canadasbestsummerjob.hipcamp.com Open in urlscan Pro
104.26.9.61 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://stats.thewishsendonline.com/ls/click?upn=r8UcO0IvPjCVUW4KgfxG94batGLcWBpTh29EPN4WD6-2FQx8fWgEKGGUAukUYd04svRBlTN9L5ozlVg7Ff7...
Effective URL:
https://canadasbestsummerjob.hipcamp.com/entries/195903509
Submission: On July 14 via manual (July 14th 2021, 3:45:10 pm UTC) from CA

Summary HTTP 75 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 26 IPs in 3 countries across 21 domains to perform 75 HTTP transactions. The main IP is 104.26.9.61, located in United States and belongs to CLOUDFLARENET, US. The main domain is canadasbestsummerjob.hipcamp.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 23rd 2020. Valid for: a year.

This is the only time canadasbestsummerjob.hipcamp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.115.120 167.89.115.120	11377 (SENDGRID) (SENDGRID)
1 12	3.231.231.140 3.231.231.140	14618 (AMAZON-AES) (AMAZON-AES)
2 7	104.26.9.61 104.26.9.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5f41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	52.222.161.37 52.222.161.37	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.118 143.204.98.118	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:3::485 2a04:4e42:3::485	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:54::84 2a04:4e42:54::84	54113 (FASTLY) (FASTLY)
11	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
2	52.216.140.174 52.216.140.174	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	13.224.89.100 13.224.89.100	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2016	15169 (GOOGLE) (GOOGLE)
1	199.232.80.84 199.232.80.84	54113 (FASTLY) (FASTLY)
75	26

1 167.89.115.120 (Herndon, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789115x120.outbound-mail.sendgrid.net

stats.thewishsendonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 3.231.231.140 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

www.wishpond.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.26.9.61 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

canadasbestsummerjob.hipcamp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.222.161.37 (United States)

ASN16509 (AMAZON-02, US)

d30itml3t0pwpf.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-118.fra50.r.cloudfront.net

cdn.wishpond.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

themes.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:54::84 (United States)

ASN54113 (FASTLY, US)

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.140.174 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.89.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-89-100.zrh50.r.cloudfront.net

dr1kl8glf25wj.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.80.84 (Marseille, France)

ASN54113 (FASTLY, US)

log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	wishpond.com 1 redirects www.wishpond.com	31 KB
11	youtube.com www.youtube.com	702 KB
9	cloudfront.net d30itml3t0pwpf.cloudfront.net dr1kl8glf25wj.cloudfront.net	362 KB
7	hipcamp.com 2 redirects canadasbestsummerjob.hipcamp.com	13 KB
6	twitter.com platform.twitter.com syndication.twitter.com	148 KB
4	facebook.com www.facebook.com	13 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	165 KB
4	facebook.net connect.facebook.net	140 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net static.doubleclick.net	929 B
3	pinterest.com assets.pinterest.com log.pinterest.com	19 KB
3	google.com apis.google.com www.google.com	14 KB
2	fbcdn.net static.xx.fbcdn.net	135 KB
2	amazonaws.com s3.amazonaws.com	4 MB
2	googleapis.com fonts.googleapis.com	1 KB
2	cloudflareinsights.com static.cloudflareinsights.com	10 KB
1	ytimg.com i.ytimg.com	35 KB
1	ggpht.com yt3.ggpht.com	4 KB
1	googleusercontent.com themes.googleusercontent.com	15 KB
1	jsdelivr.net cdn.jsdelivr.net	36 KB
1	wishpond.net cdn.wishpond.net	40 KB
1	thewishsendonline.com 1 redirects stats.thewishsendonline.com	285 B
75	21

	Domain	Requested by
12	www.wishpond.com	1 redirects canadasbestsummerjob.hipcamp.com cdn.wishpond.net d30itml3t0pwpf.cloudfront.net cdn.jsdelivr.net
11	www.youtube.com	d30itml3t0pwpf.cloudfront.net www.youtube.com cdn.jsdelivr.net
7	d30itml3t0pwpf.cloudfront.net	canadasbestsummerjob.hipcamp.com www.wishpond.com d30itml3t0pwpf.cloudfront.net
7	canadasbestsummerjob.hipcamp.com	2 redirects canadasbestsummerjob.hipcamp.com static.cloudflareinsights.com
4	www.facebook.com	connect.facebook.net
4	platform.twitter.com	d30itml3t0pwpf.cloudfront.net platform.twitter.com
4	connect.facebook.net	d30itml3t0pwpf.cloudfront.net connect.facebook.net www.wishpond.com
2	static.xx.fbcdn.net	www.facebook.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	dr1kl8glf25wj.cloudfront.net	canadasbestsummerjob.hipcamp.com
2	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
2	s3.amazonaws.com
2	syndication.twitter.com	platform.twitter.com
2	www.gstatic.com	www.google.com www.youtube.com
2	www.google.com	d30itml3t0pwpf.cloudfront.net www.youtube.com
2	assets.pinterest.com	d30itml3t0pwpf.cloudfront.net assets.pinterest.com
2	fonts.googleapis.com	d30itml3t0pwpf.cloudfront.net
2	static.cloudflareinsights.com	canadasbestsummerjob.hipcamp.com
1	log.pinterest.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	apis.google.com	d30itml3t0pwpf.cloudfront.net
1	themes.googleusercontent.com	d30itml3t0pwpf.cloudfront.net
1	cdn.jsdelivr.net	canadasbestsummerjob.hipcamp.com
1	cdn.wishpond.net	canadasbestsummerjob.hipcamp.com
1	stats.thewishsendonline.com	1 redirects
75	27

This site contains links to these domains. Also see Links.

Domain
hipcamp.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-23` - `2021-10-22`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
cdn.wishpond.net Amazon	`2020-11-19` - `2021-12-18`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
wishpond.com Amazon	`2021-04-08` - `2022-05-07`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2020-07-16` - `2021-08-04`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://canadasbestsummerjob.hipcamp.com/entries/195903509
Frame ID: 9ECB0E015859BFF746D94C9C62EDCCCF
Requests: 43 HTTP requests in this frame

Frame: https://www.wishpond.com/fblp/2631691/count_me_in_iframe
Frame ID: 67622150BF898D5426FFC8749D68066C
Requests: 5 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fcanadasbestsummerjob.hipcamp.com
Frame ID: 421AF410BEECEB2DDB317F2119C2062B
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/embed/fb-PJu3odhw?rel=0
Frame ID: CB683D24FD1D7B7C82C047530A4A31ED
Requests: 17 HTTP requests in this frame

Frame: https://www.facebook.com/v7.0/plugins/share_button.php?app_id=1432768656951037&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfff77dc3e40b88%26domain%3Dcanadasbestsummerjob.hipcamp.com%26origin%3Dhttps%253A%252F%252Fcanadasbestsummerjob.hipcamp.com%252Ff14f0a18dde4578%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fcanadasbestsummerjob.hipcamp.com%2Fentries%2F195903509%2Freference&layout=button&locale=en_US&sdk=joey
Frame ID: E22C6A5B7CFAE8F046E04CD393DE03BC
Requests: 4 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.06c6ee58c3810956b7509218508c7b56.en.html
Frame ID: 49361E95B91FD58F5645863F553E5D05
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://stats.thewishsendonline.com/ls/click?upn=r8UcO0IvPjCVUW4KgfxG94batGLcWBpTh29EPN4WD6-2FQx8fWgEKGGUAukUYd0... HTTP 302
https://www.wishpond.com/confirmation_tokens/19819697?auth=Etzt4nmKb1aohVDBpQYeAA HTTP 302
http://canadasbestsummerjob.hipcamp.com/entries/195903509/reference HTTP 301
https://canadasbestsummerjob.hipcamp.com/entries/195903509/reference Page URL
http://canadasbestsummerjob.hipcamp.com/entries/195903509 HTTP 301
https://canadasbestsummerjob.hipcamp.com/entries/195903509 Page URL

Detected technologies

Ruby (Programming Languages) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /apis\.google\.com\/js\/[a-z]*\.js/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

script /\/recaptcha\/api\.js/i

Page Statistics

75
Requests

100 %
HTTPS

65 %
IPv6

21
Domains

27
Subdomains

26
IPs

3
Countries

6134 kB
Transfer

10465 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://hipcamp.com/en-CA/?utm_source=wishpond&utm_medium=lp&utm_campaign=c1

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://stats.thewishsendonline.com/ls/click?upn=r8UcO0IvPjCVUW4KgfxG94batGLcWBpTh29EPN4WD6-2FQx8fWgEKGGUAukUYd04svRBlTN9L5ozlVg7Ff7ukjy-2FC3SxGvJFUkkfAosQgsnfotzKrcU-2FJ2OwEN2Y1DZoLIv96M_i7rFhSLeoYlED72b9KBDG2TNPGEJVECh7fNdQ5Khw8FJCfvjrtPzZWy9LCvfagczEdry-2FcRwJo5swTyQs7ZTtxxDBKKKp2VV-2B9bX9LI0RYcHCRqfk90P0JiHNmJSsnHbzfPAMt49PjalDq-2BF8YZsnaVTef3FucyG5Si8K4Jqzi7xod3udnLX2PhsmMUrrmMw3w49X5SY5IHXuSZXDmmSxg-3D-3D HTTP 302
https://www.wishpond.com/confirmation_tokens/19819697?auth=Etzt4nmKb1aohVDBpQYeAA HTTP 302
http://canadasbestsummerjob.hipcamp.com/entries/195903509/reference HTTP 301
https://canadasbestsummerjob.hipcamp.com/entries/195903509/reference Page URL
http://canadasbestsummerjob.hipcamp.com/entries/195903509 HTTP 301
https://canadasbestsummerjob.hipcamp.com/entries/195903509 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://stats.thewishsendonline.com/ls/click?upn=r8UcO0IvPjCVUW4KgfxG94batGLcWBpTh29EPN4WD6-2FQx8fWgEKGGUAukUYd04svRBlTN9L5ozlVg7Ff7ukjy-2FC3SxGvJFUkkfAosQgsnfotzKrcU-2FJ2OwEN2Y1DZoLIv96M_i7rFhSLeoYlED72b9KBDG2TNPGEJVECh7fNdQ5Khw8FJCfvjrtPzZWy9LCvfagczEdry-2FcRwJo5swTyQs7ZTtxxDBKKKp2VV-2B9bX9LI0RYcHCRqfk90P0JiHNmJSsnHbzfPAMt49PjalDq-2BF8YZsnaVTef3FucyG5Si8K4Jqzi7xod3udnLX2PhsmMUrrmMw3w49X5SY5IHXuSZXDmmSxg-3D-3D HTTP 302
https://www.wishpond.com/confirmation_tokens/19819697?auth=Etzt4nmKb1aohVDBpQYeAA HTTP 302
http://canadasbestsummerjob.hipcamp.com/entries/195903509/reference HTTP 301
https://canadasbestsummerjob.hipcamp.com/entries/195903509/reference

Request Chain 61

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

75 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

reference
canadasbestsummerjob.hipcamp.com/entries/195903509/
Redirect Chain

http://stats.thewishsendonline.com/ls/click?upn=r8UcO0IvPjCVUW4KgfxG94batGLcWBpTh29EPN4WD6-2FQx8fWgEKGGUAukUYd04svRBlTN9L5ozlVg7Ff7ukjy-2FC3SxGvJFUkkfAosQgsnfotzKrcU-2FJ2OwEN2Y1DZoLIv96M_i7rFhSLeoY...
https://www.wishpond.com/confirmation_tokens/19819697?auth=Etzt4nmKb1aohVDBpQYeAA
http://canadasbestsummerjob.hipcamp.com/entries/195903509/reference
https://canadasbestsummerjob.hipcamp.com/entries/195903509/reference

3 KB
2 KB

519ms
433ms

Document
text/html

104.26.9.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://canadasbestsummerjob.hipcamp.com/entries/195903509/reference
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: canadasbestsummerjob.hipcamp.com
:scheme: https
:path: /entries/195903509/reference
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:44:49 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
p3p: CP="NON"
content-language: en-US
set-cookie: XSRF-TOKEN=ljtpdgaZGcQcBgmYeLC1PJDC%2FNARjVtehzAiQPvWzrQ%3D; path=/; secure; SameSite=Strict wishpond=a2711198e28a8c1569632375864e2ce0; path=/; expires=Thu, 15 Jul 2021 15:44:49 -0000; secure; HttpOnly; SameSite=Lax
x-request-id: 4a847542-d0e3-4116-944f-95382c6eea99
x-runtime: 0.038874
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rgbSiQY%2FZZNRKTUUSfulsgvgBk7WD%2BWFfbAerj%2BKN2RsCqpizwoX8bkWsEr8rhhJe%2Fiimw%2BDgmc%2Fip2kH8yDCOyAFf5IkpqQjOUmbJ1yyDeLq%2F77mUNR2rqyiJ%2B%2FUudP0G0cUFGfKZT3SlPfgMPSdEU%2F"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 66ebdfe078bf0722-LHR
content-encoding: br

Redirect headers

Date: Wed, 14 Jul 2021 15:44:48 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://canadasbestsummerjob.hipcamp.com/entries/195903509/reference
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0I8nwrX1Ma%2Fh79KpgWSSPW5EKWtgh6Cx5B6wxGu8g6%2BIqYCzZWh2egS3m2EdutXF1aoIjee8cochjtbZqqnzeNi50ggTP%2BE7brQmRzXmUTcAA8nuApi%2FBeoCG5%2BVIRFCNkAvs0AexiR0zkrJxfw3fzS1"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 66ebdfde39a94245-LHR

GET
H2 200 beacon.min.js
static.cloudflareinsights.com/ 13 KB
5 KB 37ms
16ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: canadasbestsummerjob.hipcamp.com
URL: https://canadasbestsummerjob.hipcamp.com/entries/195903509/reference
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://canadasbestsummerjob.hipcamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:44:49 GMT
content-encoding: gzip
last-modified: Fri, 28 May 2021 17:24:20 GMT
server: cloudflare
etag: W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 66ebdfe34cb64dca-FRA

GET
H2

200

Primary Request 195903509 Show response
canadasbestsummerjob.hipcamp.com/entries/
Redirect Chain

http://canadasbestsummerjob.hipcamp.com/entries/195903509
https://canadasbestsummerjob.hipcamp.com/entries/195903509

7 KB
3 KB

433ms
432ms

Document
text/html

104.26.9.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://canadasbestsummerjob.hipcamp.com/entries/195903509
Requested by: Host: canadasbestsummerjob.hipcamp.com
URL: https://canadasbestsummerjob.hipcamp.com/entries/195903509/reference
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5682a84c47851f53990a45b7989ee70006b2e5cea21fb2e765bb49a9f99c519e

Request headers

:method: GET
:authority: canadasbestsummerjob.hipcamp.com
:scheme: https
:path: /entries/195903509
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: XSRF-TOKEN=ljtpdgaZGcQcBgmYeLC1PJDC%2FNARjVtehzAiQPvWzrQ%3D; wishpond=a2711198e28a8c1569632375864e2ce0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://canadasbestsummerjob.hipcamp.com/entries/195903509/reference

Response headers

date: Wed, 14 Jul 2021 15:44:49 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
p3p: CP="NON"
content-language: en-US
set-cookie: wishpond=a2711198e28a8c1569632375864e2ce0; path=/; expires=Thu, 15 Jul 2021 15:44:49 -0000; secure; HttpOnly; SameSite=Lax
x-request-id: 812f5cce-087d-42da-b1b5-1397a1288480
x-runtime: 0.033840
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qm2xPkoDeSjAtb3dbAeXkmkirqPLV54hSF9uwhuUtUJ%2FvaF6cqXDPVgCzFPAz49EbMxsh513oTIuED4jB5hVB%2BRcab7J9p7SzJ1mXXYt9qZE4U11mby1SW6Fm8rjzd%2FvF%2Bh2irNSKvoPfKG0xT7ozPWx"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 66ebdfe4996f0722-LHR
content-encoding: br

Redirect headers

Date: Wed, 14 Jul 2021 15:44:49 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://canadasbestsummerjob.hipcamp.com/entries/195903509
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HRK%2FzoKI%2Bbs6QjjLhfkIJ5bZ3KQLZ3LdHl2qsEmatZ%2BKv7LADTY%2FhVeftOBZIIBoZEOctCOuNFHSUQ3qEzFG%2BHxknk469DhKF5w2R62AHLUjYWymtMR%2Fo3OLcD%2BWiLmGsfzavKYQZRC2Tq2e1m%2F9YqJp"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 66ebdfe33b2e4245-LHR

GET
H/1.1 200
OK pages_v1_vendor-a7373dd7bec7201c70eb0fb2b430f9ceddd782722dbb5a3620b4c22fef18ae6d.css
d30itml3t0pwpf.cloudfront.net/assets/ 290 KB
40 KB 61ms
15ms Stylesheet
text/css 52.222.161.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d30itml3t0pwpf.cloudfront.net/assets/pages_v1_vendor-a7373dd7bec7201c70eb0fb2b430f9ceddd782722dbb5a3620b4c22fef18ae6d.css
Requested by: Host: canadasbestsummerjob.hipcamp.com
URL: https://canadasbestsummerjob.hipcamp.com/entries/195903509
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.161.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: 4611a7cea90e4987c0f07d431757c02776215308e3165147195834f5da3af262

Request headers

Referer: https://canadasbestsummerjob.hipcamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 20:16:03 GMT
Content-Encoding: gzip
Age: 3612526
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 39962
Access-Control-Allow-Origin: *
Last-Modified: Wed, 02 Jun 2021 19:40:59 GMT
Server: nginx/1.17.5
ETag: "60b7decb-9c1a"
Vary: Accept-Encoding
Content-Type: text/css
Via: 1.1 cf82d48fdf484813132bbd9c90904672.cloudfront.net (CloudFront)
Cache-Control: public, max-age=315360000
X-Amz-Cf-Pop: CDG52-P2
X-Amz-Cf-Id: bMTatXT-z-ZbFCZsLxdoulvXhzbJJO3blu0k_Nk-SaxOO1WefFUbrQ==

GET
H/1.1 200
OK pages_v1-dbee2dc2e0e1408af0a15e82f61b135925c67dab0663d5e6f8f59092fe03095f.css
d30itml3t0pwpf.cloudfront.net/assets/ 45 KB
10 KB 61ms
15ms Stylesheet
text/css 52.222.161.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d30itml3t0pwpf.cloudfront.net/assets/pages_v1-dbee2dc2e0e1408af0a15e82f61b135925c67dab0663d5e6f8f59092fe03095f.css
Requested by: Host: canadasbestsummerjob.hipcamp.com
URL: https://canadasbestsummerjob.hipcamp.com/entries/195903509
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.161.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: dbee2dc2e0e1408af0a15e82f61b135925c67dab0663d5e6f8f59092fe03095f

Request headers

Referer: https://canadasbestsummerjob.hipcamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 20:50:16 GMT
Content-Encoding: gzip
Age: 6720873
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 9561
Access-Control-Allow-Origin: *
Last-Modified: Thu, 22 Apr 2021 19:02:26 GMT
Server: nginx/1.17.5
ETag: "6081c842-2559"
Vary: Accept-Encoding
Content-Type: text/css
Via: 1.1 0335d8a6e5dbedaa3f85a6ff68c7805a.cloudfront.net (CloudFront)
Cache-Control: public, max-age=315360000
X-Amz-Cf-Pop: CDG52-P2
X-Amz-Cf-Id: oQOvdZL6HS3M723jbxlAKE-ZILGIT2Wtr_gWp_2V1VGdbAYo29X-JQ==

GET
H2 200 connect.js Show response
cdn.wishpond.net/ 157 KB
40 KB 119ms
46ms Script
application/javascript 143.204.98.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.wishpond.net/connect.js?merchantId=1555351&socialCampaignId=2631691&writeKey=a259f2b8dc2b
Requested by: Host: canadasbestsummerjob.hipcamp.com
URL: https://canadasbestsummerjob.hipcamp.com/entries/195903509
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-118.fra50.r.cloudfront.net
Software: nginx/1.17.5 /
Resource Hash: 6e07e34bbd68097186902a70c18447371bfaa2be1338b6b4be90adbe3fc134fc

Request headers

Referer: https://canadasbestsummerjob.hipcamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 02:48:02 GMT
content-encoding: gzip
last-modified: Mon, 05 Jul 2021 16:18:59 GMT
server: nginx/1.17.5
age: 565007
etag: W/"60e330f3-272c9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
cache-control: public, stale-if-error, max-age=3600, s-max-age=172800
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: SX3sg-JHeyv61bE5tskBhdJZUig7OqSKNOWMZv2X7wfqUq7E75Xd0A==

GET
H/1.1 200
OK default-video-contest-f0c7fd3e324adb092b260433f4376720014bbb572fc4c98a6cde055ab6521666.js Show response
d30itml3t0pwpf.cloudfront.net/assets/pages/v1/templates/library/pages/ 2 KB
1 KB 60ms
16ms Script
application/javascript 52.222.161.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d30itml3t0pwpf.cloudfront.net/assets/pages/v1/templates/library/pages/default-video-contest-f0c7fd3e324adb092b260433f4376720014bbb572fc4c98a6cde055ab6521666.js
Requested by: Host: canadasbestsummerjob.hipcamp.com
URL: https://canadasbestsummerjob.hipcamp.com/entries/195903509
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.161.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: f0c7fd3e324adb092b260433f4376720014bbb572fc4c98a6cde055ab6521666

Request headers

Referer: https://canadasbestsummerjob.hipcamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 26 Jan 2021 00:56:10 GMT
Content-Encoding: gzip
Age: 14654919
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 533
Access-Control-Allow-Origin: *
Last-Modified: Mon, 25 Jan 2021 21:57:32 GMT
Server: nginx/1.17.5
ETag: "600f3ecc-215"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 6d9deb1205ec9ca2bc82978513689e3f.cloudfront.net (CloudFront)
Cache-Control: public, max-age=315360000
X-Amz-Cf-Pop: CDG52-P2
X-Amz-Cf-Id: EvIy2w1cnwzz0OC_3r9FWPqdlxc2gw21APmxb_kEcWCMCx2iHgOFNg==

GET
H2 200 jquery-1.10.2.min.js Show response
cdn.jsdelivr.net/jquery/1.10.2/ 130 KB
36 KB 243ms
229ms Script
application/javascript 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/jquery/1.10.2/jquery-1.10.2.min.js

Requested by

Host: canadasbestsummerjob.hipcamp.com
URL: https://canadasbestsummerjob.hipcamp.com/entries/195903509

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

939eaf0cb931e2598e6d7f726e3dc2fa0326309ca5302182fb25e2a5842197eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://canadasbestsummerjob.hipcamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 352268
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 36967
etag: W/"2077a-8pMSgiWcy7N207HSps9EyTKdhUA"
x-served-by: cache-fra19146-FRA
date: Wed, 14 Jul 2021 15:44:50 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK pages_v1_vendor-9ff7e8a09170c692a00ecd6880f8ff449252470cf65ee51e9dd395fed5cda108.js Show response
d30itml3t0pwpf.cloudfront.net/assets/ 317 KB
104 KB 59ms
15ms Script
application/javascript 52.222.161.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d30itml3t0pwpf.cloudfront.net/assets/pages_v1_vendor-9ff7e8a09170c692a00ecd6880f8ff449252470cf65ee51e9dd395fed5cda108.js
Requested by: Host: canadasbestsummerjob.hipcamp.com
URL: https://canadasbestsummerjob.hipcamp.com/entries/195903509
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.161.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: 9ff7e8a09170c692a00ecd6880f8ff449252470cf65ee51e9dd395fed5cda108

Request headers

Referer: https://canadasbestsummerjob.hipcamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 01:11:20 GMT
Content-Encoding: gzip
Age: 7569209
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 105528
Access-Control-Allow-Origin: *
Last-Modified: Tue, 13 Apr 2021 15:59:11 GMT
Server: nginx/1.17.5
ETag: "6075bfcf-19c38"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 127aaaaca740f298a4c887357ec047b5.cloudfront.net (CloudFront)
Cache-Control: public, max-age=315360000
X-Amz-Cf-Pop: CDG52-P2
X-Amz-Cf-Id: l1FRhRt511RWjCMj98bhvmLvDukiKELYHnTGd3VVz-BfbL8ihJ3k0w==

GET
H/1.1 200
OK pages_v1-7b001167d76ddcfd9c4ac077e194072feb1c70542216ec86c9c06f23c05382cc.js Show response
d30itml3t0pwpf.cloudfront.net/assets/ 465 KB
82 KB 57ms
15ms Script
application/javascript 52.222.161.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d30itml3t0pwpf.cloudfront.net/assets/pages_v1-7b001167d76ddcfd9c4ac077e194072feb1c70542216ec86c9c06f23c05382cc.js
Requested by: Host: canadasbestsummerjob.hipcamp.com
URL: https://canadasbestsummerjob.hipcamp.com/entries/195903509
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.161.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: 7b001167d76ddcfd9c4ac077e194072feb1c70542216ec86c9c06f23c05382cc

Request headers

Referer: https://canadasbestsummerjob.hipcamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 20:23:20 GMT
Content-Encoding: gzip
Age: 5944889
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 83038
Access-Control-Allow-Origin: *
Last-Modified: Thu, 06 May 2021 19:39:29 GMT
Server: nginx/1.17.5
ETag: "609445f1-1445e"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 0335d8a6e5dbedaa3f85a6ff68c7805a.cloudfront.net (CloudFront)
Cache-Control: public, max-age=315360000
X-Amz-Cf-Pop: CDG52-P2
X-Amz-Cf-Id: 3ulivSq98cxiHmIfPyV4118vXomiLObTYAcZSbV7GPaOm2UuULHMtg==

GET
H2 200 en.js Show response
www.wishpond.com/javascripts/i18n/ng/ 40 KB
13 KB 101ms
101ms Script
application/javascript 3.231.231.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wishpond.com/javascripts/i18n/ng/en.js
Requested by: Host: canadasbestsummerjob.hipcamp.com
URL: https://canadasbestsummerjob.hipcamp.com/entries/195903509
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.231.231.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: d75756dbd8323c01b73e21633cc550ecfd558a3549a909f535cb9d5104de9478

Request headers

Referer: https://canadasbestsummerjob.hipcamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:44:49 GMT
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 22:02:33 GMT
server: nginx/1.17.5
etag: "60ecbbf9-3310"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600, public
content-length: 13072
expires: Wed, 14 Jul 2021 16:44:49 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 13 KB
5 KB 20ms
16ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: canadasbestsummerjob.hipcamp.com
URL: https://canadasbestsummerjob.hipcamp.com/entries/195903509
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer: https://canadasbestsummerjob.hipcamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:44:49 GMT
content-encoding: gzip
last-modified: Fri, 28 May 2021 17:24:20 GMT
server: cloudflare
etag: W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 66ebdfe848ad4dca-FRA

GET
H2 200 css
fonts.googleapis.com/ 6 KB
757 B 25ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300,600

Requested by

Host: d30itml3t0pwpf.cloudfront.net
URL: https://d30itml3t0pwpf.cloudfront.net/assets/pages_v1_vendor-a7373dd7bec7201c70eb0fb2b430f9ceddd782722dbb5a3620b4c22fef18ae6d.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cfcb0ec300dea884d31445998d9e2893ba8e42fbe8673d9e04dd0eb8ab2d4ce9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://d30itml3t0pwpf.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Jul 2021 15:31:01 GMT
server: ESF
date: Wed, 14 Jul 2021 15:44:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Jul 2021 15:44:49 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
616 B 18ms
14ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald

Requested by

Host: d30itml3t0pwpf.cloudfront.net
URL: https://d30itml3t0pwpf.cloudfront.net/assets/pages_v1_vendor-a7373dd7bec7201c70eb0fb2b430f9ceddd782722dbb5a3620b4c22fef18ae6d.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e12dfaae532b449b71117f29ad43f92b3b87c19509a9b16f91115fd4e07903b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://d30itml3t0pwpf.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Jul 2021 14:39:57 GMT
server: ESF
date: Wed, 14 Jul 2021 15:44:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Jul 2021 15:44:49 GMT

GET
H2 200 count_me_in_iframe Show response
www.wishpond.com/fblp/2631691/ Frame 6762 2 KB
2 KB 123ms
121ms Document
text/html 3.231.231.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wishpond.com/fblp/2631691/count_me_in_iframe

Requested by

Host: canadasbestsummerjob.hipcamp.com
URL: https://canadasbestsummerjob.hipcamp.com/entries/195903509

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.231.231.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

10f5b54af5dfcf7ce41a402e09434751a1991468d562ca992b83dcb73e51b312

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

:method: GET
:authority: www.wishpond.com
:scheme: https
:path: /fblp/2631691/count_me_in_iframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://canadasbestsummerjob.hipcamp.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://canadasbestsummerjob.hipcamp.com/

Response headers

date: Wed, 14 Jul 2021 15:44:50 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.5
vary: Accept-Encoding
strict-transport-security: max-age=300
p3p: CP="NON"
content-language: en-US
set-cookie: XSRF-TOKEN=c4ng7GAZwPDLBap6xlxxK%2F2R7XvbdLUCj1vhVSgoVSI%3D; path=/; secure; SameSite=Strict wishpond=ab08fc5d46cf986cc0d9b6a627aa8fa9; path=/; expires=Thu, 15 Jul 2021 15:44:50 -0000; secure; HttpOnly; SameSite=Lax
x-request-id: cf02a593-6cf8-44d9-ab00-d33222c567fd
x-runtime: 0.023327
content-encoding: gzip

OPTIONS
H2 200 popups.json
www.wishpond.com/ Frame 0
0 403ms
193ms Preflight
text/plain 3.231.231.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wishpond.com/popups.json?merchant_id=1555351&url=https%3A%2F%2Fcanadasbestsummerjob.hipcamp.com%2Fentries%2F195903509&social_campaign_id=2631691

Protocol

Server

3.231.231.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-requested-with
Origin: https://canadasbestsummerjob.hipcamp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 14 Jul 2021 15:44:50 GMT
content-type: text/plain
server: nginx/1.17.5
vary: Accept-Encoding
strict-transport-security: max-age=300
access-control-allow-origin: https://canadasbestsummerjob.hipcamp.com
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-expose-headers
access-control-max-age: 600
access-control-allow-credentials: true
access-control-allow-headers: x-requested-with
x-request-id: 72471cd1-1a12-498c-90da-aee5e4318a39
x-runtime: 0.000568
x-download-options: noopen
content-encoding: gzip

GET
H2 200 popups.json Show response
www.wishpond.com/ 13 B
1 KB 116ms
115ms XHR
application/json 3.231.231.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wishpond.com/popups.json?merchant_id=1555351&url=https%3A%2F%2Fcanadasbestsummerjob.hipcamp.com%2Fentries%2F195903509&social_campaign_id=2631691

Requested by

Host: cdn.wishpond.net
URL: https://cdn.wishpond.net/connect.js?merchantId=1555351&socialCampaignId=2631691&writeKey=a259f2b8dc2b

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.231.231.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self'; child-src 'self'; connect-src wss: *.wishpond.com; font-src 'self' data: https:; frame-ancestors 'self'; frame-src 'self' cdn.wishpond.net evergenius-webframes.wishpond.com; img-src 'self' blob: data: https:; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: d30itml3t0pwpf.cloudfront.net cdn.wishpond.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' https:; worker-src 'self'
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://canadasbestsummerjob.hipcamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

date: Wed, 14 Jul 2021 15:44:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NON"
strict-transport-security: max-age=300
vary: Accept-Encoding, Origin
x-xss-protection: 1; mode=block
x-request-id: 4a6ef96b-9a1b-41ca-89bf-3b66822bbb41
x-runtime: 0.015811
server: nginx/1.17.5
x-frame-options: DENY
x-download-options: noopen
access-control-max-age: 600
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-language: en-US
access-control-allow-origin: https://canadasbestsummerjob.hipcamp.com
access-control-expose-headers
access-control-allow-credentials: true
content-security-policy: default-src 'self'; base-uri 'self'; child-src 'self'; connect-src wss: *.wishpond.com; font-src 'self' data: https:; frame-ancestors 'self'; frame-src 'self' cdn.wishpond.net evergenius-webframes.wishpond.com; img-src 'self' blob: data: https:; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: d30itml3t0pwpf.cloudfront.net cdn.wishpond.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' https:; worker-src 'self'
content-type: application/json; charset=utf-8

GET
H2 200 cJZKeOuBrn4kERxqtaUH3bO3LdcAZYWl9Si6vvxL-qU.woff
themes.googleusercontent.com/static/fonts/opensans/v8/ 14 KB
15 KB 33ms
8ms Font
font/woff 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://themes.googleusercontent.com/static/fonts/opensans/v8/cJZKeOuBrn4kERxqtaUH3bO3LdcAZYWl9Si6vvxL-qU.woff

Requested by

Host: d30itml3t0pwpf.cloudfront.net
URL: https://d30itml3t0pwpf.cloudfront.net/assets/pages_v1-dbee2dc2e0e1408af0a15e82f61b135925c67dab0663d5e6f8f59092fe03095f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d1f6a48c9933698d13bd598ba4800dec1192bf09ce9ca7abb490c88a9af5c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://canadasbestsummerjob.hipcamp.com
Referer: https://d30itml3t0pwpf.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 05:31:17 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 123213
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14604
x-xss-protection: 0
expires: Wed, 13 Jul 2022 05:31:17 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 26ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: d30itml3t0pwpf.cloudfront.net
URL: https://d30itml3t0pwpf.cloudfront.net/assets/pages_v1-7b001167d76ddcfd9c4ac077e194072feb1c70542216ec86c9c06f23c05382cc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8f0f1cfd04e23199ca8f6989e42130fe2b81d7ad0f84b38b0797ec279a2ff8b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://canadasbestsummerjob.hipcamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: LHqcqvhycfwRu8B34FKS3Q==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: 2X8IWLww62REIepFJcj10j0DsuBzijOW0M8LzGjNceA5IUsKA2fUW1pGLzVFxzOhbPLWwjEeXF1jUMbxqoZOtQ==
x-fb-trip-id: 686109401
x-fb-content-md5: 346de998332d851427327447c70379ed
x-frame-options: DENY
date: Wed, 14 Jul 2021 15:44:50 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "da25a626c3dcfc9ceb6ef3dc77bb1313"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 14 Jul 2021 15:49:50 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 39ms
9ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: d30itml3t0pwpf.cloudfront.net
URL: https://d30itml3t0pwpf.cloudfront.net/assets/pages_v1-7b001167d76ddcfd9c4ac077e194072feb1c70542216ec86c9c06f23c05382cc.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F3) /
Resource Hash: a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer: https://canadasbestsummerjob.hipcamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Jul 2021 15:44:50 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:57:32 GMT
Server: ECS (frb/67F3)
Age: 525
Etag: "9eb59e5602fef4b3ebf6090856ff21db+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28779

GET
H2 403 platform.js
apis.google.com/js/ 0
0 273ms
234ms Script
text/html 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://apis.google.com/js/platform.js
Requested by: Host: d30itml3t0pwpf.cloudfront.net
URL: https://d30itml3t0pwpf.cloudfront.net/assets/pages_v1-7b001167d76ddcfd9c4ac077e194072feb1c70542216ec86c9c06f23c05382cc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://canadasbestsummerjob.hipcamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 pinit.js Show response
assets.pinterest.com/js/ 361 B
431 B 114ms
29ms Script
application/javascript 2a04:4e42:54::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit.js
Requested by: Host: d30itml3t0pwpf.cloudfront.net
URL: https://d30itml3t0pwpf.cloudfront.net/assets/pages_v1-7b001167d76ddcfd9c4ac077e194072feb1c70542216ec86c9c06f23c05382cc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:54::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

Referer: https://canadasbestsummerjob.hipcamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:44:50 GMT
content-encoding: br
x-cdn: fastly
etag: "62d32c28f14783b94192cd8d35bc010d"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=300
content-length: 203
access-control-expose-headers: X-CDN

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
1 KB 78ms
40ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: d30itml3t0pwpf.cloudfront.net
URL: https://d30itml3t0pwpf.cloudfront.net/assets/pages_v1-7b001167d76ddcfd9c4ac077e194072feb1c70542216ec86c9c06f23c05382cc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

702cdb5078236684201d01e260d73c1dbb7facbae8dd2326c8fe3c499aaffd38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://canadasbestsummerjob.hipcamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:44:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control: private, max-age=0
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
content-type: text/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Wed, 14 Jul 2021 15:44:50 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 852 B
652 B 19ms
18ms Script
text/javascript 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit&hl=en_US

Requested by

Host: d30itml3t0pwpf.cloudfront.net
URL: https://d30itml3t0pwpf.cloudfront.net/assets/pages_v1-7b001167d76ddcfd9c4ac077e194072feb1c70542216ec86c9c06f23c05382cc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d32a946a16ed5d8edc6e2afbfcf6f19778b6bab351d619c5e6dff02248a2caa4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://canadasbestsummerjob.hipcamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:44:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 560
x-xss-protection: 1; mode=block
expires: Wed, 14 Jul 2021 15:44:50 GMT

OPTIONS
H2 200 timestamp
www.wishpond.com/api/pages_v1/ Frame 0
0 218ms
180ms Preflight
text/plain 3.231.231.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wishpond.com/api/pages_v1/timestamp

Protocol

Server

3.231.231.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cache-control,pragma
Origin: https://canadasbestsummerjob.hipcamp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 14 Jul 2021 15:44:50 GMT
content-type: text/plain
server: nginx/1.17.5
vary: Accept-Encoding
strict-transport-security: max-age=300
access-control-allow-origin: https://canadasbestsummerjob.hipcamp.com
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-expose-headers
access-control-max-age: 600
access-control-allow-credentials: true
access-control-allow-headers: cache-control,pragma
x-request-id: b67deb70-1811-438f-8978-13d8c8d87478
x-runtime: 0.000752
x-download-options: noopen
content-encoding: gzip

GET
H2 200 timestamp Show response
www.wishpond.com/api/pages_v1/ 28 B
715 B 129ms
129ms XHR
application/json 3.231.231.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wishpond.com/api/pages_v1/timestamp

Requested by

Host: d30itml3t0pwpf.cloudfront.net
URL: https://d30itml3t0pwpf.cloudfront.net/assets/pages_v1_vendor-9ff7e8a09170c692a00ecd6880f8ff449252470cf65ee51e9dd395fed5cda108.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.231.231.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

8f1f808713348c6c3975d174ace7b60e4e2fb5e49f71d330ab324353bdef0e02

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=300

Request headers

Pragma: no-cache
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Referer: https://canadasbestsummerjob.hipcamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:44:50 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
p3p: CP="NON"
strict-transport-security: max-age=300
x-request-id: a9b4d007-61a2-4f77-b1c5-1575bec96258
x-runtime: 0.024482
server: nginx/1.17.5
x-download-options: noopen
access-control-max-age: 600
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-language: en-US
access-control-allow-origin: https://canadasbestsummerjob.hipcamp.com
access-control-expose-headers
access-control-allow-credentials: true
content-security-policy: default-src 'none'
content-type: application/json; charset=utf-8

GET
H2 200 2631691 Show response
www.wishpond.com/api/pages_v1/social_campaigns/ 33 KB
10 KB 220ms
220ms XHR
application/json 3.231.231.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wishpond.com/api/pages_v1/social_campaigns/2631691?mode=showing

Requested by

Host: d30itml3t0pwpf.cloudfront.net
URL: https://d30itml3t0pwpf.cloudfront.net/assets/pages_v1_vendor-9ff7e8a09170c692a00ecd6880f8ff449252470cf65ee51e9dd395fed5cda108.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.231.231.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

3a236608258641326913c4819e56dc102a9a3faef780589fc00a2f2a14a6d7ef

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=300

Request headers

Pragma: no-cache
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Referer: https://canadasbestsummerjob.hipcamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:44:50 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
p3p: CP="NON"
strict-transport-security: max-age=300
x-request-id: fa132994-7b86-40e1-9371-a7f8d2438355
x-runtime: 0.115480
server: nginx/1.17.5
x-download-options: noopen
access-control-max-age: 600
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-language: en-US
access-control-allow-origin: https://canadasbestsummerjob.hipcamp.com
access-control-expose-headers
access-control-allow-credentials: true
content-security-policy: default-src 'none'
content-type: application/json; charset=utf-8

OPTIONS
H2 200 2631691
www.wishpond.com/api/pages_v1/social_campaigns/ Frame 0
0 210ms
179ms Preflight
text/plain 3.231.231.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wishpond.com/api/pages_v1/social_campaigns/2631691?mode=showing

Protocol

Server

3.231.231.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cache-control,pragma
Origin: https://canadasbestsummerjob.hipcamp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 14 Jul 2021 15:44:50 GMT
content-type: text/plain
server: nginx/1.17.5
vary: Accept-Encoding
strict-transport-security: max-age=300
access-control-allow-origin: https://canadasbestsummerjob.hipcamp.com
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-expose-headers
access-control-max-age: 600
access-control-allow-credentials: true
access-control-allow-headers: cache-control,pragma
x-request-id: 161507d7-6a98-432b-b7d5-84af753f0405
x-runtime: 0.000754
x-download-options: noopen
content-encoding: gzip

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ 341 KB
133 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&hl=en_US

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

839392b626a00e09ce3ec77706959d551de27cca63c559fcd4a6415aef3e722a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://canadasbestsummerjob.hipcamp.com
Referer: https://canadasbestsummerjob.hipcamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1906
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135961
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 04:05:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Jul 2022 15:13:04 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 234 KB
68 KB 25ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=c6ba68691a1d9cacb6b41c2b547fbaf8

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d7596eeea5e0336560adc0f514f4506d27c7d25547fca345c375fb0ccdfdd2d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://canadasbestsummerjob.hipcamp.com
Referer: https://canadasbestsummerjob.hipcamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: aVv/sN8TXUn5WtYuJaZQ7w==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 69342
x-fb-rlafr: 0
x-fb-debug: EvZBMRSffelY4IJSbJX7vvSWLwxi5Dq0tuO2vnbn6RExT8x6og5guARqG/8DaQ+n1nG/x4dMOTAXhOPZCNCqwQ==
x-fb-trip-id: 686109401
x-fb-content-md5: d8b23f92fa87c986fc1d18a351d15bf9
x-frame-options: DENY
date: Wed, 14 Jul 2021 15:44:50 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "d7d50d84f87796e748176ef10c0da8fd"
timing-allow-origin: *
expires: Thu, 14 Jul 2022 14:01:24 GMT

GET
H/1.1 200
OK widget_iframe.06c6ee58c3810956b7509218508c7b56.html Show response
platform.twitter.com/widgets/ Frame 421A 319 KB
103 KB 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fcanadasbestsummerjob.hipcamp.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BA) /
Resource Hash: 5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://canadasbestsummerjob.hipcamp.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://canadasbestsummerjob.hipcamp.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 155128
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 14 Jul 2021 15:44:50 GMT
Etag: "dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified: Wed, 28 Apr 2021 17:56:54 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67BA)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105298

GET
H/1.1 200
OK xd-ab63fb8f7ceedb658692fee72915b16c4a831f2c9bba9e54077377d52a0b0dc9.js Show response
d30itml3t0pwpf.cloudfront.net/assets/ Frame 6762 743 B
992 B 17ms
16ms Script
application/javascript 52.222.161.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d30itml3t0pwpf.cloudfront.net/assets/xd-ab63fb8f7ceedb658692fee72915b16c4a831f2c9bba9e54077377d52a0b0dc9.js
Requested by: Host: www.wishpond.com
URL: https://www.wishpond.com/fblp/2631691/count_me_in_iframe
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.161.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: ab63fb8f7ceedb658692fee72915b16c4a831f2c9bba9e54077377d52a0b0dc9

Request headers

Referer: https://www.wishpond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 18:26:01 GMT
Content-Encoding: gzip
Age: 6211129
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 432
Access-Control-Allow-Origin: *
Last-Modified: Thu, 22 Apr 2021 19:02:26 GMT
Server: nginx/1.17.5
ETag: "6081c842-1b0"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 127aaaaca740f298a4c887357ec047b5.cloudfront.net (CloudFront)
Cache-Control: public, max-age=315360000
X-Amz-Cf-Pop: CDG52-P2
X-Amz-Cf-Id: k4SmZZh1KRL3iJdslAQFAnT79W3nPQRcijMHL1dHbDmMTvvG8zDVZg==

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 6762 3 KB
2 KB 17ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.wishpond.com
URL: https://www.wishpond.com/fblp/2631691/count_me_in_iframe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8f0f1cfd04e23199ca8f6989e42130fe2b81d7ad0f84b38b0797ec279a2ff8b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.wishpond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: LHqcqvhycfwRu8B34FKS3Q==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: 2X8IWLww62REIepFJcj10j0DsuBzijOW0M8LzGjNceA5IUsKA2fUW1pGLzVFxzOhbPLWwjEeXF1jUMbxqoZOtQ==
x-fb-content-md5: 346de998332d851427327447c70379ed
x-frame-options: DENY
date: Wed, 14 Jul 2021 15:44:50 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "da25a626c3dcfc9ceb6ef3dc77bb1313"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 14 Jul 2021 15:49:50 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 41ms
27ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=1432768656951037&input_token&origin=1&redirect_uri=https%3A%2F%2Fcanadasbestsummerjob.hipcamp.com%2Fentries%2F195903509&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=c6ba68691a1d9cacb6b41c2b547fbaf8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://canadasbestsummerjob.hipcamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: n46hZtR8F+MMiOTPAWxG2j56GSQCrE7jCT6oTuWrNGNauwzAbATSobTFIgzXAZHG/M+PeRsdgrddonEHIe43TA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 14 Jul 2021 15:44:50 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://canadasbestsummerjob.hipcamp.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 421A 256 B
441 B 210ms
145ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=8eacec9e873e2f771dd93ba20e774e2930d7246e

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fcanadasbestsummerjob.hipcamp.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:44:50 GMT
content-encoding: gzip
last-modified: Wed, 14 Jul 2021 15:44:50 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: fb0f69db12b306dd16f43a307cd83907d722c7630a9dc33d35b6e2934eea2c11
content-length: 176

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 6762 234 KB
68 KB 15ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=c6ba68691a1d9cacb6b41c2b547fbaf8

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d7596eeea5e0336560adc0f514f4506d27c7d25547fca345c375fb0ccdfdd2d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.wishpond.com
Referer: https://www.wishpond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: aVv/sN8TXUn5WtYuJaZQ7w==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 69342
x-fb-rlafr: 0
x-fb-debug: EvZBMRSffelY4IJSbJX7vvSWLwxi5Dq0tuO2vnbn6RExT8x6og5guARqG/8DaQ+n1nG/x4dMOTAXhOPZCNCqwQ==
x-fb-content-md5: d8b23f92fa87c986fc1d18a351d15bf9
x-frame-options: DENY
date: Wed, 14 Jul 2021 15:44:50 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "d7d50d84f87796e748176ef10c0da8fd"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 14 Jul 2022 14:01:24 GMT

GET
H3-29 200 status
www.facebook.com/x/oauth/ Frame 6762 0
0 40ms
32ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2Fcanadasbestsummerjob.hipcamp.com&client_id=1432768656951037&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.wishpond.com%2Ffblp%2F2631691%2Fcount_me_in_iframe%23https%3A%2F%2Fcanadasbestsummerjob.hipcamp.com&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=c6ba68691a1d9cacb6b41c2b547fbaf8

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wishpond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: Z9pdJXN470eh3jRDCK/qXUagFc6mqwcOu+UGgoDUVI6sZidL6aBvBul81hzE0gRl/UN+giI5obe0K2NT785o6A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 14 Jul 2021 15:44:50 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wishpond.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/e5748921/www-widgetapi.vflset/ 125 KB
42 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5748921/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

112cfec40a19b0849a928eb52861fe1f04f516ec383a38f28086d25c9b3c62e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://canadasbestsummerjob.hipcamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:32:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 12 Jul 2021 00:16:35 GMT
server: sffe
age: 714
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42778
x-xss-protection: 0
expires: Thu, 14 Jul 2022 15:32:56 GMT

GET
H2 200 pinit_main.js Show response
assets.pinterest.com/js/ 68 KB
18 KB 33ms
33ms Script
application/javascript 2a04:4e42:54::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js?0.7720222654962388
Requested by: Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:54::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: eb51506c619bb5ea0d447dc5a08683c9b73ecbe1e65dce794674622cd2e56f58

Request headers

Referer: https://canadasbestsummerjob.hipcamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:44:50 GMT
content-encoding: br
x-cdn: fastly
etag: "2424d1362506bd5cb853b5162df0158b"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=300
content-length: 18804
access-control-expose-headers: X-CDN

POST
H2 200 rum Show response
canadasbestsummerjob.hipcamp.com/cdn-cgi/ 0
268 B 70ms
70ms XHR
text/plain 104.26.9.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://canadasbestsummerjob.hipcamp.com/cdn-cgi/rum?req_id=66ebdfe4996f0722

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.9.61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://canadasbestsummerjob.hipcamp.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
content-length: 7882
:path: /cdn-cgi/rum?req_id=66ebdfe4996f0722
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: canadasbestsummerjob.hipcamp.com
referer: https://canadasbestsummerjob.hipcamp.com/entries/195903509
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://canadasbestsummerjob.hipcamp.com/entries/195903509
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

date: Wed, 14 Jul 2021 15:44:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://canadasbestsummerjob.hipcamp.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 66ebdfeb68120722-LHR
vary: Origin

OPTIONS
H2 200 195903509
www.wishpond.com/api/pages_v1/social_campaigns/2631691/entries/ Frame 0
0 113ms
113ms Preflight
text/plain 3.231.231.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wishpond.com/api/pages_v1/social_campaigns/2631691/entries/195903509

Protocol

Server

3.231.231.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cache-control,pragma
Origin: https://canadasbestsummerjob.hipcamp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 14 Jul 2021 15:44:50 GMT
content-type: text/plain
server: nginx/1.17.5
vary: Accept-Encoding
strict-transport-security: max-age=300
access-control-allow-origin: https://canadasbestsummerjob.hipcamp.com
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-expose-headers
access-control-max-age: 600
access-control-allow-credentials: true
access-control-allow-headers: cache-control,pragma
x-request-id: ad06a5e7-5a15-4860-9b80-687b3b1ea69e
x-runtime: 0.001146
x-download-options: noopen
content-encoding: gzip

GET
H2 200 default-video-contest.css
www.wishpond.com/assets/landing_pages/library/pages/ 11 KB
3 KB 97ms
97ms Stylesheet
text/css 3.231.231.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wishpond.com/assets/landing_pages/library/pages/default-video-contest.css
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/jquery/1.10.2/jquery-1.10.2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.231.231.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: 1e24b4be86a7d463a4ba43a4295694948524caec798244df3bc5bd040c6287c8

Request headers

Referer: https://canadasbestsummerjob.hipcamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:44:50 GMT
content-encoding: gzip
last-modified: Mon, 03 May 2021 19:08:09 GMT
server: nginx/1.17.5
etag: "60904a19-9de"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
content-length: 2526

GET
H2 200 195903509 Show response
www.wishpond.com/api/pages_v1/social_campaigns/2631691/entries/ 1 KB
1 KB 137ms
137ms XHR
application/json 3.231.231.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wishpond.com/api/pages_v1/social_campaigns/2631691/entries/195903509

Requested by

Host: d30itml3t0pwpf.cloudfront.net
URL: https://d30itml3t0pwpf.cloudfront.net/assets/pages_v1_vendor-9ff7e8a09170c692a00ecd6880f8ff449252470cf65ee51e9dd395fed5cda108.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.231.231.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

5a0b9e6bdd0ab80a2890c8d7e74a2142def86310742033e453c83029fa90fea0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=300

Request headers

Pragma: no-cache
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Referer: https://canadasbestsummerjob.hipcamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:44:50 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
p3p: CP="NON"
strict-transport-security: max-age=300
x-request-id: db081f0e-0164-48a5-9f13-d79cceeda15c
x-runtime: 0.038047
server: nginx/1.17.5
x-download-options: noopen
access-control-max-age: 600
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-language: en-US
access-control-allow-origin: https://canadasbestsummerjob.hipcamp.com
access-control-expose-headers
access-control-allow-credentials: true
content-security-policy: default-src 'none'
content-type: application/json; charset=utf-8

GET
H/1.1 200
OK original.png
s3.amazonaws.com/media.wishpond.com/media/015/456/182/ 13 KB
13 KB 393ms
113ms Image
image/png 52.216.140.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/media.wishpond.com/media/015/456/182/original.png?1623174860
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.140.174 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9c3f98e27462b0c3bb25c6961893ea4488ccbfcc41d0bd3677e21ce10aa8de53

Request headers

Referer: https://canadasbestsummerjob.hipcamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Jul 2021 15:44:52 GMT
Last-Modified: Tue, 08 Jun 2021 17:54:22 GMT
Server: AmazonS3
x-amz-request-id: ES96GGW35JS8HC4X
ETag: "4bf3a5479bd29d9b3313681e5f79d705"
Content-Type: image/png
Content-Disposition: attachment; filename=Wordmark-DarkGreen.png
Accept-Ranges: bytes
Content-Length: 12953
x-amz-id-2: Dz2m32ktbUazJarg6uvf+1oJWWIkUiJn02yAeaAFq0WDlkF4MwfniPJTa/X/95xUdj1kJTA2zf4=

GET
H/1.1 200
OK original.png
s3.amazonaws.com/media.wishpond.com/media/015/454/498/ 4 MB
4 MB 410ms
124ms Image
image/png 52.216.140.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/media.wishpond.com/media/015/454/498/original.png?1623085710
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.140.174 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 56fcd950f1b4392d2d4eb9f34bb5b259e4bd2c5d3ae8f64d7edf521841332b11

Request headers

Referer: https://canadasbestsummerjob.hipcamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Jul 2021 15:44:52 GMT
Last-Modified: Mon, 07 Jun 2021 17:08:31 GMT
Server: AmazonS3
x-amz-request-id: ES98H9DB5SD1526A
ETag: "cba053b0ac5a4af7f35b347b022a5c93"
Content-Type: image/png
Content-Disposition: attachment; filename=Frame_12.png
Accept-Ranges: bytes
Content-Length: 4342386
x-amz-id-2: UqNUVPy4PDk0dJidpzZVSEbkfcKEFrUIWdxmJBN47ky49bbiYhMHNgwm//fxB0er0E6nymjbVmM=

GET
H/1.1 200
OK fontawesome-webfont-66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31.woff
d30itml3t0pwpf.cloudfront.net/assets/ 82 KB
82 KB 48ms
15ms Font
application/font-woff 52.222.161.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d30itml3t0pwpf.cloudfront.net/assets/fontawesome-webfont-66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31.woff?v=4.1.0
Requested by: Host: d30itml3t0pwpf.cloudfront.net
URL: https://d30itml3t0pwpf.cloudfront.net/assets/pages_v1_vendor-a7373dd7bec7201c70eb0fb2b430f9ceddd782722dbb5a3620b4c22fef18ae6d.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.161.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: 66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31

Request headers

Origin: https://canadasbestsummerjob.hipcamp.com
Referer: https://d30itml3t0pwpf.cloudfront.net/assets/pages_v1_vendor-a7373dd7bec7201c70eb0fb2b430f9ceddd782722dbb5a3620b4c22fef18ae6d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 06 Feb 2021 02:33:11 GMT
Via: 1.1 8b20ff9a1799265d378bf510ac3db6de.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 08 Jan 2019 18:17:46 GMT
Server: nginx/1.17.5
Age: 13698699
ETag: "5c34e94a-14730"
X-Cache: Hit from cloudfront
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Amz-Cf-Pop: CDG52-P2
Accept-Ranges: bytes
Content-Length: 83760
X-Amz-Cf-Id: Vt7m7QL6SiNfkT1kSZS-GmkSGERAP7-3WLW4wS3_G5OauqfuX2naxw==

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://canadasbestsummerjob.hipcamp.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 01:01:52 GMT
x-content-type-options: nosniff
age: 139378
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14956
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:26 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 01:01:52 GMT

GET
H/1.1 200
OK Calibre-Bold.woff2
dr1kl8glf25wj.cloudfront.net/merchant_assets/001/555/351/ 21 KB
22 KB 175ms
74ms Font
application/octet-stream 13.224.89.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dr1kl8glf25wj.cloudfront.net/merchant_assets/001/555/351/Calibre-Bold.woff2
Requested by: Host: canadasbestsummerjob.hipcamp.com
URL: https://canadasbestsummerjob.hipcamp.com/entries/195903509
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.89.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-100.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bb23b415c8699e82b2d9269f32d867931c9b59fc8ef481c530066316aecf2fa1

Request headers

Origin: https://canadasbestsummerjob.hipcamp.com
Referer: https://canadasbestsummerjob.hipcamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 21 Jun 2021 15:31:07 GMT
Via: 1.1 aa001e3127bb5bd7bbc48bc4fef44b79.cloudfront.net (CloudFront)
Age: 1988024
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 21492
Last-Modified: Wed, 26 May 2021 17:32:21 GMT
Server: AmazonS3
ETag: "4ae8c8cb6d393b0357d17f18e0681c8a"
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: sD4dfQwxJQcxu_svezSWq9BuTK3ropU9WPVOJlqP10K3QGMm24VQ0Q==
Expires: Fri, 25 Jun 2021 17:32:20 GMT

GET
H3-29 200 fb-PJu3odhw Show response
www.youtube.com/embed/ Frame CB68 54 KB
22 KB 86ms
72ms Document
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/fb-PJu3odhw?rel=0

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/jquery/1.10.2/jquery-1.10.2.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

01f26a2bb401beed0d53d59aba927f63b3ca58e6bfd6187950446e6693457bb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/fb-PJu3odhw?rel=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://canadasbestsummerjob.hipcamp.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://canadasbestsummerjob.hipcamp.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 14 Jul 2021 15:44:51 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=xZo2WsbTYIU; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=yQOOno6rXCE; Domain=.youtube.com; Expires=Mon, 10-Jan-2022 15:44:51 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+959; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK Calibre-Regular.woff2
dr1kl8glf25wj.cloudfront.net/merchant_assets/001/555/351/ 20 KB
21 KB 53ms
53ms Font
application/octet-stream 13.224.89.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dr1kl8glf25wj.cloudfront.net/merchant_assets/001/555/351/Calibre-Regular.woff2
Requested by: Host: canadasbestsummerjob.hipcamp.com
URL: https://canadasbestsummerjob.hipcamp.com/entries/195903509
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.89.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-100.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6f8b2a3f6a496330566a974343e3507f414749a80340b91f3464288d5e6a1f1

Request headers

Origin: https://canadasbestsummerjob.hipcamp.com
Referer: https://canadasbestsummerjob.hipcamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 21 Jun 2021 15:31:07 GMT
Via: 1.1 aa001e3127bb5bd7bbc48bc4fef44b79.cloudfront.net (CloudFront)
Age: 1988024
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 20976
Last-Modified: Wed, 26 May 2021 17:32:21 GMT
Server: AmazonS3
ETag: "ce3208602b2e75f021f1ca63a35f1f38"
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: alxbUigkp3aq1nda8Mmi5Si8RejTm3N5xoIoLon8sQbIc0ofVhkGkw==
Expires: Fri, 25 Jun 2021 17:32:20 GMT

GET
H2 200 fb_send_button.png
canadasbestsummerjob.hipcamp.com/assets/ 4 KB
4 KB 53ms
53ms Image
image/png 104.26.9.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canadasbestsummerjob.hipcamp.com/assets/fb_send_button.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2684e9ef94190f6c35dc0ad1aadb5924740f3982972c1b01526b44ad831bdbe9

Request headers

:path: /assets/fb_send_button.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: canadasbestsummerjob.hipcamp.com
referer: https://canadasbestsummerjob.hipcamp.com/entries/195903509
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://canadasbestsummerjob.hipcamp.com/entries/195903509
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:44:50 GMT
cf-cache-status: HIT
last-modified: Mon, 03 May 2021 19:08:09 GMT
server: cloudflare
age: 1540
etag: "60904a19-ed1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fRxV23vjiogeu6erm%2Bw1C8Ul%2FHHhhHp%2FFDz%2B6k03lE4jclXX60mluicztj2VhvRq0Lary%2B1aMcjzftIdHcE91BkBJLV7QII7MhfI1MsYPbc5P9ihWA%2BoIHN2Pe%2F%2BOMHZMcgU7opH1hFZUuE%2FVfOpH9nV"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 66ebdfee8e540722-LHR
content-length: 3793

GET
H2 200 usr-default-circle.png
canadasbestsummerjob.hipcamp.com/images/ 2 KB
3 KB 54ms
53ms Image
image/png 104.26.9.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canadasbestsummerjob.hipcamp.com/images/usr-default-circle.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 952e86120f5012d4757bfdcca694b2e18fdaf1032f1a5f8733aa7463ac07a044

Request headers

:path: /images/usr-default-circle.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: canadasbestsummerjob.hipcamp.com
referer: https://canadasbestsummerjob.hipcamp.com/entries/195903509
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://canadasbestsummerjob.hipcamp.com/entries/195903509
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:44:50 GMT
cf-cache-status: HIT
last-modified: Thu, 18 Feb 2021 20:51:17 GMT
server: cloudflare
age: 1540
etag: "602ed345-956"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xeMyvS%2FqMQZz4GDx9yYLjo8Gc6%2F5YfLGTXHiL8%2BXxT4TthLgX4wzetakBwbr9M6ZgWS4qj9CF81NbY8GNHhTtHyokPo7mXFLqMnPuk6GPjKwkDLpvtxYf5GGxspZkcsWSR%2FyFmzezkLj3aR7Y4MM%2F0XP"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 66ebdfee8e560722-LHR
content-length: 2390

GET
H3-29 200 share_button.php Show response
www.facebook.com/v7.0/plugins/ Frame E22C 42 KB
13 KB 174ms
173ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v7.0/plugins/share_button.php?app_id=1432768656951037&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfff77dc3e40b88%26domain%3Dcanadasbestsummerjob.hipcamp.com%26origin%3Dhttps%253A%252F%252Fcanadasbestsummerjob.hipcamp.com%252Ff14f0a18dde4578%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fcanadasbestsummerjob.hipcamp.com%2Fentries%2F195903509%2Freference&layout=button&locale=en_US&sdk=joey

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=c6ba68691a1d9cacb6b41c2b547fbaf8

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f5f1c13a5c7ebd759439bef485422fd928cec008cd88b4ae6d9b38c99c6edf8a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v7.0/plugins/share_button.php?app_id=1432768656951037&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfff77dc3e40b88%26domain%3Dcanadasbestsummerjob.hipcamp.com%26origin%3Dhttps%253A%252F%252Fcanadasbestsummerjob.hipcamp.com%252Ff14f0a18dde4578%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fcanadasbestsummerjob.hipcamp.com%2Fentries%2F195903509%2Freference&layout=button&locale=en_US&sdk=joey
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://canadasbestsummerjob.hipcamp.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://canadasbestsummerjob.hipcamp.com/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v7.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: e+K3K4tIAJoaC0kkkdM0n+QpS+b8AtRQ37rUBLookHA1r3Rc4crTAYNrES6uFcgH5s+wRsvcdNWniQYsIQ4Mbw==
date: Wed, 14 Jul 2021 15:44:51 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H/1.1 200
OK button.5573c974dc31bbdab5ea7923a0bd5cf3.js Show response
platform.twitter.com/js/ 7 KB
3 KB 6ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.5573c974dc31bbdab5ea7923a0bd5cf3.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F3) /
Resource Hash: e05edf2ae58e3a9f1d2a84d32a8b216fd0aece46f527b58dcbce75255989ea88

Request headers

Referer: https://canadasbestsummerjob.hipcamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Jul 2021 15:44:50 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:56:41 GMT
Server: ECS (frb/67F3)
Age: 155128
Etag: "382be2960021b88f6ce982d997cdbd01+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 2294

GET
H/1.1 200
OK tweet_button.06c6ee58c3810956b7509218508c7b56.en.html Show response
platform.twitter.com/widgets/ Frame 4936 32 KB
12 KB 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.06c6ee58c3810956b7509218508c7b56.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F3) /
Resource Hash: 483cc9a5ece5c92d5a2f1ea6e92e7f8bc29844a6c06bf36c0349d70334685dc7

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://canadasbestsummerjob.hipcamp.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://canadasbestsummerjob.hipcamp.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 155126
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 14 Jul 2021 15:44:50 GMT
Etag: "a87932e0f094e1fb4cced05f7d97ab94+gzip"
Last-Modified: Wed, 28 Apr 2021 17:56:47 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67F3)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 12228

GET
DATA 200
OK truncated
/ Frame 4936 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 www-player-webp.css
www.youtube.com/s/player/e5748921/ Frame CB68 324 KB
45 KB 11ms
10ms Stylesheet
text/css 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5748921/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/fb-PJu3odhw?rel=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d815775f36de7cf811a67054ef9b292cf0b7730c61faba018c5756fda850f136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/fb-PJu3odhw?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 14:41:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 12 Jul 2021 00:16:35 GMT
server: sffe
age: 176584
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45807
x-xss-protection: 0
expires: Tue, 12 Jul 2022 14:41:47 GMT

GET
H3-29 200 www-embed-player.js Show response
www.youtube.com/s/player/e5748921/www-embed-player.vflset/ Frame CB68 192 KB
64 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5748921/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/fb-PJu3odhw?rel=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

752d7764807808337168e2b2b27facb1adfc7efe50d5038c8a356472eb1420a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/fb-PJu3odhw?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 16:29:39 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 12 Jul 2021 00:16:35 GMT
server: sffe
age: 83712
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65137
x-xss-protection: 0
expires: Wed, 13 Jul 2022 16:29:39 GMT

GET
H3-29 200 base.js Show response
www.youtube.com/s/player/e5748921/player_ias.vflset/en_US/ Frame CB68 2 MB
488 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5748921/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/fb-PJu3odhw?rel=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ccbb0adcf32251810724538b18fccc0a4107c8bb2a61c896b6ce123d1fe985a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/fb-PJu3odhw?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 14:41:53 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 12 Jul 2021 00:16:35 GMT
server: sffe
age: 176578
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 500025
x-xss-protection: 0
expires: Tue, 12 Jul 2022 14:41:53 GMT

GET
H3-29 200 fetch-polyfill.js Show response
www.youtube.com/s/player/e5748921/fetch-polyfill.vflset/ Frame CB68 8 KB
3 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5748921/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/fb-PJu3odhw?rel=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/fb-PJu3odhw?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 12:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 12 Jul 2021 00:16:35 GMT
server: sffe
age: 11761
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
expires: Thu, 14 Jul 2022 12:28:50 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CB68 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/fb-PJu3odhw?rel=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 00:42:56 GMT
x-content-type-options: nosniff
age: 140515
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 00:42:56 GMT

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
374 B 146ms
145ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fcanadasbestsummerjob.hipcamp.com%2Fentries%2F195903509%2Freference%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22CampaignCards%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1626277491183%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%2282e1070%3A1619632193066%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://canadasbestsummerjob.hipcamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:44:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Wed, 14 Jul 2021 15:44:51 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: fb0f69db12b306dd16f43a307cd83907d722c7630a9dc33d35b6e2934eea2c11
x-transaction: 6fc661e1aec841d4
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3-29

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame CB68
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
161 B

30ms
14ms

XHR
application/json

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/fb-PJu3odhw?rel=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5874b589a1af19ef3b0b0cfed89c2b21066e0d6ca786b3b1b96ec8c5882e1005

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:44:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 14 Jul 2021 15:44:51 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame CB68 29 B
422 B 27ms
6ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5748921/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:44:45 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 6
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Wed, 14 Jul 2021 15:59:45 GMT

GET
H3-29 200 remote.js Show response
www.youtube.com/s/player/e5748921/player_ias.vflset/en_US/ Frame CB68 94 KB
29 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5748921/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5748921/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d086a1c6ddca4622f5b52e326e40608e530093f4ada182e71e46bf6c6a4e19bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/fb-PJu3odhw?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 14:41:54 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 12 Jul 2021 00:16:35 GMT
server: sffe
age: 176577
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29621
x-xss-protection: 0
expires: Tue, 12 Jul 2022 14:41:54 GMT

GET
H3-29 200 HlcVvMpVwt9TcMo1UaoN-mhKNgp-8n-s8HaB4RKa1Go.js Show response
www.google.com/js/th/ Frame CB68 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/HlcVvMpVwt9TcMo1UaoN-mhKNgp-8n-s8HaB4RKa1Go.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5748921/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e5715bcca55c2df5370ca3551aa0dfa684a360a7ef27facf07681e1129ad46a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 08:04:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 114012
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13381
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 17:00:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Jul 2022 08:04:39 GMT

GET
H3-29 200 embed.js Show response
www.youtube.com/s/player/e5748921/player_ias.vflset/en_US/ Frame CB68 25 KB
7 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5748921/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5748921/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ced24733ec007b2198a9b523151b6d062b89bc309a355ff4c818e0f193dd420

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/fb-PJu3odhw?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 14:41:54 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 12 Jul 2021 00:16:35 GMT
server: sffe
age: 176577
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7476
x-xss-protection: 0
expires: Tue, 12 Jul 2022 14:41:54 GMT

GET
H2 200 zSKZHMh8mXU.png
static.xx.fbcdn.net/rsrc.php/v3/yr/r/ Frame E22C 388 B
634 B 7ms
6ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yr/r/zSKZHMh8mXU.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v7.0/plugins/share_button.php?app_id=1432768656951037&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfff77dc3e40b88%26domain%3Dcanadasbestsummerjob.hipcamp.com%26origin%3Dhttps%253A%252F%252Fcanadasbestsummerjob.hipcamp.com%252Ff14f0a18dde4578%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fcanadasbestsummerjob.hipcamp.com%2Fentries%2F195903509%2Freference&layout=button&locale=en_US&sdk=joey

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f9a1a0ac26eaf5b7f6cc7223b5dd4b5f545b5a48fb598c7442e5f76384f1be8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:44:51 GMT
x-content-type-options: nosniff
content-md5: mLIKfuTnwd0c8uA9BXg4cQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 388
x-fb-rlafr: 0
x-fb-debug: kUBgelaAcZfRetSNyoYD5yTTR8JoyaLOez0Yje+N7GLi5DjBrKpGnGlrzwHTtaDxiXEMjyq0gIor4+IykQteLQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 14 Jul 2022 06:28:45 GMT

GET
H2 200 bIuqT9-AQr-.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yU/l/en_US/ Frame E22C 511 KB
134 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yU/l/en_US/bIuqT9-AQr-.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

21dbf5277da638868966f2bc3d3c3ef51eb584b1df0203317360e7f404788370

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:44:51 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: lS9MQTZ+snOnJyzVqujaog==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 136972
x-fb-rlafr: 0
x-fb-debug: yqlTi5oFiQk99q4xM8WHb295YJi5CBOhFbd5+pDjzKMaLcUPSn7hZod5QaiCdPv/NMCshHoDGjFC9wUfZ6xyhQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 09 Jul 2022 20:57:20 GMT

GET
DATA 200
OK truncated
/ Frame CB68 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 P4cj2yIg7xLwlSpyF3fHD1mY_sEsxO1FZCkzS9xrpaGGvA56RHELdhaLNMMYonYe7VD4vAEC=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame CB68 3 KB
4 KB 543ms
517ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/P4cj2yIg7xLwlSpyF3fHD1mY_sEsxO1FZCkzS9xrpaGGvA56RHELdhaLNMMYonYe7VD4vAEC=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/fb-PJu3odhw?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4b6c47f3c2493e1cca251b00c6dd8f281bd532e4aa35b8785a3a524a7416f68b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:44:51 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3473
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 07 Jul 2021 15:29:09 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/fb-PJu3odhw/ Frame CB68 34 KB
35 KB 64ms
39ms Image
image/webp 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/fb-PJu3odhw/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/fb-PJu3odhw?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bc692ae56667897fff63db2b5ece8e3bd679b6a231df688b404d1fefca0f175

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:44:51 GMT
x-content-type-options: nosniff
server: sffe
etag: "1624837396"
vary: Origin
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35280
x-xss-protection: 0
expires: Wed, 14 Jul 2021 17:44:51 GMT

GET
H3-29 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame CB68 4 KB
2 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5748921/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:44:51 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
x-content-type-options: nosniff
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Wed, 14 Jul 2021 15:44:51 GMT

GET
H3-29 204 generate_204
www.youtube.com/ Frame CB68 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?QZkJsw
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/fb-PJu3odhw?rel=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/fb-PJu3odhw?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:44:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-29 200 cavalry_endpoint.php
www.facebook.com/common/ Frame E22C 67 B
97 B 37ms
35ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1626277491303&t_start=1626277491303&t_domcontent=1626277491362&t_layout=1626277491469&t_onload=1626277491469&t_paint=1626277491469&t_creport=1626277491469&t_tti=1626277491362&lid=6984808638395696675-0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v7.0/plugins/share_button.php?app_id=1432768656951037&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfff77dc3e40b88%26domain%3Dcanadasbestsummerjob.hipcamp.com%26origin%3Dhttps%253A%252F%252Fcanadasbestsummerjob.hipcamp.com%252Ff14f0a18dde4578%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fcanadasbestsummerjob.hipcamp.com%2Fentries%2F195903509%2Freference&layout=button&locale=en_US&sdk=joey
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: br
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: no-cache
x-fb-debug: pDOQPLhoMr+fprqG2xTOkRkT1lOM9ciTQXIKIs3ks20lnq4RXO4ACYEsqbQ0FQDo3cJBVGkQW8G7K/R0USZHsg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 14 Jul 2021 15:44:51 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
log.pinterest.com/ 0
333 B 374ms
315ms Image
text/plain 199.232.80.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.pinterest.com/?type=pidget&guid=GubhMdo4sGQY&tv=2021040501&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=http%3A%2F%2Fcanadasbestsummerjob.hipcamp.com%2Fentries%2F195903509%2Freference&viaSrc=canonical
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.80.84 Marseille, France, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://canadasbestsummerjob.hipcamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:44:51 GMT
via: 1.1 varnish
x-cache: MISS
x-envoy-upstream-service-time: 4
x-cache-hits: 0
content-length: 0
x-served-by: cache-mrs10529-MRS
pragma: no-cache
server: envoy
x-timer: S1626277492.551327,VS0,VE282
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-pinterest-rid: 1573585288497435
accept-ranges: bytes
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame CB68 28 B
299 B 22ms
22ms XHR
application/json 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5748921/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/fb-PJu3odhw?rel=0
X-YouTube-Client-Version: 1.20210711.0.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: Cgt5UU9Pbm82clhDRSjyjLyHBg%3D%3D
X-YouTube-Ad-Signals: dt=1626277491098&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C310&vis=1&wgl=true&ca_type=image&bid=ANyPxKpe4cm0BvQfgLSQelQuNnW-hIFexte7lzslVWn3HBNwwAOCpLEbGE2Elvx8eXQiMOr_CY9sFr1VAUb3YLMlNqKtIZ3buA

Response headers

date: Wed, 14 Jul 2021 15:44:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Wed, 14 Jul 2021 15:44:53 GMT

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://cdn.wishpond.net/connect.js?merchantId=1555351&socialCampaignId=2631691&writeKey=a259f2b8dc2b(Line 5) Message: get userTracker SyntaxError: Unexpected end of JSON input
console-api	warning	URL: https://d30itml3t0pwpf.cloudfront.net/assets/pages_v1_vendor-9ff7e8a09170c692a00ecd6880f8ff449252470cf65ee51e9dd395fed5cda108.js(Line 2) Message: This browser does not support Web Storage!

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
assets.pinterest.com
canadasbestsummerjob.hipcamp.com
cdn.jsdelivr.net
cdn.wishpond.net
connect.facebook.net
d30itml3t0pwpf.cloudfront.net
dr1kl8glf25wj.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
log.pinterest.com
platform.twitter.com
s3.amazonaws.com
static.cloudflareinsights.com
static.doubleclick.net
static.xx.fbcdn.net
stats.thewishsendonline.com
syndication.twitter.com
themes.googleusercontent.com
www.facebook.com
www.google.com
www.gstatic.com
www.wishpond.com
www.youtube.com
yt3.ggpht.com
104.244.42.136
104.26.9.61
13.224.89.100
143.204.98.118
167.89.115.120
199.232.80.84
2606:2800:234:59:254c:406:2366:268c
2606:4700::6810:5f41
2a00:1450:4001:801::2004
2a00:1450:4001:808::2001
2a00:1450:4001:808::2016
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:827::200a
2a00:1450:4001:828::2003
2a00:1450:4001:828::200e
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2006
2a00:1450:4001:82b::2001
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::485
2a04:4e42:54::84
3.231.231.140
52.216.140.174
52.222.161.37
01f26a2bb401beed0d53d59aba927f63b3ca58e6bfd6187950446e6693457bb4
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299
10f5b54af5dfcf7ce41a402e09434751a1991468d562ca992b83dcb73e51b312
112cfec40a19b0849a928eb52861fe1f04f516ec383a38f28086d25c9b3c62e7
19d1f6a48c9933698d13bd598ba4800dec1192bf09ce9ca7abb490c88a9af5c0
1e24b4be86a7d463a4ba43a4295694948524caec798244df3bc5bd040c6287c8
1e5715bcca55c2df5370ca3551aa0dfa684a360a7ef27facf07681e1129ad46a
21dbf5277da638868966f2bc3d3c3ef51eb584b1df0203317360e7f404788370
2684e9ef94190f6c35dc0ad1aadb5924740f3982972c1b01526b44ad831bdbe9
2ccbb0adcf32251810724538b18fccc0a4107c8bb2a61c896b6ce123d1fe985a
3a236608258641326913c4819e56dc102a9a3faef780589fc00a2f2a14a6d7ef
3ced24733ec007b2198a9b523151b6d062b89bc309a355ff4c818e0f193dd420
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
4611a7cea90e4987c0f07d431757c02776215308e3165147195834f5da3af262
483cc9a5ece5c92d5a2f1ea6e92e7f8bc29844a6c06bf36c0349d70334685dc7
4b6c47f3c2493e1cca251b00c6dd8f281bd532e4aa35b8785a3a524a7416f68b
5682a84c47851f53990a45b7989ee70006b2e5cea21fb2e765bb49a9f99c519e
56fcd950f1b4392d2d4eb9f34bb5b259e4bd2c5d3ae8f64d7edf521841332b11
5874b589a1af19ef3b0b0cfed89c2b21066e0d6ca786b3b1b96ec8c5882e1005
5a0b9e6bdd0ab80a2890c8d7e74a2142def86310742033e453c83029fa90fea0
5bc692ae56667897fff63db2b5ece8e3bd679b6a231df688b404d1fefca0f175
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6e07e34bbd68097186902a70c18447371bfaa2be1338b6b4be90adbe3fc134fc
702cdb5078236684201d01e260d73c1dbb7facbae8dd2326c8fe3c499aaffd38
752d7764807808337168e2b2b27facb1adfc7efe50d5038c8a356472eb1420a3
7b001167d76ddcfd9c4ac077e194072feb1c70542216ec86c9c06f23c05382cc
839392b626a00e09ce3ec77706959d551de27cca63c559fcd4a6415aef3e722a
8f0f1cfd04e23199ca8f6989e42130fe2b81d7ad0f84b38b0797ec279a2ff8b8
8f1f808713348c6c3975d174ace7b60e4e2fb5e49f71d330ab324353bdef0e02
939eaf0cb931e2598e6d7f726e3dc2fa0326309ca5302182fb25e2a5842197eb
952e86120f5012d4757bfdcca694b2e18fdaf1032f1a5f8733aa7463ac07a044
96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a
9c3f98e27462b0c3bb25c6961893ea4488ccbfcc41d0bd3677e21ce10aa8de53
9ff7e8a09170c692a00ecd6880f8ff449252470cf65ee51e9dd395fed5cda108
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab63fb8f7ceedb658692fee72915b16c4a831f2c9bba9e54077377d52a0b0dc9
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
bb23b415c8699e82b2d9269f32d867931c9b59fc8ef481c530066316aecf2fa1
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c6f8b2a3f6a496330566a974343e3507f414749a80340b91f3464288d5e6a1f1
c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916
cfcb0ec300dea884d31445998d9e2893ba8e42fbe8673d9e04dd0eb8ab2d4ce9
d086a1c6ddca4622f5b52e326e40608e530093f4ada182e71e46bf6c6a4e19bf
d32a946a16ed5d8edc6e2afbfcf6f19778b6bab351d619c5e6dff02248a2caa4
d75756dbd8323c01b73e21633cc550ecfd558a3549a909f535cb9d5104de9478
d7596eeea5e0336560adc0f514f4506d27c7d25547fca345c375fb0ccdfdd2d6
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d815775f36de7cf811a67054ef9b292cf0b7730c61faba018c5756fda850f136
dbee2dc2e0e1408af0a15e82f61b135925c67dab0663d5e6f8f59092fe03095f
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e05edf2ae58e3a9f1d2a84d32a8b216fd0aece46f527b58dcbce75255989ea88
e12dfaae532b449b71117f29ad43f92b3b87c19509a9b16f91115fd4e07903b4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb51506c619bb5ea0d447dc5a08683c9b73ecbe1e65dce794674622cd2e56f58
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f0c7fd3e324adb092b260433f4376720014bbb572fc4c98a6cde055ab6521666
f5f1c13a5c7ebd759439bef485422fd928cec008cd88b4ae6d9b38c99c6edf8a
f9a1a0ac26eaf5b7f6cc7223b5dd4b5f545b5a48fb598c7442e5f76384f1be8c

canadasbestsummerjob.hipcamp.com Open in urlscan Pro 104.26.9.61 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

75 Requests

100 %HTTPS

65 %IPv6

21 Domains

27 Subdomains

26 IPs

3 Countries

6134 kBTransfer

10465 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

canadasbestsummerjob.hipcamp.com Open in urlscan Pro
104.26.9.61 Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

100 %
HTTPS

65 %
IPv6

21
Domains

27
Subdomains

26
IPs

3
Countries

6134 kB
Transfer

10465 kB
Size

0
Cookies

75 HTTP transactions
2 data transactions