urlscan.io logo urlscan.io
SecurityTrails logo

payment.thelanguagegallerycanada.com Open in urlscan Pro
2620:1ec:bdf::45  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://payment.thelanguagegallerycanada.com/
Effective URL: https://payment.thelanguagegallerycanada.com/
Submission Tags: falconsandbox
Submission: On June 28 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 5 countries across 20 domains to perform 69 HTTP transactions. The main IP is 2620:1ec:bdf::45, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is payment.thelanguagegallerycanada.com.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on March 4th 2024. Valid for: 6 months.
This is the only time payment.thelanguagegallerycanada.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 2620:1ec:bdf::45 8075 (MICROSOFT...)
1 2600:9000:266... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 18.66.102.11 16509 (AMAZON-02)
1 13.32.27.54 16509 (AMAZON-02)
4 152.195.15.58 15133 (EDGECAST)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2001:4860:480... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
5 104.126.37.176 20940 (AKAMAI-ASN1)
1 3 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 216.58.206.35 15169 (GOOGLE)
1 142.250.184.226 15169 (GOOGLE)
1 2 216.58.206.36 15169 (GOOGLE)
1 1 216.58.206.66 15169 (GOOGLE)
1 23.37.123.186 20940 (AKAMAI-ASN1)
2 172.175.38.6 8075 (MICROSOFT...)
1 2600:1f18:4e4... 14618 (AMAZON-AES)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 2 13.74.129.1 8075 (MICROSOFT...)
1 1 2a01:111:202c... 8068 (MICROSOFT...)
69 23
11    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
payment.thelanguagegallerycanada.com
www.clarity.ms
1    2600:9000:266e:6400:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.osano.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    18.66.102.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-11.fra56.r.cloudfront.net
static.hotjar.com
1    13.32.27.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-54.fra56.r.cloudfront.net
script.hotjar.com
4    152.195.15.58 (United States)

ASN15133 (EDGECAST, US)
cdn.bizible.com
cdn.bizibly.com
3    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
5    104.126.37.176 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-176.deploy.static.akamaitechnologies.com
analytics.tiktok.com
3    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
2    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f3.1e100.net
www.google.de
1    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
www.googleadservices.com
2    216.58.206.36 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f4.1e100.net
www.google.com
1    216.58.206.66 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f2.1e100.net
googleads.g.doubleclick.net
1    23.37.123.186 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-37-123-186.deploy.static.akamaitechnologies.com
analytics.pangle-ads.com
2    172.175.38.6 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
k.clarity.ms
1    2600:1f18:4e46:4c00:13cd:3b77:68cf:1b33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
capig.torontosom.ca
2    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    13.74.129.1 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2a01:111:202c::237 (United Kingdom)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
Apex Domain
Subdomains		 Transfer
9 thelanguagegallerycanada.com
payment.thelanguagegallerycanada.com
338 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 743
k.clarity.ms — Cisco Umbrella Rank: 20325
c.clarity.ms — Cisco Umbrella Rank: 1434
28 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 787
140 KB
4 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3125
www.google.com — Cisco Umbrella Rank: 5
368 B
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 361
c.bing.com — Cisco Umbrella Rank: 224
15 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 8088
190 B
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
googleads.g.doubleclick.net — Cisco Umbrella Rank: 70
443 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 71
region1.google-analytics.com — Cisco Umbrella Rank: 2355
21 KB
3 bizible.com
cdn.bizible.com — Cisco Umbrella Rank: 10208
26 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
313 KB
3 gstatic.com
fonts.gstatic.com
74 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
4 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 204
150 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 894
script.hotjar.com — Cisco Umbrella Rank: 1260
60 KB
1 torontosom.ca
capig.torontosom.ca
www.torontosom.ca Failed
379 B
1 pangle-ads.com
analytics.pangle-ads.com — Cisco Umbrella Rank: 6624
824 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 133
2 KB
1 bizibly.com
cdn.bizibly.com — Cisco Umbrella Rank: 14945
204 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
1 KB
1 osano.com
cmp.osano.com — Cisco Umbrella Rank: 5804
83 KB
69 20
Domain Requested by
9 payment.thelanguagegallerycanada.com payment.thelanguagegallerycanada.com
5 analytics.tiktok.com cmp.osano.com
analytics.tiktok.com
3 www.google.de payment.thelanguagegallerycanada.com
3 bat.bing.com cmp.osano.com
payment.thelanguagegallerycanada.com
3 cdn.bizible.com cmp.osano.com
payment.thelanguagegallerycanada.com
3 www.googletagmanager.com cmp.osano.com
3 fonts.gstatic.com fonts.googleapis.com
2 c.clarity.ms 1 redirects
2 www.facebook.com payment.thelanguagegallerycanada.com
2 k.clarity.ms cdn.bizible.com
2 www.google.com 1 redirects payment.thelanguagegallerycanada.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 region1.analytics.google.com 1 redirects www.googletagmanager.com
2 www.clarity.ms cmp.osano.com
2 connect.facebook.net cmp.osano.com
2 www.google-analytics.com cmp.osano.com
www.google-analytics.com
1 c.bing.com 1 redirects
1 capig.torontosom.ca cdn.bizible.com
1 analytics.pangle-ads.com analytics.tiktok.com
1 googleads.g.doubleclick.net 1 redirects
1 www.googleadservices.com cmp.osano.com
1 cdn.bizibly.com payment.thelanguagegallerycanada.com
1 region1.google-analytics.com payment.thelanguagegallerycanada.com
1 script.hotjar.com cmp.osano.com
1 static.hotjar.com cmp.osano.com
1 fonts.googleapis.com payment.thelanguagegallerycanada.com
1 cmp.osano.com payment.thelanguagegallerycanada.com
0 www.torontosom.ca Failed
69 28

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.youtube.com
www.instagram.com
thelanguagegallerycanada.com
Subject Issuer Validity Valid
payment.thelanguagegallerycanada.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-03-04 -
2024-09-04		 6 months crt.sh
*.osano.com
Amazon RSA 2048 M03		 2023-10-18 -
2024-11-15		 a year crt.sh
upload.video.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
io.bizible.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-07 -
2025-07-08		 a year crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-06-19 -
2024-12-16		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-06 -
2024-07-05		 3 months crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.google.de
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.googleadservices.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.pangle-ads.com
RapidSSL TLS ECC CA G1		 2023-08-10 -
2024-09-09		 a year crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh
capig.torontosom.ca
R3		 2024-05-06 -
2024-08-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://payment.thelanguagegallerycanada.com/
Frame ID: 08B30FDCA050572F5EFBF99593B9DBA6
Requests: 70 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Online Payment | TLG Canada

Page URL History Show full URLs

  1. http://payment.thelanguagegallerycanada.com/ HTTP 307
    https://payment.thelanguagegallerycanada.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

69
Requests

72 %
HTTPS

54 %
IPv6

20
Domains

28
Subdomains

23
IPs

5
Countries

1255 kB
Transfer

3163 kB
Size

35
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://payment.thelanguagegallerycanada.com/ HTTP 307
    https://payment.thelanguagegallerycanada.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37
  • https://region1.analytics.google.com/g/collect?v=2&tid=G-6M6GW2JF1Y&gtm=45je46q0v877824595za200zb77614698&_p=1719567731296&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1764370055.1719567732&ul=de-de&sr=1600x1200&are=1&frm=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&_eu=AAg&_s=2&sid=1719567731&sct=1&seg=0&dl=https%3A%2F%2Fpayment.thelanguagegallerycanada.com%2F&dt=Online%20Payment%20%7C%20TLG%20Canada&en=page_visitors&_c=1&_et=3&tfd=1604&_z=fetch HTTP 302
  • https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1764370055.1719567732&dbk=5188046764817397657&dma=1&dma_cps=sypham&en=page_visitors&gtm=45je46q0v877824595za200zb77614698&npa=1&tid=G-6M6GW2JF1Y&dl=https%3A%2F%2Fpayment.thelanguagegallerycanada.com%3F
Request Chain 56
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/700594426/?random=538919875&cv=11&fst=1719567731853&bg=ffffff&guid=ON&async=1&gtm=45be46q0v9181656279z877614698za201zb77614698&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpayment.thelanguagegallerycanada.com%2F&label=v-b4COSW-LABEPrxiM4C&hn=www.googleadservices.com&frm=0&tiba=Online%20Payment%20%7C%20TLG%20Canada&value=0&npa=1&us_privacy=1---&pscdl=noapi&auid=658877052.1719567732&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=m&fdr=SA&capi=1&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&eitems=ChAI8L75swYQw8Dqoqig5o1mEh0A6LZ_5oFtnFG5Ex_96jCNSsdZ6bGtfkkVgntCdw&pscrd=IhMImYzU_oD-hgMVmWmRBR0AcQxdMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6LWh0dHBzOi8vcGF5bWVudC50aGVsYW5ndWFnZWdhbGxlcnljYW5hZGEuY29tLw HTTP 302
  • https://www.google.com/pagead/1p-conversion/700594426/?random=538919875&cv=11&fst=1719567731853&bg=ffffff&guid=ON&async=1&gtm=45be46q0v9181656279z877614698za201zb77614698&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpayment.thelanguagegallerycanada.com%2F&label=v-b4COSW-LABEPrxiM4C&hn=www.googleadservices.com&frm=0&tiba=Online%20Payment%20%7C%20TLG%20Canada&value=0&npa=1&us_privacy=1---&pscdl=noapi&auid=658877052.1719567732&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=m&fdr=SA&capi=1&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMImYzU_oD-hgMVmWmRBR0AcQxdMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6LWh0dHBzOi8vcGF5bWVudC50aGVsYW5ndWFnZWdhbGxlcnljYW5hZGEuY29tLw&is_vtc=1&cid=CAQSGwDaQooLCROLTPvpn50Z2lDTx6TcudJDOu9Bog&eitems=ChAI8L75swYQw8Dqoqig5o1mEh0A6LZ_5mpvyVIORLI8c7EbT7FVB8IDkAnb1ogRlQ&random=3459567047 HTTP 302
  • https://www.google.de/pagead/1p-conversion/700594426/?random=538919875&cv=11&fst=1719567731853&bg=ffffff&guid=ON&async=1&gtm=45be46q0v9181656279z877614698za201zb77614698&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpayment.thelanguagegallerycanada.com%2F&label=v-b4COSW-LABEPrxiM4C&hn=www.googleadservices.com&frm=0&tiba=Online%20Payment%20%7C%20TLG%20Canada&value=0&npa=1&us_privacy=1---&pscdl=noapi&auid=658877052.1719567732&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=m&fdr=SA&capi=1&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMImYzU_oD-hgMVmWmRBR0AcQxdMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6LWh0dHBzOi8vcGF5bWVudC50aGVsYW5ndWFnZWdhbGxlcnljYW5hZGEuY29tLw&is_vtc=1&cid=CAQSGwDaQooLCROLTPvpn50Z2lDTx6TcudJDOu9Bog&eitems=ChAI8L75swYQw8Dqoqig5o1mEh0A6LZ_5mpvyVIORLI8c7EbT7FVB8IDkAnb1ogRlQ&random=3459567047&ipr=y
Request Chain 66
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=D9D56F7F6E8E41B58EB0BDB087725755&RedC=c.clarity.ms&MXFR=18CDBA02033F6CAF344BAEAE073F622D HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D9D56F7F6E8E41B58EB0BDB087725755&MUID=03CD40BA85186FB8196D541684B46E0E

69 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
payment.thelanguagegallerycanada.com/
Redirect Chain
  • http://payment.thelanguagegallerycanada.com/
  • https://payment.thelanguagegallerycanada.com/
31 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://payment.thelanguagegallerycanada.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
341ea0c52076df56f123865215c44ef6974248856a7cb4a4cc7895762fa5ff48
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
private
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 28 Jun 2024 09:42:10 GMT
vary
Accept-Encoding
x-azure-ref
20240628T094210Z-17d856f5577v6r2nn49pex0caw00000003a000000000q1k9
x-cache
PRIVATE_NOSTORE
x-fd-int-roxy-purgeid
55303579
x-frame-options
SAMEORIGIN

Redirect headers

Location
https://payment.thelanguagegallerycanada.com/
Non-Authoritative-Reason
HttpsUpgrades
osano.js
cmp.osano.com/16BQRvTGwqLg43AqP/bacde48a-9e96-46fe-95df-54a9b4b20ebb/ 		312 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/16BQRvTGwqLg43AqP/bacde48a-9e96-46fe-95df-54a9b4b20ebb/osano.js
Requested by
Host: payment.thelanguagegallerycanada.com
URL: https://payment.thelanguagegallerycanada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:6400:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
978da7aac37e4a3e1aa9a279c0bb42311673eb251f4b17b2b46152e5706b9e25
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payment.thelanguagegallerycanada.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 09:42:11 GMT
content-encoding
br
via
1.1 964525de46241eae6ff9f5fb91498662.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P8
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
84756
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 14 Nov 2023 14:29:51 GMT
server
CloudFront
etag
"8453822bc26b44a4a5d937a5e22dc349"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id
sSw7NK4cNof75d5n9G5aqRLs9s5FF7PulvOwfX4ufHeorlADBgqqgQ==
main.css
payment.thelanguagegallerycanada.com/dist/ 		30 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.thelanguagegallerycanada.com/dist/main.css?v=231017114320
Requested by
Host: payment.thelanguagegallerycanada.com
URL: https://payment.thelanguagegallerycanada.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a1813612f2ad011d30dd44f6da154cbd590c303af9641c1a36c181d9c02a5ba4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payment.thelanguagegallerycanada.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 09:42:10 GMT
last-modified
Tue, 17 Oct 2023 11:43:20 GMT
etag
"0bc4d20ef0da1:0"
x-azure-ref
20240628T094210Z-17d856f5577v6r2nn49pex0caw00000003a000000000q1m0
x-cache
TCP_MISS
content-type
text/css
cache-control
max-age=2592000
x-fd-int-roxy-purgeid
55303579
accept-ranges
bytes
content-length
30230
main.js
payment.thelanguagegallerycanada.com/dist/ 		119 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.thelanguagegallerycanada.com/dist/main.js?v=231017114320
Requested by
Host: payment.thelanguagegallerycanada.com
URL: https://payment.thelanguagegallerycanada.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
23877e8ae4b970a07646572327178746f745eddc385ab78263c6a615fb1c9d37

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payment.thelanguagegallerycanada.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 09:42:10 GMT
last-modified
Tue, 17 Oct 2023 11:43:20 GMT
etag
"0bc4d20ef0da1:0"
x-azure-ref
20240628T094210Z-17d856f5577v6r2nn49pex0caw00000003a000000000q1m1
x-cache
TCP_MISS
content-type
application/x-javascript
cache-control
max-age=2592000
x-fd-int-roxy-purgeid
55303579
accept-ranges
bytes
content-length
122126
tlgcanada-logo-300-1.gif
payment.thelanguagegallerycanada.com/media/1001/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.thelanguagegallerycanada.com/media/1001/tlgcanada-logo-300-1.gif
Requested by
Host: payment.thelanguagegallerycanada.com
URL: https://payment.thelanguagegallerycanada.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
070df1c34a6a79d8d244a805c0d53c3472076ad4faf44965bbc50fe38eac5564

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payment.thelanguagegallerycanada.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 09:42:10 GMT
content-encoding
br
vary
Accept-Encoding
x-cache
PRIVATE_NOSTORE
content-type
text/html; charset=utf-8
x-azure-ref
20240628T094210Z-17d856f5577v6r2nn49pex0caw00000003a000000000q1m2
cache-control
private
x-fd-int-roxy-purgeid
55303579
ajax-loader.gif
payment.thelanguagegallerycanada.com/css/img/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.thelanguagegallerycanada.com/css/img/ajax-loader.gif
Requested by
Host: payment.thelanguagegallerycanada.com
URL: https://payment.thelanguagegallerycanada.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e5a40a6653da432ebff435c3cbf3140d803ed6a9425d8588acc0dfa71f899861

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payment.thelanguagegallerycanada.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 09:42:10 GMT
last-modified
Tue, 17 Oct 2023 11:40:12 GMT
etag
"0363fb0ee0da1:0"
x-azure-ref
20240628T094210Z-17d856f5577v6r2nn49pex0caw00000003a000000000q1m3
x-cache
TCP_MISS
content-type
image/gif
cache-control
max-age=2592000
x-fd-int-roxy-purgeid
55303579
accept-ranges
bytes
content-length
9427
logo-rodape-tlgcanada.png
payment.thelanguagegallerycanada.com/css/img/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.thelanguagegallerycanada.com/css/img/logo-rodape-tlgcanada.png
Requested by
Host: payment.thelanguagegallerycanada.com
URL: https://payment.thelanguagegallerycanada.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5b88d026f8a5044d62789fbd25dab3ca357605ab3d21d06f8e6fa19de5329c9e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payment.thelanguagegallerycanada.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 09:42:10 GMT
last-modified
Tue, 17 Oct 2023 11:40:12 GMT
etag
"0363fb0ee0da1:0"
x-azure-ref
20240628T094210Z-17d856f5577v6r2nn49pex0caw00000003a000000000q1mf
x-cache
TCP_MISS
content-type
image/gif
cache-control
no-cache,max-age=2592000
x-fd-int-roxy-purgeid
55303579
accept-ranges
bytes
content-length
36047
07794517-b8c4-4f15-816b-a3f0baa02db3
https://payment.thelanguagegallerycanada.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://payment.thelanguagegallerycanada.com/07794517-b8c4-4f15-816b-a3f0baa02db3
Requested by
Host: payment.thelanguagegallerycanada.com
URL: https://payment.thelanguagegallerycanada.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald:300,400,600,700,800|Lato:300,400,500,600,700,800,900|Love%20+%20Ya%20+%20Like%20+%20A%20+%20Sister:400&
Requested by
Host: payment.thelanguagegallerycanada.com
URL: https://payment.thelanguagegallerycanada.com/dist/main.css?v=231017114320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
301bcb25657d1861897a7d64f5b59ff936a501edd4c19018159c6a18c32b18e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payment.thelanguagegallerycanada.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 28 Jun 2024 09:42:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 28 Jun 2024 09:42:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 28 Jun 2024 09:42:11 GMT
canada-header.jpg
payment.thelanguagegallerycanada.com/media/1002/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.thelanguagegallerycanada.com/media/1002/canada-header.jpg
Requested by
Host: payment.thelanguagegallerycanada.com
URL: https://payment.thelanguagegallerycanada.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4be78114d14a7e22dd347d87bc07f4da9d21d65c72be48f7d30a95c1fe9a0819

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payment.thelanguagegallerycanada.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 09:42:11 GMT
last-modified
Tue, 17 Oct 2023 12:00:18 GMT
etag
"1DA00F17F143500"
x-azure-ref
20240628T094211Z-17d856f5577v6r2nn49pex0caw00000003a000000000q1nq
x-cache
TCP_MISS
content-type
image/jpeg
cache-control
public
x-fd-int-roxy-purgeid
55303579
accept-ranges
bytes
content-length
55432
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:300,400,600,700,800|Lato:300,400,500,600,700,800,900|Love%20+%20Ya%20+%20Like%20+%20A%20+%20Sister:400&#038
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://payment.thelanguagegallerycanada.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 14:56:54 GMT
x-content-type-options
nosniff
age
240317
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Jun 2025 14:56:54 GMT
truncated
/ 		266 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:300,400,600,700,800|Lato:300,400,500,600,700,800,900|Love%20+%20Ya%20+%20Like%20+%20A%20+%20Sister:400&#038
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://payment.thelanguagegallerycanada.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 01:29:01 GMT
x-content-type-options
nosniff
age
115990
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jun 2025 01:29:01 GMT
TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v53/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v53/TK3iWkUHHAIjg752GT8G.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:300,400,600,700,800|Lato:300,400,500,600,700,800,900|Love%20+%20Ya%20+%20Like%20+%20A%20+%20Sister:400&#038
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
241ced7f220982f5679a64cc6db34ed42cd21274508cc5814616d9efe374afde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://payment.thelanguagegallerycanada.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 14:51:06 GMT
x-content-type-options
nosniff
age
240665
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28512
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:44:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Jun 2025 14:51:06 GMT
fontawesome-webfont.woff2
payment.thelanguagegallerycanada.com/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://payment.thelanguagegallerycanada.com/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: payment.thelanguagegallerycanada.com
URL: https://payment.thelanguagegallerycanada.com/dist/main.css?v=231017114320
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payment.thelanguagegallerycanada.com/dist/main.css?v=231017114320
Origin
https://payment.thelanguagegallerycanada.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 09:42:11 GMT
last-modified
Tue, 17 Oct 2023 11:40:12 GMT
etag
"0363fb0ee0da1:0"
x-azure-ref
20240628T094211Z-17d856f5577v6r2nn49pex0caw00000003a000000000q1nu
x-cache
TCP_MISS
content-type
application/x-font-woff2
cache-control
max-age=2592000
x-fd-int-roxy-purgeid
55303579
accept-ranges
bytes
content-length
77160
icomoon.woff2
payment.thelanguagegallerycanada.com/fonts/ 		1 KB
1 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://payment.thelanguagegallerycanada.com/fonts/icomoon.woff2
Requested by
Host: payment.thelanguagegallerycanada.com
URL: https://payment.thelanguagegallerycanada.com/dist/main.css?v=231017114320
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c17e20477be085291bf0fa1706cb18959fd1468050312974c615f1b4f1bd6cdf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payment.thelanguagegallerycanada.com/dist/main.css?v=231017114320
Origin
https://payment.thelanguagegallerycanada.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 09:42:11 GMT
last-modified
Tue, 17 Oct 2023 11:40:12 GMT
etag
"0363fb0ee0da1:0"
x-azure-ref
20240628T094211Z-17d856f5577v6r2nn49pex0caw00000003a000000000q1nv
x-cache
TCP_MISS
content-type
application/x-font-woff2
cache-control
max-age=2592000
x-fd-int-roxy-purgeid
55303579
accept-ranges
bytes
content-length
1224
c2eff20a-6845-4768-ba75-1c5f62f1799e
https://payment.thelanguagegallerycanada.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://payment.thelanguagegallerycanada.com/c2eff20a-6845-4768-ba75-1c5f62f1799e
Requested by
Host: payment.thelanguagegallerycanada.com
URL: https://payment.thelanguagegallerycanada.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
4a1573a7-7e06-4ad3-9757-3c9539b70a49
https://payment.thelanguagegallerycanada.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://payment.thelanguagegallerycanada.com/4a1573a7-7e06-4ad3-9757-3c9539b70a49
Requested by
Host: payment.thelanguagegallerycanada.com
URL: https://payment.thelanguagegallerycanada.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
gtm.js
www.googletagmanager.com/ 		351 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KKQBZFB
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BQRvTGwqLg43AqP/bacde48a-9e96-46fe-95df-54a9b4b20ebb/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6ecb8fbc3fe46ca1422275ab0a35aac79a88e7127960eb6a2864af3fb9f1a62d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payment.thelanguagegallerycanada.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 09:42:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
117568
x-xss-protection
0
last-modified
Fri, 28 Jun 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 28 Jun 2024 09:42:11 GMT
hotjar-843614.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-843614.js?sv=6
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BQRvTGwqLg43AqP/bacde48a-9e96-46fe-95df-54a9b4b20ebb/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-11.fra56.r.cloudfront.net
Software
/
Resource Hash
61270cb067d02d6809a3f1898617fdcafd9a1c2a5a99eafa71741e5914c07bb9
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payment.thelanguagegallerycanada.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Fri, 28 Jun 2024 09:42:11 GMT
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/554db2b935654e629976a829260f8ac1
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
rkESJKVII3BOw2JAzg4pRo0iVdpkXYx6CGmh8Hm14Z6KCXS9fg201Q==
497ccb08-1866-4922-80ec-d03a7bb99a5f
https://payment.thelanguagegallerycanada.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://payment.thelanguagegallerycanada.com/497ccb08-1866-4922-80ec-d03a7bb99a5f
Requested by
Host: payment.thelanguagegallerycanada.com
URL: https://payment.thelanguagegallerycanada.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
modules.de6b9e294c29aa146ba1.js
script.hotjar.com/ 		223 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.de6b9e294c29aa146ba1.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BQRvTGwqLg43AqP/bacde48a-9e96-46fe-95df-54a9b4b20ebb/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-54.fra56.r.cloudfront.net
Software
/
Resource Hash
743c4b93ab02f0ece15aa8bdb1f7b5d57e1753fe5ef6d320612ee0888e1196c6
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payment.thelanguagegallerycanada.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 10:29:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
342784
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56329
last-modified
Mon, 24 Jun 2024 10:28:38 GMT
etag
"008a76cf1200a93494425164a6546e72"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
kvL1t73hQj6BRIKa52HFEL8sMUmIFreJI6fIklwE-kcHRtmvC4iWBw==
bizible.js
cdn.bizible.com/scripts/ 		67 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bizible.com/scripts/bizible.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BQRvTGwqLg43AqP/bacde48a-9e96-46fe-95df-54a9b4b20ebb/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D4) /
Resource Hash
5df357307637bb2c5788853d5d7a8407a08e8591e2e98bb82f0486e39e172483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSub

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payment.thelanguagegallerycanada.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 09:42:11 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSub
last-modified
Thu, 27 Jun 2024 07:39:03 GMT
server
ECS (frb/67D4)
age
44806
etag
"d5df41565c8da1:0"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
25409
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BQRvTGwqLg43AqP/bacde48a-9e96-46fe-95df-54a9b4b20ebb/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payment.thelanguagegallerycanada.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Fri, 28 Jun 2024 09:42:11 GMT
last-modified
Thu, 29 Feb 2024 19:58:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7A1B2A92E3234A4982093F8212EF4F9A Ref B: FRA31EDGE0815 Ref C: 2024-06-28T09:42:11Z
etag
"01b4e9c496bda1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13261
70e0dd7e-0548-4bfa-9109-9cf3fb73920f
https://payment.thelanguagegallerycanada.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://payment.thelanguagegallerycanada.com/70e0dd7e-0548-4bfa-9109-9cf3fb73920f
Requested by
Host: payment.thelanguagegallerycanada.com
URL: https://payment.thelanguagegallerycanada.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
2eec9412-2b9c-4ae5-be9e-e37301990664
https://payment.thelanguagegallerycanada.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://payment.thelanguagegallerycanada.com/2eec9412-2b9c-4ae5-be9e-e37301990664
Requested by
Host: payment.thelanguagegallerycanada.com
URL: https://payment.thelanguagegallerycanada.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
f360d0ab-1129-4a78-b405-48844f71f850
https://payment.thelanguagegallerycanada.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://payment.thelanguagegallerycanada.com/f360d0ab-1129-4a78-b405-48844f71f850
Requested by
Host: payment.thelanguagegallerycanada.com
URL: https://payment.thelanguagegallerycanada.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
929b282c-3533-4045-b803-7dad07f1e082
https://payment.thelanguagegallerycanada.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://payment.thelanguagegallerycanada.com/929b282c-3533-4045-b803-7dad07f1e082
Requested by
Host: payment.thelanguagegallerycanada.com
URL: https://payment.thelanguagegallerycanada.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
5a8d9be9-9b42-4660-a725-467efadcdfcf
https://payment.thelanguagegallerycanada.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://payment.thelanguagegallerycanada.com/5a8d9be9-9b42-4660-a725-467efadcdfcf
Requested by
Host: payment.thelanguagegallerycanada.com
URL: https://payment.thelanguagegallerycanada.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
ada14b46-bfcf-474d-a80c-40f8f7f07f98
https://payment.thelanguagegallerycanada.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://payment.thelanguagegallerycanada.com/ada14b46-bfcf-474d-a80c-40f8f7f07f98
Requested by
Host: payment.thelanguagegallerycanada.com
URL: https://payment.thelanguagegallerycanada.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BQRvTGwqLg43AqP/bacde48a-9e96-46fe-95df-54a9b4b20ebb/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payment.thelanguagegallerycanada.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 28 Jun 2024 08:29:07 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4384
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 28 Jun 2024 10:29:07 GMT
js
www.googletagmanager.com/gtag/ 		324 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6M6GW2JF1Y&l=dataLayer&cx=c
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BQRvTGwqLg43AqP/bacde48a-9e96-46fe-95df-54a9b4b20ebb/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
53f7652a62fed9cf41c8c2d43086c826d8876f6e3d68a3a3886c743db1e27b6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payment.thelanguagegallerycanada.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 09:42:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
108397
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 28 Jun 2024 09:42:11 GMT
fbevents.js
connect.facebook.net/en_US/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BQRvTGwqLg43AqP/bacde48a-9e96-46fe-95df-54a9b4b20ebb/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
de1805522e8bde4516893684590f431b5bc8716638f3b9cdbf4e987767e61a65
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payment.thelanguagegallerycanada.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 28 Jun 2024 09:42:11 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58251
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1297, tbw=2784, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
OzShuT2ljUDUR0zezCRpTG0O4QRwm1J25wzQv/CSumlPnabZ6QQzNhXGjuqHoJPrDbQMflEx19DkqzhvukzjIg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CAQR2DBC77UCLEHHU9RG&lib=ttq
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BQRvTGwqLg43AqP/bacde48a-9e96-46fe-95df-54a9b4b20ebb/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.176 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-176.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f396e28cfa044c224ebc764258e95077af826ca3dcb1513780a7a395223b48d6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payment.thelanguagegallerycanada.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
15593f81
date
Fri, 28 Jun 2024 09:42:11 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240628094211D6375DA050658BD06C2A-1E4C1C3548732C43-00
x-cache
TCP_MISS from a104-126-37-172.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
server-timing
inner; dur=5, cdn-cache; desc=MISS, edge; dur=3, origin; dur=99
content-length
1678
pragma
no-cache
server
nginx
x-tt-logid
20240628094211D6375DA050658BD06C2A
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
100,104.126.37.172
x-tt-trace-host
01f3a6736ed3885ab7895dcaa306f56e0b2d34aa4277f99129fc4656accbe9fee3527658b9f2a224bf5d560b0c6f38121a41b1afea44181dbaecc8cb8027a9e0d151ef6cfb2e3920d0b1dcbd49230902998106165ea92d268ae1a1320a41de28d9
expires
Fri, 28 Jun 2024 09:42:11 GMT
b0vldt38g4
www.clarity.ms/tag/ 		801 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/b0vldt38g4?ref=gtm2
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BQRvTGwqLg43AqP/bacde48a-9e96-46fe-95df-54a9b4b20ebb/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0b97fd960d2a0b07204e5d9452878d215a7dcab28dc8ec9199223d625526085f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payment.thelanguagegallerycanada.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
-1
date
Fri, 28 Jun 2024 09:42:11 GMT
x-azure-ref
20240628T094211Z-17d856f5577b6dxbs98n82by2400000005x000000000bkv3
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
801
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
destination
www.googletagmanager.com/gtag/ 		266 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-700594426&l=dataLayer&cx=c
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BQRvTGwqLg43AqP/bacde48a-9e96-46fe-95df-54a9b4b20ebb/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
22625418d71fa52f6c387a989a5222b0d202e6fc5a42a443deaf61caa8c060f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payment.thelanguagegallerycanada.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 09:42:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
93629
x-xss-protection
0
last-modified
Fri, 28 Jun 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 28 Jun 2024 09:42:11 GMT
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-6M6GW2JF1Y&gtm=45je46q0v877824595z877614698za200zb77614698&_p=1719567731296&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1764370055.1719567732&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=Ag&_s=1&sid=1719567731&sct=1&seg=0&dl=https%3A%2F%2Fpayment.thelanguagegallerycanada.com%2F&dt=Online%20Payment%20%7C%20TLG%20Canada&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1599&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6M6GW2JF1Y&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payment.thelanguagegallerycanada.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 28 Jun 2024 09:42:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://payment.thelanguagegallerycanada.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
268 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6M6GW2JF1Y&cid=1764370055.1719567732&gtm=45je46q0v877824595z877614698za200zb77614698&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6M6GW2JF1Y&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payment.thelanguagegallerycanada.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 28 Jun 2024 09:42:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://payment.thelanguagegallerycanada.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
register-conversion
region1.google-analytics.com/privacy-sandbox/
Redirect Chain
  • https://region1.analytics.google.com/g/collect?v=2&tid=G-6M6GW2JF1Y&gtm=45je46q0v877824595za200zb77614698&_p=1719567731296&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1764370055.1719567...
  • https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1764370055.1719567732&dbk=5188046764817397657&dma=1&dma_cps=sypham&en=page_visitors&gtm=45je46q0v877824595za200zb77...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1764370055.1719567732&dbk=5188046764817397657&dma=1&dma_cps=sypham&en=page_visitors&gtm=45je46q0v877824595za200zb77614698&npa=1&tid=G-6M6GW2JF1Y&dl=https%3A%2F%2Fpayment.thelanguagegallerycanada.com%3F
Requested by
Host: payment.thelanguagegallerycanada.com
URL: https://payment.thelanguagegallerycanada.com/
Protocol
H2
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://payment.thelanguagegallerycanada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
attribution-reporting-register-trigger
{"aggregatable_trigger_data":[{"key_piece":"0x5955eb86b6b9156a","source_keys":["1"]},{"key_piece":"0x3dfeec6283bbc5a7","source_keys":["2","3","4"]}],"aggregatable_values":{"1":65,"2":65,"3":65,"4":6356},"debug_key":"5188046764817397657","debug_reporting":true,"event_trigger_data":[{"filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"}],"filters":{"2":["830443259","829915353","700594426"],"5":["06-28","06-27","06-26"]}}
date
Fri, 28 Jun 2024 09:42:12 GMT
server
Golfe2
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 28 Jun 2024 09:42:11 GMT
server
Golfe2
content-type
text/html; charset=UTF-8
location
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1764370055.1719567732&dbk=5188046764817397657&dma=1&dma_cps=sypham&en=page_visitors&gtm=45je46q0v877824595za200zb77614698&npa=1&tid=G-6M6GW2JF1Y&dl=https%3A%2F%2Fpayment.thelanguagegallerycanada.com%3F
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
516
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6M6GW2JF1Y&cid=1764370055.1719567732&gtm=45je46q0v877824595z877614698za200zb77614698&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&frm=0&z=845427808
Requested by
Host: payment.thelanguagegallerycanada.com
URL: https://payment.thelanguagegallerycanada.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payment.thelanguagegallerycanada.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 28 Jun 2024 09:42:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1437713756&t=pageview&_s=1&dl=https%3A%2F%2Fpayment.thelanguagegallerycanada.com%2F&ul=de-de&de=UTF-8&dt=Online%20Payment%20%7C%20TLG%20Canada&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAACAEK~&jid=1193852544&gjid=1666899994&cid=1764370055.1719567732&tid=UA-107593032-1&_gid=1504371467.1719567732&_slc=1&gtm=45He46q0n81KKQBZFBv77614698za200&cd1=1764370055.1719567732&cd2=4bb30957-9340-4171-9e82-892427b48ae6&cd3=2024-06-28T11%3A42%3A11.630%2B02%3A00&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&npa=1&z=1084856802
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://payment.thelanguagegallerycanada.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 28 Jun 2024 09:42:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://payment.thelanguagegallerycanada.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-107593032-1&cid=1764370055.1719567732&jid=1193852544&gjid=1666899994&_gid=1504371467.1719567732&npa=1&_u=YCDAgEABAAAAAGAEK~&z=1980270500
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://payment.thelanguagegallerycanada.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 28 Jun 2024 09:42:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://payment.thelanguagegallerycanada.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
6c9fc05e-bb8a-4a0a-9e38-b68ae898b6c5
https://payment.thelanguagegallerycanada.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://payment.thelanguagegallerycanada.com/6c9fc05e-bb8a-4a0a-9e38-b68ae898b6c5
Requested by
Host: payment.thelanguagegallerycanada.com
URL: https://payment.thelanguagegallerycanada.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
ipv
cdn.bizible.com/ 		43 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bizible.com/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=e1ee367260b149898ee6d38a4421386f&_biz_l=https%3A%2F%2Fpayment.thelanguagegallerycanada.com%2F&_biz_t=1719567731876&_biz_i=Online%20Payment%20%7C%20TLG%20Canada&_biz_n=0&rnd=427315&cdn_o=a&_biz_z=1719567731877
Requested by
Host: payment.thelanguagegallerycanada.com
URL: https://payment.thelanguagegallerycanada.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BA) /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSub

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payment.thelanguagegallerycanada.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 28 Jun 2024 09:42:11 GMT
strict-transport-security
max-age=31536000; includeSub
last-modified
Fri, 21 Jun 2024 21:15:25 GMT
server
ECS (frb/67BA)
age
563206
x-cache
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/gif
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
43
expires
-1
u
cdn.bizibly.com/ 		43 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bizibly.com/u?_biz_u=e1ee367260b149898ee6d38a4421386f&_biz_l=https%3A%2F%2Fpayment.thelanguagegallerycanada.com%2F&_biz_t=1719567731879&_biz_i=Online%20Payment%20%7C%20TLG%20Canada&rnd=935706&cdn_o=a&_biz_z=1719567731879
Requested by
Host: payment.thelanguagegallerycanada.com
URL: https://payment.thelanguagegallerycanada.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6752) /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSub

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payment.thelanguagegallerycanada.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 28 Jun 2024 09:42:11 GMT
strict-transport-security
max-age=31536000; includeSub
last-modified
Fri, 21 Jun 2024 21:15:27 GMT
server
ECS (frb/6752)
age
563204
x-cache
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/gif
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
43
expires
-1
187042140.js
bat.bing.com/p/action/ 		0
118 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/187042140.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BQRvTGwqLg43AqP/bacde48a-9e96-46fe-95df-54a9b4b20ebb/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payment.thelanguagegallerycanada.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Fri, 28 Jun 2024 09:42:11 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 759546621BBA4B0E8BCD13AC3F505B93 Ref B: FRA31EDGE0815 Ref C: 2024-06-28T09:42:11Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=187042140&Ver=2&mid=d9ec6ba8-e323-4a79-91f4-7247131a5f70&sid=b1c4b620353211efa0a92dc792efc7cf&vid=b1c4ff80353211efa577131149d559d0&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Online%20Payment%20%7C%20TLG%20Canada&p=https%3A%2F%2Fpayment.thelanguagegallerycanada.com%2F&r=&lt=1093&evt=pageLoad&sv=1&rn=490633
Requested by
Host: payment.thelanguagegallerycanada.com
URL: https://payment.thelanguagegallerycanada.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payment.thelanguagegallerycanada.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 28 Jun 2024 09:42:11 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6121B56B85F54A3381347792B15C9B09 Ref B: FRA31EDGE0815 Ref C: 2024-06-28T09:42:11Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/700594426/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/700594426/?random=1719567731853&cv=11&fst=1719567731853&bg=ffffff&guid=ON&async=1&gtm=45be46q0v9181656279z877614698za201zb77614698&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpayment.thelanguagegallerycanada.com%2F&label=v-b4COSW-LABEPrxiM4C&hn=www.googleadservices.com&frm=0&tiba=Online%20Payment%20%7C%20TLG%20Canada&value=0&bttype=purchase&npa=1&us_privacy=1---&pscdl=noapi&auid=658877052.1719567732&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=m&fdr=SA&capi=1&em=tv.1&rfmt=3&fmt=4
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BQRvTGwqLg43AqP/bacde48a-9e96-46fe-95df-54a9b4b20ebb/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
0a3f7fa4a838644fae6a3372dd18abc8b499d923dd7891997c60d43d932dc2fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payment.thelanguagegallerycanada.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 28 Jun 2024 09:42:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1722
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
611306775716448
connect.facebook.net/signals/config/ 		291 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/611306775716448?v=2.9.159&r=stable&domain=payment.thelanguagegallerycanada.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C39%2C33%2C134%2C14%2C48%2C180%2C179%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BQRvTGwqLg43AqP/bacde48a-9e96-46fe-95df-54a9b4b20ebb/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
98fcf87c9a19852755de5507bec2912fe4f17ea034cec7151202190eea685def
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payment.thelanguagegallerycanada.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 28 Jun 2024 09:42:12 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=46, rtx=0, c=65, mss=1297, tbw=63791, tp=-1, tpl=-1, uplat=433, ullat=0
pragma
public
x-fb-debug
nJxBF8q/eDmzeCGhaTDoDVj2IrebIItTKfssR8LWd5XJe9NUwy5p2b4m2CSBC/16NLt5+RuSbe8W0lWBL3vgEg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
a934302c-93c1-4f7f-9879-d2fbd58c34f8
https://payment.thelanguagegallerycanada.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://payment.thelanguagegallerycanada.com/a934302c-93c1-4f7f-9879-d2fbd58c34f8
Requested by
Host: payment.thelanguagegallerycanada.com
URL: https://payment.thelanguagegallerycanada.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
main.MTZkNWZlYWU4MA.js
analytics.tiktok.com/i18n/pixel/static/ 		339 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BQRvTGwqLg43AqP/bacde48a-9e96-46fe-95df-54a9b4b20ebb/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.176 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-176.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
47604965129b76c210cbca0993bce3965a85330fc257684ab4467a9db8ba1122

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payment.thelanguagegallerycanada.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
15594190
date
Fri, 28 Jun 2024 09:42:11 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240627153450AC9524C97B2CA45B3439
x-tt-trace-id
00-240627153450AC9524C97B2CA45B3439-2CDA6F3D3074E201-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a104-126-37-172.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01b1e3cd4e9a52ed44f64e2ac3135e0030256b6f3bd3382d3d6c2de733aa348735576486abd90ae2511228473e6892ea9d10fd137ac36506b32771860049445c08512f8a66ea172867afd0e4b3213262f1136d33624926046bc970915048f819de
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length
98509
8b10e707-f6b5-4d3d-9072-66cd16b21968
https://payment.thelanguagegallerycanada.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://payment.thelanguagegallerycanada.com/8b10e707-f6b5-4d3d-9072-66cd16b21968
Requested by
Host: payment.thelanguagegallerycanada.com
URL: https://payment.thelanguagegallerycanada.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
xdc.js
cdn.bizible.com/ 		84 B
317 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bizible.com/xdc.js?_biz_u=e1ee367260b149898ee6d38a4421386f&_biz_h=-1906410348&cdn_o=a&jsVer=4.24.06.26
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BQRvTGwqLg43AqP/bacde48a-9e96-46fe-95df-54a9b4b20ebb/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6711) /
Resource Hash
6d22e660ead72f14b0aa8e3dfc8de1da35f17e3559b489e00692f15f50faa1a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSub

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payment.thelanguagegallerycanada.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 09:42:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSub
server
ECS (frb/6711)
etag
EFEDFBC3
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
content-length
186
6e556107-0ce8-429c-bac5-2f8829acaf87
https://payment.thelanguagegallerycanada.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://payment.thelanguagegallerycanada.com/6e556107-0ce8-429c-bac5-2f8829acaf87
Requested by
Host: payment.thelanguagegallerycanada.com
URL: https://payment.thelanguagegallerycanada.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
clarity.js
www.clarity.ms/s/0.7.32/ 		61 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.32/clarity.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BQRvTGwqLg43AqP/bacde48a-9e96-46fe-95df-54a9b4b20ebb/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payment.thelanguagegallerycanada.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 09:42:11 GMT
content-encoding
br
last-modified
Fri, 10 May 2024 17:30:20 GMT
etag
W/"0x8DC7116DE09E645"
vary
Accept-Encoding
x-azure-ref
20240628T094211Z-17d856f5577b6dxbs98n82by2400000005x000000000bkvq
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
949203f2-601e-0050-0434-c2ec8b000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-107593032-1&cid=1764370055.1719567732&jid=1193852544&npa=1&_u=YCDAgEABAAAAAGAEK~&z=753889395
Requested by
Host: payment.thelanguagegallerycanada.com
URL: https://payment.thelanguagegallerycanada.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payment.thelanguagegallerycanada.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 28 Jun 2024 09:42:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-107593032-1&cid=1764370055.1719567732&jid=1193852544&npa=1&_u=YCDAgEABAAAAAGAEK~&z=753889395
Requested by
Host: payment.thelanguagegallerycanada.com
URL: https://payment.thelanguagegallerycanada.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payment.thelanguagegallerycanada.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 28 Jun 2024 09:42:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/700594426/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/700594426/?random=538919875&cv=11&fst=1719567731853&bg=ffffff&guid=ON&async=1&gtm=45be46q0v9181656279z877614698za201zb77614698&gcd=1...
  • https://www.google.com/pagead/1p-conversion/700594426/?random=538919875&cv=11&fst=1719567731853&bg=ffffff&guid=ON&async=1&gtm=45be46q0v9181656279z877614698za201zb77614698&gcd=13l3lPl2l1&dma_cps=syp...
  • https://www.google.de/pagead/1p-conversion/700594426/?random=538919875&cv=11&fst=1719567731853&bg=ffffff&guid=ON&async=1&gtm=45be46q0v9181656279z877614698za201zb77614698&gcd=13l3lPl2l1&dma_cps=syph...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/700594426/?random=538919875&cv=11&fst=1719567731853&bg=ffffff&guid=ON&async=1&gtm=45be46q0v9181656279z877614698za201zb77614698&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpayment.thelanguagegallerycanada.com%2F&label=v-b4COSW-LABEPrxiM4C&hn=www.googleadservices.com&frm=0&tiba=Online%20Payment%20%7C%20TLG%20Canada&value=0&npa=1&us_privacy=1---&pscdl=noapi&auid=658877052.1719567732&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=m&fdr=SA&capi=1&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMImYzU_oD-hgMVmWmRBR0AcQxdMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6LWh0dHBzOi8vcGF5bWVudC50aGVsYW5ndWFnZWdhbGxlcnljYW5hZGEuY29tLw&is_vtc=1&cid=CAQSGwDaQooLCROLTPvpn50Z2lDTx6TcudJDOu9Bog&eitems=ChAI8L75swYQw8Dqoqig5o1mEh0A6LZ_5mpvyVIORLI8c7EbT7FVB8IDkAnb1ogRlQ&random=3459567047&ipr=y
Requested by
Host: payment.thelanguagegallerycanada.com
URL: https://payment.thelanguagegallerycanada.com/
Protocol
H3
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://payment.thelanguagegallerycanada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Jun 2024 09:42:12 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 28 Jun 2024 09:42:12 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/700594426/?random=538919875&cv=11&fst=1719567731853&bg=ffffff&guid=ON&async=1&gtm=45be46q0v9181656279z877614698za201zb77614698&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpayment.thelanguagegallerycanada.com%2F&label=v-b4COSW-LABEPrxiM4C&hn=www.googleadservices.com&frm=0&tiba=Online%20Payment%20%7C%20TLG%20Canada&value=0&npa=1&us_privacy=1---&pscdl=noapi&auid=658877052.1719567732&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=m&fdr=SA&capi=1&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMImYzU_oD-hgMVmWmRBR0AcQxdMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6LWh0dHBzOi8vcGF5bWVudC50aGVsYW5ndWFnZWdhbGxlcnljYW5hZGEuY29tLw&is_vtc=1&cid=CAQSGwDaQooLCROLTPvpn50Z2lDTx6TcudJDOu9Bog&eitems=ChAI8L75swYQw8Dqoqig5o1mEh0A6LZ_5mpvyVIORLI8c7EbT7FVB8IDkAnb1ogRlQ&random=3459567047&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pangle_pixel
analytics.pangle-ads.com/api/v2/ 		0
824 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.pangle-ads.com/api/v2/pangle_pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.123.186 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-37-123-186.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://payment.thelanguagegallerycanada.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
1716b442
date
Fri, 28 Jun 2024 09:42:12 GMT
x-bytefaas-request-id
202406280942125295C826569D4FA6F5E5
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2406280942125295C826569D4FA6F5E5-1DCB3A245042ADAD-00
x-cache
TCP_MISS from a23-37-123-182.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56655770) (-)
server-timing
inner; dur=5, cdn-cache; desc=MISS, edge; dur=0, origin; dur=14
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202406280942125295C826569D4FA6F5E5
access-control-max-age
86400
access-control-allow-methods
*
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
x-bytefaas-execution-duration
3.90
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
x-gw-dst-psm
ad.union.pangle_web_traffic
x-tt-trace-host
01f6bb0cf4844e897ed9b879250ec23f0fb3ea1f8c7bfbb319fcdc00faffc7b16991c9eccfe01cd0f6d08be3b495fab19439f47c194807955c55494d406ab74b1e9bf72eb06cba76c70e765dbcb0d570faac8c6c376528df8742707651412f25c1
x-origin-response-time
14,23.37.123.182
access-control-allow-headers
*
expires
Fri, 28 Jun 2024 09:42:12 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
703 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.176 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-176.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://payment.thelanguagegallerycanada.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
155943a7
date
Fri, 28 Jun 2024 09:42:12 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24062809421251E0292D5E7059C03E0E-09AACF026B970D24-00
x-cache
TCP_MISS from a104-126-37-172.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
server-timing
inner; dur=29, cdn-cache; desc=MISS, edge; dur=10, origin; dur=136
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2024062809421251E0292D5E7059C03E0E
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
136,104.126.37.172
x-tt-trace-host
01f3a6736ed3885ab7895dcaa306f56e0b2d34aa4277f99129fc4656accbe9fee34f9dfa7924f4bdd10c6709b6659cbaa6d0f0a9d502807a9cc0bf8286869f518ae4312e02b07a4e940218d7fef918281aceda2f3962318ec5f6f0644c47dc854d
access-control-allow-headers
Authorization,*
expires
Fri, 28 Jun 2024 09:42:12 GMT
790c5b0a-9b05-461d-b1c0-24954c0d9877
https://payment.thelanguagegallerycanada.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://payment.thelanguagegallerycanada.com/790c5b0a-9b05-461d-b1c0-24954c0d9877
Requested by
Host: payment.thelanguagegallerycanada.com
URL: https://payment.thelanguagegallerycanada.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
identify_ce1d8843.js
analytics.tiktok.com/i18n/pixel/static/ 		146 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_ce1d8843.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BQRvTGwqLg43AqP/bacde48a-9e96-46fe-95df-54a9b4b20ebb/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.176 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-176.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payment.thelanguagegallerycanada.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
155943e0
date
Fri, 28 Jun 2024 09:42:12 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
2024052114000028360ABE5A822A9D157C
x-tt-trace-id
00-24052114000028360ABE5A822A9D157C-65016C1984D6CF15-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a104-126-37-172.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
014a16450144a70267c8331d4ff43712d8e1aa548e71da4501fa7daafd5dc4fa2e2bfc0ce1813575125b39d9c0622b18aa7a2faed0f58404ba50a9eb55dc4b0a6f83daf2b9d2bf3c974a7138e6f9d1152019d91868398d1a2c7281abe5fab4e5ef
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length
39703
collect
k.clarity.ms/ 		0
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://k.clarity.ms/collect
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.175.38.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/x-clarity-gzip
Referer
https://payment.thelanguagegallerycanada.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://payment.thelanguagegallerycanada.com
Date
Fri, 28 Jun 2024 09:42:12 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
act
analytics.tiktok.com/api/v2/pixel/ 		0
707 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.176 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-176.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://payment.thelanguagegallerycanada.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
1559474d
date
Fri, 28 Jun 2024 09:42:12 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240628094212BF32CEBAC29E95C72A3D-730ECB8323A71A02-00
x-cache
TCP_MISS from a104-126-37-172.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
server-timing
inner; dur=21, cdn-cache; desc=MISS, edge; dur=68, origin; dur=169
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240628094212BF32CEBAC29E95C72A3D
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
169,104.126.37.172
x-tt-trace-host
01f3a6736ed3885ab7895dcaa306f56e0b2d34aa4277f99129fc4656accbe9fee34f9dfa7924f4bdd10c6709b6659cbaa6373b78b2f3533a6f80ae1d6c4049a803c9027d3b177e18e042ba7a4b6d88f07ae1d3dcf4fbbbd876344c37601ed188ce
access-control-allow-headers
Authorization,*
expires
Fri, 28 Jun 2024 09:42:12 GMT
ce52bcc3a0dca68543aa1bc0976c11b3818be4a7b5a541074925272d7e25e699
capig.torontosom.ca/events/ 		0
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capig.torontosom.ca/events/ce52bcc3a0dca68543aa1bc0976c11b3818be4a7b5a541074925272d7e25e699
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:4e46:4c00:13cd:3b77:68cf:1b33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://payment.thelanguagegallerycanada.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://payment.thelanguagegallerycanada.com
date
Fri, 28 Jun 2024 09:42:12 GMT
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-credentials
true
content-length
0
vary
origin
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=611306775716448&ev=PageView&dl=https%3A%2F%2Fpayment.thelanguagegallerycanada.com%2F&rl=&if=false&ts=1719567732453&sw=1600&sh=1200&v=2.9.159&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1719567732450.210181596986226101&eid=ob3_plugin-set_6c223658e3a96bc7d7928e5a12f72b8d99a706738ac4eeb76f0a0b89e4951c8d&ler=empty&cdl=API_unavailable&it=1719567731902&coo=false&tm=1&exp=f0&rqm=GET
Requested by
Host: payment.thelanguagegallerycanada.com
URL: https://payment.thelanguagegallerycanada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payment.thelanguagegallerycanada.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=2788, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 28 Jun 2024 09:42:12 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=611306775716448&ev=PageView&dl=https%3A%2F%2Fpayment.thelanguagegallerycanada.com%2F&rl=&if=false&ts=1719567732453&sw=1600&sh=1200&v=2.9.159&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1719567732450.210181596986226101&eid=ob3_plugin-set_6c223658e3a96bc7d7928e5a12f72b8d99a706738ac4eeb76f0a0b89e4951c8d&ler=empty&cdl=API_unavailable&it=1719567731902&coo=false&tm=1&exp=f0&rqm=FGET
Requested by
Host: payment.thelanguagegallerycanada.com
URL: https://payment.thelanguagegallerycanada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payment.thelanguagegallerycanada.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x7c303ba7143bbc12","source_keys":["1","2"]},{"key_piece":"0xc3cc31911fd6d6f9","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Fri, 28 Jun 2024 09:42:12 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7385487173774092910", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=43, rtx=0, c=10, mss=1297, tbw=3106, tp=-1, tpl=-1, uplat=147, ullat=0
pragma
no-cache
x-fb-debug
GLoeO+OwN/JOSbOzP+XKlv8EREqnbJiq2wXaP45UOjQQzpawda4JusOhRBg5p23NKuvUj8xrZkePEObS/d/tMA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7385487173774092910"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=D9D56F7F6E8E41B58EB0BDB087725755&RedC=c.clarity.ms&MXFR=18CDBA02033F6CAF344BAEAE073F622D
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D9D56F7F6E8E41B58EB0BDB087725755&MUID=03CD40BA85186FB8196D541684B46E0E
42 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D9D56F7F6E8E41B58EB0BDB087725755&MUID=03CD40BA85186FB8196D541684B46E0E
Protocol
H2
Server
13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://payment.thelanguagegallerycanada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Jun 2024 09:42:13 GMT
last-modified
Tue, 25 Jun 2024 19:30:12 GMT
server
Microsoft-IIS/10.0
etag
"7473f1936c7da1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 28 Jun 2024 09:42:12 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 460FFA0BA4B543AFA68B60F897EDDC4F Ref B: VIEEDGE2512 Ref C: 2024-06-28T09:42:13Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D9D56F7F6E8E41B58EB0BDB087725755&MUID=03CD40BA85186FB8196D541684B46E0E
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
favicon.gif
www.torontosom.ca/media/1005/ 		0
0
collect
k.clarity.ms/ 		0
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://k.clarity.ms/collect
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.175.38.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/x-clarity-gzip
Referer
https://payment.thelanguagegallerycanada.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://payment.thelanguagegallerycanada.com
Date
Fri, 28 Jun 2024 09:42:13 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.torontosom.ca
URL
https://www.torontosom.ca/media/1005/favicon.gif

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 undefined| event object| fence object| sharedStorage function| Osano function| __uspapi function| _typeof function| showImgLoading function| hideImgLoading function| amountChange function| heroSize function| checkSponsorID function| hideSponsorID function| checkSFForm function| startTest function| answerSelected function| checkAnswers function| isChecked function| showError function| saveAnswers function| sendData function| checkResults function| saveResponse function| goToNext function| showResults function| startTimer function| $ function| jQuery object| dataLayer function| hj object| _hjSettings object| hjSiteSettings function| hjBootstrap object| hjLazyModules object| hjBootstrapCalled object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| _fbq_gtm_ids function| clarity string| TiktokAnalyticsObject object| ttq object| uetq function| onYouTubeIframeAPIReady function| gtag object| gaGlobal object| GooglebQhCsO object| gaplugins object| gaData object| Bizible object| BizTrackingA object| BizA object| _vis_opt_queue object| LC_API function| UET function| UET_init function| UET_push object| ueto_13da217f9f object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| regeneratorRuntime

35 Cookies

Domain/Path Name / Value
.capig.torontosom.ca/events/ce52bcc3a0dca68543aa1bc0976c11b3818be4a7b5a541074925272d7e25e699 Name: cee
Value: F%2Bn8KcYcNulYtLvf2GsXHq6lSlKkIty%2F2pd4WuxD7ZY%3D.%7B%7D
payment.thelanguagegallerycanada.com/ Name: __RequestVerificationToken
Value: DtSnFuaGdh3ZB0tet6-K0yvdw01VbVEwA1wYDlXtdDFE2mtT-MwHI4MLBjl3fLIj3PjVgkE0_q6MpBCz9fN1EuIRRY3l9J9uy9uw3aIobA01
payment.thelanguagegallerycanada.com/ Name: ASLBSA
Value: 00039914a754d88f1991f0d4b05e19591e81969d77008ca83f86910e5ce46c5d2ebe
payment.thelanguagegallerycanada.com/ Name: ASLBSACORS
Value: 00039914a754d88f1991f0d4b05e19591e81969d77008ca83f86910e5ce46c5d2ebe
.thelanguagegallerycanada.com/ Name: _gcl_au
Value: 1.1.658877052.1719567732
.thelanguagegallerycanada.com/ Name: _hjSessionUser_843614
Value: eyJpZCI6IjUwZGVmZTNiLTg4ODMtNWVkNS1hNzlmLWI3NGRiNGQ2YzIwOSIsImNyZWF0ZWQiOjE3MTk1Njc3MzE3MzEsImV4aXN0aW5nIjp0cnVlfQ==
.thelanguagegallerycanada.com/ Name: _hjSession_843614
Value: eyJpZCI6IjdjNmQxYzMzLWFlZDYtNDI2Yy1iODlmLWNiZDZmNDNmNjE5ZiIsImMiOjE3MTk1Njc3MzE3MzMsInMiOjEsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.thelanguagegallerycanada.com/ Name: _ga
Value: GA1.2.1764370055.1719567732
.thelanguagegallerycanada.com/ Name: _gid
Value: GA1.2.1504371467.1719567732
.thelanguagegallerycanada.com/ Name: _dc_gtm_UA-107593032-1
Value: 1
.thelanguagegallerycanada.com/ Name: _biz_uid
Value: e1ee367260b149898ee6d38a4421386f
.thelanguagegallerycanada.com/ Name: _biz_nA
Value: 1
.thelanguagegallerycanada.com/ Name: _uetsid
Value: b1c4b620353211efa0a92dc792efc7cf
.thelanguagegallerycanada.com/ Name: _uetvid
Value: b1c4ff80353211efa577131149d559d0
.tiktok.com/ Name: _ttp
Value: 2iVFFAeSNTwBDkjnkLXe446f1YF
.bizible.com/ Name: _BUID
Value: e1ee367260b149898ee6d38a4421386f
.thelanguagegallerycanada.com/ Name: _biz_pendingA
Value: %5B%5D
.bizibly.com/ Name: _BUID
Value: 96d405c0c9ee46ce4af0289c506d8ad0
www.clarity.ms/ Name: CLID
Value: a7c1d49208c040338108dc91b72206b4.20240628.20250628
.region1.google-analytics.com/ Name: ar_debug
Value: 1
.thelanguagegallerycanada.com/ Name: _clck
Value: 1u329wc%7C2%7Cfn0%7C0%7C1640
.bing.com/ Name: MUID
Value: 03CD40BA85186FB8196D541684B46E0E
.thelanguagegallerycanada.com/ Name: _tt_enable_cookie
Value: 1
.thelanguagegallerycanada.com/ Name: _ttp
Value: R4vkxywPVAWqCtM81MJwPR6wp9T
.thelanguagegallerycanada.com/ Name: _biz_flagsA
Value: %7B%22Version%22%3A1%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%7D
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.thelanguagegallerycanada.com/ Name: _fbp
Value: fb.1.1719567732450.210181596986226101
.thelanguagegallerycanada.com/ Name: _clsk
Value: zof632%7C1719567732652%7C1%7C1%7Ck.clarity.ms%2Fcollect
.thelanguagegallerycanada.com/ Name: _ga_6M6GW2JF1Y
Value: GS1.1.1719567731.1.0.1719567732.59.0.0
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 03CD40BA85186FB8196D541684B46E0E
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 03CD40BA85186FB8196D541684B46E0E
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

1 Console Messages

Source Level URL
Text
network error URL: https://payment.thelanguagegallerycanada.com/media/1001/tlgcanada-logo-300-1.gif
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.pangle-ads.com
analytics.tiktok.com
bat.bing.com
c.bing.com
c.clarity.ms
capig.torontosom.ca
cdn.bizible.com
cdn.bizibly.com
cmp.osano.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
k.clarity.ms
payment.thelanguagegallerycanada.com
region1.analytics.google.com
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.torontosom.ca
www.torontosom.ca
104.126.37.176
13.32.27.54
13.74.129.1
142.250.184.226
152.195.15.58
172.175.38.6
18.66.102.11
2001:4860:4802:32::36
2001:4860:4802:36::178
216.58.206.35
216.58.206.36
216.58.206.66
23.37.123.186
2600:1f18:4e46:4c00:13cd:3b77:68cf:1b33
2600:9000:266e:6400:3:b7e:8940:93a1
2620:1ec:bdf::45
2620:1ec:c11::237
2a00:1450:4001:800::200a
2a00:1450:4001:827::2008
2a00:1450:4001:829::2003
2a00:1450:400c:c00::9c
2a01:111:202c::237
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
070df1c34a6a79d8d244a805c0d53c3472076ad4faf44965bbc50fe38eac5564
0a3f7fa4a838644fae6a3372dd18abc8b499d923dd7891997c60d43d932dc2fc
0b97fd960d2a0b07204e5d9452878d215a7dcab28dc8ec9199223d625526085f
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
22625418d71fa52f6c387a989a5222b0d202e6fc5a42a443deaf61caa8c060f1
23877e8ae4b970a07646572327178746f745eddc385ab78263c6a615fb1c9d37
241ced7f220982f5679a64cc6db34ed42cd21274508cc5814616d9efe374afde
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
301bcb25657d1861897a7d64f5b59ff936a501edd4c19018159c6a18c32b18e0
341ea0c52076df56f123865215c44ef6974248856a7cb4a4cc7895762fa5ff48
47604965129b76c210cbca0993bce3965a85330fc257684ab4467a9db8ba1122
4be78114d14a7e22dd347d87bc07f4da9d21d65c72be48f7d30a95c1fe9a0819
53f7652a62fed9cf41c8c2d43086c826d8876f6e3d68a3a3886c743db1e27b6a
5b88d026f8a5044d62789fbd25dab3ca357605ab3d21d06f8e6fa19de5329c9e
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
5df357307637bb2c5788853d5d7a8407a08e8591e2e98bb82f0486e39e172483
61270cb067d02d6809a3f1898617fdcafd9a1c2a5a99eafa71741e5914c07bb9
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
6d22e660ead72f14b0aa8e3dfc8de1da35f17e3559b489e00692f15f50faa1a6
6ecb8fbc3fe46ca1422275ab0a35aac79a88e7127960eb6a2864af3fb9f1a62d
743c4b93ab02f0ece15aa8bdb1f7b5d57e1753fe5ef6d320612ee0888e1196c6
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108
978da7aac37e4a3e1aa9a279c0bb42311673eb251f4b17b2b46152e5706b9e25
98fcf87c9a19852755de5507bec2912fe4f17ea034cec7151202190eea685def
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a1813612f2ad011d30dd44f6da154cbd590c303af9641c1a36c181d9c02a5ba4
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
c17e20477be085291bf0fa1706cb18959fd1468050312974c615f1b4f1bd6cdf
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03
de1805522e8bde4516893684590f431b5bc8716638f3b9cdbf4e987767e61a65
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a40a6653da432ebff435c3cbf3140d803ed6a9425d8588acc0dfa71f899861
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f396e28cfa044c224ebc764258e95077af826ca3dcb1513780a7a395223b48d6