbeddedService/EmbeddedServiceConfig.jsonp?Settings.prefix=EmbeddedService&org_id=00Dj0000001tax6&EmbeddedServiceConfig.configName=Spring_Live_Chat&callback=embedded_svc.liveAgentAPI.handleChatSettings&version=48

Requested by

Host: canada-drives.my.salesforce.com
URL: https://canada-drives.my.salesforce.com/embeddedservice/5.0/utils/common.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.84.158 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl13-ncg0-iad3.la3-c1-ia2.salesforceliveagent.com

Software

Resource Hash

2940e0f14379fe794c3f9f42ea5b659fc998b5f6948b1a692789880a9add94a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.springfinancial.ca/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: close
Expires: -1

GET
H2 200 invite.esw.min.js Show response
canada-drives.my.salesforce.com/embeddedservice/5.0/client/ 19 KB
5 KB 33ms
32ms Script
application/x-javascript 15.156.55.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://canada-drives.my.salesforce.com/embeddedservice/5.0/client/invite.esw.min.js

Requested by

Host: canada-drives.my.salesforce.com
URL: https://canada-drives.my.salesforce.com/embeddedservice/5.0/esw.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.156.55.21 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-156-55-21.ca-central-1.compute.amazonaws.com

Software

Resource Hash

11b97392fe91256a463d66e0a68f1ed068dd3ba2200289fa89e0afb2b0558b12

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.springfinancial.ca/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

date: Wed, 20 Dec 2023 02:55:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 24 Sep 2021 16:25:36 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public,max-age=86400
accept-ranges: bytes
x-robots-tag: none
expires: Thu, 21 Dec 2023 02:55:11 GMT

GET
H2 200 filetransfer.esw.min.js Show response
canada-drives.my.salesforce.com/embeddedservice/5.0/frame/ Frame F444 473 B
539 B 32ms
31ms Script
application/x-javascript 15.156.55.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://canada-drives.my.salesforce.com/embeddedservice/5.0/frame/filetransfer.esw.min.js

Requested by

Host: canada-drives.my.salesforce.com
URL: https://canada-drives.my.salesforce.com/embeddedservice/5.0/eswFrame.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.156.55.21 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-156-55-21.ca-central-1.compute.amazonaws.com

Software

Resource Hash

34172e3b2c0f93498a2730933bc90740b38178cf10bd81b3164289d0445644a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://canada-drives.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

date: Wed, 20 Dec 2023 02:55:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 18 Aug 2020 17:12:47 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public,max-age=86400
accept-ranges: bytes
x-robots-tag: none
expires: Thu, 21 Dec 2023 02:55:11 GMT

GET
H/1.1 200
OK Settings.jsonp Show response
d.la3-c1-ia2.salesforceliveagent.com/chat/rest/Visitor/ 177 B
568 B 130ms
35ms Script
text/javascript 13.110.84.158
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la3-c1-ia2.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp?Settings.prefix=Visitor&Settings.buttonIds=[5733Z000000Gznm]&Settings.updateBreadcrumb=1&callback=embedded_svc.liveAgentAPI.connection.handlePing&deployment_id=5723Z000000GxL2&org_id=00Dj0000001tax6&version=48

Requested by

Host: canada-drives.my.salesforce.com
URL: https://canada-drives.my.salesforce.com/embeddedservice/5.0/client/liveagent.esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.84.158 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl13-ncg0-iad3.la3-c1-ia2.salesforceliveagent.com

Software

Resource Hash

ab87844ef3e1a87e7d484904702276ec4425416746ff434983435b3749914873

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.springfinancial.ca/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: close
Expires: -1

GET
H2 200 inert.min.js Show response
canada-drives.my.salesforce.com/embeddedservice/5.0/utils/ 8 KB
3 KB 29ms
29ms Script
application/x-javascript 15.156.55.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://canada-drives.my.salesforce.com/embeddedservice/5.0/utils/inert.min.js

Requested by

Host: canada-drives.my.salesforce.com
URL: https://canada-drives.my.salesforce.com/embeddedservice/5.0/esw.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.156.55.21 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-156-55-21.ca-central-1.compute.amazonaws.com

Software

Resource Hash

12834f596f899e7e17cc2a4a76a1ee77ea0f1ebbfb61e8a33dafe426327c71a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.springfinancial.ca/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

date: Wed, 20 Dec 2023 02:55:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 18 Aug 2020 17:12:47 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public,max-age=86400
accept-ranges: bytes
x-robots-tag: none
expires: Thu, 21 Dec 2023 02:55:11 GMT

GET
H/1.1 200
OK EmbeddedServiceConfig.jsonp Show response
d.la1-core1.sfdc-58ktaz.salesforceliveagent.com/chat/rest/EmbeddedService/ 19 KB
4 KB 96ms
36ms Script
text/javascript 3.97.95.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la1-core1.sfdc-58ktaz.salesforceliveagent.com/chat/rest/EmbeddedService/EmbeddedServiceConfig.jsonp?Settings.prefix=EmbeddedService&org_id=00Dj0000001tax6&EmbeddedServiceConfig.configName=Spring_Live_Chat&callback=embedded_svc.liveAgentAPI.handleChatSettings&version=48

Requested by

Host: canada-drives.my.salesforce.com
URL: https://canada-drives.my.salesforce.com/embeddedservice/5.0/utils/common.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

3.97.95.115 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-97-95-115.ca-central-1.compute.amazonaws.com

Software

envoy /

Resource Hash

438f6e79bc26620037fe60914628cdd62aab6f006fd791032676ff83a8cbaf2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.springfinancial.ca/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 02:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: envoy
transfer-encoding: chunked
content-type: text/javascript
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
x-envoy-upstream-service-time: 10
expires: -1

GET
H/1.1 200
OK Settings.jsonp Show response
d.la1-core1.sfdc-58ktaz.salesforceliveagent.com/chat/rest/Visitor/ 351 B
648 B 88ms
30ms Script
text/javascript 3.97.95.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la1-core1.sfdc-58ktaz.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp?Settings.prefix=Visitor&Settings.buttonIds=[5733Z000000Gznm]&Settings.updateBreadcrumb=1&callback=embedded_svc.liveAgentAPI.connection.handlePing&deployment_id=5723Z000000GxL2&org_id=00Dj0000001tax6&version=48

Requested by

Host: canada-drives.my.salesforce.com
URL: https://canada-drives.my.salesforce.com/embeddedservice/5.0/client/liveagent.esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

3.97.95.115 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-97-95-115.ca-central-1.compute.amazonaws.com

Software

envoy /

Resource Hash

6202966c0ad86286f7f23327aa96ce8f3c63529cdbfd6de518ed3bf813b7f4ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.springfinancial.ca/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 02:55:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: envoy
transfer-encoding: chunked
content-type: text/javascript
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4
expires: -1

POST
H3 200 v2 Show response
rs.fullstory.com/rec/bundle/ 29 B
43 B 121ms
77ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle/v2?OrgId=125NBH&UserId=2f757327-8a1a-4f6e-8545-191f0e568f24&SessionId=1d94d710-fc45-42bc-a401-473d399a2f07&PageId=caa63d30-fcb4-4116-bef7-eec257b2cf67&Seq=1&PageStart=1703040910534&PrevBundleTime=0&LastActivity=862&IsNewSession=true
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: b6fa87d65cca82649fc00f113babe67ebec4193d3c0dc98d1d550ea23182c32c

Request headers

Referer: https://www.springfinancial.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.springfinancial.ca
date: Wed, 20 Dec 2023 02:55:11 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

GET
H2 200 l
use.typekit.net/af/7da767/00000000000000003b9ade30/27/ 84 KB
84 KB 39ms
38ms Font
application/font-woff2 23.199.55.63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/7da767/00000000000000003b9ade30/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/owb4fan.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.199.55.63 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-199-55-63.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: fd23f092e95dc4f694424bac806474d0f05644462bdc863704e93d9c361f94ff

Request headers

Referer: https://use.typekit.net/owb4fan.css
Origin: https://www.springfinancial.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

date: Wed, 20 Dec 2023 02:55:12 GMT
server: nginx
etag: "1b0801d8d616730977a726b65ead5f0e2acfdac9"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 85756

GET
H2 200 l
use.typekit.net/af/8939f9/00000000000000007735a061/30/ 18 KB
18 KB 33ms
33ms Font
application/font-woff2 23.199.55.63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/8939f9/00000000000000007735a061/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/owb4fan.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.199.55.63 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-199-55-63.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: fd8967417795f539dbb323ead019548f84a3875f7c2277db47d2d7ed630a48c1

Request headers

Referer: https://use.typekit.net/owb4fan.css
Origin: https://www.springfinancial.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

date: Wed, 20 Dec 2023 02:55:12 GMT
server: nginx
etag: "688538e722636b5c39cb4cffbe6ad7c0119c9521"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18584

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 42ms
42ms Ping
text/plain 172.253.63.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-HPFKPP4K8S&gtm=45je3bt0v893274488&_p=1703040910079&gcd=11l1l1l1l1&dma=0&cid=1341375148.1703040910&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEA&_s=3&sid=1703040910&sct=1&seg=0&dl=https%3A%2F%2Fwww.springfinancial.ca%2Fdashboard%2Foptin%3Foppid%3D0063Z00000rDSBiQAO&dt=Spring%20Financial&en=scroll&ep.content_group=Other&epn.percent_scrolled=90&_et=12&tfd=6620
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HPFKPP4K8S&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.63.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bi-in-f139.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.springfinancial.ca/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 02:55:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.springfinancial.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST v2
rs.fullstory.com/rec/bundle/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: rs.fullstory.com
URL: https://rs.fullstory.com/rec/bundle/v2?OrgId=125NBH&UserId=2f757327-8a1a-4f6e-8545-191f0e568f24&SessionId=1d94d710-fc45-42bc-a401-473d399a2f07&PageId=caa63d30-fcb4-4116-bef7-eec257b2cf67&Seq=2&PageStart=1703040910534&PrevBundleTime=1703040911618&LastActivity=4858&IsNewSession=true

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
spgfl.ca/	1970-01-20 17:14:05	Name: AWSALB Value: AxUSifOqIv89PrVhVmSJiykimPeQ9W7x1ZANuop/DGBQc35+oUUJ/1q7Bclq93MG8DGywGv2Of+YXJOit1E9pAfVHvK1yQmzd6gepiHcWv0n5JM3c3+e1/kB82C+
spgfl.ca/	1970-01-20 17:14:05	Name: AWSALBCORS Value: AxUSifOqIv89PrVhVmSJiykimPeQ9W7x1ZANuop/DGBQc35+oUUJ/1q7Bclq93MG8DGywGv2Of+YXJOit1E9pAfVHvK1yQmzd6gepiHcWv0n5JM3c3+e1/kB82C+
springfinancial.ca/	1970-01-20 17:14:05	Name: AWSALB Value: VMH5dv4DfQukxj4HF9dPO7f0iGIaXX6cyu+g9R6FRSX02YNXFB9zhmyXZocF2Sg04yZKGqE/4koicUL/Zr+eawidIr/wTLH087rGQLa93Bo/a4UpnKksrUHZ7Uor
springfinancial.ca/	1970-01-20 17:14:05	Name: AWSALBCORS Value: VMH5dv4DfQukxj4HF9dPO7f0iGIaXX6cyu+g9R6FRSX02YNXFB9zhmyXZocF2Sg04yZKGqE/4koicUL/Zr+eawidIr/wTLH087rGQLa93Bo/a4UpnKksrUHZ7Uor
.springfinancial.ca/	1970-01-20 19:13:36	Name: _gcl_au Value: 1.1.864654783.1703040910
.tiktok.com/	1970-01-21 02:25:36	Name: _ttp Value: 2ZmxAGm3hDfqxwzKunujJ7YF9GC
.springfinancial.ca/	1970-01-21 02:40:00	Name: _ga Value: GA1.1.1341375148.1703040910
www.springfinancial.ca/	1970-01-20 17:14:05	Name: AWSALB Value: p7+tu5vl17vEU4ZZEUB3q0QXLjjseBCyOcFAw0tjZCssW6x3BxnieLptwpwcKL/8gXZrp7Xj2gCwjP4qGX1GANagGz3LKnGLb4JSG3a4Zw8BY4R0SWRJmrT44zik
www.springfinancial.ca/	1970-01-20 17:14:05	Name: AWSALBCORS Value: p7+tu5vl17vEU4ZZEUB3q0QXLjjseBCyOcFAw0tjZCssW6x3BxnieLptwpwcKL/8gXZrp7Xj2gCwjP4qGX1GANagGz3LKnGLb4JSG3a4Zw8BY4R0SWRJmrT44zik
.springfinancial.ca/	1970-01-21 02:40:00	Name: _ga_HPFKPP4K8S Value: GS1.1.1703040910.1.0.1703040910.60.0.0
.springfinancial.ca/	1970-01-20 17:05:27	Name: _uetsid Value: 307a3f309ee311eeae7dedba17d82a07
.springfinancial.ca/	1970-01-21 02:25:36	Name: _uetvid Value: 307a64909ee311eeb1193f3b01fc5182
.springfinancial.ca/	1970-01-21 02:25:36	Name: _tt_enable_cookie Value: 1
.bing.com/	1970-01-21 02:25:36	Name: MUID Value: 245A87BFFD94600A19489452FCBE6130
.bat.bing.com/	1970-01-20 17:14:05	Name: MR Value: 0
.springfinancial.ca/	1970-01-21 02:25:36	Name: _ttp Value: PCpXIBinRP31QKRSDhaquLT53kY
.t.co/	1970-01-21 02:40:00	Name: muc_ads Value: d60c44e5-c1e0-46b1-b473-4551a4fadcfd
.twitter.com/	1970-01-21 02:40:00	Name: guest_id_marketing Value: v1%3A170304091044680463
.twitter.com/	1970-01-21 02:40:00	Name: guest_id_ads Value: v1%3A170304091044680463
.twitter.com/	1970-01-21 02:40:00	Name: personalization_id Value: "v1_aQ806ocoRqSu4v1EBbadYw=="
.twitter.com/	1970-01-21 02:40:00	Name: guest_id Value: v1%3A170304091044680463
.springfinancial.ca/	1970-01-20 17:04:02	Name: fs_lua Value: 1.1703040910533
.springfinancial.ca/	1970-01-21 01:49:36	Name: fs_uid Value: #125NBH#2f757327-8a1a-4f6e-8545-191f0e568f24:1d94d710-fc45-42bc-a401-473d399a2f07:1703040910533::1#/1734576910
.springfinancial.ca/	1970-01-20 19:13:36	Name: _fbp Value: fb.1.1703040910705.19631317

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/238470100011481?v=2.9.138&r=stable&domain=www.springfinancial.ca(Line 95) Message: Unrecognized feature: 'attribution-reporting'.
security	error	URL: https://canada-drives.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.springfinancial.ca/dashboard/optin?oppid=0063Z00000rDSBiQAO Message: Unrecognized Content-Security-Policy directive 'referrer'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
analytics.tiktok.com
analytics.twitter.com
api.springfinancial.ca
app.varify.io
bat.bing.com
canada-drives.my.salesforce.com
connect.facebook.net
d.la1-core1.sfdc-58ktaz.salesforceliveagent.com
d.la3-c1-ia2.salesforceliveagent.com
edge.fullstory.com
p.typekit.net
rs.fullstory.com
spgfl.ca
springfinancial.ca
static.ads-twitter.com
stats.g.doubleclick.net
t.co
use.typekit.net
widget.trustpilot.com
www.facebook.com
www.google.ca
www.googletagmanager.com
www.springfinancial.ca
rs.fullstory.com
104.21.19.216
104.244.42.195
104.244.42.69
104.26.9.146
104.26.9.83
13.110.84.158
142.250.31.94
142.251.111.97
142.251.167.154
146.75.36.157
15.156.55.21
172.253.63.139
172.67.69.83
204.79.197.200
23.199.55.39
23.199.55.63
23.44.203.84
3.97.95.115
31.13.66.19
31.13.66.35
35.186.194.58
35.201.112.186
52.85.132.123
0284b82fc74f4fd666a234fc2df3c7be10d49e40d9f5d238594f69b63c5d794d
02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9
11b97392fe91256a463d66e0a68f1ed068dd3ba2200289fa89e0afb2b0558b12
12834f596f899e7e17cc2a4a76a1ee77ea0f1ebbfb61e8a33dafe426327c71a3
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1df96aff7c1a0b4a1f03d51ec741df8d542fcf32eddee1a0295068e4a7f0017b
2205e1d381eaeed299d7e77876d6406b879f7a32165d32c8ddcca6b17336077d
2700138265d83981a90c8049cbab5eaa2a8e9bcada08626a8dc7c7d0d98bebc6
28941f7c124eeda102bd51d937528d08c36df24d874e5b5f0e6396846f2d24c0
2940e0f14379fe794c3f9f42ea5b659fc998b5f6948b1a692789880a9add94a5
2b18192a287debcac96ef5cf0ffc45f720594a3c52a9c06a4478117871b21208
2c1e6c4f4859bdae42f7074782e321b3601b019201a39a468281895c4fce3142
34172e3b2c0f93498a2730933bc90740b38178cf10bd81b3164289d0445644a9
3d3c7d3bf70f3c02c8f95dbb8ba5f5143973411d719e617fca4e89553a866533
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
438f6e79bc26620037fe60914628cdd62aab6f006fd791032676ff83a8cbaf2e
48b1d094e30e8fcb3648240ec028b3a4243e487a8635febfbbd5da8ddfda1500
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
6202966c0ad86286f7f23327aa96ce8f3c63529cdbfd6de518ed3bf813b7f4ab
62723060de0c92d89ec49f9b3bc1fd54b786111e8ad3451a6cf7ebc8553e7b74
628420217183058858ec7090d4ee21140b8630f24626b13a9f229f5351ecfdd8
69bb63c94fbe355f31e642a8628279a188fa53b9bedfa01ae4bde05049ded40f
721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad
7c273510050e27ad1e0a533b0a766c6c597575710d578a104e60d4810e173648
8f36ecd4052c2f8f9c868cf91a582dba43d724d61a2f336b721e7a74fb68d912
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
ab87844ef3e1a87e7d484904702276ec4425416746ff434983435b3749914873
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b6fa87d65cca82649fc00f113babe67ebec4193d3c0dc98d1d550ea23182c32c
c1b4e273105c08f500611f4c7c3e3741069ad9f4d72662d24654a946dd640f36
c20abb5192d8f679785e4ace448cfaa3c4dbc9ca388eee0de055ca5bed0a9e25
c6111fb50a9610ca36bf71d683cce3e7beef60395adfe1e0b691784e6221b767
c70be61ebf5ebc5fb158df7bcc05e1a645c16c863901eb8487fc3d14d2ac801a
cd138cb8d1483ae8b41c3516e2001b12ac70368c411c9a6a5727d42f7162ab30
ce1bab1918293cde1a50b23793f2fac4591c03efade989915bb74902a6e9d263
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
deaeaa1148cde2528abeba8441b00219e065b996d05ef4990bfe442643cec391
e23b584c69882ed74e0cd2cd6e32b3e259b773ac59e7c8f620952d391145bd32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9cb2dafa252ae54afb3b91b1c30d12761a37459d7e03741268408d9bd106bb6
ecb244f676677252c58d2eccb58f1b0b87b5dd6baab45d29d46dba74c823b7f2
ee4cffde16352cdf7a6a831136c5905d26c88faa8f21a3820ff70dc8b24c8563
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4dcc4dab4d780f44939c455d4720cab662b2f5fabc36ebc33a21f4cdbecd4e
f0fd989d3d400af9d0e449aecf31cef85e4ed7394306b79f8d8fde69bc907750
f2863821119660d61dea8c3d9024b49b3cf368a87f54fada27a95379f20ce92b
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
f5a487cf29986023e3927bc774fea6fcda900fb5bf9d3ef130c2d3a4d6970413
fb96aea9c665ba66e65009173bcdda5a83c9de3622d57658d20fce82508f7575
fd23f092e95dc4f694424bac806474d0f05644462bdc863704e93d9c361f94ff
fd8967417795f539dbb323ead019548f84a3875f7c2277db47d2d7ed630a48c1
fe41b3cd86ee64f93dfa5789ecd8f463ec60f4ae3f70f5b58fa09c9132c9a4cd

www.springfinancial.ca Open in urlscan Pro 172.67.69.83 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

64 Requests

98 %HTTPS

0 %IPv6

19 Domains

24 Subdomains

23 IPs

3 Countries

1187 kBTransfer

4062 kBSize

24 Cookies

0 Outgoing links

Page URL History

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.springfinancial.ca Open in urlscan Pro
172.67.69.83 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

98 %
HTTPS

0 %
IPv6

19
Domains

24
Subdomains

23
IPs

3
Countries

1187 kB
Transfer

4062 kB
Size

24
Cookies

64 HTTP transactions
0 data transactions