urlscan.io logo urlscan.io
SecurityTrails logo

mnpdebt.ca Open in urlscan Pro
104.25.109.37  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://e.metaclassaction.ca/
Effective URL: https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Submission: On June 30 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 29 IPs in 2 countries across 24 domains to perform 70 HTTP transactions. The main IP is 104.25.109.37, located in and belongs to CLOUDFLARENET, US. The main domain is mnpdebt.ca.
TLS certificate: Issued by WE1 on June 19th 2024. Valid for: 3 months.
This is the only time mnpdebt.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.41.58.18 16509 (AMAZON-02)
25 104.25.109.37 13335 (CLOUDFLAR...)
1 142.251.174.95 15169 (GOOGLE)
3 151.101.129.229 54113 (FASTLY)
1 104.17.24.14 13335 (CLOUDFLAR...)
2 173.194.68.106 15169 (GOOGLE)
1 151.101.2.137 54113 (FASTLY)
4 172.253.63.97 15169 (GOOGLE)
2 34.96.102.137 396982 (GOOGLE-CL...)
1 192.229.163.53 15133 (EDGECAST)
1 173.194.68.94 15169 (GOOGLE)
1 209.85.201.94 15169 (GOOGLE)
5 173.194.68.101 15169 (GOOGLE)
3 89.187.177.17 60068 (CDN77 _)
2 31.13.66.19 32934 (FACEBOOK)
1 13.32.206.122 16509 (AMAZON-02)
1 1 72.21.91.66 15133 (EDGECAST)
1 146.75.28.157 54113 (FASTLY)
2 192.184.67.40 16509 (AMAZON-02)
2 13.107.253.38 8075 (MICROSOFT...)
1 2 209.85.144.149 15169 (GOOGLE)
1 173.194.205.148 15169 (GOOGLE)
1 173.194.68.105 15169 (GOOGLE)
1 13.226.34.100 16509 (AMAZON-02)
1 34.209.139.196 16509 (AMAZON-02)
1 142.251.167.157 15169 (GOOGLE)
1 72.21.81.130 15133 (EDGECAST)
1 104.244.42.67 13414 (TWITTER)
2 31.13.66.35 32934 (FACEBOOK)
1 20.10.16.51 8075 (MICROSOFT...)
70 29
1    52.41.58.18 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-41-58-18.us-west-2.compute.amazonaws.com
e.metaclassaction.ca
25    104.25.109.37 (None, )

ASN13335 (CLOUDFLARENET, US)
mnpdebt.ca
1    142.251.174.95 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: qc-in-f95.1e100.net
fonts.googleapis.com
3    151.101.129.229 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    173.194.68.106 (United States)

ASN15169 (GOOGLE, US)
PTR: qr-in-f106.1e100.net
www.google.com
1    151.101.2.137 (San Francisco, United States)

ASN54113 (FASTLY, US)
code.jquery.com
4    172.253.63.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f97.1e100.net
www.googletagmanager.com
2    34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
1    192.229.163.53 (United States)

ASN15133 (EDGECAST, US)
static.olark.com
1    173.194.68.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qr-in-f94.1e100.net
fonts.gstatic.com
1    209.85.201.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qu-in-f94.1e100.net
www.gstatic.com
5    173.194.68.101 (United States)

ASN15169 (GOOGLE, US)
PTR: qr-in-f101.1e100.net
www.google-analytics.com
3    89.187.177.17 (New York, United States)

ASN60068 (CDN77 _, GB)
PTR: 135577161.nyc.cdn77.com
cdn.userway.org
2    31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net
connect.facebook.net
1    13.32.206.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-206-122.iad66.r.cloudfront.net
js.adsrvr.org
1    72.21.91.66 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    146.75.28.157 (Ashburn, United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    192.184.67.40 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
2    13.107.253.38 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    209.85.144.149 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: qv-in-f149.1e100.net
4653320.fls.doubleclick.net
1    173.194.205.148 (United States)

ASN15169 (GOOGLE, US)
PTR: qm-in-f148.1e100.net
ad.doubleclick.net
1    173.194.68.105 (United States)

ASN15169 (GOOGLE, US)
PTR: qr-in-f105.1e100.net
www.google.com
1    13.226.34.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-100.ewr53.r.cloudfront.net
rules.quantcount.com
1    34.209.139.196 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-209-139-196.us-west-2.compute.amazonaws.com
api.userway.org
1    142.251.167.157 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f157.1e100.net
stats.g.doubleclick.net
1    72.21.81.130 (United States)

ASN15133 (EDGECAST, US)
t.co
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
2    31.13.66.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-iad3.facebook.com
www.facebook.com
1    20.10.16.51 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
z.clarity.ms
Apex Domain
Subdomains		 Transfer
25 mnpdebt.ca
mnpdebt.ca
1 MB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 71
22 KB
4 doubleclick.net
4653320.fls.doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 164
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
1 KB
4 userway.org
cdn.userway.org — Cisco Umbrella Rank: 4625
api.userway.org — Cisco Umbrella Rank: 4518
49 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
390 KB
3 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 743
z.clarity.ms — Cisco Umbrella Rank: 7823
27 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 5
2 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381
17 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
4 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1625
pixel.quantserve.com — Cisco Umbrella Rank: 1193
10 KB
2 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1433
analytics.twitter.com — Cisco Umbrella Rank: 986
778 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 204
72 KB
2 gstatic.com
fonts.gstatic.com
www.gstatic.com
338 KB
2 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4205
2 KB
1 t.co
t.co — Cisco Umbrella Rank: 726
376 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1607
1 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 905
15 KB
1 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1585
5 KB
1 olark.com
static.olark.com — Cisco Umbrella Rank: 18291
3 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 816
30 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 268
6 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
775 B
1 metaclassaction.ca
e.metaclassaction.ca
138 B
0 krxd.net Failed
usermatch.krxd.net Failed
70 24
Domain Requested by
25 mnpdebt.ca mnpdebt.ca
code.jquery.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 www.googletagmanager.com mnpdebt.ca
www.googletagmanager.com
3 cdn.userway.org www.googletagmanager.com
cdn.userway.org
3 www.google.com mnpdebt.ca
www.gstatic.com
3 cdn.jsdelivr.net mnpdebt.ca
2 www.facebook.com mnpdebt.ca
2 4653320.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 www.clarity.ms mnpdebt.ca
www.clarity.ms
2 connect.facebook.net mnpdebt.ca
connect.facebook.net
2 dev.visualwebsiteoptimizer.com mnpdebt.ca
1 z.clarity.ms www.clarity.ms
1 pixel.quantserve.com mnpdebt.ca
1 analytics.twitter.com mnpdebt.ca
1 t.co mnpdebt.ca
1 stats.g.doubleclick.net www.google-analytics.com
1 api.userway.org cdn.userway.org
1 rules.quantcount.com secure.quantserve.com
1 ad.doubleclick.net mnpdebt.ca
1 secure.quantserve.com mnpdebt.ca
1 static.ads-twitter.com mnpdebt.ca
1 platform.twitter.com 1 redirects
1 js.adsrvr.org www.googletagmanager.com
1 www.gstatic.com www.google.com
1 fonts.gstatic.com fonts.googleapis.com
1 static.olark.com mnpdebt.ca
1 code.jquery.com mnpdebt.ca
1 cdnjs.cloudflare.com mnpdebt.ca
1 fonts.googleapis.com mnpdebt.ca
1 e.metaclassaction.ca 1 redirects
0 usermatch.krxd.net Failed mnpdebt.ca
70 31

This site contains no links.

Subject Issuer Validity Valid
mnpdebt.ca
WE1		 2024-06-19 -
2024-09-17		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
*.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.google-analytics.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2024-06-29 -
2025-07-31		 a year crt.sh
static.olark.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-20 -
2025-03-22		 a year crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
1667503734.rsc.cdn77.org
R3		 2024-05-07 -
2024-08-05		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-08 -
2024-07-07		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2024-04-23 -
2025-05-25		 a year crt.sh
quantserve.com
R10		 2024-06-24 -
2024-09-22		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.doubleclick.net
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
api.userway.org
Amazon RSA 2048 M03		 2023-09-02 -
2024-09-30		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
t.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-08 -
2025-05-07		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-11-05		 a year crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh

This page contains 4 frames:

Primary Page: https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Frame ID: 600CA5F2A9B97D3C6B640378232BF05D
Requests: 68 HTTP requests in this frame

Frame: data://truncated
Frame ID: BC5403204C14C70AFDF672379F0F5AE9
Requests: 3 HTTP requests in this frame

Frame: https://4653320.fls.doubleclick.net/activityi;dc_pre=COjRqdCpg4cDFdTg_QUdQg8Aiw;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=4569725419151;npa=0;auiddc=1266898220.1719750439;ps=1;pcor=947115920;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46q0v9181660592z872010953za201zb72010953;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen%2Fcorporate%2Fother-services%2Fclass-action-claims-administration
Frame ID: 4E0858EA006A41DDDF1DBBDFEA978504
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LchOswZAAAAAExqv__mYOvUeAutmKH1O2lM_u57&co=aHR0cHM6Ly9tbnBkZWJ0LmNhOjQ0Mw..&hl=en&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=invisible&cb=tglb90z9w0ht
Frame ID: A62086959EB32FC0FA10E871947758D0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://e.metaclassaction.ca/ HTTP 302
    https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration Page URL

Page Statistics

70
Requests

97 %
HTTPS

0 %
IPv6

24
Domains

31
Subdomains

29
IPs

2
Countries

2103 kB
Transfer

4455 kB
Size

34
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://e.metaclassaction.ca/ HTTP 302
    https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46
  • https://platform.twitter.com/oct.js HTTP 301
  • https://static.ads-twitter.com/oct.js
Request Chain 49
  • https://insight.adsrvr.org/track/evnt/?adv=i4v66ce&ct=0:8qk2i4k&fmt=3&gtmcb=517427401 HTTP 302
  • https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=1b079f94-b1e5-4b5d-94fb-63e7d6614a98
Request Chain 53
  • https://4653320.fls.doubleclick.net/activityi;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=4569725419151;npa=0;auiddc=1266898220.1719750439;ps=1;pcor=947115920;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46q0v9181660592z872010953za201zb72010953;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen%2Fcorporate%2Fother-services%2Fclass-action-claims-administration HTTP 302
  • https://4653320.fls.doubleclick.net/activityi;dc_pre=COjRqdCpg4cDFdTg_QUdQg8Aiw;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=4569725419151;npa=0;auiddc=1266898220.1719750439;ps=1;pcor=947115920;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46q0v9181660592z872010953za201zb72010953;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen%2Fcorporate%2Fother-services%2Fclass-action-claims-administration

70 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request class-action-claims-administration
mnpdebt.ca/en/corporate/other-services/
Redirect Chain
  • https://e.metaclassaction.ca/
  • https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
78 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.25.109.37 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1dcd949e0bd62ab6b344b3a56d357a14d0de2f586fe3a1e3ade1801759321e4
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' d1mj578wat5n4o.cloudfront.net cdn.jsdelivr.net polyfill.io js.zi-scripts.com *.ceros.com *.moosend.com *.postescanada-canadapost.ca *.azurefd.net *.azureedge.net *.stat-track.com *.ghostretail.com *.userway.org *.clearbitjs.com *.evidon.com *.clearbitscripts.com *.bing.com *.clarity.ms qvdt3feo.com *.esnlocco.com *.google.ca *.zscalerthree.net *.googlesyndication.com *.fontawesome.com *.demandbase.com *.6sc.co cdnjs.cloudflare.com *.actonsoftware.com *.mnp.ca *.callrail.com *.adnxs.com *.hscollectedforms.net *.hs-banner.com *.hsadspixel.net *.hs-analytics.net *.hs-scripts.com *.googleadservices.com gtm.js *.olark.com *.visualwebsiteoptimizer.com *.wufoo.com *.hsforms.com *.hsforms.net data.processwebsitedata.com *.calendly.com *.ubembed.com *.js.ubembed.com *.googleapis.com *.hubspot.com *.youtube.com *.vimeocdn.com *.stackadapt.com *.simpli.fi *.sharethis.com *.licdn.com *.hotjar.com *.googletagmanager.com *.jquery.com *.google.com www.gstatic.com www.google-analytics.com connect.facebook.net js.adsrvr.org platform.twitter.com secure.quantserve.com static.ads-twitter.com rules.quantcount.com insight.adsrvr.org analytics.twitter.com *.doubleclick.net; style-src 'unsafe-inline' 'self' cdn.jsdelivr.net *.bootstrapcdn.com *.moosend.com *.postescanada-canadapost.ca *.azurefd.net *.userway.org cdnjs.cloudflare.com *.actonsoftware.com *.mnp.ca *.googletagmanager.com *.olark.com *.typekit.net fonts.googleapis.com; font-src cdn.jsdelivr.net *.bootstrapcdn.com *.postescanada-canadapost.ca *.azurefd.net *.userway.org cdnjs.cloudflare.com *.mnp.ca *.fontawesome.com *.olark.com fonts.gstatic.com use.typekit.net; img-src 'self' data: *.dynamics.com obs.esnlocco.com *.designer-images.net *.postescanada-canadapost.ca *.azurefd.net *.ghostretail.com cdn.jsdelivr.net *.krxd.net *.userway.org *.evidon.com *.clarity.ms *.bing.com *.zscalerthree.net *.website-files.com *.rlcdn.com *.company-target.com *.bidr.io *.6sc.co *.sharethis.com *.twitter.com *.adnxs.com *.hsforms.com *.atedra.com *.olark.com *.visualwebsiteoptimizer.com *.gstatic.com *.googleapis.com *.hubspot.com *.googletagmanager.com *.facebook.net *.adsymptotic.com *.linkedin.com *.stackadapt.com *.google.ca *.google.com *.google.co.in *.doubleclick.net *.adsrvr.org pixel.quantserve.com www.google-analytics.com www.facebook.com dpm.demdex.net t.co; connect-src 'self' ws: *.sitecorecloud.io members-utilities-service-web.m-operations.com server-side-tagging-i5xuhybifq-uc.a.run.app js.zi-scripts.com obs.esnlocco.com *.postescanada-canadapost.ca *.azurefd.net *.googlesyndication.com *.m-pages.com *.stat-track.com *.hscollectedforms.net *.googleadservices.com *.dynamics.com *.evidon.com *.linkedin.com *.ghostretail.com *.userway.org *.clearbit.com *.clarity.ms *.facebook.com bcp.crwdcntrl.net *.google.com *.linkedin.oribi.io *.google.ca *.fontawesome.com *.adnxs.com *.company-target.com *.6sc.co *.callrail.com *.visualwebsiteoptimizer.com app.vwo.com *.hubapi.com *.hubspot.com *.olark.com *.events.ubembed.com *.hsforms.com *.s3.amazonaws.com *.hotjar.com *.hotjar.io *.sharethis.com *.google-analytics.com analytics.google.com *.googleapis.com *.doubleclick.net; frame-src 'self' *.ceros.com *.postescanada-canadapost.ca *.azurefd.net *.dynamics.com *.userway.org *.evidon.com *.ghostretail.com *.googlesyndication.com *.hsforms.net *.mnp.ca *.podcasts.apple.com *.spotify.com *.olark.com *.pages.ubembed.com *.hsforms.com calendly.com *.sendthisfile.com *.sharethis.com *.hotjar.com *.consensu.org *.adsrvr.org *.youtube.com *.vimeo.com *.wufoo.com *.doubleclick.net insight.adsrvr.org www.facebook.com www.google.com; form-action 'self' *.postescanada-canadapost.ca *.azurefd.net *.mnp.ca www.facebook.com *.hsforms.com; media-src 'unsafe-inline' 'self' *.ghostretail.com
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
private
cf-cache-status
DYNAMIC
cf-ray
89be264a394c542b-YYZ
content-encoding
br
content-security-policy
default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' d1mj578wat5n4o.cloudfront.net cdn.jsdelivr.net polyfill.io js.zi-scripts.com *.ceros.com *.moosend.com *.postescanada-canadapost.ca *.azurefd.net *.azureedge.net *.stat-track.com *.ghostretail.com *.userway.org *.clearbitjs.com *.evidon.com *.clearbitscripts.com *.bing.com *.clarity.ms qvdt3feo.com *.esnlocco.com *.google.ca *.zscalerthree.net *.googlesyndication.com *.fontawesome.com *.demandbase.com *.6sc.co cdnjs.cloudflare.com *.actonsoftware.com *.mnp.ca *.callrail.com *.adnxs.com *.hscollectedforms.net *.hs-banner.com *.hsadspixel.net *.hs-analytics.net *.hs-scripts.com *.googleadservices.com gtm.js *.olark.com *.visualwebsiteoptimizer.com *.wufoo.com *.hsforms.com *.hsforms.net data.processwebsitedata.com *.calendly.com *.ubembed.com *.js.ubembed.com *.googleapis.com *.hubspot.com *.youtube.com *.vimeocdn.com *.stackadapt.com *.simpli.fi *.sharethis.com *.licdn.com *.hotjar.com *.googletagmanager.com *.jquery.com *.google.com www.gstatic.com www.google-analytics.com connect.facebook.net js.adsrvr.org platform.twitter.com secure.quantserve.com static.ads-twitter.com rules.quantcount.com insight.adsrvr.org analytics.twitter.com *.doubleclick.net; style-src 'unsafe-inline' 'self' cdn.jsdelivr.net *.bootstrapcdn.com *.moosend.com *.postescanada-canadapost.ca *.azurefd.net *.userway.org cdnjs.cloudflare.com *.actonsoftware.com *.mnp.ca *.googletagmanager.com *.olark.com *.typekit.net fonts.googleapis.com; font-src cdn.jsdelivr.net *.bootstrapcdn.com *.postescanada-canadapost.ca *.azurefd.net *.userway.org cdnjs.cloudflare.com *.mnp.ca *.fontawesome.com *.olark.com fonts.gstatic.com use.typekit.net; img-src 'self' data: *.dynamics.com obs.esnlocco.com *.designer-images.net *.postescanada-canadapost.ca *.azurefd.net *.ghostretail.com cdn.jsdelivr.net *.krxd.net *.userway.org *.evidon.com *.clarity.ms *.bing.com *.zscalerthree.net *.website-files.com *.rlcdn.com *.company-target.com *.bidr.io *.6sc.co *.sharethis.com *.twitter.com *.adnxs.com *.hsforms.com *.atedra.com *.olark.com *.visualwebsiteoptimizer.com *.gstatic.com *.googleapis.com *.hubspot.com *.googletagmanager.com *.facebook.net *.adsymptotic.com *.linkedin.com *.stackadapt.com *.google.ca *.google.com *.google.co.in *.doubleclick.net *.adsrvr.org pixel.quantserve.com www.google-analytics.com www.facebook.com dpm.demdex.net t.co; connect-src 'self' ws: *.sitecorecloud.io members-utilities-service-web.m-operations.com server-side-tagging-i5xuhybifq-uc.a.run.app js.zi-scripts.com obs.esnlocco.com *.postescanada-canadapost.ca *.azurefd.net *.googlesyndication.com *.m-pages.com *.stat-track.com *.hscollectedforms.net *.googleadservices.com *.dynamics.com *.evidon.com *.linkedin.com *.ghostretail.com *.userway.org *.clearbit.com *.clarity.ms *.facebook.com bcp.crwdcntrl.net *.google.com *.linkedin.oribi.io *.google.ca *.fontawesome.com *.adnxs.com *.company-target.com *.6sc.co *.callrail.com *.visualwebsiteoptimizer.com app.vwo.com *.hubapi.com *.hubspot.com *.olark.com *.events.ubembed.com *.hsforms.com *.s3.amazonaws.com *.hotjar.com *.hotjar.io *.sharethis.com *.google-analytics.com analytics.google.com *.googleapis.com *.doubleclick.net; frame-src 'self' *.ceros.com *.postescanada-canadapost.ca *.azurefd.net *.dynamics.com *.userway.org *.evidon.com *.ghostretail.com *.googlesyndication.com *.hsforms.net *.mnp.ca *.podcasts.apple.com *.spotify.com *.olark.com *.pages.ubembed.com *.hsforms.com calendly.com *.sendthisfile.com *.sharethis.com *.hotjar.com *.consensu.org *.adsrvr.org *.youtube.com *.vimeo.com *.wufoo.com *.doubleclick.net insight.adsrvr.org www.facebook.com www.google.com; form-action 'self' *.postescanada-canadapost.ca *.azurefd.net *.mnp.ca www.facebook.com *.hsforms.com; media-src 'unsafe-inline' 'self' *.ghostretail.com
content-type
text/html; charset=utf-8
date
Sun, 30 Jun 2024 12:27:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
geolocation=(self)
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FI0DQnijqZNadCCl6Kxy7vJ%2F6ltrbbaPI6sDlg4N0cMB0hMfPDHiDq0f33P8wUnXqePMWYQufAgdapXgmYjGCOVj2OSstewbT7SErAUQS6%2BicdosscSZQ80RO98%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

content-length
265
content-type
text/html; charset=iso-8859-1
date
Sun, 30 Jun 2024 12:27:17 GMT
location
https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
server
Apache
VisitorIdentification.js
mnpdebt.ca/layouts/system/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mnpdebt.ca/layouts/system/VisitorIdentification.js
Requested by
Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.25.109.37 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7941c043b215ecc58d18e696d42abbd225eb0baa075cb5e31027725cc5312fce
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 12:27:18 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15552000; includeSubDomains
age
5458
content-length
910
last-modified
Fri, 22 Nov 2019 01:16:17 GMT
server
cloudflare
etag
"85992271d2a0d51:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gyldyXajp9x3Tfbt686Th5nntgPkhwPf7Znma03dMsPkECxioCkIzlXCvJX7FajpWo9D1P%2FlYMaoLb2EuypDOAoihrDW9PCtokZhMSFE7KyU7t3zSxGNXy6Yyjo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89be2651c96d542b-YYZ
icon
fonts.googleapis.com/ 		569 B
775 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.174.95 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f95.1e100.net
Software
ESF /
Resource Hash
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 30 Jun 2024 12:27:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 30 Jun 2024 12:27:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 30 Jun 2024 12:27:18 GMT
website.min.css
mnpdebt.ca/Assets/ 		625 KB
125 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mnpdebt.ca/Assets/website.min.css?v=Ojd-yg30mLH_x_vKdeDn531gqFG4TBkmnmjrB7MC9pQ1
Requested by
Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.25.109.37 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
069f7391913410b9868753914bcc1b773ae9cfb2a5bede9c5b1fa2935c9f17a7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 12:27:18 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 29 Apr 2024 14:53:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15552000; includeSubDomains
age
5348054
server
cloudflare
vary
User-Agent,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=51eBM2%2BIG7S6s1Ilxjao0wCDw2m35MPHoezVrhC0IEvLvrdS3Vg8LPvZUERyQ6qTGTdCmkP57gNHjok8a7LXTbvFmz4yi5yKtBjU3c3aW3C5WXet1IK%2BVY2TeCw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
public, max-age=14400
cf-ray
89be2651c96c542b-YYZ
expires
Tue, 29 Apr 2025 14:53:04 GMT
slick-theme.css
cdn.jsdelivr.net/gh/kenwheeler/slick@1.8.1/slick/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/kenwheeler/slick@1.8.1/slick/slick-theme.css
Requested by
Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 30 Jun 2024 12:27:18 GMT
x-content-type-options
nosniff
age
9453920
x-jsd-version
1.8.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3145
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4579-YYZ
x-jsd-version-type
version
etag
W/"c49-gaQ0+U8rESTzIyu4bylE+C+yOsA"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
slick.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css
Requested by
Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 30 Jun 2024 12:27:18 GMT
x-content-type-options
nosniff
age
11089772
x-jsd-version
1.8.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1776
x-served-by
cache-fra-eddf8230085-FRA, cache-yyz4579-YYZ
x-jsd-version-type
version
etag
W/"6f0-qUoFmzF4tK3sCeMoGs4oGaMAlaQ"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 12:27:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
853098
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uwpBZdXmIyWYmSXu4TpK%2B8Y%2BO7RJ9mmS4Vd06ZX31c3oenJ%2FZR4CwnxpEIqhAQcxbsQd5jsxMVED97RJhVoX35XBumE%2F4JnaD5KOgjsCGafXRlRMkprlft4nI%2FOyS8LUBLzCCHv5"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
89be2651e9d6ab3d-YYZ
expires
Fri, 20 Jun 2025 12:27:18 GMT
slick.min.js
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js
Requested by
Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 30 Jun 2024 12:27:18 GMT
x-content-type-options
nosniff
content-encoding
br
age
12865936
x-jsd-version
1.8.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
11325
x-served-by
cache-fra-eddf8230096-FRA, cache-yyz4579-YYZ
x-jsd-version-type
version
etag
W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
mnp_logo-png.png
mnpdebt.ca/-/media/images/mnpdebt/corporate/branding/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mnpdebt.ca/-/media/images/mnpdebt/corporate/branding/mnp_logo-png.png?h=134&w=411&hash=20446D4A1D2F303CACC18E7483E1F621
Requested by
Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.25.109.37 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4576694d2b2342498a8e1356de423ea3e3ddcc9ad3f58f3f4bdeac54de24675
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 12:27:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
BYPASS
last-modified
Tue, 27 Oct 2020 20:18:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HDIQexsgG%2By2VcYUHR1iMOtx4C3DTYvfI2vR6MWsrVh7qodIj8RmX7uZume3a7u2ZknotqL2pO10puof1YPWeAN4Zi1irbOh63b3FWGNk3y1twxTx30NRb%2F5Aq0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
private, max-age=604800
content-disposition
inline; filename="MNP_logo png.png"
accept-ranges
bytes
cf-ray
89be2651c96e542b-YYZ
content-length
5787
mnp_logo_mobile.png
mnpdebt.ca/-/media/images/mnpdebt/branding/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mnpdebt.ca/-/media/images/mnpdebt/branding/mnp_logo_mobile.png?h=134&w=411&hash=BF3C43765E6226FE41F0F505A828EEEF
Requested by
Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.25.109.37 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4576694d2b2342498a8e1356de423ea3e3ddcc9ad3f58f3f4bdeac54de24675
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 12:27:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
BYPASS
last-modified
Tue, 22 Sep 2020 19:48:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mmoCPlRkrw57uoxzywMhB6nQuBHdJLdo4UED0I3l%2Fef6CQov75eccbOC5Ssm27V5FzXxHkW4ygkSgv2CHBbvKwysR9UEwQUgxxPH3%2B0Mab%2FdH%2F2Pf8p6QnOUjro%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
private, max-age=604800
content-disposition
inline; filename="MNP_logo_Mobile.png"
accept-ranges
bytes
cf-ray
89be2651c971542b-YYZ
content-length
5787
calgary_638211070-copy-jpg.jpg
mnpdebt.ca/-/media/images/mnpdebt/hero-banner-backgrounds/offices/ab/ 		184 KB
185 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mnpdebt.ca/-/media/images/mnpdebt/hero-banner-backgrounds/offices/ab/calgary_638211070-copy-jpg.jpg
Requested by
Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.25.109.37 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76eea4bd978fa1b33ea455310626fa5455fbf90cf88ca65a48d360ca612dadea
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 12:27:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
BYPASS
last-modified
Mon, 28 Sep 2020 19:02:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BkZzZi%2BhmKZo8ebm8Ut9Zw%2FIfCkCrAWhshMYQP1yNDoWe9Pxd58XBPrwC4ulj2Ly3T6Rv1iMuYrgO6mUbtea2D7UdtxnP0NW%2FFFgUNV7r%2Ba2JqbZzUTN3nbgsY8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
private, max-age=604800
content-disposition
inline; filename="Calgary_638211070 copy jpg.jpg"
accept-ranges
bytes
cf-ray
89be26528a17542b-YYZ
content-length
188640
media-block-5---mature-man-jpg.jpg
mnpdebt.ca/-/media/images/mnpdebt/consumer/home-page/call-outs/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mnpdebt.ca/-/media/images/mnpdebt/consumer/home-page/call-outs/media-block-5---mature-man-jpg.jpg
Requested by
Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.25.109.37 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e58019bec5dcd8d0d8a8012a9a66bc0583c5caa160e5667700fc911a5e0f8879
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 12:27:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
BYPASS
last-modified
Fri, 23 Oct 2020 20:55:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vOjSx0hsb4wlX4eGK1EIORJrJJsKXoVPEQqFQ3c2FzzxMNjzeHUM2QFUdeUb0Sh1qXZwjvdNveBBohnC%2FhzhndBCfZ9cYZMnB6X5T%2B8L458Z%2BjMPh5icO%2BAP5Nw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
private, max-age=604800
content-disposition
inline; filename="Media-Block-5 - Mature Man jpg.jpg"
accept-ranges
bytes
cf-ray
89be2652ba4e542b-YYZ
content-length
34124
media-block-pillars-diy-debt-solutions-jpg.jpg
mnpdebt.ca/-/media/images/mnpdebt/consumer/landing-pages/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mnpdebt.ca/-/media/images/mnpdebt/consumer/landing-pages/media-block-pillars-diy-debt-solutions-jpg.jpg
Requested by
Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.25.109.37 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8e1f6211c190443fd6bafdc485b9dc339e700bde83352a3aa6b18c695c4c7d8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 12:27:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
BYPASS
last-modified
Fri, 23 Oct 2020 21:00:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e4Zh738L3yOFo2jVy3ynH3VEXlaCE%2BIajM9Wg8nRT%2Bq6z3hORtNRmlvFEZWCBZZZCaSCRcT8mVXeTpt4TXnYxxFRaRYnCR8n9nUGUWZ3iAeR3A1cRMvYjP5CTrQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
private, max-age=604800
content-disposition
inline; filename="Media-Block-Pillars-DIY Debt Solutions jpg.jpg"
accept-ranges
bytes
cf-ray
89be2652ba4f542b-YYZ
content-length
30202
api.js
www.google.com/recaptcha/ 		1 KB
988 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LchOswZAAAAAExqv__mYOvUeAutmKH1O2lM_u57
Requested by
Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.68.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f106.1e100.net
Software
GSE /
Resource Hash
97d4f5509d3edb8007b44536def55e06e977243e2357d7f3bcb3c4bcc25151f1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 12:27:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sun, 30 Jun 2024 12:27:18 GMT
corporate-service-landing_page-1404x2506-jpg.jpg
mnpdebt.ca/-/media/images/mnpdebt/hero-banner-backgrounds/corporate/service-landing-page/full-width-narrow-height/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mnpdebt.ca/-/media/images/mnpdebt/hero-banner-backgrounds/corporate/service-landing-page/full-width-narrow-height/corporate-service-landing_page-1404x2506-jpg.jpg
Requested by
Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.25.109.37 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6df2f707e202c252a9f0432a5ecef4cf120da5f693e9ea20bc4dcda8e755bc1d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 12:27:19 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
BYPASS
last-modified
Tue, 26 Jul 2022 14:50:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TkbwjBEbFki3yA7tTmDvlqnIbXBAm9X7r0IvMhJo9tLlw%2B8D18M5uYCoC7OGLmTxE1HdrV%2B5DgyXUVjWucdfAQH2RGcR9TNEXWvrhkwus2vjNOgt9YfoMD21aXA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
private, max-age=604800
content-disposition
inline; filename="Corporate-Service-Landing_Page-1404x2506 jpg.jpg"
accept-ranges
bytes
cf-ray
89be2652ba62542b-YYZ
content-length
70365
class-action-claims---right-rail.jpg
mnpdebt.ca/-/media/images/mnpdebt/datasourceimages/personnel-contact-form/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mnpdebt.ca/-/media/images/mnpdebt/datasourceimages/personnel-contact-form/class-action-claims---right-rail.jpg
Requested by
Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.25.109.37 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b36f6814fd2a520335c38988d0620c4bd15dd392977bd58ab89faae4d474ede
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 12:27:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
BYPASS
last-modified
Tue, 30 May 2023 22:10:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cVnHLdGoZPknjMd9nDphW8XpjEDWQ8ib9Q%2BeI4bGa%2B4XwH%2FE9xXWkRRRUwxFFOKP8VPQUiXy%2B%2B%2BKfG8ibuGptrn%2BfF5M9VGQpS%2FTd9BH6S0ocj8i8t8JhE%2BDWBM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
private, max-age=604800
content-disposition
inline; filename="Class Action Claims - Right Rail.jpg"
accept-ranges
bytes
cf-ray
89be2652ba64542b-YYZ
content-length
40258
mnp-class-action-claims-administration-services-jpg.jpg
mnpdebt.ca/-/media/images/mnpdebt/datasourceimages/corporate/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mnpdebt.ca/-/media/images/mnpdebt/datasourceimages/corporate/mnp-class-action-claims-administration-services-jpg.jpg?h=200&w=420&hash=66CF1AFC13CA5C1C2B326FDB41E52C97
Requested by
Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.25.109.37 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e608c734173b92e76481d1999e65364a77736bed583cf63a082a9329d72ff662
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 12:27:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
BYPASS
last-modified
Thu, 24 Sep 2020 21:34:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rHW%2BZ1CNrAB%2BQHJ2jfa4UXo7qzuxA7mdruFrKThTqT2d%2F6U0lkrmBZk8W6NCJ2%2F9dVJB0oorTfONkujtXPWWu%2FNT9YPjPySMvgRffPX8ciXWzC5O1f9jrxXpyL4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
private, max-age=604800
content-disposition
inline; filename="MNP Class Action Claims Administration Services jpg.jpg"
accept-ranges
bytes
cf-ray
89be2652ba66542b-YYZ
content-length
46058
personnel-image-7201.jpg
mnpdebt.ca/-/media/foundation/integrations/personnel/2019/10/15/15/04/ 		148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mnpdebt.ca/-/media/foundation/integrations/personnel/2019/10/15/15/04/personnel-image-7201.jpg
Requested by
Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.25.109.37 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a1a07658cc205ff9113b7396c882b0f5f2f54b37172c1faf63f879621f4ac75
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 12:27:19 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
BYPASS
last-modified
Wed, 16 Dec 2020 13:47:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JZ5wrGLDiCbs8ukDcG8XsD03sKnKVf4JUl0nIIWNstYVLx6YjWOxgddmZruD4pB%2BquVaki786wlxsQTIu%2F7M%2FhwLWJhz7TjrXA74zX8oB6bqYuQwY0MgXr6vGaM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
private, max-age=604800
content-disposition
inline; filename="Personnel image 7201.jpg"
accept-ranges
bytes
cf-ray
89be2652ba67542b-YYZ
content-length
151102
personnel-image-8013.jpg
mnpdebt.ca/-/media/foundation/integrations/personnel/2019/10/28/17/18/ 		160 KB
160 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mnpdebt.ca/-/media/foundation/integrations/personnel/2019/10/28/17/18/personnel-image-8013.jpg
Requested by
Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.25.109.37 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc9ca34ce5f57c535478fbed11becf2a01f88c67b327bee43b8f391cae86b755
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 12:27:19 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
BYPASS
last-modified
Wed, 16 Dec 2020 13:55:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yc8gGPL0b6T5vYSH7zV6lFVNObXTqBVt5T0VU9fizuI0ix6P7XitHTN6f07EBQNsLjhRB1LumY4%2Ft684ucf41n%2BcKouY4HxEGvCKdjNzS6NwGwqQCwIq7gAlMdE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
private, max-age=604800
content-disposition
inline; filename="Personnel image 8013.jpg"
accept-ranges
bytes
cf-ray
89be2652ba68542b-YYZ
content-length
163623
personnel-image-12056.jpg
mnpdebt.ca/-/media/foundation/integrations/personnel/2020/03/31/16/27/ 		174 KB
175 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mnpdebt.ca/-/media/foundation/integrations/personnel/2020/03/31/16/27/personnel-image-12056.jpg
Requested by
Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.25.109.37 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d74c2425b33639f51775cf217ebffb59cce7db757832e85cb8635d056eac020
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 12:27:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
BYPASS
last-modified
Wed, 16 Dec 2020 14:06:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IhdjRNrh6hLkoepwdbKO4TsGn5tnrrwmo9%2FcaptkjnT8RPbcY4q%2FRVZcmyyyC1O6TLNh%2BIQY4o1BSayGoZOrnjvxOPnUvYyEuC8Ky8NSSJFPGURklHgTSHMemH8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
private, max-age=604800
content-disposition
inline; filename="Personnel image 12056.jpg"
accept-ranges
bytes
cf-ray
89be2652ba69542b-YYZ
content-length
178664
email-decode.min.js
mnpdebt.ca/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mnpdebt.ca/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.25.109.37 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 12:27:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 26 Jun 2024 17:43:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
gzip
etag
W/"667c5334-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=og3IKSJf3cP43UWsbEWhk2cpJsaH%2FzWYa0XPiG04Xf%2BmmKhJu1IjOPSyPl6lNtdmNZC%2FAPxkk96dI0faXmvUdDBzx4xNCqwq6rYvlKcvJlbErjxrg89Pbo9II34%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
89be2652ba50542b-YYZ
expires
Tue, 02 Jul 2024 12:27:18 GMT
api.js
www.google.com/recaptcha/ 		1 KB
961 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.68.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f106.1e100.net
Software
GSE /
Resource Hash
cfce45fef72ed85dc66c57fd1fa7262f9686b08188832fbfce26a7a467d455b0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 12:27:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sun, 30 Jun 2024 12:27:18 GMT
jquery-3.4.1.min.js
code.jquery.com/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://mnpdebt.ca
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 12:27:18 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
11668936
x-cache
HIT, HIT
content-length
30638
x-served-by
cache-lga21965-LGA, cache-yyz4521-YYZ
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1719750439.876921,VS0,VE0
etag
W/"28feccc0-15851"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
6, 135116
bootstrap.min.js
mnpdebt.ca/Assets/Project/ 		57 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mnpdebt.ca/Assets/Project/bootstrap.min.js
Requested by
Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.25.109.37 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bcd802e9f77849e7c1e93c87279fbbb04d45949d2be79b03566ceacde29b158
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 12:27:18 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15552000; includeSubDomains
age
5891
content-length
21407
last-modified
Fri, 03 May 2024 05:25:48 GMT
server
cloudflare
etag
"016dd5a1a9dda1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cgoVcPH4hgAZFr98KRMafQC7A707IzH03OntZNK2aS4%2F6heMzM3nEgBfvLhzovDgIfKNbXn3SYKczaCIQptmSOoQKBjkDjrznXHVbQkhWw%2FgcoYabrIR3xYwZWs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89be2652ba52542b-YYZ
website.min.js
mnpdebt.ca/Assets/ 		28 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mnpdebt.ca/Assets/website.min.js?v=VkAy7dnUVaIS2-bckki_HcRRtBqpqFM44vQ48paYxL01
Requested by
Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.25.109.37 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54c8f9143b9c1dca56c7383e1e47a92645920ed6a622843de5aefcb56984a1f9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 12:27:18 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15552000; includeSubDomains
age
5348053
content-length
6183
last-modified
Mon, 29 Apr 2024 14:53:05 GMT
server
cloudflare
vary
User-Agent,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T%2FrWbJ5nJt8kFMdK9oFMtFTvL%2BFYroxYZdFdKujZgixM0AWdpE57VbME5ZnKc3ArGVOqvOtJZjuWifQGe1XQOi47y7AU%2FobvSFfSMZFeLhUeLmhsJNATBqiHZr0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
89be2652ba53542b-YYZ
expires
Tue, 29 Apr 2025 14:53:05 GMT
jquery.basictable.min.js
mnpdebt.ca/Assets/Project/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mnpdebt.ca/Assets/Project/jquery.basictable.min.js
Requested by
Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.25.109.37 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
634422c5d20bcf9f20b94ea44d0bffb0ce9265285d0a7b58da5c0fda06612808
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 12:27:18 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15552000; includeSubDomains
age
5891
content-length
1307
last-modified
Fri, 03 May 2024 05:25:48 GMT
server
cloudflare
etag
"016dd5a1a9dda1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3kvEC3qmGGtvgZNmm5bePJd53xk5B7wf%2BMCph5O7Cr%2FL59w2rZc52Br6g5PjLU8lUzp2ekyVwTdVwPcuKtrBe6W1c1Ba0%2B0ty1nTiMVsSTaLuIvPfFVL%2BrkkAVw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89be2652ba54542b-YYZ
slick.min.js
mnpdebt.ca/Assets/Project/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mnpdebt.ca/Assets/Project/slick.min.js
Requested by
Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.25.109.37 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1a52c0a06fa9f65e015b02e7ec463fd621211a9d2ae44b6660597900e927fbb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 12:27:18 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15552000; includeSubDomains
age
5891
content-length
14348
last-modified
Fri, 03 May 2024 05:25:48 GMT
server
cloudflare
etag
"016dd5a1a9dda1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3jz4xfOtRYJ7gGgQsn4GuZG7YSHQp4BD1fSXNTjpZU7TihIPb2CaFF8kjW0uiWziJhFhxLJ7zjElOTU3HcLAVQb6XZXGUHu1fuMiYl4zuQC3KShekl4RLRPsOdU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89be2652ba56542b-YYZ
common.js
mnpdebt.ca/Assets/ 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mnpdebt.ca/Assets/common.js?v=jMO9BIy1xlShIJ0QQ2yHSAkC6AdoLGKZByLpieBCxcI1
Requested by
Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.25.109.37 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da977ec0e3d46db3e50bf3921789e96d0fe919b1782ba9f997668ef9d05a49c4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 12:27:18 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15552000; includeSubDomains
age
5348053
content-length
7960
last-modified
Mon, 29 Apr 2024 14:53:05 GMT
server
cloudflare
vary
User-Agent,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YZxvYVT9EAk%2FoNL3PVeeH1ZAeFTk1hriHIPbYpmwz8k6roPx7Ugw%2FQegN5ANO4GbnnkKc5iHf59Sl6vJvpgoae2zHQEw%2F0l99rRFt%2BvvHyVCxtXYlz79yvp7rn4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
89be2652ba5f542b-YYZ
expires
Tue, 29 Apr 2025 14:53:05 GMT
gtm.js
www.googletagmanager.com/ 		381 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KSKXSV
Requested by
Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
6e5796b305c2ded0c1fe1e1030292b10558a5e21135bfba10f638ddfa02702b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 12:27:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121675
x-xss-protection
0
last-modified
Sun, 30 Jun 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 30 Jun 2024 12:27:18 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=578014&u=https%3A%2F%2Fmnpdebt.ca%2Fen%2Fcorporate%2Fother-services%2Fclass-action-claims-administration&f=1&r=0.6573328212047358
Requested by
Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv2 /
Resource Hash
58724aeddf414726819108c266a7da794bf2603fc7c6198c71ed02034013a901

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 12:27:18 GMT
content-encoding
gzip
via
1.1 google
server
gnv2
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0, no-cache, must-revalidate
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
loader.js
static.olark.com/jsclient/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.olark.com/jsclient/loader.js
Requested by
Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.53 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (cha/81BC) /
Resource Hash
afd2d099307fc78c161dc1574920c7268ad8c0e8b6a896f58dae6b61d48c5a9d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 12:27:18 GMT
content-encoding
gzip
via
1.1 google
last-modified
Mon, 17 Jun 2024 22:04:31 GMT
server
ECS (cha/81BC)
age
298
etag
W/"6670b2ef-2227"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=10800
accept-ranges
bytes
content-length
3120
expires
Sun, 30 Jun 2024 15:27:18 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f94.1e100.net
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://mnpdebt.ca
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 06:28:39 GMT
x-content-type-options
nosniff
age
453519
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Mon, 08 Apr 2024 19:04:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Jun 2025 06:28:39 GMT
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=578014&d=mnpdebt.ca&u=DD63A2A723C8DEF43C9C613EA9D6A313E&h=20123229951c0fab68c6240ba602dd89&t=false
Requested by
Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv3c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 12:27:18 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv3c
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=43200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
regionsoffices
mnpdebt.ca/api/feature/forms/ 		11 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mnpdebt.ca/api/feature/forms/regionsoffices
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.25.109.37 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f656d739e465b514b1f69fc14e61cc25379cb88d9f3cd3e715d554a4a05dc15
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 12:27:19 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=deDza5IeYmwKXWkLGxkdGsbtWFg32UqmJKuZabqKKv6%2BCTzzc8eJYZmmV2JPjDPMfGvyR3uMTkPJitxQD3dxhFWvkemXD7ybMANF%2FO9W6szvIdoAfvf5kcudbE0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
cache-control
private
cf-ray
89be26536b0c542b-YYZ
content-length
2809
regionsoffices
mnpdebt.ca/api/feature/forms/ 		11 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mnpdebt.ca/api/feature/forms/regionsoffices
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.25.109.37 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f656d739e465b514b1f69fc14e61cc25379cb88d9f3cd3e715d554a4a05dc15
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 12:27:19 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w6lBrtegHrVWCChzInP8CKqL%2Bny0NPsEnKjVlT7IYniq7X3XPGLU6briQT3qRpcZ7Fs88mckXIan%2BdlXshTBSvvR1Xqe%2BAvvs3vaYg87LAnFNokd0X5zO%2Frf88w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
cache-control
private
cf-ray
89be26542bac542b-YYZ
content-length
2809
testimonialratings
mnpdebt.ca/api/feature/forms/ 		331 B
681 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mnpdebt.ca/api/feature/forms/testimonialratings
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.25.109.37 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddb7aa10eb158d87b05d5c3ad89d6dd5dc12fc61732277e22c9a8929b85bb96d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 12:27:18 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u6kapbQeVKOJjlhP61lvmazuBlLGi6uz4T6U409TWOtgH5wxxQUSMN%2BgQohRfI3Gv6zQjJZbBPvxeBAaODVQ%2FaDupA%2FhX0Uy9DCO4Rf%2FBLOklVYpIEoKyzLpmrI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
cache-control
private
cf-ray
89be26537b12542b-YYZ
content-length
372
truncated
/ Frame BC54 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame BC54 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame BC54 		155 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
recaptcha__en.js
www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/ 		534 KB
212 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LchOswZAAAAAExqv__mYOvUeAutmKH1O2lM_u57
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.85.201.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f94.1e100.net
Software
sffe /
Resource Hash
0ec782544506a0aea967ea044659c633e1ee735b79e5172cb263797cc5cefe3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://mnpdebt.ca
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 04:16:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
202231
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
216123
x-xss-protection
0
last-modified
Sun, 23 Jun 2024 08:01:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 28 Jun 2025 04:16:48 GMT
js
www.googletagmanager.com/gtag/ 		252 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6RC3RCYLF9&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSKXSV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
02c1e6836e694a3ae8c67e686fa784611c7ffcfeaea89f0dc93598505b36eef4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 12:27:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92581
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 30 Jun 2024 12:27:19 GMT
js
www.googletagmanager.com/gtag/ 		314 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-W5EX2YL3V5&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSKXSV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
f8a7a150c84b08ccf6215ef1c48969c50c66734e1e767e941e06ea9c8a09ee3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 12:27:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
106136
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 30 Jun 2024 12:27:19 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSKXSV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.68.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 30 Jun 2024 10:36:45 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6634
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 30 Jun 2024 12:36:45 GMT
destination
www.googletagmanager.com/gtag/ 		213 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-4653320&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSKXSV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
ff0888af97e62faab4c7441c3b2b18e9bb4a1a5144d99dc8d6e29c721d1fce23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 12:27:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78181
x-xss-protection
0
last-modified
Sun, 30 Jun 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 30 Jun 2024 12:27:19 GMT
widget.js
cdn.userway.org/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widget.js?account=ji8h8EuQGB
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSKXSV
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.177.17 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
135577161.nyc.cdn77.com
Software
CDN77-Turbo /
Resource Hash
f00a508f0711aad92ad7b355dfe603372414d01d9fff1ab40094b486df11ac75

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
newyorkUSNY
date
Sun, 30 Jun 2024 12:27:19 GMT
via
1.1 f6acfb143216fabf7be9b3a603a486ae.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
JFK50-P7
age
858
x-amz-server-side-encryption
AES256
x-accel-date-max
1719508795
x-77-cache
HIT
x-cache
HIT
x-age
494
x-accel-date
1719749945
x-77-nzt
EgwBWbuxDwH37gEAAAwBnJI76AH3sQAAAA
x-accel-expires
@1719753537
x-77-age
494
last-modified
Thu, 27 Jun 2024 17:01:26 GMT
server
CDN77-Turbo
etag
W/"6c9064d6536b1ef576adfdc54e3c7283"
x-77-nzt-ray
49be1408f6508717274f81661c2f9008
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=3600, public
vary
Accept-Encoding
x-amz-cf-id
Xz_USc7MzXuTh7NS7Pwghgf3kX8hOsOmOL_Jkc8Ks7z0XDanedYf6g==
fbevents.js
connect.facebook.net/en_US/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
de1805522e8bde4516893684590f431b5bc8716638f3b9cdbf4e987767e61a65
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 30 Jun 2024 12:27:19 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58251
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=17, rtx=0, c=12, mss=1380, tbw=2768, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
jPv6HOHpuXbqwG7GzqT8shahjUg+kAIUi9HUGU2ApkI8kN+DHvaSskM0Aanz0j01Gk27PYHafpIgLzfBhwiOEQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
up_loader.1.1.0.js
js.adsrvr.org/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSKXSV
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.206.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-206-122.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 29 Jun 2024 16:58:17 GMT
Content-Encoding
gzip
Via
1.1 c396de17c1b5d58233088e40dd170cf4.cloudfront.net (CloudFront)
Last-Modified
Fri, 07 Jun 2024 09:20:53 GMT
Server
AmazonS3
X-Amz-Cf-Pop
IAD66-C1
Age
70143
x-amz-server-side-encryption
AES256
ETag
W/"a7eb6794e868fe870db350518165c868"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
C4r61EzTtSkN5YNU32MfHTCEPjKzFMiCO75ktKV6Q7byvxmMnLPUAQ==
oct.js
static.ads-twitter.com/
Redirect Chain
  • https://platform.twitter.com/oct.js
  • https://static.ads-twitter.com/oct.js
56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/oct.js
Requested by
Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Protocol
H2
Server
146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 30 Jun 2024 12:27:19 GMT
content-encoding
gzip
last-modified
Fri, 15 Mar 2024 03:07:08 GMT
x-amz-server-side-encryption
AES256
etag
"bbbcf811d8437a575d796a4c1e5d4fad+gzip"
vary
Accept-Encoding,Host
x-cache
HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15412
x-served-by
cache-iad-kiad7000027-IAD

Redirect headers

Date
Sun, 30 Jun 2024 12:27:19 GMT
Server
ECS (cha/80E5)
x-tw-cdn
VZ
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Location
https://static.ads-twitter.com/oct.js
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= ,x-tw-cdn;desc=VZ
Content-Length
0
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.184.67.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 12:27:19 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sun, 07 Jul 2024 12:27:19 GMT
gbo8rwj6yl
www.clarity.ms/tag/ 		637 B
1001 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/gbo8rwj6yl
Requested by
Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.253.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
091c00ce81345bde1558bf6dfe758287f5d4d2ed5b2c8cbb8cedb3c3eced93e8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
-1
date
Sun, 30 Jun 2024 12:27:19 GMT
x-azure-ref
20240630T122719Z-1597dcf7dfcw5s4lw2rd7qwu1s000000028g000000000s29
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
637
request-context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
v2
usermatch.krxd.net/um/
Redirect Chain
  • https://insight.adsrvr.org/track/evnt/?adv=i4v66ce&ct=0:8qk2i4k&fmt=3&gtmcb=517427401
  • https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=1b079f94-b1e5-4b5d-94fb-63e7d6614a98
0
0
regionsoffices
mnpdebt.ca/api/feature/forms/ 		11 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mnpdebt.ca/api/feature/forms/regionsoffices
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.25.109.37 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f656d739e465b514b1f69fc14e61cc25379cb88d9f3cd3e715d554a4a05dc15
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 12:27:19 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wAFQNP7AahC0suxQR83cNoBisn0ynkur%2B0KYU%2Fp44D%2FDUsYYucfXOay9vk8KkgxnxFTaHZsQD8dyujKck77yvh3lNhL%2B88n8JfQA%2BS0CYybA5HnEazzflfHYPSY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
cache-control
private
cf-ray
89be2654bc27542b-YYZ
content-length
2809
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-6RC3RCYLF9&gtm=45je46q0z872010953za200zb72010953&_p=1719750438702&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=651102306.1719750439&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1719750439&sct=1&seg=0&dl=https%3A%2F%2Fmnpdebt.ca%2Fen%2Fcorporate%2Fother-services%2Fclass-action-claims-administration&dt=Class%20Action%20Claims%20Administration%20%7C%20MNP%20LTD&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2168&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6RC3RCYLF9&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.68.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f101.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 12:27:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mnpdebt.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
regionsoffices
mnpdebt.ca/api/feature/forms/ 		11 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mnpdebt.ca/api/feature/forms/regionsoffices
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.25.109.37 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f656d739e465b514b1f69fc14e61cc25379cb88d9f3cd3e715d554a4a05dc15
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 12:27:19 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wiY34e6jBBRiKSNatOk1dlLWH6qesGHwrewmDca6EakpYTka8SWm%2FlX4xkv72UIrNPkENTOe5AhPLbvDTkCSVJeQk%2Bb2aOijhZLr7JYHDf15YabomnLvBgf5VXE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
cache-control
private
cf-ray
89be26554ca6542b-YYZ
content-length
2809
activityi;dc_pre=COjRqdCpg4cDFdTg_QUdQg8Aiw;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=4569725419151;npa=0;auiddc=1266898220.1719750439;ps=1;pcor=947115920;uaa=x86;uab=64;uafvl=Not%252FA)Brand%...
4653320.fls.doubleclick.net/ Frame 4E08
Redirect Chain
  • https://4653320.fls.doubleclick.net/activityi;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=4569725419151;npa=0;auiddc=1266898220.1719750439;ps=1;pcor=947115920;uaa=x86;uab=64;uafvl=Not%252FA)Bran...
  • https://4653320.fls.doubleclick.net/activityi;dc_pre=COjRqdCpg4cDFdTg_QUdQg8Aiw;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=4569725419151;npa=0;auiddc=1266898220.1719750439;ps=1;pcor=947115920;u...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://4653320.fls.doubleclick.net/activityi;dc_pre=COjRqdCpg4cDFdTg_QUdQg8Aiw;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=4569725419151;npa=0;auiddc=1266898220.1719750439;ps=1;pcor=947115920;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46q0v9181660592z872010953za201zb72010953;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen%2Fcorporate%2Fother-services%2Fclass-action-claims-administration?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-4653320&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.85.144.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f149.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
1854
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 30 Jun 2024 12:27:19 GMT
expires
Sun, 30 Jun 2024 12:27:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 30 Jun 2024 12:27:19 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://4653320.fls.doubleclick.net/activityi;dc_pre=COjRqdCpg4cDFdTg_QUdQg8Aiw;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=4569725419151;npa=0;auiddc=1266898220.1719750439;ps=1;pcor=947115920;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46q0v9181660592z872010953za201zb72010953;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen%2Fcorporate%2Fother-services%2Fclass-action-claims-administration?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=4569725419151;npa=0;auiddc=1266898220.1719750439;ps=1;pcor=947115920;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CC...
ad.doubleclick.net/ 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=4569725419151;npa=0;auiddc=1266898220.1719750439;ps=1;pcor=947115920;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46q0v9181660592z872010953za201zb72010953;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen%2Fcorporate%2Fother-services%2Fclass-action-claims-administration?
Requested by
Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.205.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qm-in-f148.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 12:27:19 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"15408060608503735197"}],"aggregatable_trigger_data":[{"filters":[{"14":["2131827"]}],"key_piece":"0xa4d5c45944c8dfb0","source_keys":["12","13","14","15","16","17","18","19","20","21","16259928","16259929","16259930","16259931","628727672","628727673","628727674","628727675","628738656","628738657","628738658","628738659","628914636","628914637","628914638","628914639","634895636","634895637","634895638","634895639","635001264","635001265","635001266","635001267"]},{"key_piece":"0x57ca53721b87fe8d","not_filters":{"14":["2131827"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","16259928","16259929","16259930","16259931","628727672","628727673","628727674","628727675","628738656","628738657","628738658","628738659","628914636","628914637","628914638","628914639","634895636","634895637","634895638","634895639","635001264","635001265","635001266","635001267"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"16259928":327,"16259929":327,"16259930":327,"16259931":31784,"17":65,"18":6356,"19":65,"20":65,"21":6356,"628727672":218,"628727673":218,"628727674":218,"628727675":21189,"628738656":655,"628738657":655,"628738658":655,"628738659":63569,"628914636":163,"628914637":163,"628914638":163,"628914639":15892,"634895636":327,"634895637":327,"634895638":327,"634895639":31784,"635001264":218,"635001265":218,"635001266":218,"635001267":21189},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"6268343394419955636","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"15408060608503735197","filters":[{"14":["2131827"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"15408060608503735197","filters":[{"14":["2131827"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"15408060608503735197","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"15408060608503735197","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["4653320"]}}
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
widget_app_base_1719507555902.js
cdn.userway.org/widgetapp/2024-06-27-16-59-15/ 		153 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2024-06-27-16-59-15/widget_app_base_1719507555902.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js?account=ji8h8EuQGB
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.177.17 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
135577161.nyc.cdn77.com
Software
CDN77-Turbo /
Resource Hash
7cf5ef9e9fc228971d6c3b3c8c642c1aa1106b83e7e3a3fee02eac50ea38d2cb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://mnpdebt.ca
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
newyorkUSNY
date
Sun, 30 Jun 2024 12:27:19 GMT
via
1.1 c83a337c091a978f2c8afbddf7f8fe2c.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
JFK50-P7
age
844
x-amz-server-side-encryption
AES256
x-accel-date-max
1719508614
x-77-cache
HIT
x-cache
HIT
x-age
241825
x-accel-date
1719508614
x-77-nzt
EgwBWbuxDwH3obADAAwBnJI73wH3CgAAAA
x-accel-expires
@1745428604
x-77-age
241825
last-modified
Thu, 27 Jun 2024 17:01:20 GMT
server
CDN77-Turbo
etag
W/"69061d2b189ff21d8d1e6232f1cec5d8"
x-77-nzt-ray
49be1408e338c91a274f8166b20f6111
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
XOFAGXxIyJF--2goOybMI4ajmsawXNJAmK4IXACuULYjTRVOFuJdcg==
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-W5EX2YL3V5&gtm=45je46q0v870702077z872010953za200zb72010953&_p=1719750438702&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=651102306.1719750439&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1719750439&sct=1&seg=0&dl=https%3A%2F%2Fmnpdebt.ca%2Fen%2Fcorporate%2Fother-services%2Fclass-action-claims-administration&dt=Class%20Action%20Claims%20Administration%20%7C%20MNP%20LTD&en=page_view&_fv=1&_ss=1&up.client_id=&tfd=2262&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W5EX2YL3V5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.68.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f101.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 12:27:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mnpdebt.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame A620 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LchOswZAAAAAExqv__mYOvUeAutmKH1O2lM_u57&co=aHR0cHM6Ly9tbnBkZWJ0LmNhOjQ0Mw..&hl=en&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=invisible&cb=tglb90z9w0ht
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.68.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f105.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wa-vu7xRQlBgr3LFZy1DFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-wa-vu7xRQlBgr3LFZy1DFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 30 Jun 2024 12:27:19 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.68.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f101.1e100.net
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 12:04:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
1369
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
697
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 30 Jun 2024 13:04:30 GMT
713135758770782
connect.facebook.net/signals/config/ 		56 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/713135758770782?v=2.9.159&r=stable&domain=mnpdebt.ca&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C39%2C33%2C134%2C14%2C48%2C180%2C179%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
7fdf5dba56c6c63019c5afca96530a0898d7e54845bbc9c4879eeed582b9d73b
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 30 Jun 2024 12:27:19 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12870
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=17, rtx=0, c=61, mss=1380, tbw=63751, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
hxxOFwrFUOGHLyGxNJwPI14MwL/JOPaH9lvM5iE28evd+HhHHqPAusEvzx8mg8jme+wT4JIB6hJRNF+XBhQCTA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
clarity.js
www.clarity.ms/s/0.7.32/ 		61 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.32/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/gbo8rwj6yl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.253.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 12:27:19 GMT
content-encoding
br
last-modified
Fri, 10 May 2024 17:30:20 GMT
etag
W/"0x8DC7116DE09E645"
vary
Accept-Encoding
x-azure-ref
20240630T122719Z-1597dcf7dfcw5s4lw2rd7qwu1s000000028g000000000s2e
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
4adebb1c-c01e-0014-6c73-c966b4000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
rules-p-ZvkjxaQPZCZrY.js
rules.quantcount.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-ZvkjxaQPZCZrY.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-100.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3de5d95c37f68113fb797eae0e47636ff7a87b0e2bb7a6381d0d47f50c9ab389

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 12:27:19 GMT
content-encoding
gzip
via
1.1 ba636ce43f1cebcb0c172b8070a33b14.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
1479
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Fri, 14 Oct 2022 00:49:51 GMT
server
AmazonS3
etag
W/"336d8197e360a7b8c004b582ec9a5cfa"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
poxg5feA5XUtcoHAZAMf9kVP8LPH8-kgZha8UActDjz7mSMoUTMNPg==
ji8h8EuQGB
api.userway.org/api/tunings/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/tunings/ji8h8EuQGB
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-06-27-16-59-15/widget_app_base_1719507555902.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.209.139.196 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-209-139-196.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
06e8011d8b9612a7f89e44e9fb2a98466b192f2b48686047c1e6d3458baf538b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 30 Jun 2024 12:27:19 GMT
etag
W/"855-0wqloEZ71eCGVTvCxET8+S3K7I0"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-service-request-id
usre73560d52026401
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
*
content-length
2133
x-service-version
uw-pr
collect
www.google-analytics.com/j/ 		3 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2112139353&t=pageview&_s=1&dl=https%3A%2F%2Fmnpdebt.ca%2Fen%2Fcorporate%2Fother-services%2Fclass-action-claims-administration&ul=en-ca&de=UTF-8&dt=Class%20Action%20Claims%20Administration%20%7C%20MNP%20LTD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgUAjAAAAACAAI~&jid=1260606693&gjid=1365431927&cid=651102306.1719750439&tid=UA-2003895-43&_gid=1270067286.1719750439&_slc=1&gtm=45He46q0n71KSKXSVv72010953za200&cd1=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36&cd3=0&gcd=13l3l3l3l1&dma=0&tag_exp=0&z=1289279946
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.68.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 12:27:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mnpdebt.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2003895-43&cid=651102306.1719750439&jid=1260606693&gjid=1365431927&_gid=1270067286.1719750439&_u=aCDAgUAjAAAAAGAAI~&z=468219395
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 30 Jun 2024 12:27:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mnpdebt.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
t.co/i/ 		43 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=1&eci=1&event_id=ef771b24-d261-4055-bec6-1dfdf25a76ca&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=5e64949f-8f61-4e60-88ee-bc2f44d36ec6&tw_document_href=https%3A%2F%2Fmnpdebt.ca%2Fen%2Fcorporate%2Fother-services%2Fclass-action-claims-administration&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nyul5&type=javascript&version=2.3.30
Requested by
Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.21.81.130 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
6
date
Sun, 30 Jun 2024 12:27:19 GMT
strict-transport-security
max-age=0
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
92d8fad14719a919
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
28bd136b3380be5fd91884c0a5c62bcf9203deff053f19b6bb826371895b76b7
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=1&eci=1&event_id=ef771b24-d261-4055-bec6-1dfdf25a76ca&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=5e64949f-8f61-4e60-88ee-bc2f44d36ec6&tw_document_href=https%3A%2F%2Fmnpdebt.ca%2Fen%2Fcorporate%2Fother-services%2Fclass-action-claims-administration&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nyul5&type=javascript&version=2.3.30
Requested by
Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
79
date
Sun, 30 Jun 2024 12:27:19 GMT
strict-transport-security
max-age=631138519
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
956bfa1c92a5d1f7
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
116f03608deb704675e2138f3b55b274715cb6bf29ab613f0662c28b6280d081
content-length
43
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=713135758770782&ev=PageView&dl=https%3A%2F%2Fmnpdebt.ca&rl=&if=false&ts=1719750439430&sw=1600&sh=1200&v=2.9.159&r=stable&ec=0&o=4124&fbp=fb.1.1719750439428.61761917241623465&pm=1&hrl=9967b3&ler=empty&cdl=API_unavailable&it=1719750439366&coo=false&cs_cc=1&cas=1156925621096571%2C7565501993507484%2C2328865240514132%2C1844122155687419%2C2036132049740310&rqm=GET
Requested by
Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mnpdebt.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1380, tbw=2773, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 30 Jun 2024 12:27:19 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=713135758770782&ev=PageView&dl=https%3A%2F%2Fmnpdebt.ca&rl=&if=false&ts=1719750439430&sw=1600&sh=1200&v=2.9.159&r=stable&ec=0&o=4124&fbp=fb.1.1719750439428.61761917241623465&pm=1&hrl=9967b3&ler=empty&cdl=API_unavailable&it=1719750439366&coo=false&cs_cc=1&cas=1156925621096571%2C7565501993507484%2C2328865240514132%2C1844122155687419%2C2036132049740310&rqm=FGET
Requested by
Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mnpdebt.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x269cf36a45f41189","source_keys":["1","2"]},{"key_piece":"0x3a3251e3b122d745","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Sun, 30 Jun 2024 12:27:19 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7386271894410822452", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1380, tbw=3091, tp=-1, tpl=-1, uplat=58, ullat=0
pragma
no-cache
x-fb-debug
J51cHSNPstaJIhvv0QKlzHgUtcELl7F7cYuAJv/hpIK5gDRFS4sZtBSRQCBe72YgnEdeZkIh5IJtPNp38e46dA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7386271894410822452"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel;r=1096235013;labels=_fp.event.PageView;rf=0;a=p-ZvkjxaQPZCZrY;url=https%3A%2F%2Fmnpdebt.ca%2Fen%2Fcorporate%2Fother-services%2Fclass-action-claims-administration;uht=2;fpan=1;fpa=P0-66494634-...
pixel.quantserve.com/ 		35 B
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1096235013;labels=_fp.event.PageView;rf=0;a=p-ZvkjxaQPZCZrY;url=https%3A%2F%2Fmnpdebt.ca%2Fen%2Fcorporate%2Fother-services%2Fclass-action-claims-administration;uht=2;fpan=1;fpa=P0-66494634-1719750439384;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=mnpdebt.ca;dst=1;et=1719750439517;tzo=420;ogl=title.Class%20Action%20Claims%20Administration%2Csite_name.MNPDebt%252Eca%2Curl.https%3A%2F%2Fmnpdebt%252Eca%2Fen%2Fcorporate%2Fother-services%2Fclass-action-claims-administratio%2Ctype.article%2Clocale.en_US%2Cauthor.https%3A%2F%2Fwww%252Efacebook%252Ecom%2FMNPDebt%2F;ses=993b01b0-1ab8-44b4-ab54-c7d155b2e993;mdl=
Requested by
Host: mnpdebt.ca
URL: https://mnpdebt.ca/en/corporate/other-services/class-action-claims-administration
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.184.67.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 12:27:19 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[{"label":["YSA7yGTOzwNEmvjBdNjlSQ=="],"pcode":["p-ZvkjxaQPZCZrY"]}],"trigger_data":"1"}]}
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
collect
z.clarity.ms/ 		0
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://z.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.10.16.51 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/x-clarity-gzip
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://mnpdebt.ca
Date
Sun, 30 Jun 2024 12:27:19 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
en-US.json
cdn.userway.org/widgetapp/2024-06-27-16-59-15/locales/ 		621 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2024-06-27-16-59-15/locales/en-US.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-06-27-16-59-15/widget_app_base_1719507555902.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.177.17 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
135577161.nyc.cdn77.com
Software
CDN77-Turbo /
Resource Hash
4ad9a5493aafc1f43e8882aeb9d07b945139ad6326d82a04b5237ee1a3283538

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
newyorkUSNY
date
Sun, 30 Jun 2024 12:27:19 GMT
via
1.1 f6acfb143216fabf7be9b3a603a486ae.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
JFK50-P7
age
233
x-amz-server-side-encryption
AES256
x-accel-date-max
1719508614
x-77-cache
HIT
x-cache
HIT
x-age
241825
x-accel-date
1719508614
x-77-nzt
EgwBWbuxDwH3obADAAwBnJI73wH3bAIAAA
x-accel-expires
@1745427994
x-77-age
241825
last-modified
Thu, 27 Jun 2024 17:01:20 GMT
server
CDN77-Turbo
etag
W/"85d8c40aac9c25bb0b993d4aa039a56f"
x-77-nzt-ray
49be1408e338c91a274f81667b24a028
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
EFaKm1n5AIOv7Rh_7Q0SCSeoS0MfQaGMvHwY0Ri3AkdAUUFIkHZsZw==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
usermatch.krxd.net
URL
https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=1b079f94-b1e5-4b5d-94fb-63e7d6614a98

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Domain/Path Name / Value
.mnpdebt.ca/ Name: TiPMix
Value: 29.43162243759877
.mnpdebt.ca/ Name: x-ms-routing-name
Value: self
mnpdebt.ca/ Name: website#lang
Value: en
mnpdebt.ca/ Name: ASP.NET_SessionId
Value: qvyot0jm0oq4uojr1bs30yrn
mnpdebt.ca/ Name: SC_ANALYTICS_GLOBAL_COOKIE
Value: 58f44ac6f94d45b9818eb69fb3bb4f6d|False
mnpdebt.ca/ Name: __RequestVerificationToken
Value: cxRAtcD9CbZA-3rZpFYj4yMhuLgieGIcGMVCOqVtox0_SxQFFvKQ-elwYSFn8RWEzJ8xGDaBedzicOSWLz_DS8qkVav61uy7KK7G-44khss1
.mnpdebt.ca/ Name: ARRAffinity
Value: d5662bd33430a946863eb024911489da589692fa2c78d750cd0c7fc756c6befa
.mnpdebt.ca/ Name: ARRAffinitySameSite
Value: d5662bd33430a946863eb024911489da589692fa2c78d750cd0c7fc756c6befa
.mnpdebt.ca/ Name: _vwo_uuid_v2
Value: DD63A2A723C8DEF43C9C613EA9D6A313E|20123229951c0fab68c6240ba602dd89
.mnpdebt.ca/ Name: _gcl_au
Value: 1.1.1266898220.1719750439
.mnpdebt.ca/ Name: _ga_6RC3RCYLF9
Value: GS1.1.1719750439.1.0.1719750439.0.0.0
.adsrvr.org/ Name: TDID
Value: 1b079f94-b1e5-4b5d-94fb-63e7d6614a98
.mnpdebt.ca/ Name: _ga_W5EX2YL3V5
Value: GS1.1.1719750439.1.0.1719750439.0.0.0
.mnpdebt.ca/ Name: _ga
Value: GA1.2.651102306.1719750439
.mnpdebt.ca/ Name: _gid
Value: GA1.2.1270067286.1719750439
www.clarity.ms/ Name: CLID
Value: 1b093dff5d474df783bfd83b662756b6.20240630.20250630
.mnpdebt.ca/ Name: _dc_gtm_UA-2003895-43
Value: 1
.mnpdebt.ca/ Name: _fbp
Value: fb.1.1719750439428.61761917241623465
.mnpdebt.ca/ Name: _clck
Value: 1g9022s%7C2%7Cfn2%7C0%7C1642
.t.co/ Name: muc_ads
Value: 31308b3b-d59b-455e-921e-3e77152869c8
.quantserve.com/ Name: mc
Value: 66814f27-8892d-c1ef4-aa726
.mnpdebt.ca/ Name: __qca
Value: P0-66494634-1719750439384
.twitter.com/ Name: personalization_id
Value: "v1_6F+BEib8T+qkaILFUKoCtg=="
.doubleclick.net/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.mnpdebt.ca/ Name: _clsk
Value: 1koxitc%7C1719750439772%7C1%7C1%7Cz.clarity.ms%2Fcollect
.yahoo.com/ Name: A3
Value: d=AQABBChPgWYCEIr1Pz-uiLBgJuKMRp_ExUMFEgEBAQGggmaLZiXaxyMA_eMAAA&S=AQAAAntvB03wMsczc5M-h01Exok
.doubleclick.net/ Name: IDE
Value: AHWqTUkxaAXv9v1gbRoHO4adLQ17-YsBkpJvlT9UbER_V0gcpva_hn3kwjmT-_JC
.demdex.net/ Name: demdex
Value: 44740498124315872152978082079126334567
.dpm.demdex.net/ Name: dpm
Value: 44740498124315872152978082079126334567
.bluekai.com/ Name: bku
Value: YCD99YkwQVRJ05D9
.bluekai.com/ Name: bkpa
Value: KJy9Z9O7d02pSUHknpDpmeRdSVx21V/yBpkZmEx+RMakBu66RMPAnEA6jZ/+BMBkBtxtBMW6REATJZ5Azc/21Yj7jcO0UtBFq7Bkq7x2J7Jkjsk0wVC65cOpJEBOJEJsJEJsqVa6RtQrRVHpz7j0nZ20j0D0H7H0RVBgJEJsRtNZJEJsjtPrjUJoR0DpH7H6ja2ySVxk16HiqcPkStao9yeGYEep
.adsrvr.org/ Name: TDCPM
Value: CAESEwoEa3J1eBILCNbujOWGkIE9EAUSEgoDYWFtEgsI2rLh9IaQgT0QBRIWCgdibHVla2FpEgsI5sCz1sDCjD0QBRIXCghhcHBuZXh1cxILCO6Y8fiGkIE9EAUYBSACKAEyCwi8h7qB18KMPRAFOAFCBCICCAFaB3YwYTgzeGZgAXIIYXBwbmV4dXM.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1

2 Console Messages

Source Level URL
Text
security error URL: https://static.olark.com/
Message:
Refused to frame 'blob:https://mnpdebt.ca/f4f07724-a4cb-4836-83e7-dd566e8b31b4' because it violates the following Content Security Policy directive: "frame-src 'self' *.ceros.com *.postescanada-canadapost.ca *.azurefd.net *.dynamics.com *.userway.org *.evidon.com *.ghostretail.com *.googlesyndication.com *.hsforms.net *.mnp.ca *.podcasts.apple.com *.spotify.com *.olark.com *.pages.ubembed.com *.hsforms.com calendly.com *.sendthisfile.com *.sharethis.com *.hotjar.com *.consensu.org *.adsrvr.org *.youtube.com *.vimeo.com *.wufoo.com *.doubleclick.net insight.adsrvr.org www.facebook.com www.google.com".
network error URL: https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=1b079f94-b1e5-4b5d-94fb-63e7d6614a98
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' d1mj578wat5n4o.cloudfront.net cdn.jsdelivr.net polyfill.io js.zi-scripts.com *.ceros.com *.moosend.com *.postescanada-canadapost.ca *.azurefd.net *.azureedge.net *.stat-track.com *.ghostretail.com *.userway.org *.clearbitjs.com *.evidon.com *.clearbitscripts.com *.bing.com *.clarity.ms qvdt3feo.com *.esnlocco.com *.google.ca *.zscalerthree.net *.googlesyndication.com *.fontawesome.com *.demandbase.com *.6sc.co cdnjs.cloudflare.com *.actonsoftware.com *.mnp.ca *.callrail.com *.adnxs.com *.hscollectedforms.net *.hs-banner.com *.hsadspixel.net *.hs-analytics.net *.hs-scripts.com *.googleadservices.com gtm.js *.olark.com *.visualwebsiteoptimizer.com *.wufoo.com *.hsforms.com *.hsforms.net data.processwebsitedata.com *.calendly.com *.ubembed.com *.js.ubembed.com *.googleapis.com *.hubspot.com *.youtube.com *.vimeocdn.com *.stackadapt.com *.simpli.fi *.sharethis.com *.licdn.com *.hotjar.com *.googletagmanager.com *.jquery.com *.google.com www.gstatic.com www.google-analytics.com connect.facebook.net js.adsrvr.org platform.twitter.com secure.quantserve.com static.ads-twitter.com rules.quantcount.com insight.adsrvr.org analytics.twitter.com *.doubleclick.net; style-src 'unsafe-inline' 'self' cdn.jsdelivr.net *.bootstrapcdn.com *.moosend.com *.postescanada-canadapost.ca *.azurefd.net *.userway.org cdnjs.cloudflare.com *.actonsoftware.com *.mnp.ca *.googletagmanager.com *.olark.com *.typekit.net fonts.googleapis.com; font-src cdn.jsdelivr.net *.bootstrapcdn.com *.postescanada-canadapost.ca *.azurefd.net *.userway.org cdnjs.cloudflare.com *.mnp.ca *.fontawesome.com *.olark.com fonts.gstatic.com use.typekit.net; img-src 'self' data: *.dynamics.com obs.esnlocco.com *.designer-images.net *.postescanada-canadapost.ca *.azurefd.net *.ghostretail.com cdn.jsdelivr.net *.krxd.net *.userway.org *.evidon.com *.clarity.ms *.bing.com *.zscalerthree.net *.website-files.com *.rlcdn.com *.company-target.com *.bidr.io *.6sc.co *.sharethis.com *.twitter.com *.adnxs.com *.hsforms.com *.atedra.com *.olark.com *.visualwebsiteoptimizer.com *.gstatic.com *.googleapis.com *.hubspot.com *.googletagmanager.com *.facebook.net *.adsymptotic.com *.linkedin.com *.stackadapt.com *.google.ca *.google.com *.google.co.in *.doubleclick.net *.adsrvr.org pixel.quantserve.com www.google-analytics.com www.facebook.com dpm.demdex.net t.co; connect-src 'self' ws: *.sitecorecloud.io members-utilities-service-web.m-operations.com server-side-tagging-i5xuhybifq-uc.a.run.app js.zi-scripts.com obs.esnlocco.com *.postescanada-canadapost.ca *.azurefd.net *.googlesyndication.com *.m-pages.com *.stat-track.com *.hscollectedforms.net *.googleadservices.com *.dynamics.com *.evidon.com *.linkedin.com *.ghostretail.com *.userway.org *.clearbit.com *.clarity.ms *.facebook.com bcp.crwdcntrl.net *.google.com *.linkedin.oribi.io *.google.ca *.fontawesome.com *.adnxs.com *.company-target.com *.6sc.co *.callrail.com *.visualwebsiteoptimizer.com app.vwo.com *.hubapi.com *.hubspot.com *.olark.com *.events.ubembed.com *.hsforms.com *.s3.amazonaws.com *.hotjar.com *.hotjar.io *.sharethis.com *.google-analytics.com analytics.google.com *.googleapis.com *.doubleclick.net; frame-src 'self' *.ceros.com *.postescanada-canadapost.ca *.azurefd.net *.dynamics.com *.userway.org *.evidon.com *.ghostretail.com *.googlesyndication.com *.hsforms.net *.mnp.ca *.podcasts.apple.com *.spotify.com *.olark.com *.pages.ubembed.com *.hsforms.com calendly.com *.sendthisfile.com *.sharethis.com *.hotjar.com *.consensu.org *.adsrvr.org *.youtube.com *.vimeo.com *.wufoo.com *.doubleclick.net insight.adsrvr.org www.facebook.com www.google.com; form-action 'self' *.postescanada-canadapost.ca *.azurefd.net *.mnp.ca www.facebook.com *.hsforms.com; media-src 'unsafe-inline' 'self' *.ghostretail.com
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4653320.fls.doubleclick.net
ad.doubleclick.net
analytics.twitter.com
api.userway.org
cdn.jsdelivr.net
cdn.userway.org
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
dev.visualwebsiteoptimizer.com
e.metaclassaction.ca
fonts.googleapis.com
fonts.gstatic.com
js.adsrvr.org
mnpdebt.ca
pixel.quantserve.com
platform.twitter.com
rules.quantcount.com
secure.quantserve.com
static.ads-twitter.com
static.olark.com
stats.g.doubleclick.net
t.co
usermatch.krxd.net
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
z.clarity.ms
usermatch.krxd.net
104.17.24.14
104.244.42.67
104.25.109.37
13.107.253.38
13.226.34.100
13.32.206.122
142.251.167.157
142.251.174.95
146.75.28.157
151.101.129.229
151.101.2.137
172.253.63.97
173.194.205.148
173.194.68.101
173.194.68.105
173.194.68.106
173.194.68.94
192.184.67.40
192.229.163.53
20.10.16.51
209.85.144.149
209.85.201.94
31.13.66.19
31.13.66.35
34.209.139.196
34.96.102.137
52.41.58.18
72.21.81.130
72.21.91.66
89.187.177.17
02c1e6836e694a3ae8c67e686fa784611c7ffcfeaea89f0dc93598505b36eef4
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747
069f7391913410b9868753914bcc1b773ae9cfb2a5bede9c5b1fa2935c9f17a7
06e8011d8b9612a7f89e44e9fb2a98466b192f2b48686047c1e6d3458baf538b
091c00ce81345bde1558bf6dfe758287f5d4d2ed5b2c8cbb8cedb3c3eced93e8
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0ec782544506a0aea967ea044659c633e1ee735b79e5172cb263797cc5cefe3a
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d74c2425b33639f51775cf217ebffb59cce7db757832e85cb8635d056eac020
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2a1a07658cc205ff9113b7396c882b0f5f2f54b37172c1faf63f879621f4ac75
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
3b36f6814fd2a520335c38988d0620c4bd15dd392977bd58ab89faae4d474ede
3bcd802e9f77849e7c1e93c87279fbbb04d45949d2be79b03566ceacde29b158
3de5d95c37f68113fb797eae0e47636ff7a87b0e2bb7a6381d0d47f50c9ab389
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
4ad9a5493aafc1f43e8882aeb9d07b945139ad6326d82a04b5237ee1a3283538
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
54c8f9143b9c1dca56c7383e1e47a92645920ed6a622843de5aefcb56984a1f9
58724aeddf414726819108c266a7da794bf2603fc7c6198c71ed02034013a901
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
634422c5d20bcf9f20b94ea44d0bffb0ce9265285d0a7b58da5c0fda06612808
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6df2f707e202c252a9f0432a5ecef4cf120da5f693e9ea20bc4dcda8e755bc1d
6e5796b305c2ded0c1fe1e1030292b10558a5e21135bfba10f638ddfa02702b7
76eea4bd978fa1b33ea455310626fa5455fbf90cf88ca65a48d360ca612dadea
7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521
7941c043b215ecc58d18e696d42abbd225eb0baa075cb5e31027725cc5312fce
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
7cf5ef9e9fc228971d6c3b3c8c642c1aa1106b83e7e3a3fee02eac50ea38d2cb
7f656d739e465b514b1f69fc14e61cc25379cb88d9f3cd3e715d554a4a05dc15
7fdf5dba56c6c63019c5afca96530a0898d7e54845bbc9c4879eeed582b9d73b
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
97d4f5509d3edb8007b44536def55e06e977243e2357d7f3bcb3c4bcc25151f1
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
afd2d099307fc78c161dc1574920c7268ad8c0e8b6a896f58dae6b61d48c5a9d
cc9ca34ce5f57c535478fbed11becf2a01f88c67b327bee43b8f391cae86b755
cfce45fef72ed85dc66c57fd1fa7262f9686b08188832fbfce26a7a467d455b0
d8e1f6211c190443fd6bafdc485b9dc339e700bde83352a3aa6b18c695c4c7d8
da977ec0e3d46db3e50bf3921789e96d0fe919b1782ba9f997668ef9d05a49c4
ddb7aa10eb158d87b05d5c3ad89d6dd5dc12fc61732277e22c9a8929b85bb96d
de1805522e8bde4516893684590f431b5bc8716638f3b9cdbf4e987767e61a65
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1a52c0a06fa9f65e015b02e7ec463fd621211a9d2ae44b6660597900e927fbb
e1dcd949e0bd62ab6b344b3a56d357a14d0de2f586fe3a1e3ade1801759321e4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2
e58019bec5dcd8d0d8a8012a9a66bc0583c5caa160e5667700fc911a5e0f8879
e608c734173b92e76481d1999e65364a77736bed583cf63a082a9329d72ff662
f00a508f0711aad92ad7b355dfe603372414d01d9fff1ab40094b486df11ac75
f4576694d2b2342498a8e1356de423ea3e3ddcc9ad3f58f3f4bdeac54de24675
f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5
f8a7a150c84b08ccf6215ef1c48969c50c66734e1e767e941e06ea9c8a09ee3b
ff0888af97e62faab4c7441c3b2b18e9bb4a1a5144d99dc8d6e29c721d1fce23