deloitte-epp.bitbuy.ca Open in urlscan Pro
52.55.54.43 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://deloitte-epp.bitbuy.ca/
Effective URL:
https://deloitte-epp.bitbuy.ca/
Submission: On September 12 via manual (September 12th 2022, 11:51:38 am UTC) from IN — Scanned from CA

Summary HTTP 43 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 16 IPs in 1 countries across 14 domains to perform 43 HTTP transactions. The main IP is 52.55.54.43, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is deloitte-epp.bitbuy.ca.
TLS certificate: Issued by R3 on September 8th 2022. Valid for: 3 months.

This is the only time deloitte-epp.bitbuy.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	52.55.54.43 52.55.54.43	14618 (AMAZON-AES) (AMAZON-AES)
4	2600:9000:214... 2600:9000:2140:fa00:11:3b84:d200:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:81e::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:822::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81d::2008	15169 (GOOGLE) (GOOGLE)
1	13.33.81.115 13.33.81.115	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:816::200a	15169 (GOOGLE) (GOOGLE)
3	99.84.119.11 99.84.119.11	16509 (AMAZON-02) (AMAZON-02)
1	35.227.225.220 35.227.225.220	15169 (GOOGLE) (GOOGLE)
18	2607:f8b0:400... 2607:f8b0:4006:81e::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
4	34.67.250.180 34.67.250.180	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2607:f8b0:400... 2607:f8b0:4004:c06::9c	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:817::2004	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:824::2003	15169 (GOOGLE) (GOOGLE)
43	16

2 52.55.54.43 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-54-43.compute-1.amazonaws.com

deloitte-epp.bitbuy.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2140:fa00:11:3b84:d200:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::200a (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::200e (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81d::2008 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.81.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-81-115.ewr52.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::200a (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.84.119.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-119-11.ewr52.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.225.220 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 220.225.227.35.bc.googleusercontent.com

customerioforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2607:f8b0:4006:81e::2003 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.67.250.180 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 180.250.67.34.bc.googleusercontent.com

client-api.auryc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::9c (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:817::2004 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::2003 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	gstatic.com fonts.gstatic.com	373 KB
4	auryc.com client-api.auryc.com — Cisco Umbrella Rank: 32666	1 KB
4	website-files.com assets.website-files.com — Cisco Umbrella Rank: 21337	652 KB
3	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 5886	231 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 141	83 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 480 fonts.googleapis.com — Cisco Umbrella Rank: 120	9 KB
2	bitbuy.ca 1 redirects deloitte-epp.bitbuy.ca	6 KB
1	google.ca www.google.ca — Cisco Umbrella Rank: 7394	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 19	501 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 188	446 B
1	customerioforms.com customerioforms.com — Cisco Umbrella Rank: 338855	3 KB
1	cloudfront.net d3e54v103j8qbb.cloudfront.net	31 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1811	41 KB
43	14

	Domain	Requested by
18	fonts.gstatic.com	fonts.googleapis.com
4	client-api.auryc.com	cdn.heapanalytics.com
4	assets.website-files.com	deloitte-epp.bitbuy.ca
3	cdn.heapanalytics.com	deloitte-epp.bitbuy.ca cdn.heapanalytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	deloitte-epp.bitbuy.ca www.googleoptimize.com
2	deloitte-epp.bitbuy.ca	1 redirects
1	www.google.ca
1	www.google.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	customerioforms.com	deloitte-epp.bitbuy.ca
1	fonts.googleapis.com	ajax.googleapis.com
1	d3e54v103j8qbb.cloudfront.net	deloitte-epp.bitbuy.ca
1	www.googleoptimize.com	deloitte-epp.bitbuy.ca
1	ajax.googleapis.com	deloitte-epp.bitbuy.ca
43	15

This site contains links to these domains. Also see Links.

Domain
epp-deloitte-staging.webflow.io

Subject Issuer	Validity	Valid
deloitte-epp.bitbuy.ca R3	`2022-09-08` - `2022-12-07`	3 months	crt.sh
*.website-files.com Amazon	`2021-11-12` - `2022-12-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
cdn.heapanalytics.com Amazon	`2022-07-29` - `2023-08-27`	a year	crt.sh
api.customer.io GTS CA 1D4	`2022-07-22` - `2022-10-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.auryc.com R3	`2022-07-31` - `2022-10-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://deloitte-epp.bitbuy.ca/
Frame ID: EDA129EDE40D4D66BDBC9C1FCADAD17A
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

EVG Form

Page URL History Show full URLs

http://deloitte-epp.bitbuy.ca/ HTTP 301
https://deloitte-epp.bitbuy.ca/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

43
Requests

98 %
HTTPS

67 %
IPv6

14
Domains

15
Subdomains

16
IPs

1
Countries

1451 kB
Transfer

4908 kB
Size

7
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://epp-deloitte-staging.webflow.io/evg-form

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://deloitte-epp.bitbuy.ca/ HTTP 301
https://deloitte-epp.bitbuy.ca/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
deloitte-epp.bitbuy.ca/
Redirect Chain

http://deloitte-epp.bitbuy.ca/
https://deloitte-epp.bitbuy.ca/

19 KB
6 KB

279ms
193ms

Document
text/html

52.55.54.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://deloitte-epp.bitbuy.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.55.54.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-54-43.compute-1.amazonaws.com
Software: openresty /
Resource Hash: 8711e9f655fb8933a750235c008c659296392b24a1387586f5b20db9ab79e1f4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
content-encoding: gzip
content-length: 6140
content-type: text/html
date: Mon, 12 Sep 2022 11:51:33 GMT
server: openresty
vary: x-wf-forwarded-proto, Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-cluster-name: us-east-1-prod-edge-blue
x-served-by: cache-iad-kjyo7100042-IAD
x-timer: S1662983493.278912,VS0,VE164

Redirect headers

Connection: keep-alive
Content-Length: 166
Content-Type: text/html
Date: Mon, 12 Sep 2022 11:51:33 GMT
Location: https://deloitte-epp.bitbuy.ca/
Server: openresty

GET
H2 200 epp-deloitte-staging.e7fe22d35.css
assets.website-files.com/62d5be66d0ddb47b946c7c1b/css/ 278 KB
34 KB 164ms
72ms Stylesheet
text/css 2600:9000:2140:fa00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/62d5be66d0ddb47b946c7c1b/css/epp-deloitte-staging.e7fe22d35.css
Requested by: Host: deloitte-epp.bitbuy.ca
URL: https://deloitte-epp.bitbuy.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2140:fa00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4eefd5893d804dd6a747ec68c6ca1adbd29798b0f7708cb2581804a45428904a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://deloitte-epp.bitbuy.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 11:51:34 GMT
content-encoding: gzip
x-amz-cf-pop: EWR52-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 34191
via: 1.1 b7a66b6616123855c5af2d7cdf2b099e.cloudfront.net (CloudFront)
last-modified: Fri, 09 Sep 2022 22:26:39 GMT
server: AmazonS3
etag: "9cc9d9a976ba4aefb4f97e485a7cddd0"
x-amz-version-id: LbhZH43Nt6Jfd3G4OIagTqmEFETkj54Q
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
content-type: text/css
x-amz-cf-id: f43p33Qk4_wLOIh40gikQ7KeQh8mEMr83G48_qxY5HdeoCY-UIVdcQ==

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 71ms
21ms Script
text/javascript 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: deloitte-epp.bitbuy.ca
URL: https://deloitte-epp.bitbuy.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://deloitte-epp.bitbuy.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 16:42:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68926
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Sep 2023 16:42:47 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 104 KB
41 KB 103ms
39ms Script
application/javascript 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-K7K7V48

Requested by

Host: deloitte-epp.bitbuy.ca
URL: https://deloitte-epp.bitbuy.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200e Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c22e13822636e336b6bd3087e2f5f3ab46af032240445487fdb68e7cb8535f24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://deloitte-epp.bitbuy.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 11:51:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41227
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Sep 2022 11:51:33 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 105ms
52ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-74221492-1

Requested by

Host: deloitte-epp.bitbuy.ca
URL: https://deloitte-epp.bitbuy.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ef5c1472908165907db13fe6dadaae3101ecf5c62741ca75adf886dcf34786b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://deloitte-epp.bitbuy.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 11:51:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41965
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Sep 2022 11:51:33 GMT

GET
H2 200 62fed3379a0f21245253a3ba_deloitte-logo%402x.png
assets.website-files.com/62d5be66d0ddb47b946c7c1b/ 3 KB
4 KB 105ms
103ms Image
image/png 2600:9000:2140:fa00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/62d5be66d0ddb47b946c7c1b/62fed3379a0f21245253a3ba_deloitte-logo%402x.png
Requested by: Host: deloitte-epp.bitbuy.ca
URL: https://deloitte-epp.bitbuy.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2140:fa00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5299010b7b2b715de25aee90ff9d80759fb6b5ce5a2b0b8f1135ab2cc5d234e3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://deloitte-epp.bitbuy.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 12 Sep 2022 11:51:34 GMT
via: 1.1 b7a66b6616123855c5af2d7cdf2b099e.cloudfront.net (CloudFront)
last-modified: Fri, 19 Aug 2022 00:03:05 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: "65bec79f7bd4c24362830b72a0db97a1"
x-cache: Miss from cloudfront
x-amz-version-id: VrIDPZc1Y2SY6dbmXy0Z0LTNWJOvH9EK
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: image/png
content-length: 3146
x-amz-cf-id: utZYMGRGChvrLLDU-GLsvzvK03sKmfMcmnNP6oGqwPoIki2VyBLLWg==

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 87 KB
31 KB 79ms
21ms Script
application/javascript 13.33.81.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=62d5be66d0ddb47b946c7c1b
Requested by: Host: deloitte-epp.bitbuy.ca
URL: https://deloitte-epp.bitbuy.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.81.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-81-115.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://deloitte-epp.bitbuy.ca/
Origin: https://deloitte-epp.bitbuy.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 20:05:37 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 56758
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 d4cdd862c8bc0148f37b685614031cf4.cloudfront.net (CloudFront)
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: EWR52-C1
x-amz-cf-id: y7RxdxUrbcX_X7J1c5mUcQBfhf9WEzv5KR4rHSm6-Guk5Kj_Fw3cPA==

GET
H2 200 epp-deloitte-staging.72fd6736d.js Show response
assets.website-files.com/62d5be66d0ddb47b946c7c1b/js/ 3 MB
606 KB 127ms
126ms Script
text/javascript 2600:9000:2140:fa00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/62d5be66d0ddb47b946c7c1b/js/epp-deloitte-staging.72fd6736d.js
Requested by: Host: deloitte-epp.bitbuy.ca
URL: https://deloitte-epp.bitbuy.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2140:fa00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2d5a96c96dcf7ed17a5553ae4aef42b772a82777275f5f9722b91813cfa7cb44

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://deloitte-epp.bitbuy.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 11:51:34 GMT
content-encoding: gzip
x-amz-cf-pop: EWR52-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 618811
via: 1.1 b7a66b6616123855c5af2d7cdf2b099e.cloudfront.net (CloudFront)
last-modified: Fri, 09 Sep 2022 22:26:39 GMT
server: AmazonS3
etag: "7d1e75c8762ed81cd8e2b421b92331f6"
x-amz-version-id: u6d9qrTzfIn7fSgJqTCgDPGfEid_Y580
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
content-type: text/javascript
x-amz-cf-id: orBpuGtpiAS-YY-tjX08cGCGQPfysqmcs3Iy1FkM8maaGSOyCnSmqw==

GET
H2 200 css
fonts.googleapis.com/ 75 KB
3 KB 89ms
39ms Stylesheet
text/css 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CNunito:regular,italic,700,700italic%7CNunito+Sans:200,200italic,300,300italic,regular,italic,600,600italic,700,700italic,800,800italic,900,900italic%7CNunito:200,300,regular,500,600,700,800,900,200italic,300italic,italic,500italic,600italic,700italic,800italic,900italic

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

66357c96901ad5f3e4c94cc9f5eb69a4681464468ddf1fac210c2b21662b7761

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://deloitte-epp.bitbuy.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 11:51:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 12 Sep 2022 11:51:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Sep 2022 11:51:33 GMT

GET
H2 200 heap-2772553991.js Show response
cdn.heapanalytics.com/js/ 132 KB
49 KB 141ms
51ms Script
application/javascript 99.84.119.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-2772553991.js

Requested by

Host: deloitte-epp.bitbuy.ca
URL: https://deloitte-epp.bitbuy.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.119.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-119-11.ewr52.r.cloudfront.net

Software

nginx /

Resource Hash

cca76b3052c464afade09394f587e68ed898868c3ca0d7b8e4f4c8c59c241dec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://deloitte-epp.bitbuy.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 11:51:00 GMT
content-encoding: gzip
server: nginx
age: 33
etag: W/"21083-/pP09+D5LUizSNVJSy1uzA"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 9c1dd3a19b345bbdabc718a69ac89c3c.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-pop: EWR52-C3
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: IniX06g47foMJrEmm_PYUtRO0IooONuWlofW6MPpFqd7aG9BbGePmQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 108ms
57ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-74221492-1&l=dataLayer&cx=c

Requested by

Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=GTM-K7K7V48

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4a05225efbdbbeb5f098d87cbb742ecead091b2e926de4fb1fba49b558dfe9ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://deloitte-epp.bitbuy.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 11:51:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41964
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Sep 2022 11:51:33 GMT

GET
H2 200 forms.js Show response
customerioforms.com/assets/ 3 KB
3 KB 52ms
12ms Script
text/javascript 35.227.225.220
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://customerioforms.com/assets/forms.js
Requested by: Host: deloitte-epp.bitbuy.ca
URL: https://deloitte-epp.bitbuy.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.225.220 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.225.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 884213e73785e1bd4cfa5563e6ac0bf9c864a8ea7110546c263a2afd395c6e23

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://deloitte-epp.bitbuy.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 11:17:01 GMT
age: 2072
x-guploader-uploadid: ADPycdvQPa47Uyts_7Y-Akr8A2GGAD5v1G_rXN1LkLnZm2UH6TOIf_ywFeD6QW_1X2RombyG8nfXIIAlg1x9gFkxzvoetBz4i7om
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2593
last-modified: Wed, 18 May 2022 12:59:46 GMT
server: UploadServer
etag: "5a68ce07438e258c85088f01c32a0e45"
x-goog-hash: crc32c=9GBu2Q==, md5=WmjOB0OOJYyFCI8BwyoORQ==
x-goog-generation: 1652878786344296
cache-control: public,max-age=3600
x-goog-stored-content-length: 2593
accept-ranges: bytes
content-type: text/javascript

GET
H2 200 62d5be66d0ddb42e036c7c24_bitbuy-logo%402x.png
assets.website-files.com/62d5be66d0ddb47b946c7c1b/ 9 KB
9 KB 107ms
106ms Image
image/png 2600:9000:2140:fa00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/62d5be66d0ddb47b946c7c1b/62d5be66d0ddb42e036c7c24_bitbuy-logo%402x.png
Requested by: Host: deloitte-epp.bitbuy.ca
URL: https://deloitte-epp.bitbuy.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2140:fa00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e41025c0df62c96ef60515c4bf3a1809cc30ee6e0510a2dd6a20b18e0f769511

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://deloitte-epp.bitbuy.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 12 Sep 2022 11:51:34 GMT
via: 1.1 b7a66b6616123855c5af2d7cdf2b099e.cloudfront.net (CloudFront)
last-modified: Mon, 18 Jul 2022 20:11:20 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: "20bc27b46b2175b6fd97268ac24b520c"
x-cache: Miss from cloudfront
x-amz-version-id: IYBqH4UNFL6nvAAXsd705kmfAb.izMIS
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: image/png
content-length: 8957
x-amz-cf-id: ipidbuORX5YBSciRqwENfgx6QzR0-zLUZKNUCMJTpCli4_syFsVBYA==

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 84ms
22ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CNunito:regular,italic,700,700italic%7CNunito+Sans:200,200italic,300,300italic,regular,italic,600,600italic,700,700italic,800,800italic,900,900italic%7CNunito:200,300,regular,500,600,700,800,900,200italic,300italic,italic,500italic,600italic,700italic,800italic,900italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://deloitte-epp.bitbuy.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 10:24:41 GMT
x-content-type-options: nosniff
age: 264412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Sep 2023 10:24:41 GMT

GET
H2 200 JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v25/ 31 KB
31 KB 109ms
47ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://deloitte-epp.bitbuy.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 15:18:37 GMT
x-content-type-options: nosniff
age: 333176
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31760
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:54:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Sep 2023 15:18:37 GMT

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v25/ 35 KB
35 KB 126ms
65ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://deloitte-epp.bitbuy.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 21:14:59 GMT
x-content-type-options: nosniff
age: 570994
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35904
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 21:14:59 GMT

GET
H2 200 XRXX3I6Li01BKofIMNaDRs4.woff2
fonts.gstatic.com/s/nunito/v25/ 37 KB
37 KB 140ms
79ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v25/XRXX3I6Li01BKofIMNaDRs4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe7839e0dc27d5a668c79b399849d56bc542d9c5dbf2ce2b52c476c6a35a7803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://deloitte-epp.bitbuy.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 23:59:41 GMT
x-content-type-options: nosniff
age: 561112
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37852
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:37:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 23:59:41 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc9yAs5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ 16 KB
16 KB 137ms
76ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc9yAs5tU1E.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10e3d607a079b511915ce726f53507c5c202957996e06f5eec98c9fa8837aa15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://deloitte-epp.bitbuy.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 15:42:58 GMT
x-content-type-options: nosniff
age: 504515
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16340
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:32:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Sep 2023 15:42:58 GMT

GET
H2 200 pe01MImSLYBIv1o4X1M8cce4GxZrY1MIUg.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 121ms
61ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe01MImSLYBIv1o4X1M8cce4GxZrY1MIUg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f987f8cafd115868430395f46cacd158566c4d632a7e52c19d45dc445dae108

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://deloitte-epp.bitbuy.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 01:12:47 GMT
x-content-type-options: nosniff
age: 556726
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17044
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:35:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Sep 2023 01:12:47 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc8WAc5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 152ms
92ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8WAc5tU1E.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

976177894b0cca88ff93ab02c6da363f2d55cce5d940139db955b251fcdd19a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://deloitte-epp.bitbuy.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 21:12:19 GMT
x-content-type-options: nosniff
age: 571154
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16920
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:31:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 21:12:19 GMT

GET
H2 200 pe01MImSLYBIv1o4X1M8cce4G3JoY1MIUg.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 153ms
94ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe01MImSLYBIv1o4X1M8cce4G3JoY1MIUg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf22fea881f28a602afbd158f8c9d06a8bcc84e17b9b6dd9a3224992cce2a9e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://deloitte-epp.bitbuy.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 12:48:50 GMT
x-content-type-options: nosniff
age: 514963
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17676
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:32:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Sep 2023 12:48:50 GMT

GET
H2 200 pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 149ms
90ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://deloitte-epp.bitbuy.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 21:11:13 GMT
x-content-type-options: nosniff
age: 571220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16980
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:33:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 21:11:13 GMT

GET
H2 200 pe0oMImSLYBIv1o4X1M8cce4E9lKdg.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 145ms
87ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe0oMImSLYBIv1o4X1M8cce4E9lKdg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6637ea3139ffb01e240829717a4f8c195d7be6b81780ed643000b49833d8d6d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://deloitte-epp.bitbuy.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 22:15:32 GMT
x-content-type-options: nosniff
age: 567361
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17684
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:32:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 22:15:32 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 143ms
85ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://deloitte-epp.bitbuy.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 21:12:19 GMT
x-content-type-options: nosniff
age: 571154
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17156
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:33:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 21:12:19 GMT

GET
H2 200 pe01MImSLYBIv1o4X1M8cce4GwZuY1MIUg.woff2
fonts.gstatic.com/s/nunitosans/v12/ 18 KB
18 KB 146ms
88ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe01MImSLYBIv1o4X1M8cce4GwZuY1MIUg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

726d83a336f21985803e3e183360257d891f252b37964434e67d40bfbc3c9bc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://deloitte-epp.bitbuy.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 15:21:42 GMT
x-content-type-options: nosniff
age: 332991
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17956
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:32:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Sep 2023 15:21:42 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 114ms
56ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://deloitte-epp.bitbuy.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 15:42:34 GMT
x-content-type-options: nosniff
age: 504539
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17116
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:31:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Sep 2023 15:42:34 GMT

GET
H2 200 pe01MImSLYBIv1o4X1M8cce4G2JvY1MIUg.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 129ms
72ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe01MImSLYBIv1o4X1M8cce4G2JvY1MIUg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b73529b4e8246ea3f18a62d5166c59e9912d10b4ed05cf4880adb3688a26408

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://deloitte-epp.bitbuy.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 04:51:37 GMT
x-content-type-options: nosniff
age: 543596
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17688
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:31:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Sep 2023 04:51:37 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc8aBc5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 157ms
100ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8aBc5tU1E.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fce8ebc3557b63496f8fafe1c182f2aa8669550f9398b4d9beebddd43306ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://deloitte-epp.bitbuy.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 15:42:42 GMT
x-content-type-options: nosniff
age: 504531
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17324
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:31:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Sep 2023 15:42:42 GMT

GET
H2 200 pe01MImSLYBIv1o4X1M8cce4G35sY1MIUg.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
18 KB 153ms
97ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe01MImSLYBIv1o4X1M8cce4G35sY1MIUg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7607082657651f045fb47c40bed1ad57ba47f187ca00d119310ab62a1a31f532

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://deloitte-epp.bitbuy.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 14:54:20 GMT
x-content-type-options: nosniff
age: 507433
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17840
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:33:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:54:20 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc8-BM5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 155ms
99ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8-BM5tU1E.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00dd63b0ca2fb12eb12eef7af3f543b085cb1e94d1a861b484865c973b75e93e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://deloitte-epp.bitbuy.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 23:40:38 GMT
x-content-type-options: nosniff
age: 562255
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17364
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:32:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 23:40:38 GMT

GET
H2 200 pe01MImSLYBIv1o4X1M8cce4G1ptY1MIUg.woff2
fonts.gstatic.com/s/nunitosans/v12/ 18 KB
18 KB 151ms
96ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe01MImSLYBIv1o4X1M8cce4G1ptY1MIUg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64f612c495faf4ac2b557d84a45f925a1259a2c242e8222b7e7fabbcbb6d9dcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://deloitte-epp.bitbuy.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 14:52:37 GMT
x-content-type-options: nosniff
age: 507536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17972
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:31:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:52:37 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 54ms
12ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-74221492-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://deloitte-epp.bitbuy.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4602
date: Mon, 12 Sep 2022 10:34:51 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 12 Sep 2022 12:34:51 GMT

GET
H2 200 container.js Show response
cdn.heapanalytics.com/js/replay/1811-Main-prod-heap/ 9 KB
5 KB 37ms
35ms Script
application/javascript 99.84.119.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heapanalytics.com/js/replay/1811-Main-prod-heap/container.js
Requested by: Host: cdn.heapanalytics.com
URL: https://cdn.heapanalytics.com/js/heap-2772553991.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.119.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-119-11.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: abd242c19388ec9d60966ddcb92df6a5d38ab5b6801f4064c89aa5d910bb446a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://deloitte-epp.bitbuy.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: 9wcT_AvuHbOq0Rh.qZ4siY_iAaoGKRUg
content-encoding: gzip
etag: "ef91a1560a94667b301fd6c04a4b53b3"
age: 51084
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 4274
last-modified: Thu, 08 Sep 2022 14:24:45 GMT
server: AmazonS3
date: Sun, 11 Sep 2022 21:40:10 GMT
content-type: application/javascript
via: 1.1 9c1dd3a19b345bbdabc718a69ac89c3c.cloudfront.net (CloudFront)
cache-control: public,max-age=86400
x-amz-cf-pop: EWR52-C3
accept-ranges: bytes
x-amz-cf-id: Ie71HZyOK5JXy2E-Vu_Nc2YXOfMbIK6oBjewyJHVxDqnf6CSZCEf2Q==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 61ms
32ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=960306410&t=pageview&_s=1&dl=https%3A%2F%2Fdeloitte-epp.bitbuy.ca%2F&ul=en-us&de=UTF-8&dt=EVG%20Form&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1065543787&gjid=780013393&cid=1912499078.1662983494&tid=UA-74221492-1&_gid=1032948432.1662983494&_r=1&gtm=2ou970&z=1857609160

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://deloitte-epp.bitbuy.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 11:51:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://deloitte-epp.bitbuy.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 releasesettings
client-api.auryc.com/ 0
0 163ms
40ms Preflight 34.67.250.180
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://client-api.auryc.com/releasesettings?lib=Web

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.67.250.180 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

180.250.67.34.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-authorized-identity,x-authorized-token
Access-Control-Request-Method: GET
Origin: https://deloitte-epp.bitbuy.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-authorized-identity, x-authorized-token
access-control-allow-methods: OPTIONS,HEAD,GET,PUT,POST,DELETE,PATCH
access-control-allow-origin: https://deloitte-epp.bitbuy.ca
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Mon, 12 Sep 2022 11:51:33 GMT
expires: 0
pragma: no-cache
server: istio-envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options: nosniff
x-envoy-upstream-service-time: 0
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 releasesettings Show response
client-api.auryc.com/ 2 B
154 B 44ms
44ms XHR
application/json 34.67.250.180
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://client-api.auryc.com/releasesettings?lib=Web

Requested by

Host: cdn.heapanalytics.com
URL: https://cdn.heapanalytics.com/js/replay/1811-Main-prod-heap/container.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.67.250.180 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

180.250.67.34.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

x-authorized-identity: 1811-Main-prod-heap
Referer: https://deloitte-epp.bitbuy.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
x-authorized-token: 721a169f7d3e8457add6b38e5e3f6c8b

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 11:51:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: istio-envoy
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://deloitte-epp.bitbuy.ca
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
content-length: 28
x-xss-protection: 1; mode=block
expires: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
446 B 86ms
33ms XHR
text/plain 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-74221492-1&cid=1912499078.1662983494&jid=1065543787&gjid=780013393&_gid=1032948432.1662983494&_u=YEBAAUAAAAAAAC~&z=479293211

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://deloitte-epp.bitbuy.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 12 Sep 2022 11:51:34 GMT
content-type: text/plain
access-control-allow-origin: https://deloitte-epp.bitbuy.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 87ms
39ms Image
image/gif 2607:f8b0:4006:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-74221492-1&cid=1912499078.1662983494&jid=1065543787&_u=YEBAAUAAAAAAAC~&z=207798909

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://deloitte-epp.bitbuy.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 11:51:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
501 B 86ms
39ms Image
image/gif 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-74221492-1&cid=1912499078.1662983494&jid=1065543787&_u=YEBAAUAAAAAAAC~&z=207798909

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://deloitte-epp.bitbuy.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 11:51:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 auryc.lib.js Show response
cdn.heapanalytics.com/js/replay/libs/latest/ 668 KB
177 KB 19ms
19ms Script
application/javascript 99.84.119.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heapanalytics.com/js/replay/libs/latest/auryc.lib.js
Requested by: Host: cdn.heapanalytics.com
URL: https://cdn.heapanalytics.com/js/replay/1811-Main-prod-heap/container.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.84.119.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-119-11.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4459919f4a3885a0e5b3b30963651c7dcd4b94de6ddfd2f7bfe57f6584aa08da

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://deloitte-epp.bitbuy.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: Ki1Baq8UDv.t3xQUUh4oaU.rD8npA9nn
content-encoding: gzip
etag: "2f8a047dc209a78d546e7cf845d07588"
age: 62367
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 181219
last-modified: Fri, 09 Sep 2022 18:07:22 GMT
server: AmazonS3
date: Sun, 11 Sep 2022 18:32:08 GMT
content-type: application/javascript
via: 1.1 4a7ef8cbf68469938b3b0dd42dbc4de8.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: EWR52-C3
accept-ranges: bytes
x-amz-cf-id: BOOg9QSxuOLPmDtGHRddK7QVE1zNznO75wHnoAN8AnbiRh20tb37BA==

GET
H2 200 siteconfig Show response
client-api.auryc.com/ 2 KB
1 KB 44ms
44ms XHR
application/json 34.67.250.180
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://client-api.auryc.com/siteconfig?lib=web

Requested by

Host: cdn.heapanalytics.com
URL: https://cdn.heapanalytics.com/js/replay/libs/latest/auryc.lib.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.67.250.180 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

180.250.67.34.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

f89d4a80e242a1e2f599b9ba0450e9c2aa3bce42ca732424bc3df70ccf594d23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

x-authorized-identity: 1811-Main-prod-heap
Referer: https://deloitte-epp.bitbuy.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
x-authorized-token: 721a169f7d3e8457add6b38e5e3f6c8b
Content-Type: application/json

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 11:51:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: istio-envoy
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://deloitte-epp.bitbuy.ca
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
content-length: 987
x-xss-protection: 1; mode=block
expires: 0

OPTIONS
H2 200 siteconfig
client-api.auryc.com/ 0
0 43ms
42ms Preflight 34.67.250.180
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://client-api.auryc.com/siteconfig?lib=web

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.67.250.180 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

180.250.67.34.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-authorized-identity,x-authorized-token
Access-Control-Request-Method: GET
Origin: https://deloitte-epp.bitbuy.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, x-authorized-identity, x-authorized-token
access-control-allow-methods: OPTIONS,HEAD,GET,PUT,POST,DELETE,PATCH
access-control-allow-origin: https://deloitte-epp.bitbuy.ca
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Mon, 12 Sep 2022 11:51:33 GMT
expires: 0
pragma: no-cache
server: istio-envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
BLOB 200
OK e67118b9-fd48-4690-bfdf-d23552b8900a
https://deloitte-epp.bitbuy.ca/ 85 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://deloitte-epp.bitbuy.ca/e67118b9-fd48-4690-bfdf-d23552b8900a
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b272e43c528bdb75ea6aacc0fdd09ce62573a3849869f7ea80d532de6a8c57d

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Length: 85
Content-Type: application/javascript

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bitbuy.ca/	1970-01-20 15:32:23	Name: _ga Value: GA1.2.1912499078.1662983494
.bitbuy.ca/	1970-01-20 05:57:49	Name: _gid Value: GA1.2.1032948432.1662983494
.bitbuy.ca/	1970-01-20 05:56:23	Name: _gat_gtag_UA_74221492_1 Value: 1
.bitbuy.ca/	1970-01-20 15:24:21	Name: _hp2_id.2772553991 Value: %7B%22userId%22%3A%224180266746176686%22%2C%22pageviewId%22%3A%223024833898247589%22%2C%22sessionId%22%3A%222560364139656257%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.bitbuy.ca/	1970-01-20 05:56:25	Name: _hp2_ses_props.2772553991 Value: %7B%22z%22%3A0%2C%22ts%22%3A1662983494191%2C%22d%22%3A%22deloitte-epp.bitbuy.ca%22%2C%22h%22%3A%22%2F%22%2C%22t%22%3A%22EVG%20Form%22%7D
.bitbuy.ca/	1970-01-20 15:32:23	Name: userty.core.p.f839b7 Value: __2VySWQiOiIzYmIyOWJlMzI4MWE5MmY5NTQ4M2QzZDQ3NWZiMjNjMSJ9eyJ1c
.bitbuy.ca/	1969-12-31 23:59:59	Name: userty.core.s.f839b7 Value: __SI6MTY2Mjk4NTI5NDU3Nywic2lkIjoiMzg2YTk5OTc3MzkwM2I2ZDU5NmYxMmE4NWM2NWI5MGUiLCJzdCI6MTY2Mjk4MzQ5NDU3NywicHYiOjEsInJlYWR5Ijp0cnVlLCJ3cyI6IntcIndcIjoxNjAwLFwiaFwiOjEyMDB9In0=eyJzZ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets.website-files.com
cdn.heapanalytics.com
client-api.auryc.com
customerioforms.com
d3e54v103j8qbb.cloudfront.net
deloitte-epp.bitbuy.ca
fonts.googleapis.com
fonts.gstatic.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.ca
www.google.com
www.googleoptimize.com
www.googletagmanager.com
13.33.81.115
2001:4860:4802:34::178
2600:9000:2140:fa00:11:3b84:d200:93a1
2607:f8b0:4004:c06::9c
2607:f8b0:4006:816::200a
2607:f8b0:4006:817::2004
2607:f8b0:4006:81d::2008
2607:f8b0:4006:81e::2003
2607:f8b0:4006:81e::200a
2607:f8b0:4006:822::200e
2607:f8b0:4006:824::2003
34.67.250.180
35.227.225.220
52.55.54.43
99.84.119.11
00dd63b0ca2fb12eb12eef7af3f543b085cb1e94d1a861b484865c973b75e93e
10e3d607a079b511915ce726f53507c5c202957996e06f5eec98c9fa8837aa15
280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5
2d5a96c96dcf7ed17a5553ae4aef42b772a82777275f5f9722b91813cfa7cb44
2f987f8cafd115868430395f46cacd158566c4d632a7e52c19d45dc445dae108
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
3b272e43c528bdb75ea6aacc0fdd09ce62573a3849869f7ea80d532de6a8c57d
4459919f4a3885a0e5b3b30963651c7dcd4b94de6ddfd2f7bfe57f6584aa08da
4a05225efbdbbeb5f098d87cbb742ecead091b2e926de4fb1fba49b558dfe9ea
4eefd5893d804dd6a747ec68c6ca1adbd29798b0f7708cb2581804a45428904a
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5299010b7b2b715de25aee90ff9d80759fb6b5ce5a2b0b8f1135ab2cc5d234e3
64f612c495faf4ac2b557d84a45f925a1259a2c242e8222b7e7fabbcbb6d9dcf
66357c96901ad5f3e4c94cc9f5eb69a4681464468ddf1fac210c2b21662b7761
6637ea3139ffb01e240829717a4f8c195d7be6b81780ed643000b49833d8d6d1
6fce8ebc3557b63496f8fafe1c182f2aa8669550f9398b4d9beebddd43306ed3
726d83a336f21985803e3e183360257d891f252b37964434e67d40bfbc3c9bc6
7607082657651f045fb47c40bed1ad57ba47f187ca00d119310ab62a1a31f532
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
8711e9f655fb8933a750235c008c659296392b24a1387586f5b20db9ab79e1f4
884213e73785e1bd4cfa5563e6ac0bf9c864a8ea7110546c263a2afd395c6e23
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
976177894b0cca88ff93ab02c6da363f2d55cce5d940139db955b251fcdd19a6
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
9b73529b4e8246ea3f18a62d5166c59e9912d10b4ed05cf4880adb3688a26408
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
abd242c19388ec9d60966ddcb92df6a5d38ab5b6801f4064c89aa5d910bb446a
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
bf22fea881f28a602afbd158f8c9d06a8bcc84e17b9b6dd9a3224992cce2a9e2
c22e13822636e336b6bd3087e2f5f3ab46af032240445487fdb68e7cb8535f24
c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3
cca76b3052c464afade09394f587e68ed898868c3ca0d7b8e4f4c8c59c241dec
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e41025c0df62c96ef60515c4bf3a1809cc30ee6e0510a2dd6a20b18e0f769511
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5c1472908165907db13fe6dadaae3101ecf5c62741ca75adf886dcf34786b6
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f89d4a80e242a1e2f599b9ba0450e9c2aa3bce42ca732424bc3df70ccf594d23
fe7839e0dc27d5a668c79b399849d56bc542d9c5dbf2ce2b52c476c6a35a7803

deloitte-epp.bitbuy.ca Open in urlscan Pro 52.55.54.43 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

43 Requests

98 %HTTPS

67 %IPv6

14 Domains

15 Subdomains

16 IPs

1 Countries

1451 kBTransfer

4908 kBSize

7 Cookies

1 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

deloitte-epp.bitbuy.ca Open in urlscan Pro
52.55.54.43 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

98 %
HTTPS

67 %
IPv6

14
Domains

15
Subdomains

16
IPs

1
Countries

1451 kB
Transfer

4908 kB
Size

7
Cookies

43 HTTP transactions
0 data transactions