d1zju218wgm85j.cloudfront.net Open in urlscan Pro
99.86.227.57 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://d1zju218wgm85j.cloudfront.net/index.html
Submission: On February 21 via manual (February 21st 2024, 3:47:24 pm UTC) from CA — Scanned from CA

Summary HTTP 62 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 8 domains to perform 62 HTTP transactions. The main IP is 99.86.227.57, located in United States and belongs to AMAZON-02, US. The main domain is d1zju218wgm85j.cloudfront.net.
TLS certificate: Issued by Amazon RSA 2048 M01 on October 10th 2023. Valid for: a year.

This is the only time d1zju218wgm85j.cloudfront.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Tech Support Scam (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
27	99.86.227.57 99.86.227.57	16509 (AMAZON-02) (AMAZON-02)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.253.62.95 172.253.62.95	15169 (GOOGLE) (GOOGLE)
1	15.204.213.5 15.204.213.5	16276 (OVH) (OVH)
26	104.22.25.131 104.22.25.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.253.63.94 172.253.63.94	15169 (GOOGLE) (GOOGLE)
1	104.22.24.131 104.22.24.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.129.229 151.101.129.229	54113 (FASTLY) (FASTLY)
62	10

27 99.86.227.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-227-57.iad79.r.cloudfront.net

d1zju218wgm85j.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.62.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.204.213.5 (Reston, United States)

ASN16276 (OVH, FR)
PTR: ns1019603.ip-15-204-213.us

ipwho.is	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 104.22.25.131 (None, )

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.63.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.24.131 (None, )

ASN13335 (CLOUDFLARENET, US)

va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	tawk.to embed.tawk.to — Cisco Umbrella Rank: 10203 va.tawk.to — Cisco Umbrella Rank: 9934	234 KB
27	cloudfront.net d1zju218wgm85j.cloudfront.net	2 MB
2	gstatic.com fonts.gstatic.com	43 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3222 maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1217	22 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 353	41 KB
1	ipwho.is ipwho.is — Cisco Umbrella Rank: 90496	967 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 257	27 KB
62	8

	Domain	Requested by
27	d1zju218wgm85j.cloudfront.net	d1zju218wgm85j.cloudfront.net
22	embed.tawk.to	d1zju218wgm85j.cloudfront.net embed.tawk.to
5	va.tawk.to	embed.tawk.to
2	fonts.gstatic.com	d1zju218wgm85j.cloudfront.net
1	cdn.jsdelivr.net	embed.tawk.to
1	ipwho.is	d1zju218wgm85j.cloudfront.net
1	fonts.googleapis.com	d1zju218wgm85j.cloudfront.net
1	maxcdn.bootstrapcdn.com	d1zju218wgm85j.cloudfront.net
1	stackpath.bootstrapcdn.com	d1zju218wgm85j.cloudfront.net
1	cdnjs.cloudflare.com	d1zju218wgm85j.cloudfront.net
62	10

This site contains no links.

Subject Issuer	Validity	Valid
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-01-28` - `2024-04-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
ipwho.is GoGetSSL ECC DV CA	`2023-04-05` - `2024-04-05`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://d1zju218wgm85j.cloudfront.net/index.html
Frame ID: 61D2DF74A123C079AF9412FFD86AD558
Requests: 54 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/65cc2ba794a/css/min-widget.css
Frame ID: AD9863C898B8A8CC303872C888C9F024
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/65cc2ba794a/css/bubble-widget.css
Frame ID: FE8C900C10EAEA073F30F1D722B10E97
Requests: 3 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/65cc2ba794a/css/message-preview.css
Frame ID: 994DD2CDE5362DF657B57B8DF7ED6927
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/65cc2ba794a/css/max-widget.css
Frame ID: C18AA0C35016473FB2450F8BF8C4B0C2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Windows Help Support Assistance Er#0USA0Y0dv107

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Tawk.to (Live Chat) Expand

Overall confidence: 100%
Detected patterns

//embed\.tawk\.to

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

62
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

10
Subdomains

10
IPs

2
Countries

2061 kB
Transfer

3126 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

62 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request index.html Show response
d1zju218wgm85j.cloudfront.net/ 23 KB
7 KB 135ms
41ms Document
text/html 99.86.227.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1zju218wgm85j.cloudfront.net/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.227.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-227-57.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f888404571253ab0986377126532b59d11b8e243487bc638afb6b850d39b4082

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 1669
alt-svc: h3=":443"; ma=86400
content-encoding: br
content-type: text/html
date: Wed, 21 Feb 2024 15:19:31 GMT
etag: W/"3fce9a12e9c9d9e6c1e0dc638750e4ad"
last-modified: Tue, 20 Feb 2024 13:20:34 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 d91f9d07d2d79c22681fc8eb4b5f2698.cloudfront.net (CloudFront)
x-amz-cf-id: GVdn2B75Q-V4y7eQA5pV9fMLopqCL3F6MSUIZHp6AQvYGwJyGQtzsA==
x-amz-cf-pop: IAD79-C3
x-cache: Hit from cloudfront

GET
H2 200 styles.css
d1zju218wgm85j.cloudfront.net/ 9 KB
3 KB 112ms
106ms Stylesheet
text/css 99.86.227.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1zju218wgm85j.cloudfront.net/styles.css
Requested by: Host: d1zju218wgm85j.cloudfront.net
URL: https://d1zju218wgm85j.cloudfront.net/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.227.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-227-57.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 01636ecfca5739b01656148dd7b5e69b306eb9df19909f7766e5da0e2cf7dcec

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1zju218wgm85j.cloudfront.net/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:19:32 GMT
content-encoding: br
via: 1.1 d91f9d07d2d79c22681fc8eb4b5f2698.cloudfront.net (CloudFront)
last-modified: Sat, 16 Dec 2023 14:19:00 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C3
age: 1668
etag: W/"d33a8d0551566f40f96f3f3a9ecbdaf1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: VL5-4OUtF8aZawNroVqijzAtL77posllN3tHjD2H5s9titDjourcdQ==

GET
H2 200 font.css
d1zju218wgm85j.cloudfront.net/ 9 KB
1 KB 46ms
41ms Stylesheet
text/css 99.86.227.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1zju218wgm85j.cloudfront.net/font.css
Requested by: Host: d1zju218wgm85j.cloudfront.net
URL: https://d1zju218wgm85j.cloudfront.net/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.227.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-227-57.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 53093b13f65eace60f016990e2c0a58cae83a24ff387c5755802d2ed08eae6d3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1zju218wgm85j.cloudfront.net/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:19:32 GMT
content-encoding: br
via: 1.1 d91f9d07d2d79c22681fc8eb4b5f2698.cloudfront.net (CloudFront)
last-modified: Sat, 16 Dec 2023 14:19:09 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C3
age: 1668
etag: W/"ac3c2f5ed40e98c33ded74ae0185de11"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: -Xg4gq3wG18ycZzbs87kUZnIWiFl26nJkc-LAPa20PFZD5I5xbTlPg==

GET
H2 200 scripts.js Show response
d1zju218wgm85j.cloudfront.net/ 7 KB
1 KB 112ms
107ms Script
application/javascript 99.86.227.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1zju218wgm85j.cloudfront.net/scripts.js
Requested by: Host: d1zju218wgm85j.cloudfront.net
URL: https://d1zju218wgm85j.cloudfront.net/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.227.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-227-57.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fd81f5c9b3d3ea7103cc5bb1ec1f8fcf884c34de85a6d3c243bd4bf3b4ac6082

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1zju218wgm85j.cloudfront.net/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:19:32 GMT
content-encoding: br
via: 1.1 d91f9d07d2d79c22681fc8eb4b5f2698.cloudfront.net (CloudFront)
last-modified: Sat, 16 Dec 2023 14:19:02 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C3
age: 1668
etag: W/"73aeb27a5cac0b531e7e88f7028cf3e8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: X2b9BcT1yBQ9pW1Eqd1Wsz6tvHUxwowWnJrHfQvgQZhvwWPqa8dGFQ==

GET
H2 200 fulls.js Show response
d1zju218wgm85j.cloudfront.net/ 611 B
951 B 44ms
39ms Script
application/javascript 99.86.227.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1zju218wgm85j.cloudfront.net/fulls.js
Requested by: Host: d1zju218wgm85j.cloudfront.net
URL: https://d1zju218wgm85j.cloudfront.net/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.227.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-227-57.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 80d352d0d1a44277ebae0e4d742ad3c7cde79665b6ce97fafe321985cd6f92a6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1zju218wgm85j.cloudfront.net/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:19:32 GMT
via: 1.1 d91f9d07d2d79c22681fc8eb4b5f2698.cloudfront.net (CloudFront)
last-modified: Sat, 16 Dec 2023 14:19:08 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C3
age: 1668
etag: "f6a69ca61078d07b030a226706726b77"
x-cache: Hit from cloudfront
content-type: application/javascript
alt-svc: h3=":443"; ma=86400
content-length: 611
x-amz-cf-id: xB0_A3eBEyE1CGxdtpHs4f2ypPBwIET-he1ehCjXb7zbs-QyZ5svbg==

GET
H2 200 close.js Show response
d1zju218wgm85j.cloudfront.net/ 209 B
551 B 111ms
107ms Script
application/javascript 99.86.227.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1zju218wgm85j.cloudfront.net/close.js
Requested by: Host: d1zju218wgm85j.cloudfront.net
URL: https://d1zju218wgm85j.cloudfront.net/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.227.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-227-57.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 38087c95e0084a481fac0742650c506e77dc2f4622dea9ed8228efc6d011e68b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1zju218wgm85j.cloudfront.net/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:19:32 GMT
via: 1.1 d91f9d07d2d79c22681fc8eb4b5f2698.cloudfront.net (CloudFront)
last-modified: Sat, 16 Dec 2023 14:19:06 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C3
age: 1668
etag: "1afd743e2ca76f064c8aeea986b2c5e1"
x-cache: Hit from cloudfront
content-type: application/javascript
alt-svc: h3=":443"; ma=86400
content-length: 209
x-amz-cf-id: UUZ9FZKTOtDn5RWrSoxCEQ-WwgQDdLEU-4ttHgPoRz3q7ARgPQULWg==

GET
H2 200 main.js Show response
d1zju218wgm85j.cloudfront.net/ 136 B
477 B 112ms
108ms Script
application/javascript 99.86.227.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1zju218wgm85j.cloudfront.net/main.js
Requested by: Host: d1zju218wgm85j.cloudfront.net
URL: https://d1zju218wgm85j.cloudfront.net/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.227.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-227-57.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 40383268ae43e7728b7dd4eef04a011a429ec9613ec88412146e769feca8b2b5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1zju218wgm85j.cloudfront.net/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:19:32 GMT
via: 1.1 d91f9d07d2d79c22681fc8eb4b5f2698.cloudfront.net (CloudFront)
last-modified: Sat, 16 Dec 2023 14:19:05 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C3
age: 1668
etag: "a53db7d25dbb7de54a1cec2f2744827a"
x-cache: Hit from cloudfront
content-type: application/javascript
alt-svc: h3=":443"; ma=86400
content-length: 136
x-amz-cf-id: WDnNMEJUf4r7LdlrBtft3vZOC3pgPMRpr5W9MgiDNOcWcvu1ErpZPg==

GET
H2 200 keyup.js Show response
d1zju218wgm85j.cloudfront.net/ 253 B
594 B 112ms
109ms Script
application/javascript 99.86.227.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1zju218wgm85j.cloudfront.net/keyup.js
Requested by: Host: d1zju218wgm85j.cloudfront.net
URL: https://d1zju218wgm85j.cloudfront.net/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.227.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-227-57.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0e55d66a6b94cc98f8d97d9eb24342d1e230e9ca91a1f0e26d905c87dfcccefe

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1zju218wgm85j.cloudfront.net/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:19:32 GMT
via: 1.1 d91f9d07d2d79c22681fc8eb4b5f2698.cloudfront.net (CloudFront)
last-modified: Sat, 16 Dec 2023 14:19:04 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C3
age: 1668
etag: "e7cb64f56827f2696a990cfd1338324d"
x-cache: Hit from cloudfront
content-type: application/javascript
alt-svc: h3=":443"; ma=86400
content-length: 253
x-amz-cf-id: 84g2uX0GzIgr8aNhk_BfyljcXQ0rCpuixZ08Jf1utm1VlMvgysRDcA==

GET
H2 200 escs.js Show response
d1zju218wgm85j.cloudfront.net/ 81 B
422 B 45ms
41ms Script
application/javascript 99.86.227.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1zju218wgm85j.cloudfront.net/escs.js
Requested by: Host: d1zju218wgm85j.cloudfront.net
URL: https://d1zju218wgm85j.cloudfront.net/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.227.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-227-57.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c91ceb0cfb8cd8e2b3be5dbf35a3f4bae2ede45daa20a13a88d01e3c1185db4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1zju218wgm85j.cloudfront.net/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:19:32 GMT
via: 1.1 d91f9d07d2d79c22681fc8eb4b5f2698.cloudfront.net (CloudFront)
last-modified: Sat, 16 Dec 2023 14:19:03 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C3
age: 1668
etag: "0fdf9081e7a09c3b7b8dcc2fab08d4f4"
x-cache: Hit from cloudfront
content-type: application/javascript
alt-svc: h3=":443"; ma=86400
content-length: 81
x-amz-cf-id: NTpYIN3GB5zqpHpzEXV1vby7gY77Fec9o0gMZD2ZBDk6ksSIgw_IJw==

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/ 82 KB
27 KB 82ms
37ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: d1zju218wgm85j.cloudfront.net
URL: https://d1zju218wgm85j.cloudfront.net/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1zju218wgm85j.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:47:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 24677
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 26660
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-14983"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wVhWZ%2F8c1o%2Bp%2BEbXSGYNnLuwyWaJFx52PEPMB0TD8sPPqd79OO%2BlgtRLL7DWEb45e8siSXS0Fsidz7jWps5f3lZ4zT5KCmIOGSSBq6kHBoBWDzK4EIX7OH4MkiXjO2zorz%2F%2B75Rg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8590208cdc49a20b-YYZ
expires: Mon, 10 Feb 2025 15:47:19 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/ 59 KB
16 KB 87ms
42ms Script
application/javascript 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js

Requested by

Host: d1zju218wgm85j.cloudfront.net
URL: https://d1zju218wgm85j.cloudfront.net/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://d1zju218wgm85j.cloudfront.net/
Origin: https://d1zju218wgm85j.cloudfront.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:47:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 871
age: 1668
cdn-cachedat: 01/05/2024 05:41:23
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"02d223393e00c273efdcb1ade8f4f8b1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: b6104d8caa25d2c7022059e26a44ddc7
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8590208cd9ada1db-YYZ
cdn-requestpullsuccess: True

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 27 KB
7 KB 81ms
36ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Requested by

Host: d1zju218wgm85j.cloudfront.net
URL: https://d1zju218wgm85j.cloudfront.net/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1zju218wgm85j.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:47:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1047
age: 7188536
cdn-cachedat: 10/31/2023 18:58:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"4fbd15cb6047af93373f4f895639c8bf"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 636c547408716b12e0429001e52d27d0
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 8590208cdec9a250-YYZ
cdn-requestpullsuccess: True

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
1 KB 119ms
45ms Stylesheet
text/css 172.253.62.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Google+Sans+Text:wght@400;500;700&display=swap

Requested by

Host: d1zju218wgm85j.cloudfront.net
URL: https://d1zju218wgm85j.cloudfront.net/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f95.1e100.net

Software

ESF /

Resource Hash

7f750d218718dbc45d41a9908008a1ba5b0d32cba9fa57e0691e30e9abc7df29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1zju218wgm85j.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Feb 2024 15:47:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 21 Feb 2024 14:29:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Feb 2024 15:47:19 GMT

GET
H2 200 cross.png
d1zju218wgm85j.cloudfront.net/ 377 KB
378 KB 49ms
47ms Image
image/png 99.86.227.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1zju218wgm85j.cloudfront.net/cross.png
Requested by: Host: d1zju218wgm85j.cloudfront.net
URL: https://d1zju218wgm85j.cloudfront.net/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.227.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-227-57.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c3ad6aa1c03fd108854f008cfec2753ba623e1470a4d61798b5d8c050e474868

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1zju218wgm85j.cloudfront.net/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:19:32 GMT
via: 1.1 d91f9d07d2d79c22681fc8eb4b5f2698.cloudfront.net (CloudFront)
last-modified: Sat, 16 Dec 2023 14:19:30 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C3
age: 1668
etag: "be42ad7752720327d28bf52dbdbb64c2"
x-cache: Hit from cloudfront
content-type: image/png
alt-svc: h3=":443"; ma=86400
content-length: 386359
x-amz-cf-id: 6S687mUy8S60BsrOut6WgNk7zuGRQ3yWxIOoAfib7is3gTbmLH6jCw==

GET
H2 200 gif1.gif
d1zju218wgm85j.cloudfront.net/ 10 KB
10 KB 109ms
108ms Image
image/gif 99.86.227.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1zju218wgm85j.cloudfront.net/gif1.gif
Requested by: Host: d1zju218wgm85j.cloudfront.net
URL: https://d1zju218wgm85j.cloudfront.net/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.227.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-227-57.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a38ce8950f9fd31142fa9f3f673db29058f43989dd4415118bc8d223d0302f77

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1zju218wgm85j.cloudfront.net/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:19:32 GMT
via: 1.1 d91f9d07d2d79c22681fc8eb4b5f2698.cloudfront.net (CloudFront)
last-modified: Sat, 16 Dec 2023 14:19:21 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C3
age: 1668
etag: "cf757e37ce8b8abfb6418c3991b9f7e5"
x-cache: Hit from cloudfront
content-type: image/gif
alt-svc: h3=":443"; ma=86400
content-length: 10261
x-amz-cf-id: 4KEWnITZ37InWDJ6qrrZtvzFWaxMre9LW4F8FgLEEhtaE8H6vaDq7Q==

GET
H3 200 microsoft.png
d1zju218wgm85j.cloudfront.net/ 19 KB
20 KB 45ms
44ms Image
image/png 99.86.227.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1zju218wgm85j.cloudfront.net/microsoft.png
Requested by: Host: d1zju218wgm85j.cloudfront.net
URL: https://d1zju218wgm85j.cloudfront.net/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.86.227.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-227-57.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8f6cc14698864746b3bc0c6537501405f415048d28b6e9592fa91ccd3620e619

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1zju218wgm85j.cloudfront.net/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:19:32 GMT
via: 1.1 7c9d2cffb8d1fe464e9f78e42af1b34c.cloudfront.net (CloudFront)
last-modified: Sat, 16 Dec 2023 14:19:19 GMT
server: AmazonS3
age: 1668
x-amz-cf-pop: IAD79-C3
etag: "44c300eb9403d6b697b63c00be53faaf"
x-cache: Hit from cloudfront
content-type: image/png
alt-svc: h3=":443"; ma=86400
content-length: 19779
x-amz-cf-id: oXapalUKe9EGHS-aoCc_bE5PRGZmJj-q03Wg4wzzZ-asV32QucYRYA==

GET
H3 200 gif2.gif
d1zju218wgm85j.cloudfront.net/ 16 KB
17 KB 47ms
46ms Image
image/gif 99.86.227.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1zju218wgm85j.cloudfront.net/gif2.gif
Requested by: Host: d1zju218wgm85j.cloudfront.net
URL: https://d1zju218wgm85j.cloudfront.net/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.86.227.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-227-57.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4e1c30469b24a3e29ff7ee42e124056a91e2d5c892d1693d3ac51f456d1e1df4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1zju218wgm85j.cloudfront.net/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:19:32 GMT
via: 1.1 7c9d2cffb8d1fe464e9f78e42af1b34c.cloudfront.net (CloudFront)
last-modified: Sat, 16 Dec 2023 14:19:20 GMT
server: AmazonS3
age: 1668
x-amz-cf-pop: IAD79-C3
etag: "06fd43faa2a10ba021a6949dffd918df"
x-cache: Hit from cloudfront
content-type: image/gif
alt-svc: h3=":443"; ma=86400
content-length: 16699
x-amz-cf-id: q47ubloO7KfEpCnaRXzDnY_kyWEpJuWVF5TLk8GZaMd7oOK3zRbH4w==

GET
H3 200 bg1.png
d1zju218wgm85j.cloudfront.net/ 442 KB
442 KB 65ms
63ms Image
image/png 99.86.227.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1zju218wgm85j.cloudfront.net/bg1.png
Requested by: Host: d1zju218wgm85j.cloudfront.net
URL: https://d1zju218wgm85j.cloudfront.net/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.86.227.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-227-57.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1edb9e052a7a28fac55e39785dcdbe45a4e0d7beb6ed33404f526a982bcd5db

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1zju218wgm85j.cloudfront.net/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:19:32 GMT
via: 1.1 7c9d2cffb8d1fe464e9f78e42af1b34c.cloudfront.net (CloudFront)
last-modified: Sat, 16 Dec 2023 14:19:15 GMT
server: AmazonS3
age: 1668
x-amz-cf-pop: IAD79-C3
etag: "d5323f2c54dc00f22315e26233b79d45"
x-cache: Hit from cloudfront
content-type: image/png
alt-svc: h3=":443"; ma=86400
content-length: 452239
x-amz-cf-id: wIcj0hxWiixE9nHx35r3qYbhPrE2PdSiH2-czgZSkl1846CmTMiDLw==

GET
H3 200 minimize.jpeg
d1zju218wgm85j.cloudfront.net/ 17 KB
17 KB 44ms
41ms Image
image/jpeg 99.86.227.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1zju218wgm85j.cloudfront.net/minimize.jpeg
Requested by: Host: d1zju218wgm85j.cloudfront.net
URL: https://d1zju218wgm85j.cloudfront.net/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.86.227.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-227-57.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a85f1e749a829c5c909837844c6b53ce0a9ae2adb7c8eac0e7b96c372c679a0d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1zju218wgm85j.cloudfront.net/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:19:32 GMT
via: 1.1 7c9d2cffb8d1fe464e9f78e42af1b34c.cloudfront.net (CloudFront)
last-modified: Sat, 16 Dec 2023 14:19:38 GMT
server: AmazonS3
age: 1668
x-amz-cf-pop: IAD79-C3
etag: "4bf52eb9b3efce840add1a90d83a40e5"
x-cache: Hit from cloudfront
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400
content-length: 17173
x-amz-cf-id: qGIlg2zvARpdWwgamLPsvz8vvmx6PFlqnsDsKQlutL_vJOiHZmN8OA==

GET
H3 200 kxFy-clip.png
d1zju218wgm85j.cloudfront.net/ 542 B
814 B 65ms
62ms Image
image/png 99.86.227.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1zju218wgm85j.cloudfront.net/kxFy-clip.png
Requested by: Host: d1zju218wgm85j.cloudfront.net
URL: https://d1zju218wgm85j.cloudfront.net/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.86.227.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-227-57.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 91fb42a68a122344fd78cfd5f0cf9d06ff6d307fd4a5c68f40231c5950ece9a1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1zju218wgm85j.cloudfront.net/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:19:32 GMT
via: 1.1 7c9d2cffb8d1fe464e9f78e42af1b34c.cloudfront.net (CloudFront)
last-modified: Sat, 16 Dec 2023 14:19:36 GMT
server: AmazonS3
age: 1668
x-amz-cf-pop: IAD79-C3
etag: "0e9558d2d6e8000ce5c6c749c8fc67c2"
x-cache: Hit from cloudfront
content-type: image/png
alt-svc: h3=":443"; ma=86400
content-length: 542
x-amz-cf-id: -zQn4Tm4iI20aPtvO4OVgIR1M0Um52q_GoPIeIO4KfWS3J1MHDZPDA==

GET
H3 200 qsbs-firewall.png
d1zju218wgm85j.cloudfront.net/ 920 B
1 KB 46ms
43ms Image
image/png 99.86.227.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1zju218wgm85j.cloudfront.net/qsbs-firewall.png
Requested by: Host: d1zju218wgm85j.cloudfront.net
URL: https://d1zju218wgm85j.cloudfront.net/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.86.227.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-227-57.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 52b762d47c066e16300675d56cc359b504ffd3239438c96eb973864311bb7b79

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1zju218wgm85j.cloudfront.net/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:19:32 GMT
via: 1.1 7c9d2cffb8d1fe464e9f78e42af1b34c.cloudfront.net (CloudFront)
last-modified: Sat, 16 Dec 2023 14:19:42 GMT
server: AmazonS3
age: 1668
x-amz-cf-pop: IAD79-C3
etag: "b0495ede4c875843fec037c794e9ff9a"
x-cache: Hit from cloudfront
content-type: image/png
alt-svc: h3=":443"; ma=86400
content-length: 920
x-amz-cf-id: RMA4tQz4u0xhR2YdOpg2faCBCBeiuiuonjCmSbyXJhzOvRluwjIsmA==

GET
H3 200 s-S4-acc.png
d1zju218wgm85j.cloudfront.net/ 813 B
1 KB 63ms
60ms Image
image/png 99.86.227.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1zju218wgm85j.cloudfront.net/s-S4-acc.png
Requested by: Host: d1zju218wgm85j.cloudfront.net
URL: https://d1zju218wgm85j.cloudfront.net/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.86.227.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-227-57.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9edbf56b360080f5d6765dce77353b8130e9f8316ad34c68f6c2792cdc446321

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1zju218wgm85j.cloudfront.net/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:19:32 GMT
via: 1.1 7c9d2cffb8d1fe464e9f78e42af1b34c.cloudfront.net (CloudFront)
last-modified: Sat, 16 Dec 2023 14:19:44 GMT
server: AmazonS3
age: 1668
x-amz-cf-pop: IAD79-C3
etag: "d648c1837d01495eccd63e053491f72a"
x-cache: Hit from cloudfront
content-type: image/png
alt-svc: h3=":443"; ma=86400
content-length: 813
x-amz-cf-id: PHzizVJLVHTfKu0cVQIVA_0bIpaSm6TD34eN3Fx1pH-W7y4Vy7lhew==

GET
H3 200 Z5BR-network.png
d1zju218wgm85j.cloudfront.net/ 607 B
879 B 46ms
44ms Image
image/png 99.86.227.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1zju218wgm85j.cloudfront.net/Z5BR-network.png
Requested by: Host: d1zju218wgm85j.cloudfront.net
URL: https://d1zju218wgm85j.cloudfront.net/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.86.227.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-227-57.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c56a8ae4818963e0d71eda4ebf46b4f2cdd3a238537dc8e99711fb690d272a73

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1zju218wgm85j.cloudfront.net/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:19:32 GMT
via: 1.1 7c9d2cffb8d1fe464e9f78e42af1b34c.cloudfront.net (CloudFront)
last-modified: Sat, 16 Dec 2023 14:19:27 GMT
server: AmazonS3
age: 1668
x-amz-cf-pop: IAD79-C3
etag: "2cd03a547f00cad010f9038619df45de"
x-cache: Hit from cloudfront
content-type: image/png
alt-svc: h3=":443"; ma=86400
content-length: 607
x-amz-cf-id: tvt3uPiavTKFNBhZgx0B1LhoYJLjL_v3_UrpJUrs3ndF6kympamCgg==

GET
H3 200 uZbx-si.png
d1zju218wgm85j.cloudfront.net/ 5 KB
6 KB 64ms
62ms Image
image/png 99.86.227.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1zju218wgm85j.cloudfront.net/uZbx-si.png
Requested by: Host: d1zju218wgm85j.cloudfront.net
URL: https://d1zju218wgm85j.cloudfront.net/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.86.227.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-227-57.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92d8510869b3d581401a93130fa72e4b54c5bf28dc8005994c5248d9afbfc37b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1zju218wgm85j.cloudfront.net/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:19:32 GMT
via: 1.1 7c9d2cffb8d1fe464e9f78e42af1b34c.cloudfront.net (CloudFront)
last-modified: Sat, 16 Dec 2023 14:19:47 GMT
server: AmazonS3
age: 1668
x-amz-cf-pop: IAD79-C3
etag: "51147eb9734c3c0caf22aa77a80d96f0"
x-cache: Hit from cloudfront
content-type: image/png
alt-svc: h3=":443"; ma=86400
content-length: 5377
x-amz-cf-id: d3qg9FLPLmQX1g9cwYQjMMZFc1e3du4Lj6AYv2i8kowbvTe6iQMIMw==

GET
H3 200 -EBq-current.png
d1zju218wgm85j.cloudfront.net/ 1 KB
1 KB 64ms
62ms Image
image/png 99.86.227.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1zju218wgm85j.cloudfront.net/-EBq-current.png
Requested by: Host: d1zju218wgm85j.cloudfront.net
URL: https://d1zju218wgm85j.cloudfront.net/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.86.227.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-227-57.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1d52e31f7fc13cbb3efca8b0ec937ddd97a5ec545c4dad26193429db10d8662

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1zju218wgm85j.cloudfront.net/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:19:32 GMT
via: 1.1 7c9d2cffb8d1fe464e9f78e42af1b34c.cloudfront.net (CloudFront)
last-modified: Sat, 16 Dec 2023 14:19:22 GMT
server: AmazonS3
age: 1668
x-amz-cf-pop: IAD79-C3
etag: "35629cc2adc804353a548305f1217206"
x-cache: Hit from cloudfront
content-type: image/png
alt-svc: h3=":443"; ma=86400
content-length: 1162
x-amz-cf-id: IQjnVl2qGjPE3hCuanjwTjUe83XlT-zbFWbbdX4c_8hwMVYxFVd8ZQ==

GET
H3 200 nOxp-sett.png
d1zju218wgm85j.cloudfront.net/ 463 B
735 B 64ms
62ms Image
image/png 99.86.227.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1zju218wgm85j.cloudfront.net/nOxp-sett.png
Requested by: Host: d1zju218wgm85j.cloudfront.net
URL: https://d1zju218wgm85j.cloudfront.net/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.86.227.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-227-57.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9cffd13c2ce05ebe032709a88fa59504e1218a12b175ec40d5aab280c18be51e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1zju218wgm85j.cloudfront.net/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:19:32 GMT
via: 1.1 7c9d2cffb8d1fe464e9f78e42af1b34c.cloudfront.net (CloudFront)
last-modified: Sat, 16 Dec 2023 14:19:39 GMT
server: AmazonS3
age: 1668
x-amz-cf-pop: IAD79-C3
etag: "905d91c276116928fa306ea732723fa9"
x-cache: Hit from cloudfront
content-type: image/png
alt-svc: h3=":443"; ma=86400
content-length: 463
x-amz-cf-id: JEfAfxIOFb0E935ELTw8W01jkUd7LFcCicH-wApXDFYSkuoDuVUrlA==

GET
H3 200 web.png
d1zju218wgm85j.cloudfront.net/ 1 KB
1 KB 45ms
43ms Image
image/png 99.86.227.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1zju218wgm85j.cloudfront.net/web.png
Requested by: Host: d1zju218wgm85j.cloudfront.net
URL: https://d1zju218wgm85j.cloudfront.net/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.86.227.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-227-57.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1zju218wgm85j.cloudfront.net/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:19:32 GMT
via: 1.1 7c9d2cffb8d1fe464e9f78e42af1b34c.cloudfront.net (CloudFront)
last-modified: Sat, 16 Dec 2023 14:19:41 GMT
server: AmazonS3
age: 1668
x-amz-cf-pop: IAD79-C3
etag: "bf2b460590fbb9d8e9611a6e9006b816"
x-cache: Hit from cloudfront
content-type: image/png
alt-svc: h3=":443"; ma=86400
content-length: 1045
x-amz-cf-id: X5GFH0CtbxpLEiP1osrvHxuqZJ0_tW5b0skdPD_mrDNLxPtzc6Bihw==

GET
H3 200 scan-gif.gif
d1zju218wgm85j.cloudfront.net/ 21 KB
21 KB 61ms
59ms Image
image/gif 99.86.227.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1zju218wgm85j.cloudfront.net/scan-gif.gif
Requested by: Host: d1zju218wgm85j.cloudfront.net
URL: https://d1zju218wgm85j.cloudfront.net/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.86.227.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-227-57.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 83dccdf46a1e1a2ff501e989d3a8abdf5d5616bcaf407caf5379a8e00fc579c8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1zju218wgm85j.cloudfront.net/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:19:32 GMT
via: 1.1 7c9d2cffb8d1fe464e9f78e42af1b34c.cloudfront.net (CloudFront)
last-modified: Sat, 16 Dec 2023 14:19:45 GMT
server: AmazonS3
age: 1668
x-amz-cf-pop: IAD79-C3
etag: "7a777412e6abd752fe8de6cdec55a36a"
x-cache: Hit from cloudfront
content-type: image/gif
alt-svc: h3=":443"; ma=86400
content-length: 21676
x-amz-cf-id: YDQOjxHw89zqsoO0jQNdpwpEyVa0ar0nGkKt43KK2P0wdUiwSCHMqw==

GET
H/1.1 200
OK / Show response
ipwho.is/ 695 B
967 B 117ms
35ms XHR
application/json 15.204.213.5
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ipwho.is/?lang=en
Requested by: Host: d1zju218wgm85j.cloudfront.net
URL: https://d1zju218wgm85j.cloudfront.net/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 15.204.213.5 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS: ns1019603.ip-15-204-213.us
Software: ipwhois /
Resource Hash: 244dd7dd0538ec84df41f8b77df2f915a221e885cde8184a1b3c7ac5ca2f5964

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1zju218wgm85j.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 15:47:19 GMT
Server: ipwhois
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Robots-Tag: noindex
Access-Control-Allow-Headers: *

GET
H2 200 1hlv8oinb Show response
embed.tawk.to/65c230338d261e1b5f5cf063/ 2 KB
928 B 70ms
30ms Script
application/x-javascript 104.22.25.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/65c230338d261e1b5f5cf063/1hlv8oinb

Requested by

Host: d1zju218wgm85j.cloudfront.net
URL: https://d1zju218wgm85j.cloudfront.net/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.25.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d55bd712dd5d80e2612d61ca1a5ab9c1b29a70a12a0a9d6cf5d5d21d98a3fbcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://d1zju218wgm85j.cloudfront.net/
Origin: https://d1zju218wgm85j.cloudfront.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:47:19 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
server: cloudflare
age: 1668
etag: W/"stable-v4-65cc2ba794a"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
cf-ray: 8590208daa3b39db-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 206 _Fm7-alert.mp3
d1zju218wgm85j.cloudfront.net/ 196 KB
196 KB 46ms
46ms Media
audio/mp3 99.86.227.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1zju218wgm85j.cloudfront.net/_Fm7-alert.mp3
Requested by: Host: d1zju218wgm85j.cloudfront.net
URL: https://d1zju218wgm85j.cloudfront.net/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.86.227.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-227-57.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fc59bbb18f923747b9cd3f3b23537ff09c5ad2fdfc1505a4800a3f269a234e65

Request headers

Referer: https://d1zju218wgm85j.cloudfront.net/index.html
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 21 Feb 2024 15:19:33 GMT
via: 1.1 7c9d2cffb8d1fe464e9f78e42af1b34c.cloudfront.net (CloudFront)
last-modified: Sat, 16 Dec 2023 14:19:25 GMT
server: AmazonS3
age: 1667
x-amz-cf-pop: IAD79-C3
etag: "0116152611dd51432e852781f8cc7e82"
x-cache: Hit from cloudfront
content-type: audio/mp3
Content-Range: bytes 0-200831/200832
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 4vSlYN_mih3LiHUaMSl1M4PMvUR5s2JXDJfOINzZbjvuzUEfvk4eNw==
Content-Length: 200832

GET
H3 200 bg1.jpg
d1zju218wgm85j.cloudfront.net/ 554 KB
554 KB 46ms
46ms Image
image/jpeg 99.86.227.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1zju218wgm85j.cloudfront.net/bg1.jpg
Requested by: Host: d1zju218wgm85j.cloudfront.net
URL: https://d1zju218wgm85j.cloudfront.net/styles.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.86.227.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-227-57.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 01de014c14eb505c8a4c173a34ded5c94712252dd2cc58bd7465a41eeceba939

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1zju218wgm85j.cloudfront.net/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:19:32 GMT
via: 1.1 7c9d2cffb8d1fe464e9f78e42af1b34c.cloudfront.net (CloudFront)
last-modified: Sat, 16 Dec 2023 14:19:14 GMT
server: AmazonS3
age: 1668
x-amz-cf-pop: IAD79-C3
etag: "f56a15f5b5d4fbfcae76cad32d3e50c0"
x-cache: Hit from cloudfront
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400
content-length: 567111
x-amz-cf-id: R6UW-7A390u1oIOfbuhjqKI3Rs9QhsOOSVURvlIJe-vZRVPWMyyHXA==

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v16/ 21 KB
22 KB 108ms
36ms Font
font/woff2 172.253.63.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v16/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: d1zju218wgm85j.cloudfront.net
URL: https://d1zju218wgm85j.cloudfront.net/font.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f94.1e100.net

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d1zju218wgm85j.cloudfront.net/
Origin: https://d1zju218wgm85j.cloudfront.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 23:24:43 GMT
x-content-type-options: nosniff
age: 490956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21552
x-xss-protection: 0
last-modified: Wed, 04 Dec 2019 18:44:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 23:24:43 GMT

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v16/ 21 KB
21 KB 127ms
55ms Font
font/woff2 172.253.63.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v16/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: d1zju218wgm85j.cloudfront.net
URL: https://d1zju218wgm85j.cloudfront.net/font.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f94.1e100.net

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d1zju218wgm85j.cloudfront.net/
Origin: https://d1zju218wgm85j.cloudfront.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 23:06:49 GMT
x-content-type-options: nosniff
age: 492030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21716
x-xss-protection: 0
last-modified: Wed, 04 Dec 2019 18:44:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 23:06:49 GMT

GET
H3 206 beeps.mp3
d1zju218wgm85j.cloudfront.net/ 8 KB
9 KB 41ms
40ms Media
audio/mp3 99.86.227.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1zju218wgm85j.cloudfront.net/beeps.mp3
Requested by: Host: d1zju218wgm85j.cloudfront.net
URL: https://d1zju218wgm85j.cloudfront.net/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.86.227.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-227-57.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1

Request headers

Referer: https://d1zju218wgm85j.cloudfront.net/index.html
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 21 Feb 2024 15:19:32 GMT
via: 1.1 7c9d2cffb8d1fe464e9f78e42af1b34c.cloudfront.net (CloudFront)
last-modified: Sat, 16 Dec 2023 14:19:17 GMT
server: AmazonS3
age: 1667
x-amz-cf-pop: IAD79-C3
etag: "8618fbb0911e3b8fc96725dee8bfd81f"
x-cache: Hit from cloudfront
content-type: audio/mp3
Content-Range: bytes 0-8404/8405
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: giRG5lyZYaTWWW6i9jjNQp_xcRT6zcOb3WzavEJQjO_aN1_GVBwy2Q==
Content-Length: 8405

GET
H2 200 twk-main.js Show response
embed.tawk.to/_s/v4/app/65cc2ba794a/js/ 121 B
268 B 28ms
26ms Script
application/javascript 104.22.25.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65cc2ba794a/js/twk-main.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/65c230338d261e1b5f5cf063/1hlv8oinb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.25.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://d1zju218wgm85j.cloudfront.net/
Origin: https://d1zju218wgm85j.cloudfront.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:47:19 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1667
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 14 Feb 2024 02:56:26 GMT
server: cloudflare
etag: W/"da5bb1dc647470204df0e49f5afac2de"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8590208ecc5739db-YYZ

GET
H2 200 twk-vendor.js Show response
embed.tawk.to/_s/v4/app/65cc2ba794a/js/ 81 KB
29 KB 77ms
75ms Script
application/javascript 104.22.25.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65cc2ba794a/js/twk-vendor.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/65c230338d261e1b5f5cf063/1hlv8oinb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.25.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://d1zju218wgm85j.cloudfront.net/
Origin: https://d1zju218wgm85j.cloudfront.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:47:19 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1667
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 14 Feb 2024 02:56:26 GMT
server: cloudflare
etag: W/"ce3014b09c6dfbd6f92bc585fd840580"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8590208ecc5939db-YYZ

GET
H2 200 twk-chunk-vendors.js Show response
embed.tawk.to/_s/v4/app/65cc2ba794a/js/ 212 KB
62 KB 63ms
62ms Script
application/javascript 104.22.25.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65cc2ba794a/js/twk-chunk-vendors.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/65c230338d261e1b5f5cf063/1hlv8oinb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.25.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcd1fa4d2007137da13dd581c678acfda42358cbdbda0f0204874fbe2e2c4663

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://d1zju218wgm85j.cloudfront.net/
Origin: https://d1zju218wgm85j.cloudfront.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:47:19 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1667
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 14 Feb 2024 02:56:26 GMT
server: cloudflare
etag: W/"86b32a04921a039ace69980bacd1b639"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8590208ecc5a39db-YYZ

GET
H2 200 twk-chunk-common.js Show response
embed.tawk.to/_s/v4/app/65cc2ba794a/js/ 220 KB
44 KB 35ms
34ms Script
application/javascript 104.22.25.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65cc2ba794a/js/twk-chunk-common.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/65c230338d261e1b5f5cf063/1hlv8oinb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.25.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73e4835337e0518df5f50e76ca82fc033cc105fcf144e0f20382dc645b979048

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://d1zju218wgm85j.cloudfront.net/
Origin: https://d1zju218wgm85j.cloudfront.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:47:19 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1667
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 14 Feb 2024 02:56:26 GMT
server: cloudflare
etag: W/"71ed7a1eb67302c44198dca6d8099e06"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8590208ecc5c39db-YYZ

GET
H2 200 twk-runtime.js Show response
embed.tawk.to/_s/v4/app/65cc2ba794a/js/ 2 KB
1 KB 32ms
31ms Script
application/javascript 104.22.25.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65cc2ba794a/js/twk-runtime.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/65c230338d261e1b5f5cf063/1hlv8oinb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.25.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aff29eca27e3fb1e25955b37dcb296d140a2857371d91783c12eb6f587b334ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://d1zju218wgm85j.cloudfront.net/
Origin: https://d1zju218wgm85j.cloudfront.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:47:19 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1667
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 14 Feb 2024 02:56:26 GMT
server: cloudflare
etag: W/"f79120bdba60721620e7644f028f5b61"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8590208ecc5f39db-YYZ

GET
H2 200 twk-app.js Show response
embed.tawk.to/_s/v4/app/65cc2ba794a/js/ 151 B
207 B 60ms
60ms Script
application/javascript 104.22.25.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65cc2ba794a/js/twk-app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/65c230338d261e1b5f5cf063/1hlv8oinb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.25.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://d1zju218wgm85j.cloudfront.net/
Origin: https://d1zju218wgm85j.cloudfront.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:47:19 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1667
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 14 Feb 2024 02:56:26 GMT
server: cloudflare
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8590208ecc6139db-YYZ

GET
H2 200 widget-settings Show response
va.tawk.to/v1/ 3 KB
1 KB 104ms
100ms Fetch
application/json 104.22.25.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=65c230338d261e1b5f5cf063&widgetId=1hlv8oinb&sv=null

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65cc2ba794a/js/twk-chunk-common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.25.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd0a97374749d21d29f860e2a3280371d3f36b124ad65289b7838204ce4170a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1zju218wgm85j.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:47:19 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-bs9d
server: cloudflare
etag: W/"2-2-0"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=1800
cf-ray: 8590208f9e1439db-YYZ
access-control-allow-headers: content-type,x-tawk-token

POST
H3 200 start Show response
va.tawk.to/v1/session/ 1 KB
1 KB 1189ms
1166ms Fetch
application/json 104.22.24.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65cc2ba794a/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

437e88b04894089bbb6d8e9114ceea6f4a636334798ad878fb8c11c65c4aedcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://d1zju218wgm85j.cloudfront.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Wed, 21 Feb 2024 15:47:20 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://d1zju218wgm85j.cloudfront.net
access-control-allow-credentials: true
cf-ray: 859020904ec3a234-YYZ
access-control-allow-headers: content-type,x-tawk-token
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-c9dq

OPTIONS
H2 200 start
va.tawk.to/v1/session/ Frame 0
0 78ms
78ms Preflight 104.22.25.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.25.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://d1zju218wgm85j.cloudfront.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://d1zju218wgm85j.cloudfront.net
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8590208fae5839db-YYZ
date: Wed, 21 Feb 2024 15:47:19 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-bs9d

GET
H3 200 en.js Show response
embed.tawk.to/_s/v4/app/65cc2ba794a/languages/ 17 KB
4 KB 51ms
30ms Script
application/javascript 104.22.25.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65cc2ba794a/languages/en.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65cc2ba794a/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.25.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75b20e74e3effa00e4b62b9da6df7d7542d91cb4b50078b8365112d556a73a7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1zju218wgm85j.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:47:19 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 649518
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 14 Feb 2024 02:56:27 GMT
server: cloudflare
etag: W/"7f37a030886ec7fce1d065ec482789ee"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 859020905fa3a229-YYZ

GET
H3 200 twk-chunk-2c776523.js Show response
embed.tawk.to/_s/v4/app/65cc2ba794a/js/ 10 KB
3 KB 34ms
33ms Script
application/javascript 104.22.25.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65cc2ba794a/js/twk-chunk-2c776523.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65cc2ba794a/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.25.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd50385cef163eb376d93e7b1e07fe467de23b60c98373f7d69448214d3e9cdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1zju218wgm85j.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:47:20 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 649518
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 14 Feb 2024 02:56:26 GMT
server: cloudflare
etag: W/"70aec2dd89cac4933594c25b71d61f46"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 85902097ea11a229-YYZ

GET
H3 200 twk-chunk-9294da6c.js Show response
embed.tawk.to/_s/v4/app/65cc2ba794a/js/ 18 KB
5 KB 35ms
34ms Script
application/javascript 104.22.25.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65cc2ba794a/js/twk-chunk-9294da6c.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65cc2ba794a/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.25.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b652648cc68c4c533a0b7d8cb6beffa3cbab75acae91f3c3d8d2758d41a5fd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1zju218wgm85j.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:47:20 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 649518
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 14 Feb 2024 02:56:26 GMT
server: cloudflare
etag: W/"dfc5af344c90e1acc097995060b57cb2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 85902097ea13a229-YYZ

GET
H3 200 twk-chunk-f1565420.js Show response
embed.tawk.to/_s/v4/app/65cc2ba794a/js/ 11 KB
4 KB 35ms
35ms Script
application/javascript 104.22.25.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65cc2ba794a/js/twk-chunk-f1565420.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65cc2ba794a/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.25.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17f4aceb6c45bed269111b6631ffad228ad607d08b9df91d98a26fff63a3d861

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1zju218wgm85j.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:47:20 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 649518
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 14 Feb 2024 02:56:26 GMT
server: cloudflare
etag: W/"db87d8a73a2017168657ae81e9cbde44"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 85902097ea14a229-YYZ

GET
H3 200 twk-chunk-2d0b383d.js Show response
embed.tawk.to/_s/v4/app/65cc2ba794a/js/ 699 B
676 B 34ms
33ms Script
application/javascript 104.22.25.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65cc2ba794a/js/twk-chunk-2d0b383d.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65cc2ba794a/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.25.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89f08c4a66c9a737c6155b8313e87b36687fe65bfc9a1ba1783aeace487bcde3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1zju218wgm85j.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:47:20 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 649518
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 14 Feb 2024 02:56:26 GMT
server: cloudflare
etag: W/"838903127a65ec440893b4945c40ca4a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 85902097ea15a229-YYZ

GET
H3 200 twk-chunk-48f3b594.js Show response
embed.tawk.to/_s/v4/app/65cc2ba794a/js/ 19 KB
6 KB 50ms
50ms Script
application/javascript 104.22.25.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65cc2ba794a/js/twk-chunk-48f3b594.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65cc2ba794a/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.25.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b54d1597f03a6ef51986a855937ae7607c0ae3dfe03326a71610ffc3929ea60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1zju218wgm85j.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:47:20 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 649518
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 14 Feb 2024 02:56:26 GMT
server: cloudflare
etag: W/"95fceb7fd3e68fb81f7e1fc722f3fab5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 85902097ea17a229-YYZ

GET
H3 200 twk-chunk-4fe9d5dd.js Show response
embed.tawk.to/_s/v4/app/65cc2ba794a/js/ 906 B
662 B 50ms
50ms Script
application/javascript 104.22.25.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65cc2ba794a/js/twk-chunk-4fe9d5dd.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65cc2ba794a/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.25.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1zju218wgm85j.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:47:20 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 649518
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 14 Feb 2024 02:56:26 GMT
server: cloudflare
etag: W/"1c5ecf371149feca23bd895ba9dfec4d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 85902097ea1aa229-YYZ

GET
H3 200 twk-chunk-2d0b9454.js Show response
embed.tawk.to/_s/v4/app/65cc2ba794a/js/ 535 B
575 B 33ms
33ms Script
application/javascript 104.22.25.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65cc2ba794a/js/twk-chunk-2d0b9454.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65cc2ba794a/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.25.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1zju218wgm85j.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:47:20 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 649518
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 14 Feb 2024 02:56:26 GMT
server: cloudflare
etag: W/"c506281367048d4a134c9affbc68c8c6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 85902097ea1ba229-YYZ

GET
H3 200 twk-chunk-24d8db78.js Show response
embed.tawk.to/_s/v4/app/65cc2ba794a/js/ 110 KB
24 KB 50ms
50ms Script
application/javascript 104.22.25.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65cc2ba794a/js/twk-chunk-24d8db78.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65cc2ba794a/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.25.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

654c67a95721dd5b9122010b47c8c303691316ad3d7ce342f87634b35999705d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1zju218wgm85j.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:47:20 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 649518
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 14 Feb 2024 02:56:26 GMT
server: cloudflare
etag: W/"5897b6838ef9aa71711ce6fdaa274898"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 85902097ea1da229-YYZ

GET
H3 200 min-widget.css
embed.tawk.to/_s/v4/app/65cc2ba794a/css/ Frame AD98 24 KB
5 KB 30ms
30ms Stylesheet
text/css 104.22.25.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65cc2ba794a/css/min-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65cc2ba794a/js/twk-chunk-2c776523.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.25.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b5b9f68ace12b789b1371204754547021dcbf3e9df630e7e22b49ee56e05b8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:47:21 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 649519
cf-polished: origSize=24831
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 14 Feb 2024 02:56:26 GMT
server: cloudflare
etag: W/"5742a34aaab2a5983c7c11cdeef1c0ee"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 859020987ab9a229-YYZ

GET
H3 200 bubble-widget.css
embed.tawk.to/_s/v4/app/65cc2ba794a/css/ Frame FE8C 13 KB
3 KB 35ms
35ms Stylesheet
text/css 104.22.25.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65cc2ba794a/css/bubble-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65cc2ba794a/js/twk-chunk-2c776523.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.25.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:47:21 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 649519
cf-polished: origSize=13594
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 14 Feb 2024 02:56:26 GMT
server: cloudflare
etag: W/"ce7913b80c763449b3895d46419f7a6b"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 85902098aae4a229-YYZ

GET
H3 200 message-preview.css
embed.tawk.to/_s/v4/app/65cc2ba794a/css/ Frame 994D 40 KB
8 KB 30ms
30ms Stylesheet
text/css 104.22.25.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65cc2ba794a/css/message-preview.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65cc2ba794a/js/twk-chunk-2c776523.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.25.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bd9666b0959d868276da481746b74e6a76fbc19f7957e528b8fb022367980bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:47:21 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 649519
cf-polished: origSize=40832
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 14 Feb 2024 02:56:26 GMT
server: cloudflare
etag: W/"cf4a08d496f49489af30571e3cbb48f3"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 85902098bb02a229-YYZ

GET
H3 200 max-widget.css
embed.tawk.to/_s/v4/app/65cc2ba794a/css/ Frame C18A 76 KB
15 KB 32ms
32ms Stylesheet
text/css 104.22.25.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65cc2ba794a/css/max-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65cc2ba794a/js/twk-chunk-2c776523.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.25.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5285275760ce24f97fc85a2aa7a705e2bfcdebe875a6028441382d2ca36b3f1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:47:21 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 649519
cf-polished: origSize=78232
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 14 Feb 2024 02:56:26 GMT
server: cloudflare
etag: W/"05d886069cda40a8e20243d226b04764"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 85902098db2ca229-YYZ

GET
H3 200 168-r-br.svg
embed.tawk.to/_s/v4/assets/images/attention-grabbers/ Frame FE8C 22 KB
6 KB 31ms
31ms Image
image/svg+xml 104.22.25.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://embed.tawk.to/_s/v4/assets/images/attention-grabbers/168-r-br.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.25.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5108ef00c54e1f6ce859852834135447457cf19ee19aa7b0fb55b64b425cb526

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:47:21 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1879208
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 22 May 2021 07:25:19 GMT
server: cloudflare
etag: W/"f66e029841759471d2ec78b86760dca7"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 85902098eb50a229-YYZ

GET
H2 200 emojione.min.js Show response
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ 295 KB
41 KB 56ms
16ms Script
application/javascript 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65cc2ba794a/js/twk-chunk-vendors.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1zju218wgm85j.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 21 Feb 2024 15:47:21 GMT
age: 4079092
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 41275
x-served-by: cache-fra-eddf8230136-FRA, cache-yyz4530-YYZ
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 tawk-font-icon-2.woff2
embed.tawk.to/_s/v4/assets/fonts/ Frame FE8C 10 KB
11 KB 38ms
37ms Font
font/woff2 104.22.25.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/assets/fonts/tawk-font-icon-2.woff2?55755728=

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65cc2ba794a/css/bubble-widget.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.25.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://embed.tawk.to/_s/v4/app/65cc2ba794a/css/bubble-widget.css
Origin: https://d1zju218wgm85j.cloudfront.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:47:21 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1662
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 10520
last-modified: Sat, 22 May 2021 07:25:13 GMT
server: cloudflare
etag: "054b3b66812d0a4b87ffc6776f0a42f1"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
accept-ranges: bytes
cf-ray: 85902098f8af5401-YYZ

OPTIONS
H3 200 v3
va.tawk.to/log-performance/ Frame 0
0 110ms
109ms Preflight 104.22.25.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.25.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://d1zju218wgm85j.cloudfront.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://d1zju218wgm85j.cloudfront.net
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85902099d9f55401-YYZ
date: Wed, 21 Feb 2024 15:47:21 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-mqhg

POST
H3 200 v3 Show response
va.tawk.to/log-performance/ 5 B
271 B 183ms
183ms Fetch
text/html 104.22.25.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65cc2ba794a/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.25.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://d1zju218wgm85j.cloudfront.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Wed, 21 Feb 2024 15:47:21 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://d1zju218wgm85j.cloudfront.net
access-control-allow-credentials: true
cf-ray: 8590209a8b0f5401-YYZ
access-control-allow-headers: content-type,x-tawk-token
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-1km9

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Tech Support Scam (Consumer)

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
d1zju218wgm85j.cloudfront.net/	1969-12-31 23:59:59	Name: twk_idm_key Value: Z26fxfpYAQBEljPXVnAh2
d1zju218wgm85j.cloudfront.net/	1969-12-31 23:59:59	Name: TawkConnectionTime Value: 0
.d1zju218wgm85j.cloudfront.net/	1970-01-20 22:54:42	Name: twk_uuid_65c230338d261e1b5f5cf063 Value: %7B%22uuid%22%3A%221.F1KWKFhdUvjMjgf5mJHThHiBYcsngJXMyXm3pTKSqyml9SjLPQXcOvOSwxJOOWeG0hFZDsduvphwkSbs3CIXtc9iH7Q4g2BvIxioGG31T4ROvQKxgXPh3K6Uuy1bQCSJxAhBdm7RAvhc%22%2C%22version%22%3A3%2C%22domain%22%3A%22d1zju218wgm85j.cloudfront.net%22%2C%22ts%22%3A1708530440940%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
d1zju218wgm85j.cloudfront.net
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
ipwho.is
maxcdn.bootstrapcdn.com
stackpath.bootstrapcdn.com
va.tawk.to
104.17.25.14
104.18.10.207
104.18.11.207
104.22.24.131
104.22.25.131
15.204.213.5
151.101.129.229
172.253.62.95
172.253.63.94
99.86.227.57
01636ecfca5739b01656148dd7b5e69b306eb9df19909f7766e5da0e2cf7dcec
01de014c14eb505c8a4c173a34ded5c94712252dd2cc58bd7465a41eeceba939
0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1
0e55d66a6b94cc98f8d97d9eb24342d1e230e9ca91a1f0e26d905c87dfcccefe
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
17f4aceb6c45bed269111b6631ffad228ad607d08b9df91d98a26fff63a3d861
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
244dd7dd0538ec84df41f8b77df2f915a221e885cde8184a1b3c7ac5ca2f5964
2b5b9f68ace12b789b1371204754547021dcbf3e9df630e7e22b49ee56e05b8c
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c
38087c95e0084a481fac0742650c506e77dc2f4622dea9ed8228efc6d011e68b
40383268ae43e7728b7dd4eef04a011a429ec9613ec88412146e769feca8b2b5
437e88b04894089bbb6d8e9114ceea6f4a636334798ad878fb8c11c65c4aedcd
4b54d1597f03a6ef51986a855937ae7607c0ae3dfe03326a71610ffc3929ea60
4c91ceb0cfb8cd8e2b3be5dbf35a3f4bae2ede45daa20a13a88d01e3c1185db4
4e1c30469b24a3e29ff7ee42e124056a91e2d5c892d1693d3ac51f456d1e1df4
5108ef00c54e1f6ce859852834135447457cf19ee19aa7b0fb55b64b425cb526
5285275760ce24f97fc85a2aa7a705e2bfcdebe875a6028441382d2ca36b3f1c
52b762d47c066e16300675d56cc359b504ffd3239438c96eb973864311bb7b79
53093b13f65eace60f016990e2c0a58cae83a24ff387c5755802d2ed08eae6d3
5b652648cc68c4c533a0b7d8cb6beffa3cbab75acae91f3c3d8d2758d41a5fd2
654c67a95721dd5b9122010b47c8c303691316ad3d7ce342f87634b35999705d
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
73e4835337e0518df5f50e76ca82fc033cc105fcf144e0f20382dc645b979048
75b20e74e3effa00e4b62b9da6df7d7542d91cb4b50078b8365112d556a73a7e
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
7bd9666b0959d868276da481746b74e6a76fbc19f7957e528b8fb022367980bc
7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df
7f750d218718dbc45d41a9908008a1ba5b0d32cba9fa57e0691e30e9abc7df29
80d352d0d1a44277ebae0e4d742ad3c7cde79665b6ce97fafe321985cd6f92a6
83dccdf46a1e1a2ff501e989d3a8abdf5d5616bcaf407caf5379a8e00fc579c8
89f08c4a66c9a737c6155b8313e87b36687fe65bfc9a1ba1783aeace487bcde3
8f6cc14698864746b3bc0c6537501405f415048d28b6e9592fa91ccd3620e619
916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced
91fb42a68a122344fd78cfd5f0cf9d06ff6d307fd4a5c68f40231c5950ece9a1
92d8510869b3d581401a93130fa72e4b54c5bf28dc8005994c5248d9afbfc37b
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
9cffd13c2ce05ebe032709a88fa59504e1218a12b175ec40d5aab280c18be51e
9edbf56b360080f5d6765dce77353b8130e9f8316ad34c68f6c2792cdc446321
a38ce8950f9fd31142fa9f3f673db29058f43989dd4415118bc8d223d0302f77
a85f1e749a829c5c909837844c6b53ce0a9ae2adb7c8eac0e7b96c372c679a0d
aff29eca27e3fb1e25955b37dcb296d140a2857371d91783c12eb6f587b334ad
c1d52e31f7fc13cbb3efca8b0ec937ddd97a5ec545c4dad26193429db10d8662
c1edb9e052a7a28fac55e39785dcdbe45a4e0d7beb6ed33404f526a982bcd5db
c3ad6aa1c03fd108854f008cfec2753ba623e1470a4d61798b5d8c050e474868
c56a8ae4818963e0d71eda4ebf46b4f2cdd3a238537dc8e99711fb690d272a73
cd0a97374749d21d29f860e2a3280371d3f36b124ad65289b7838204ce4170a5
cd50385cef163eb376d93e7b1e07fe467de23b60c98373f7d69448214d3e9cdd
d55bd712dd5d80e2612d61ca1a5ab9c1b29a70a12a0a9d6cf5d5d21d98a3fbcc
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f888404571253ab0986377126532b59d11b8e243487bc638afb6b850d39b4082
fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84
fc59bbb18f923747b9cd3f3b23537ff09c5ad2fdfc1505a4800a3f269a234e65
fcd1fa4d2007137da13dd581c678acfda42358cbdbda0f0204874fbe2e2c4663
fd81f5c9b3d3ea7103cc5bb1ec1f8fcf884c34de85a6d3c243bd4bf3b4ac6082

d1zju218wgm85j.cloudfront.net Open in urlscan Pro 99.86.227.57 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

62 Requests

100 %HTTPS

0 %IPv6

8 Domains

10 Subdomains

10 IPs

2 Countries

2061 kBTransfer

3126 kBSize

3 Cookies

0 Outgoing links

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

d1zju218wgm85j.cloudfront.net Open in urlscan Pro
99.86.227.57 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

10
Subdomains

10
IPs

2
Countries

2061 kB
Transfer

3126 kB
Size

3
Cookies

62 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!