trilliumgiving.ca Open in urlscan Pro
162.159.140.98 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://winforhealth.ca/
Effective URL:
https://trilliumgiving.ca/win-for-health-5050
Submission: On August 29 via api (August 29th 2024, 12:38:44 pm UTC) from US — Scanned from CA

Summary HTTP 64 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 19 IPs in 2 countries across 14 domains to perform 64 HTTP transactions. The main IP is 162.159.140.98, located in and belongs to CLOUDFLARENET, US. The main domain is trilliumgiving.ca.
TLS certificate: Issued by WE1 on July 8th 2024. Valid for: 3 months.

This is the only time trilliumgiving.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	15.197.225.128 15.197.225.128	16509 (AMAZON-02) (AMAZON-02)
23	162.159.140.98 162.159.140.98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	31.13.71.36 31.13.71.36	32934 (FACEBOOK) (FACEBOOK)
3	142.251.40.136 142.251.40.136	15169 (GOOGLE) (GOOGLE)
3	23.223.209.41 23.223.209.41	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.204.152.149 23.204.152.149	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	31.13.71.7 31.13.71.7	32934 (FACEBOOK) (FACEBOOK)
1	142.251.40.206 142.251.40.206	15169 (GOOGLE) (GOOGLE)
1	142.251.16.157 142.251.16.157	15169 (GOOGLE) (GOOGLE)
2	142.251.40.130 142.251.40.130	15169 (GOOGLE) (GOOGLE)
2	142.251.32.99 142.251.32.99	15169 (GOOGLE) (GOOGLE)
8	18.164.124.97 18.164.124.97	16509 (AMAZON-02) (AMAZON-02)
3	150.171.30.10 150.171.30.10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	104.22.17.208 104.22.17.208	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.26.1.105 104.26.1.105	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.80.66 142.250.80.66	15169 (GOOGLE) (GOOGLE)
1 2	142.251.41.4 142.251.41.4	15169 (GOOGLE) (GOOGLE)
2	13.107.246.40 13.107.246.40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	20.231.53.73 20.231.53.73	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	20.110.205.119 20.110.205.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	13.107.21.237 13.107.21.237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
64	19

1 15.197.225.128 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com

winforhealth.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 162.159.140.98 (None, )

ASN13335 (CLOUDFLARENET, US)

trilliumgiving.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.13.71.36 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-lga3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.40.136 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.223.209.41 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-223-209-41.deploy.static.akamaitechnologies.com

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.204.152.149 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-204-152-149.deploy.static.akamaitechnologies.com

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.71.7 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-lga3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.206 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f14.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.16.157 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.130 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.32.99 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f3.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.164.124.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-97.jfk50.r.cloudfront.net

cdn.builder.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 150.171.30.10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.22.17.208 (None, )

ASN13335 (CLOUDFLARENET, US)

homelottery.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.1.105 (None, )

ASN13335 (CLOUDFLARENET, US)

ticker.rafflebox.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.66 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.41.4 (Queens, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.246.40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.231.53.73 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

q.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.205.119 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.21.237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	trilliumgiving.ca trilliumgiving.ca	247 KB
8	builder.io cdn.builder.io — Cisco Umbrella Rank: 27309	1 MB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1114 q.clarity.ms — Cisco Umbrella Rank: 8520 c.clarity.ms — Cisco Umbrella Rank: 1838	29 KB
5	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 252 td.doubleclick.net — Cisco Umbrella Rank: 481 googleads.g.doubleclick.net — Cisco Umbrella Rank: 77	3 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 534 c.bing.com — Cisco Umbrella Rank: 341	17 KB
4	typekit.net use.typekit.net — Cisco Umbrella Rank: 1178 p.typekit.net — Cisco Umbrella Rank: 1499	51 KB
3	homelottery.ca homelottery.ca	3 KB
3	google.com 1 redirects analytics.google.com — Cisco Umbrella Rank: 238 www.google.com — Cisco Umbrella Rank: 10	88 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	305 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	4 KB
2	google.ca www.google.ca — Cisco Umbrella Rank: 9677	127 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	72 KB
1	rafflebox.ca ticker.rafflebox.ca
1	winforhealth.ca 1 redirects winforhealth.ca	321 B
64	14

	Domain	Requested by
23	trilliumgiving.ca	trilliumgiving.ca
8	cdn.builder.io	trilliumgiving.ca
3	homelottery.ca	trilliumgiving.ca
3	bat.bing.com	www.googletagmanager.com bat.bing.com trilliumgiving.ca
3	use.typekit.net	trilliumgiving.ca use.typekit.net
3	www.googletagmanager.com	trilliumgiving.ca www.googletagmanager.com
3	www.facebook.com	trilliumgiving.ca
2	c.clarity.ms	1 redirects
2	q.clarity.ms	www.clarity.ms
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	www.google.com	1 redirects trilliumgiving.ca
2	googleads.g.doubleclick.net	www.googletagmanager.com trilliumgiving.ca
2	www.google.ca	trilliumgiving.ca
2	td.doubleclick.net	www.googletagmanager.com
2	connect.facebook.net	trilliumgiving.ca connect.facebook.net
1	c.bing.com	1 redirects
1	ticker.rafflebox.ca	trilliumgiving.ca
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	p.typekit.net	use.typekit.net
1	winforhealth.ca	1 redirects
64	21

This site contains links to these domains. Also see Links.

Domain
www.connexontario.ca
www.facebook.com
www.instagram.com
www.flickr.com
www.youtube.com
www.linkedin.com
twitter.com
thp.ca
secure.trilliumgiving.ca

Subject Issuer	Validity	Valid
trilliumgiving.ca WE1	`2024-07-08` - `2024-10-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-06-07` - `2024-09-05`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-27` - `2025-09-27`	a year	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google.ca WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.builder.io Amazon RSA 2048 M01	`2023-09-30` - `2024-10-28`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
homelottery.ca WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
rafflebox.ca WE1	`2024-08-02` - `2024-10-31`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://trilliumgiving.ca/win-for-health-5050
Frame ID: B9905DCDE8AE314CE3A22982AAE035BD
Requests: 59 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-L4NV7NGX76&gacid=1127334992.1724935117&gtm=45je48r0v872806254za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=1236902140
Frame ID: DA88F7EB9099A8C3FFF715AB740377B3
Requests: 1 HTTP requests in this frame

Frame: https://ticker.rafflebox.ca/event-ticker/thp?size=compact&buyNow=false
Frame ID: C0C34848658A027CDA275893A3D135D9
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/10889810525?random=1724935117411&cv=11&fst=1724935117411&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be48r0z8896092226za201zb896092226&gcd=13t3t3t3t5l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftrilliumgiving.ca%2Fwin-for-health-5050&hn=www.googleadservices.com&frm=0&tiba=Win%20for%20Health%205050%20Raffle%20%7C%20Trillium%20Health%20Partners%20Foundation%20%7C%20Trillium%20Health%20Partners%20Foundation&npa=0&pscdl=noapi&auid=2090379662.1724935118&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse
Frame ID: CF6720BE46089311CA41CDC46CD38DA3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Win for Health 5050 Raffle | Trillium Health Partners Foundation | Trillium Health Partners Foundation

Page URL History Show full URLs

https://winforhealth.ca/ HTTP 301
https://trilliumgiving.ca/win-for-health-5050 Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

64
Requests

97 %
HTTPS

0 %
IPv6

14
Domains

21
Subdomains

19
IPs

2
Countries

1796 kB
Transfer

3421 kB
Size

29
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.connexontario.ca/en-ca/
Title: ConnexOntario.ca

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TrilliumHealthPartners/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/trilliumhealthpartners/

Search URL Search Domain Scan URL

URL: https://www.flickr.com/photos/55148330@N07/sets/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/TrilliumHeroes/videos

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/trillium-health-partners-foundation

Search URL Search Domain Scan URL

URL: https://twitter.com/THP_foundation

Search URL Search Domain Scan URL

URL: https://thp.ca/
Title: Our Hospital

Search URL Search Domain Scan URL

URL: https://secure.trilliumgiving.ca/site/SSurvey?ACTION_REQUIRED=URI_ACTION_USER_REQUESTS&SURVEY_ID=3960
Title: Sign UpSign Up

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://winforhealth.ca/ HTTP 301
https://trilliumgiving.ca/win-for-health-5050 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t3t5l1&tag_exp=0&rnd=14852886.1724935118&url=https%3A%2F%2Ftrilliumgiving.ca%2Fwin-for-health-5050&dma=0&npa=0&gtm=45He48r0n81WLKVRZGv896092226za200&auid=2090379662.1724935118 HTTP 302
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5l1&tag_exp=0&rnd=14852886.1724935118&url=https%3A%2F%2Ftrilliumgiving.ca%2Fwin-for-health-5050&dma=0&npa=0&gtm=45He48r0n81WLKVRZGv896092226za200&auid=2090379662.1724935118

Request Chain 59

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=065083F9396B484796C07D2464F79760&RedC=c.clarity.ms&MXFR=306883FF7179668D05599715757968E0 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=065083F9396B484796C07D2464F79760&MUID=029F80672A1560AB18BB948D2B996137

64 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request win-for-health-5050 Show response
trilliumgiving.ca/
Redirect Chain

https://winforhealth.ca/
https://trilliumgiving.ca/win-for-health-5050

48 KB
13 KB

1216ms
809ms

Document
text/html

162.159.140.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trilliumgiving.ca/win-for-health-5050
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.140.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Next.js
Resource Hash: bd1c262d2aa20a8f4798a607900b4d460eb20bcab455d4269e2c8d1401b0e768

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: MISS
cf-ray: 8bac99532f9daac6-YYZ
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 29 Aug 2024 12:38:35 GMT
last-modified: Thu, 29 Aug 2024 12:38:35 GMT
server: cloudflare
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
x-do-app-origin: 3ec90c6a-6404-4a4b-b8fe-0e6194dcf9bc
x-do-orig-status: 200
x-powered-by: Next.js

Redirect headers

Connection: close
Content-Length: 80
Content-Type: text/html; charset=utf-8
Date: Thu, 29 Aug 2024 12:38:34 GMT
Location: https://trilliumgiving.ca/win-for-health-5050
Server: ip-10-123-124-59.ec2.internal
Vary: Accept-Encoding
X-Request-Id: 29b8bfd0-47ad-4cf9-9075-cdb5aa827d65

GET
H2 200 tr
www.facebook.com/ 0
274 B 545ms
175ms Image
text/plain 31.13.71.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=1719598294908838&ev=PageView&noscript=1

Requested by

Host: trilliumgiving.ca
URL: https://trilliumgiving.ca/win-for-health-5050

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-lga3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://trilliumgiving.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=31, rtx=0, c=10, mss=1316, tbw=2798, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 29 Aug 2024 12:38:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 991615aef32dd23e.css
trilliumgiving.ca/_next/static/css/ 56 KB
10 KB 39ms
38ms Stylesheet
text/css 162.159.140.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trilliumgiving.ca/_next/static/css/991615aef32dd23e.css
Requested by: Host: trilliumgiving.ca
URL: https://trilliumgiving.ca/win-for-health-5050
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.140.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a385e9b0e7c0b4ad493d87969f5149f248a32a89a7ffaad6928a7911993d8ea5

Request headers

Referer: https://trilliumgiving.ca/win-for-health-5050
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:38:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: 3ec90c6a-6404-4a4b-b8fe-0e6194dcf9bc
age: 1699416
x-do-orig-status: 200
etag: W/"e0a3-49773873e8"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8bac9958db07aac6-YYZ

GET
H2 200 15cbae759d1218d5.css
trilliumgiving.ca/_next/static/css/ 2 KB
862 B 111ms
109ms Stylesheet
text/css 162.159.140.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trilliumgiving.ca/_next/static/css/15cbae759d1218d5.css
Requested by: Host: trilliumgiving.ca
URL: https://trilliumgiving.ca/win-for-health-5050
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.140.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce4915f46dedc519fc4f4d36b20eed8caa79dfc7d73a627924af7efa35359a19

Request headers

Referer: https://trilliumgiving.ca/win-for-health-5050
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:38:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: 3ec90c6a-6404-4a4b-b8fe-0e6194dcf9bc
age: 1699416
x-do-orig-status: 200
etag: W/"91d-49773873e8"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8bac9958db09aac6-YYZ

GET
H2 200 webpack-069e2956ce7beda0.js Show response
trilliumgiving.ca/_next/static/chunks/ 5 KB
2 KB 46ms
39ms Script
application/javascript 162.159.140.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trilliumgiving.ca/_next/static/chunks/webpack-069e2956ce7beda0.js
Requested by: Host: trilliumgiving.ca
URL: https://trilliumgiving.ca/win-for-health-5050
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.140.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd91d4ee41db99ee2c11bb7141a25e972edc3dd634cee00033f80243c6ca983f

Request headers

Referer: https://trilliumgiving.ca/win-for-health-5050
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:38:36 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: 3ec90c6a-6404-4a4b-b8fe-0e6194dcf9bc
age: 1699417
x-do-orig-status: 200
etag: W/"1243-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8bac995b1c92aac6-YYZ

GET
H2 200 fd9d1056-d57157aad986eded.js Show response
trilliumgiving.ca/_next/static/chunks/ 160 KB
50 KB 84ms
77ms Script
application/javascript 162.159.140.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trilliumgiving.ca/_next/static/chunks/fd9d1056-d57157aad986eded.js
Requested by: Host: trilliumgiving.ca
URL: https://trilliumgiving.ca/win-for-health-5050
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.140.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6053e2837bb3d5edc361852f09e9d4b510a92e785e159a4e02d699389e856d17

Request headers

Referer: https://trilliumgiving.ca/win-for-health-5050
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:38:36 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: 3ec90c6a-6404-4a4b-b8fe-0e6194dcf9bc
age: 1699417
x-do-orig-status: 200
etag: W/"28042-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8bac995b1c93aac6-YYZ

GET
H2 200 472-7f0be7b7a18d86bb.js Show response
trilliumgiving.ca/_next/static/chunks/ 108 KB
27 KB 45ms
38ms Script
application/javascript 162.159.140.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trilliumgiving.ca/_next/static/chunks/472-7f0be7b7a18d86bb.js
Requested by: Host: trilliumgiving.ca
URL: https://trilliumgiving.ca/win-for-health-5050
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.140.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08508245f47146a774ceed5e2276e9934c40383cc819aef22803cef49fbd0077

Request headers

Referer: https://trilliumgiving.ca/win-for-health-5050
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:38:36 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: 3ec90c6a-6404-4a4b-b8fe-0e6194dcf9bc
age: 1699417
x-do-orig-status: 200
etag: W/"1afeb-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8bac995b1c94aac6-YYZ

GET
H2 200 main-app-9b9b15f32ca42195.js Show response
trilliumgiving.ca/_next/static/chunks/ 508 B
289 B 84ms
78ms Script
application/javascript 162.159.140.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trilliumgiving.ca/_next/static/chunks/main-app-9b9b15f32ca42195.js
Requested by: Host: trilliumgiving.ca
URL: https://trilliumgiving.ca/win-for-health-5050
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.140.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f277430a99a1d855768fd72e061219cff0ade9326eabffea2a1ad86d221bcfa3

Request headers

Referer: https://trilliumgiving.ca/win-for-health-5050
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:38:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: 3ec90c6a-6404-4a4b-b8fe-0e6194dcf9bc
age: 1266334
x-do-orig-status: 200
etag: W/"1fc-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8bac995b1c95aac6-YYZ

GET
H2 200 601-2133d0c92e4eaf10.js Show response
trilliumgiving.ca/_next/static/chunks/ 199 KB
54 KB 82ms
76ms Script
application/javascript 162.159.140.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trilliumgiving.ca/_next/static/chunks/601-2133d0c92e4eaf10.js
Requested by: Host: trilliumgiving.ca
URL: https://trilliumgiving.ca/win-for-health-5050
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.140.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71ff708b86e68aa58cca2a8796d079acddc2e4febf8153e5179108d7d8c18040

Request headers

Referer: https://trilliumgiving.ca/win-for-health-5050
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:38:36 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: 3ec90c6a-6404-4a4b-b8fe-0e6194dcf9bc
age: 1699417
x-do-orig-status: 200
etag: W/"31bd4-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8bac995b1c97aac6-YYZ

GET
H2 200 650-10ea20c636de9c99.js Show response
trilliumgiving.ca/_next/static/chunks/ 21 KB
7 KB 83ms
77ms Script
application/javascript 162.159.140.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trilliumgiving.ca/_next/static/chunks/650-10ea20c636de9c99.js
Requested by: Host: trilliumgiving.ca
URL: https://trilliumgiving.ca/win-for-health-5050
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.140.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c229a5b62d9762343b2ac81f9a0b8d0af9376e657c7769cebec6f00822a7a184

Request headers

Referer: https://trilliumgiving.ca/win-for-health-5050
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:38:36 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: 3ec90c6a-6404-4a4b-b8fe-0e6194dcf9bc
age: 1699417
x-do-orig-status: 200
etag: W/"54e0-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8bac995b1c99aac6-YYZ

GET
H2 200 360-c71eb6bb1db3fffc.js Show response
trilliumgiving.ca/_next/static/chunks/ 36 KB
11 KB 87ms
82ms Script
application/javascript 162.159.140.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trilliumgiving.ca/_next/static/chunks/360-c71eb6bb1db3fffc.js
Requested by: Host: trilliumgiving.ca
URL: https://trilliumgiving.ca/win-for-health-5050
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.140.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62eed46ddbc8cf416dd3bcd0252516955f9bb183f3fc78bdb5b48d26bed568b6

Request headers

Referer: https://trilliumgiving.ca/win-for-health-5050
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:38:36 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: 3ec90c6a-6404-4a4b-b8fe-0e6194dcf9bc
age: 1699417
x-do-orig-status: 200
etag: W/"8ed5-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8bac995b1c9aaac6-YYZ

GET
H2 200 812-aa6555dc5b644827.js Show response
trilliumgiving.ca/_next/static/chunks/ 50 KB
15 KB 83ms
78ms Script
application/javascript 162.159.140.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trilliumgiving.ca/_next/static/chunks/812-aa6555dc5b644827.js
Requested by: Host: trilliumgiving.ca
URL: https://trilliumgiving.ca/win-for-health-5050
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.140.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bddb86b5d103ef5b74467f1873ea76db85c6150cc75a031e8739da96201d4fcd

Request headers

Referer: https://trilliumgiving.ca/win-for-health-5050
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:38:36 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: 3ec90c6a-6404-4a4b-b8fe-0e6194dcf9bc
age: 1699417
x-do-orig-status: 200
etag: W/"c998-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8bac995b1c9baac6-YYZ

GET
H2 200 645-52c8c25fdc8d24ae.js Show response
trilliumgiving.ca/_next/static/chunks/ 47 KB
16 KB 84ms
79ms Script
application/javascript 162.159.140.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trilliumgiving.ca/_next/static/chunks/645-52c8c25fdc8d24ae.js
Requested by: Host: trilliumgiving.ca
URL: https://trilliumgiving.ca/win-for-health-5050
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.140.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72631edada7ecb6686904506efc336bb997bad276c4f34a416f81ef5bb96df0d

Request headers

Referer: https://trilliumgiving.ca/win-for-health-5050
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:38:36 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: 3ec90c6a-6404-4a4b-b8fe-0e6194dcf9bc
age: 1699417
x-do-orig-status: 200
etag: W/"bcc6-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8bac995b1c9caac6-YYZ

GET
H2 200 layout-51e49b5d9446b209.js Show response
trilliumgiving.ca/_next/static/chunks/app/ 42 KB
10 KB 85ms
81ms Script
application/javascript 162.159.140.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trilliumgiving.ca/_next/static/chunks/app/layout-51e49b5d9446b209.js
Requested by: Host: trilliumgiving.ca
URL: https://trilliumgiving.ca/win-for-health-5050
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.140.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00334cdb5050573ecebc331d406e388d56043f65444160dc769877e5da0dbe76

Request headers

Referer: https://trilliumgiving.ca/win-for-health-5050
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:38:36 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: 3ec90c6a-6404-4a4b-b8fe-0e6194dcf9bc
age: 1699417
x-do-orig-status: 200
etag: W/"a7cf-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8bac995b1c9daac6-YYZ

GET
H2 200 589-c7c1fc8d1d1b2b01.js Show response
trilliumgiving.ca/_next/static/chunks/ 30 KB
8 KB 86ms
82ms Script
application/javascript 162.159.140.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trilliumgiving.ca/_next/static/chunks/589-c7c1fc8d1d1b2b01.js
Requested by: Host: trilliumgiving.ca
URL: https://trilliumgiving.ca/win-for-health-5050
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.140.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6abb4e47b84d4df60188a941f3d232d32164e4fa74c323a83ec1e85023f3d11a

Request headers

Referer: https://trilliumgiving.ca/win-for-health-5050
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:38:36 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: 3ec90c6a-6404-4a4b-b8fe-0e6194dcf9bc
age: 1699417
x-do-orig-status: 200
etag: W/"7638-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8bac995b3cb0aac6-YYZ

GET
H2 200 6-1a684ba175b2d8f8.js Show response
trilliumgiving.ca/_next/static/chunks/ 9 KB
3 KB 83ms
80ms Script
application/javascript 162.159.140.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trilliumgiving.ca/_next/static/chunks/6-1a684ba175b2d8f8.js
Requested by: Host: trilliumgiving.ca
URL: https://trilliumgiving.ca/win-for-health-5050
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.140.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 437f4822c0ef19333a0939d569eace5614ac4ce879886539013bbcd4ed135d40

Request headers

Referer: https://trilliumgiving.ca/win-for-health-5050
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:38:36 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: 3ec90c6a-6404-4a4b-b8fe-0e6194dcf9bc
age: 1699417
x-do-orig-status: 200
etag: W/"23c6-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8bac995b3cb1aac6-YYZ

GET
H2 200 944-74cc74546898f82a.js Show response
trilliumgiving.ca/_next/static/chunks/ 40 KB
10 KB 83ms
80ms Script
application/javascript 162.159.140.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trilliumgiving.ca/_next/static/chunks/944-74cc74546898f82a.js
Requested by: Host: trilliumgiving.ca
URL: https://trilliumgiving.ca/win-for-health-5050
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.140.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2853f3de86b93b2706d2666e481d8342ad8a7fec6d9718a214eb3fb51564ecac

Request headers

Referer: https://trilliumgiving.ca/win-for-health-5050
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:38:36 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: 3ec90c6a-6404-4a4b-b8fe-0e6194dcf9bc
age: 1699417
x-do-orig-status: 200
etag: W/"a183-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8bac995b3cb2aac6-YYZ

GET
H2 200 page-6b37cb41eb2939b8.js Show response
trilliumgiving.ca/_next/static/chunks/app/%5B%5B...page%5D%5D/ 727 B
535 B 84ms
82ms Script
application/javascript 162.159.140.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trilliumgiving.ca/_next/static/chunks/app/%5B%5B...page%5D%5D/page-6b37cb41eb2939b8.js
Requested by: Host: trilliumgiving.ca
URL: https://trilliumgiving.ca/win-for-health-5050
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.140.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75d31e6eeece7a10a170f1d1b55984fc6ae29d9232b2bf0f250646bdfc334405

Request headers

Referer: https://trilliumgiving.ca/win-for-health-5050
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:38:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: 3ec90c6a-6404-4a4b-b8fe-0e6194dcf9bc
age: 1699417
x-do-orig-status: 200
etag: W/"2d7-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8bac995b3cb3aac6-YYZ

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 292 KB
99 KB 477ms
108ms Script
application/javascript 142.251.40.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-L4NV7NGX76

Requested by

Host: trilliumgiving.ca
URL: https://trilliumgiving.ca/win-for-health-5050

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.136 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

a3be0b5685b1d809b0528ea67f3786834db636abaec1f530e9744ca41d3a14c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://trilliumgiving.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:38:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 100827
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 29 Aug 2024 12:38:36 GMT

GET
H2 200 kqu6rxy.css
use.typekit.net/ 2 KB
856 B 212ms
47ms Stylesheet
text/css 23.223.209.41
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/kqu6rxy.css

Requested by

Host: trilliumgiving.ca
URL: https://trilliumgiving.ca/_next/static/css/991615aef32dd23e.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.223.209.41 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-223-209-41.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

cd27af4f3a4746370cbb6cb7b1d98085a75b8999991e3d3e65e0b94c7241501b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://trilliumgiving.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Thu, 29 Aug 2024 12:38:36 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 633

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 518ms
36ms Stylesheet
text/css 23.204.152.149
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=kqu6rxy&ht=tk&f=9795.9797&a=2534340&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/kqu6rxy.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.152.149 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-204-152-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:38:36 GMT
last-modified: Fri, 14 Jul 2023 12:42:04 GMT
server: nginx
etag: "64b1429c-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 l
use.typekit.net/af/6106bc/00000000000000003b9b033a/27/ 25 KB
25 KB 130ms
33ms Font
application/font-woff2 23.223.209.41
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/6106bc/00000000000000003b9b033a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/kqu6rxy.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.223.209.41 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-223-209-41.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 302460f4992d26feb5ddcf6af2f9685e85f02a1533ef117a5c2597eb7d18384e

Request headers

Referer: https://use.typekit.net/kqu6rxy.css
Origin: https://trilliumgiving.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:38:37 GMT
server: nginx
etag: "1ad5c3ec36c7b2d9a83a9c5e6ccba4df7cf796b5"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 25664

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 458 KB
121 KB 105ms
103ms Script
application/javascript 142.251.40.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WLKVRZG

Requested by

Host: trilliumgiving.ca
URL: https://trilliumgiving.ca/win-for-health-5050

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.136 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

bb0a8eb23706285ca06fad2adfa936f92570d4e1302f52cbb8c8834bc3e6c5d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://trilliumgiving.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:38:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123463
x-xss-protection: 0
last-modified: Thu, 29 Aug 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 29 Aug 2024 12:38:36 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
58 KB 85ms
36ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: trilliumgiving.ca
URL: https://trilliumgiving.ca/win-for-health-5050

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Resource Hash

3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://trilliumgiving.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 29 Aug 2024 12:38:36 GMT
document-policy: force-load-at-top
x-fb-server-load: 38
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58936
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=32, rtx=0, c=23, mss=1232, tbw=4296, tp=9, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: P1JYgOqRcyfhoyYJdlCVz4kXIJKPPdGNgWYNFhx6LMZTTFclW9nNPR7xa5ALBBEpt7sxmGaj/quNwxDjc/ic2Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
x-fb-optimizer: 0
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
0 141ms
46ms Fetch
text/plain 142.251.40.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-L4NV7NGX76&gtm=45je48r0v872806254za200&_p=1724935116913&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1127334992.1724935117&ul=en-ca&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&_s=1&dp=%2Fwin-for-health-5050&sid=1724935116&sct=1&seg=0&dl=https%3A%2F%2Ftrilliumgiving.ca%2Fwin-for-health-5050&dt=Win%20for%20Health%205050%20Raffle%20%7C%20Trillium%20Health%20Partners%20Foundation%20%7C%20Trillium%20Health%20Partners%20Foundation&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2941
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L4NV7NGX76
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.40.206 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s38-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://trilliumgiving.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Aug 2024 12:38:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://trilliumgiving.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
255 B 140ms
45ms Ping
text/plain 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-L4NV7NGX76&cid=1127334992.1724935117&gtm=45je48r0v872806254za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L4NV7NGX76
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.16.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: bl-in-f157.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trilliumgiving.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Aug 2024 12:38:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://trilliumgiving.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame DA88 0
0 141ms
60ms Document
text/html 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-L4NV7NGX76&gacid=1127334992.1724935117&gtm=45je48r0v872806254za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=1236902140

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L4NV7NGX76

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://trilliumgiving.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Aug 2024 12:38:37 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 179ms
104ms Image
image/gif 142.251.32.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-L4NV7NGX76&cid=1127334992.1724935117&gtm=45je48r0v872806254za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0&tag_exp=0&z=1959769968

Requested by

Host: trilliumgiving.ca
URL: https://trilliumgiving.ca/win-for-health-5050

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.99 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://trilliumgiving.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Aug 2024 12:38:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 page Show response
cdn.builder.io/api/v3/query/569737aff5874b2c8e0e8567dc742275/ 26 KB
8 KB 360ms
72ms Fetch
application/json 18.164.124.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.builder.io/api/v3/query/569737aff5874b2c8e0e8567dc742275/page?omit=meta.componentsUsed&apiKey=569737aff5874b2c8e0e8567dc742275&userAttributes.urlPath=%2Fwin-for-health-5050&options.page.model=%22page%22
Requested by: Host: trilliumgiving.ca
URL: https://trilliumgiving.ca/_next/static/chunks/601-2133d0c92e4eaf10.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-97.jfk50.r.cloudfront.net
Software: Google Frontend / Express
Resource Hash: 799b6e6f79ad49e3031b4e5b1579ec9319f4a3c63efb078df19fa916e31a061a

Request headers

Referer: https://trilliumgiving.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 02:19:33 GMT
via: 1.1 varnish, 1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
content-encoding: gzip
access-control-allow-private-network: true
x-amz-cf-pop: JFK50-P7
age: 45032
x-powered-by: Express
x-cloudrun-origin: primary
x-cache: RefreshHit from cloudfront
x-request-id: c3b4f500-659a-11ef-84cb-591a91598af2
x-served-by: cache-iad-kjyo7100124-IAD
server: Google Frontend
dataorigin: firestore
x-timer: S1724897974.838920,VS0,VE1
etag: W/"69ee-WpU7T6SxCclsNPK+w9dlmnAN7P4"
vary: Accept-Encoding,Authorization
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: c9ca7adfb3804fbeb33e6ac1b943384b
cache-control: public, max-age=60, s-maxage=60, stale-if-error=2678400,
access-control-allow-headers: content-type, accept, authorization
x-amz-cf-id: VghgazmvljaevJjZY4ME76MgG-97fvIIfWb4O3p-QOijg6pJ81t7AQ==
x-cache-hits: 0

POST
H2 200 569737aff5874b2c8e0e8567dc742275 Show response
cdn.builder.io/api/v1/graphql/ 2 KB
2 KB 519ms
490ms Fetch
application/json 18.164.124.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.builder.io/api/v1/graphql/569737aff5874b2c8e0e8567dc742275
Requested by: Host: trilliumgiving.ca
URL: https://trilliumgiving.ca/_next/static/chunks/app/layout-51e49b5d9446b209.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-97.jfk50.r.cloudfront.net
Software: Google Frontend / Express
Resource Hash: 1d5839be1d1549506a3e4bd24fb7eff1a24dee35becacc91dea111002c9d1dd5

Request headers

Referer: https://trilliumgiving.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Thu, 29 Aug 2024 12:38:37 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
content-encoding: gzip
access-control-allow-private-network: true
x-amz-cf-pop: JFK50-P7
x-powered-by: Express
x-cache: Miss from cloudfront
x-request-id: 9ce4f380-6603-11ef-b90b-f90945e93863
x-served-by: cache-chi-klot8100113-CHI, cache-iad-kjyo7100039-IAD
x-response-time: 382.557ms
server: Google Frontend
x-timer: S1724935117.465788,VS0,VE435
etag: W/"9f0-bUIwxyW7qbM6uJpE2jEQmV5ePD4"
vary: Authorization, Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 2cf1ec55486bad22fe0beb188b2dc1b2;o=1
cache-control: public, max-age=5, s-maxage=5, stale-if-error=2678400, stale-while-revalidate=86400
function-execution-id: ldf5nzelr5te
x-robots-tag: noindex
access-control-allow-headers: content-type, accept, authorization
x-amz-cf-id: HDfOGiFZ1bS0Pu7fNYJPHlNQyeMXaf-w5vy6Tdvqalkt5ivBX_0g9g==
x-cache-hits: 0, 0

OPTIONS
H2 200 569737aff5874b2c8e0e8567dc742275
cdn.builder.io/api/v1/graphql/ Frame 0
0 321ms
44ms Preflight
application/json 18.164.124.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.builder.io/api/v1/graphql/569737aff5874b2c8e0e8567dc742275
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-97.jfk50.r.cloudfront.net
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://trilliumgiving.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type, accept, authorization
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
access-control-allow-origin: *
access-control-allow-private-network: true
age: 47621
cache-control: public, max-age=5, s-maxage=5, stale-if-error=2678400, stale-while-revalidate=86400
content-length: 29
content-type: application/json; charset=utf-8
date: Wed, 28 Aug 2024 23:24:56 GMT
etag: W/"1d-Xg+iIZg0pCWHiXUT+Aqp2oAB7bA"
function-execution-id: vky65k7gkvp5
server: Google Frontend
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish, 1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-id: 6sWp8hkW7zw-ocaitDBnlIVljTLIBjtvdHvmx-Z0lNysYzteLYVd1w==
x-amz-cf-pop: JFK50-P7
x-cache: RefreshHit from cloudfront
x-cache-hits: 0, 0
x-cloud-trace-context: 948e71a075a2da4fa4de2dba57504ed0;o=1
x-powered-by: Express
x-request-id: bc8a7350-6594-11ef-a591-3bbf4cf11b08
x-response-time: 0.489ms
x-served-by: cache-chi-kigq8000079-CHI, cache-iad-kjyo7100101-IAD
x-timer: S1724887496.385629,VS0,VE84

GET
H3 200 1719598294908838 Show response
connect.facebook.net/signals/config/ 67 KB
14 KB 37ms
36ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1719598294908838?v=2.9.166&r=stable&domain=trilliumgiving.ca&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Resource Hash

bf8f782c3a5f0a3eda69c6691dacc29ba7efdeca5ad9348e6f5852445f723304

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://trilliumgiving.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 29 Aug 2024 12:38:37 GMT
document-policy: force-load-at-top
x-fb-server-load: 33
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 14350
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=33, rtx=0, c=74, mss=1232, tbw=66904, tp=62, tpl=0, uplat=3, ullat=-1
pragma: public
x-fb-debug: R9pkUVENc0cm5IrQtNMk0UdR3h3RRc4vKKVer7JllNNSmBPBQ7nXYkRvZ8AxdTHyIrudgPS+Qc5cfnJtWgZa6w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 241 KB
85 KB 80ms
79ms Script
application/javascript 142.251.40.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-10889810525&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WLKVRZG

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.136 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

2f2076d5f2c262136cda36055a0df6a4eb233cb92cd733974a33f21dfa5c2572

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://trilliumgiving.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:38:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87484
x-xss-protection: 0
last-modified: Thu, 29 Aug 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 29 Aug 2024 12:38:37 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
14 KB 185ms
58ms Script
application/javascript 150.171.30.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WLKVRZG

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

150.171.30.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://trilliumgiving.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 29 Aug 2024 12:38:37 GMT
last-modified: Sat, 13 Jul 2024 20:42:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8E24E979EBD94997B4CF1CB56191B873 Ref B: BL2AA2010202035 Ref C: 2024-08-29T12:38:37Z
etag: "044982565d5da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 14183

GET
H2 200 / Show response
trilliumgiving.ca/ 149 B
242 B 138ms
137ms Fetch
text/x-component 162.159.140.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trilliumgiving.ca/?_rsc=pz6n3
Requested by: Host: trilliumgiving.ca
URL: https://trilliumgiving.ca/_next/static/chunks/472-7f0be7b7a18d86bb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.140.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Next.js
Resource Hash: 5f60cdb7d0c23aa8d4167b562114e1d8876c29d6722a533e2a3a281aa6c72bcd

Request headers

Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%5B%22page%22%2C%22win-for-health-5050%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D
Referer: https://trilliumgiving.ca/win-for-health-5050
Next-Router-Prefetch: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Next-Url: /win-for-health-5050
RSC: 1

Response headers

date: Thu, 29 Aug 2024 12:38:37 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 29 Aug 2024 12:38:37 GMT
server: cloudflare
x-do-app-origin: 3ec90c6a-6404-4a4b-b8fe-0e6194dcf9bc
x-do-orig-status: 200
x-powered-by: Next.js
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
content-type: text/x-component
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-ray: 8bac9962e99daac6-YYZ

GET
H2 200 /
www.facebook.com/tr/ 0
126 B 40ms
38ms Image
text/plain 31.13.71.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1719598294908838&ev=PageView&dl=https%3A%2F%2Ftrilliumgiving.ca&rl=&if=false&ts=1724935117302&sw=1600&sh=1200&v=2.9.166&r=stable&ec=0&o=4124&fbp=fb.1.1724935117298.904331729945628804&pm=1&hrl=260b0c&ler=empty&cdl=API_unavailable&it=1724935117129&coo=false&cs_cc=1&cas=7213772072055464%2C7287540821332216%2C6366268526812987%2C6330340350336527%2C4974912492586643&rqm=GET

Requested by

Host: trilliumgiving.ca
URL: https://trilliumgiving.ca/win-for-health-5050

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-lga3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://trilliumgiving.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=33, rtx=2, c=8, mss=1316, tbw=3186, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 29 Aug 2024 12:38:37 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 126ms
125ms Image
image/png 31.13.71.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1719598294908838&ev=PageView&dl=https%3A%2F%2Ftrilliumgiving.ca&rl=&if=false&ts=1724935117302&sw=1600&sh=1200&v=2.9.166&r=stable&ec=0&o=4124&fbp=fb.1.1724935117298.904331729945628804&pm=1&hrl=260b0c&ler=empty&cdl=API_unavailable&it=1724935117129&coo=false&cs_cc=1&cas=7213772072055464%2C7287540821332216%2C6366268526812987%2C6330340350336527%2C4974912492586643&rqm=FGET

Requested by

Host: trilliumgiving.ca
URL: https://trilliumgiving.ca/win-for-health-5050

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-lga3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://trilliumgiving.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Thu, 29 Aug 2024 12:38:37 GMT
document-policy: force-load-at-top
x-fb-server-load: 35
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7408539915828669402", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=32, rtx=2, c=8, mss=1316, tbw=3356, tp=-1, tpl=-1, uplat=84, ullat=0
pragma: no-cache
x-fb-debug: XONYZU9cWch5PI1JYGwM9+5kUXi5EIGrHW63ohcMPkjQ2C7D9ovB/1JmtSisng5pbk3xUIuB396E+oi9PWe5jQ==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7408539915828669402"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H2 200 track
cdn.builder.io/api/v1/ Frame 0
0 33ms
33ms Preflight
application/json 18.164.124.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.builder.io/api/v1/track
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-97.jfk50.r.cloudfront.net
Software: CloudFront /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://trilliumgiving.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
age: 7874546
cache-control: max-age=100000000
content-length: 19
content-type: application/json
date: Thu, 30 May 2024 09:16:11 GMT
server: CloudFront
via: 1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-id: dNwa8hMKA24M52J-DYYkO5RJj4CUrmXxbSt5cv6FTJdQ-rDSEIu0NA==
x-amz-cf-pop: JFK50-P7
x-cache: Hit from cloudfront

GET
H2 200 l
use.typekit.net/af/09a46f/00000000000000003b9b033d/27/ 24 KB
24 KB 33ms
33ms Font
application/font-woff2 23.223.209.41
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/09a46f/00000000000000003b9b033d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/kqu6rxy.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.223.209.41 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-223-209-41.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f2d1c5de73c90dae9eb2def6e40895ccb897d5cdbdd744dfacb58da6186947e5

Request headers

Referer: https://use.typekit.net/kqu6rxy.css
Origin: https://trilliumgiving.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:38:37 GMT
server: nginx
etag: "b0eaa0881a0b90bee7bfd5bc5d2cc1a341721563"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 24812

GET
H2 200 ia.js Show response
homelottery.ca/a/js/ 6 KB
2 KB 125ms
33ms Script
application/x-javascript 104.22.17.208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://homelottery.ca/a/js/ia.js

Requested by

Host: trilliumgiving.ca
URL: https://trilliumgiving.ca/win-for-health-5050

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.208 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6f8630293e69741eef6db05fde538c7fdba6479db248df1bb8f386b39e52918

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://trilliumgiving.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:38:37 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 2710
cf-polished: origSize=11466
pragma: public
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Fri, 23 Jun 2023 15:02:51 GMT
server: cloudflare
etag: W/"2cca-6495b41b-0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=7200
cf-ray: 8bac996589daa250-YYZ
expires: Thu, 29 Aug 2024 12:53:28 GMT

POST
H2 200 track Show response
cdn.builder.io/api/v1/ 19 B
410 B 81ms
78ms Fetch
application/json 18.164.124.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.builder.io/api/v1/track
Requested by: Host: trilliumgiving.ca
URL: https://trilliumgiving.ca/_next/static/chunks/601-2133d0c92e4eaf10.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-97.jfk50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 9dbcb789cce44f6a1ebf8b0c8b1f453538fa057a271a75c5dd3dff663b8b4cc8

Request headers

Referer: https://trilliumgiving.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Sun, 28 Jan 2024 23:13:37 GMT
via: 1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK50-P7
age: 18451500
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
x-api-call-time: 20
cache-control: max-age=100000000
x-cache: Miss from cloudfront
access-control-allow-headers: content-type
content-length: 19
x-amz-cf-id: 3FYXz1c1ZJaXEaF3-9xAO-lR97OkNfM-5JX6e-jqgMlsa1GlhmNJdQ==

GET
H2 200 pixel
cdn.builder.io/api/v1/ 35 B
953 B 109ms
42ms Image
image/gif 18.164.124.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.builder.io/api/v1/pixel?apiKey=569737aff5874b2c8e0e8567dc742275

Requested by

Host: trilliumgiving.ca
URL: https://trilliumgiving.ca/win-for-health-5050

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-97.jfk50.r.cloudfront.net

Software

Google Frontend /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://trilliumgiving.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
date: Thu, 29 Aug 2024 12:29:23 GMT
via: 1.1 a4c7006ff62b5b4c16c58f54fdfeb656.cloudfront.net (CloudFront)
access-control-allow-private-network: true
x-amz-cf-pop: JFK50-P7
age: 554
x-cache: Hit from cloudfront
content-length: 35
x-served-by: cache-iad-kiad7000053-IAD
server: Google Frontend
x-timer: S1724934563.408367,VS0,VE81
vary: cookie,accept-encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
content-type: image/gif
access-control-allow-origin: *
x-cloud-trace-context: 6fc068aa29ab29b0f6e749a3e29ff416
cache-control: public, max-age=15, s-maxage=600, stale-if-error=259200
function-execution-id: 1dy2z6efixsi
origin-trial: AofGPSvOEBwNTsONiWgsQDentPPwgWkTFpAxoQocYSzbXKnh43+evaYOWRmzNSbrxEQMwgHMKnVqHU0N9uOMMwsAAAB0eyJvcmlnaW4iOiJodHRwczovL2J1aWxkZXIuaW86NDQzIiwiZmVhdHVyZSI6IlVucmVzdHJpY3RlZFNoYXJlZEFycmF5QnVmZmVyIiwiZXhwaXJ5IjoxNzA5ODU1OTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
accept-ranges: bytes
x-robots-tag: noindex
access-control-allow-headers: content-type, accept, authorization
x-amz-cf-id: U1M1cHYmAH_tcWZVq4Wz3JPuecHDzA7DtAO-kJdpO4e1Vxxzyr17LA==
x-country-code: US
x-cache-hits: 0

GET
H2 200 assets%2F12886f32eb064aa4a7f974ef472c2239%2F6d2946f6295a4428895cbe638fded124
cdn.builder.io/api/v1/image/ 33 KB
34 KB 113ms
54ms Image
image/webp 18.164.124.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.builder.io/api/v1/image/assets%2F12886f32eb064aa4a7f974ef472c2239%2F6d2946f6295a4428895cbe638fded124?format=webp&width=1600

Requested by

Host: trilliumgiving.ca
URL: https://trilliumgiving.ca/win-for-health-5050

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-97.jfk50.r.cloudfront.net

Software

Google Frontend / Express

Resource Hash

b193c3689bd264c4cec2f33b460dc52868b6a780a32c76afdca5aed7b069f968

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

Referer: https://trilliumgiving.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: script-src 'none'
date: Wed, 28 Aug 2024 12:25:43 GMT
via: 1.1 a4c7006ff62b5b4c16c58f54fdfeb656.cloudfront.net (CloudFront)
access-control-allow-private-network: true
x-amz-cf-pop: JFK50-P7
age: 87174
x-powered-by: Express
surrogate-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
x-cache: Hit from cloudfront
content-length: 34238
x-request-id: a4f135a0-6538-11ef-ab5a-f5a11410b707
server: Google Frontend
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-cloud-trace-context: dbf9e50155cf9b62111dcfd810c955b7
cache-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
function-execution-id: gosfesvjoe2o
x-robots-tag: noindex
access-control-allow-headers: content-type, accept, authorization
x-amz-cf-id: zFpsj-lZI0OG2aKur_FMkJOJ6xpEG3bWody7js1yGv-IJRJeICAr1Q==

GET
H2 206 assets%2F12886f32eb064aa4a7f974ef472c2239%2F053e5f0ec1b040268ab41330c7b17fc6%2Fcompressed
cdn.builder.io/o/ 1020 KB
1022 KB 90ms
48ms Media
video/mp4 18.164.124.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.builder.io/o/assets%2F12886f32eb064aa4a7f974ef472c2239%2F053e5f0ec1b040268ab41330c7b17fc6%2Fcompressed?apiKey=12886f32eb064aa4a7f974ef472c2239&token=053e5f0ec1b040268ab41330c7b17fc6&alt=media&optimized=true
Requested by: Host: trilliumgiving.ca
URL: https://trilliumgiving.ca/win-for-health-5050
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-97.jfk50.r.cloudfront.net
Software: UploadServer /
Resource Hash: eed486dca413a94823f1fe32721f9c64adbdb2f032444334bcce44c0bca17822

Request headers

Referer: https://trilliumgiving.ca/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 28 Aug 2024 14:33:42 GMT
via: 1.1 a4c7006ff62b5b4c16c58f54fdfeb656.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 79494
x-guploader-uploadid: AHxI1nPR-8bdO-1w1ifqVtqtHtVdjENDeTGd_sWz7VToA4iXKAj2JNFRFLEdwOdKbmvhstiLXCKgjyYj7A
x-cache: Hit from cloudfront
x-goog-storage-class: STANDARD
Content-Range: bytes 0-1044081/1044082
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Content-Length: 1044082
last-modified: Wed, 28 Aug 2024 13:36:52 GMT
server: UploadServer
etag: "a40c43a6d24ab90d2e334d2c4c31e566"
x-goog-generation: 1724852212044978
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=IUSvqw==, md5=pAxDptJKuQ0uM00sTDHlZg==
cache-control: public, max-age=2592000000, s-maxage=5184000000, stale-while-revalidate=5184000000, stale-if-error=5184000000
access-control-allow-methods: GET
x-goog-stored-content-length: 1044082
x-goog-meta-firebasestoragedownloadtokens: 053e5f0ec1b040268ab41330c7b17fc6
accept-ranges: bytes
x-amz-cf-id: trEAlbYDPihQLckzNiADjx6VbDKGnIdYflLbYrRgyuapvA0c9A6-QA==
expires: Wed, 28 Aug 2024 14:33:42 GMT

GET
H3 200 thp
ticker.rafflebox.ca/event-ticker/ Frame C0C3 0
0 85ms
46ms Document
text/html 104.26.1.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ticker.rafflebox.ca/event-ticker/thp?size=compact&buyNow=false
Requested by: Host: trilliumgiving.ca
URL: https://trilliumgiving.ca/win-for-health-5050
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.1.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://trilliumgiving.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age: 76200
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
cf-ray: 8bac99658ff8ab0a-YYZ
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 29 Aug 2024 12:38:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TsZrApfHNc14pCpNUkcuUiZvH9vJ5%2F3LQi0Ib19QUjBh5hIei4QB7KKxFzOAhVxnUXq5BUIzZk0sQ0oPyU8F8YoUVD97xf8EabOTO1jMohXpUynQnURaZu9QAx6RuvXFjOVR1gY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10889810525/ 6 KB
2 KB 135ms
64ms Script
text/javascript 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10889810525/?random=1724935117411&cv=11&fst=1724935117411&bg=ffffff&guid=ON&async=1&gtm=45be48r0z8896092226za201zb896092226&gcd=13t3t3t3t5l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftrilliumgiving.ca%2Fwin-for-health-5050&hn=www.googleadservices.com&frm=0&tiba=Win%20for%20Health%205050%20Raffle%20%7C%20Trillium%20Health%20Partners%20Foundation%20%7C%20Trillium%20Health%20Partners%20Foundation&npa=0&pscdl=noapi&auid=2090379662.1724935118&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-10889810525&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

d7279d313ebacbd4801d5e482cc07103308b8eee2c565d67e79b364342f9689c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://trilliumgiving.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Aug 2024 12:38:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2373
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10889810525
td.doubleclick.net/td/rul/ Frame CF67 0
0 71ms
69ms Document
text/html 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/10889810525?random=1724935117411&cv=11&fst=1724935117411&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be48r0z8896092226za201zb896092226&gcd=13t3t3t3t5l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftrilliumgiving.ca%2Fwin-for-health-5050&hn=www.googleadservices.com&frm=0&tiba=Win%20for%20Health%205050%20Raffle%20%7C%20Trillium%20Health%20Partners%20Foundation%20%7C%20Trillium%20Health%20Partners%20Foundation&npa=0&pscdl=noapi&auid=2090379662.1724935118&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-10889810525&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://trilliumgiving.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Aug 2024 12:38:37 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

landing
googleads.g.doubleclick.net/pagead/
Redirect Chain

https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t3t5l1&tag_exp=0&rnd=14852886.1724935118&url=https%3A%2F%2Ftrilliumgiving.ca%2Fwin-for-health-5050&dma=0&npa=0&gtm=45He48r0n81WLKVRZGv896092...
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5l1&tag_exp=0&rnd=14852886.1724935118&url=https%3A%2F%2Ftrilliumgiving.ca%2Fwin-for-health-5050&dma=0&npa=0&gtm=45He48r0n81W...

42 B
64 B

55ms
49ms

Ping
image/gif

142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5l1&tag_exp=0&rnd=14852886.1724935118&url=https%3A%2F%2Ftrilliumgiving.ca%2Fwin-for-health-5050&dma=0&npa=0&gtm=45He48r0n81WLKVRZGv896092226za200&auid=2090379662.1724935118

Requested by

Host: trilliumgiving.ca
URL: https://trilliumgiving.ca/win-for-health-5050

Protocol

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://trilliumgiving.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Aug 2024 12:38:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 29 Aug 2024 12:38:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5l1&tag_exp=0&rnd=14852886.1724935118&url=https%3A%2F%2Ftrilliumgiving.ca%2Fwin-for-health-5050&dma=0&npa=0&gtm=45He48r0n81WLKVRZGv896092226za200&auid=2090379662.1724935118
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 211021852.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 41ms
41ms Script
application/javascript 150.171.30.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/211021852.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

150.171.30.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

94d961d3b1d15b664ccbe1d098bfe2581a78f082e95cf825a3e7c328e610233a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://trilliumgiving.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Thu, 29 Aug 2024 12:38:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 014CF7EDB8EE41B59754214DD67ADCDA Ref B: BL2AA2010202035 Ref C: 2024-08-29T12:38:37Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 200 ia.gif
homelottery.ca/a/t/ 43 B
317 B 148ms
145ms Image
image/gif 104.22.17.208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://homelottery.ca/a/t/ia.gif?u=643313368&a=HLNUNI&TSI=1724935118&TSP=1724935118&TSC=1724935118&vx=1&p=https%3A%2F%2Ftrilliumgiving.ca%2Fwin-for-health-5050&CU=GA1.1.1127334992.1724935117

Requested by

Host: trilliumgiving.ca
URL: https://trilliumgiving.ca/win-for-health-5050

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.208 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://trilliumgiving.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Aug 2024 12:38:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 8bac9965ea1da250-YYZ
content-length: 43
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ib.gif
homelottery.ca/a/t/ 43 B
285 B 149ms
147ms Image
image/gif 104.22.17.208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://homelottery.ca/a/t/ib.gif

Requested by

Host: trilliumgiving.ca
URL: https://trilliumgiving.ca/win-for-health-5050

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.208 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://trilliumgiving.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:38:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 23 Jul 2007 05:06:45 GMT
server: cloudflare
cf-cache-status: DYNAMIC
etag: IB40a61dde3727571aa565
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, max-age=0, s-max-age=0
cf-ray: 8bac9965ea1fa250-YYZ
content-length: 43
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 211021852 Show response
www.clarity.ms/tag/uet/ 816 B
1 KB 232ms
90ms Script
application/x-javascript 13.107.246.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/211021852
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/211021852.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b24179ac1d62d8a3c90ee1522e9904485173b516b9e57827ed4ac2bddbd0fc3f

Request headers

Referer: https://trilliumgiving.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
date: Thu, 29 Aug 2024 12:38:37 GMT
x-azure-ref: 20240829T123837Z-1799c87bc7bq4mhrkrntddh8cg00000001yg0000000076wc
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 816
expires: -1

GET
H2 204 0
bat.bing.com/action/ 0
360 B 51ms
50ms Image
text/plain 150.171.30.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=211021852&tm=gtm002&Ver=2&mid=2deaad3c-de57-40ba-85cc-89317fb08ee5&sid=9d0d0460660311ef89772d791e31f2b3&vid=9d0d65f0660311ef96b2dbb5f151c7db&vids=1&msclkid=N&gtm_tag_source=1&pi=918639831&lg=en-CA&sw=1600&sh=1200&sc=24&tl=Win%20for%20Health%205050%20Raffle%20%7C%20Trillium%20Health%20Partners%20Foundation%20%7C%20Trillium%20Health%20Partners%20Foundation&p=https%3A%2F%2Ftrilliumgiving.ca%2Fwin-for-health-5050&r=&lt=2803&evt=pageLoad&sv=1&cdb=AQAQ&rn=789467

Requested by

Host: trilliumgiving.ca
URL: https://trilliumgiving.ca/win-for-health-5050

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

150.171.30.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://trilliumgiving.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 29 Aug 2024 12:38:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6820C9E6895A495782110F5C8C69A81D Ref B: BL2AA2010202035 Ref C: 2024-08-29T12:38:37Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/10889810525/ 42 B
64 B 55ms
54ms Image
image/gif 142.251.41.4
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10889810525/?random=1724935117411&cv=11&fst=1724932800000&bg=ffffff&guid=ON&async=1&gtm=45be48r0z8896092226za201zb896092226&gcd=13t3t3t3t5l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftrilliumgiving.ca%2Fwin-for-health-5050&hn=www.googleadservices.com&frm=0&tiba=Win%20for%20Health%205050%20Raffle%20%7C%20Trillium%20Health%20Partners%20Foundation%20%7C%20Trillium%20Health%20Partners%20Foundation&npa=0&pscdl=noapi&auid=2090379662.1724935118&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnf40drN59SOhy3EWC7ag8cwXSGonajbqq1FPglfhDxRf_8dba_&random=3786749040&rmt_tld=0&ipr=y

Requested by

Host: trilliumgiving.ca
URL: https://trilliumgiving.ca/win-for-health-5050

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.4 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://trilliumgiving.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Aug 2024 12:38:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/10889810525/ 42 B
64 B 57ms
55ms Image
image/gif 142.251.32.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/10889810525/?random=1724935117411&cv=11&fst=1724932800000&bg=ffffff&guid=ON&async=1&gtm=45be48r0z8896092226za201zb896092226&gcd=13t3t3t3t5l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftrilliumgiving.ca%2Fwin-for-health-5050&hn=www.googleadservices.com&frm=0&tiba=Win%20for%20Health%205050%20Raffle%20%7C%20Trillium%20Health%20Partners%20Foundation%20%7C%20Trillium%20Health%20Partners%20Foundation&npa=0&pscdl=noapi&auid=2090379662.1724935118&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnf40drN59SOhy3EWC7ag8cwXSGonajbqq1FPglfhDxRf_8dba_&random=3786749040&rmt_tld=1&ipr=y

Requested by

Host: trilliumgiving.ca
URL: https://trilliumgiving.ca/win-for-health-5050

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.99 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://trilliumgiving.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Aug 2024 12:38:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 win-for-health-5050
trilliumgiving.ca/ 127 B
0 146ms
138ms Fetch
text/x-component 162.159.140.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trilliumgiving.ca/win-for-health-5050?_rsc=pz6n3
Requested by: Host: trilliumgiving.ca
URL: https://trilliumgiving.ca/_next/static/chunks/472-7f0be7b7a18d86bb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.140.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Next.js
Resource Hash

Request headers

Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%5B%22page%22%2C%22win-for-health-5050%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D
Referer: https://trilliumgiving.ca/win-for-health-5050
Next-Router-Prefetch: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Next-Url: /win-for-health-5050
RSC: 1

Response headers

date: Thu, 29 Aug 2024 12:38:38 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 29 Aug 2024 12:38:38 GMT
server: cloudflare
x-do-app-origin: 3ec90c6a-6404-4a4b-b8fe-0e6194dcf9bc
x-do-orig-status: 200
x-powered-by: Next.js
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
content-type: text/x-component
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-ray: 8bac99677e6baac6-YYZ

GET
H2 200 win-for-health-5050-rules Show response
trilliumgiving.ca/ 199 B
256 B 121ms
115ms Fetch
text/x-component 162.159.140.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trilliumgiving.ca/win-for-health-5050-rules?_rsc=pz6n3
Requested by: Host: trilliumgiving.ca
URL: https://trilliumgiving.ca/_next/static/chunks/472-7f0be7b7a18d86bb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.140.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Next.js
Resource Hash: d3d45fe1af4c316f2ff3d90fe95239260484de64ab87a1d54ecf14c3d425f0ab

Request headers

Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%5B%22page%22%2C%22win-for-health-5050%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D
Referer: https://trilliumgiving.ca/win-for-health-5050
Next-Router-Prefetch: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Next-Url: /win-for-health-5050
RSC: 1

Response headers

date: Thu, 29 Aug 2024 12:38:38 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 29 Aug 2024 12:38:38 GMT
server: cloudflare
x-do-app-origin: 3ec90c6a-6404-4a4b-b8fe-0e6194dcf9bc
x-do-orig-status: 200
x-powered-by: Next.js
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
content-type: text/x-component
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-ray: 8bac99677e6daac6-YYZ

GET
H2 200 win-for-health-5050-faq
trilliumgiving.ca/ 195 B
0 143ms
138ms Fetch
text/x-component 162.159.140.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trilliumgiving.ca/win-for-health-5050-faq?_rsc=pz6n3
Requested by: Host: trilliumgiving.ca
URL: https://trilliumgiving.ca/_next/static/chunks/472-7f0be7b7a18d86bb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.140.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Next.js
Resource Hash

Request headers

Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%5B%22page%22%2C%22win-for-health-5050%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D
Referer: https://trilliumgiving.ca/win-for-health-5050
Next-Router-Prefetch: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Next-Url: /win-for-health-5050
RSC: 1

Response headers

date: Thu, 29 Aug 2024 12:38:38 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 29 Aug 2024 12:38:38 GMT
server: cloudflare
x-do-app-origin: 3ec90c6a-6404-4a4b-b8fe-0e6194dcf9bc
x-do-orig-status: 200
x-powered-by: Next.js
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
content-type: text/x-component
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-ray: 8bac99677e70aac6-YYZ

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.45/ 64 KB
27 KB 71ms
69ms Script
application/javascript 13.107.246.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.45/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/211021852
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 264532af47b2cfb6620970592478c442a0cd429beccead9d062ff5a91284dc15

Request headers

Referer: https://trilliumgiving.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:38:37 GMT
content-encoding: br
last-modified: Tue, 27 Aug 2024 16:52:58 GMT
etag: W/"0x8DCC6B8B484B650"
vary: Accept-Encoding
x-azure-ref: 20240829T123837Z-1799c87bc7bq4mhrkrntddh8cg00000001yg0000000076wf
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: efd5c579-c01e-0066-04c4-f861fb000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

POST
H/1.1 204
No Content collect Show response
q.clarity.ms/ 0
281 B 781ms
119ms XHR
text/plain 20.231.53.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://q.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.45/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.231.53.73 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://trilliumgiving.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://trilliumgiving.ca
Date: Thu, 29 Aug 2024 12:38:39 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=065083F9396B484796C07D2464F79760&RedC=c.clarity.ms&MXFR=306883FF7179668D05599715757968E0
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=065083F9396B484796C07D2464F79760&MUID=029F80672A1560AB18BB948D2B996137

42 B
465 B

39ms
38ms

Image
image/gif

20.110.205.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=065083F9396B484796C07D2464F79760&MUID=029F80672A1560AB18BB948D2B996137
Protocol: H2
Server: 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://trilliumgiving.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Aug 2024 12:38:39 GMT
last-modified: Wed, 14 Aug 2024 17:35:32 GMT
server: Microsoft-IIS/10.0
etag: "bb391b5d70eeda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 29 Aug 2024 12:38:39 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 124CA6165C824A44B99B52BA040921A8 Ref B: YTO01EDGE0811 Ref C: 2024-08-29T12:38:39Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=065083F9396B484796C07D2464F79760&MUID=029F80672A1560AB18BB948D2B996137
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 logo.png
trilliumgiving.ca/icons/ 5 KB
5 KB 84ms
82ms Other
image/png 162.159.140.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trilliumgiving.ca/icons/logo.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.140.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5315b871c1d7901262d778ec5e61a9f14d3e376258164b8bc01c12729270d9c4

Request headers

Referer: https://trilliumgiving.ca/win-for-health-5050
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:38:39 GMT
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: 3ec90c6a-6404-4a4b-b8fe-0e6194dcf9bc
x-do-orig-status: 200
etag: W/"1489-49773873e8"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 8bac996e2bb2aac6-YYZ
content-length: 5257

GET
H2 200 favicon.ico
trilliumgiving.ca/icons/ 15 KB
4 KB 95ms
95ms Other
image/x-icon 162.159.140.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trilliumgiving.ca/icons/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.140.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 521eff5b7583a9c5498c424a911043be709b4286cac2aa5c1610814024198355

Request headers

Referer: https://trilliumgiving.ca/win-for-health-5050
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:38:39 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: 3ec90c6a-6404-4a4b-b8fe-0e6194dcf9bc
x-do-orig-status: 200
etag: W/"3aee-49773873e8"
vary: Accept-Encoding
content-type: image/x-icon
cache-control: public, max-age=0
cf-ray: 8bac996ebc23aac6-YYZ

POST
H/1.1 204
No Content collect Show response
q.clarity.ms/ 0
281 B 41ms
39ms XHR
text/plain 20.231.53.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://q.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.45/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.231.53.73 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://trilliumgiving.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://trilliumgiving.ca
Date: Thu, 29 Aug 2024 12:38:40 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.trilliumgiving.ca/	1970-01-20 23:08:56	Name: __cf_bm Value: W2V9CNn4dvcg4CpPx8lqRIuqfpPMPdX9NXAm_ZjYiTU-1724935115-1.0.1.1-wg4BYPi.tMJXblO8YzHrIGu1phDi_qX.LfXDt7ge4PWrtkWpuUBknUbpq3INWZgifrlV2Rgh6R6jLHoTd9PvKg
.trilliumgiving.ca/	1970-01-20 23:08:56	Name: builderSessionId Value: ae00e1950af749d482f41aabd6cf3b17
.trilliumgiving.ca/	1970-01-21 08:44:55	Name: _ga_L4NV7NGX76 Value: GS1.1.1724935116.1.0.1724935116.60.0.0
.trilliumgiving.ca/	1970-01-21 08:44:55	Name: _ga Value: GA1.1.1127334992.1724935117
.trilliumgiving.ca/	1970-01-21 01:18:31	Name: _fbp Value: fb.1.1724935117298.904331729945628804
.trilliumgiving.ca/	1970-01-21 01:18:31	Name: _gcl_au Value: 1.1.2090379662.1724935118
.trilliumgiving.ca/	1970-01-21 08:44:55	Name: _igdmu Value: 643313368
.trilliumgiving.ca/	1970-01-20 23:08:56	Name: _igdmsb Value: 1724935118
.trilliumgiving.ca/	1969-12-31 23:59:59	Name: _igdmsc Value: 1724935118
.trilliumgiving.ca/	1970-01-21 08:44:55	Name: _igdmvx Value: 1
.trilliumgiving.ca/	1970-01-21 08:44:55	Name: _igdmvi Value: 1724935118
.trilliumgiving.ca/	1970-01-21 08:44:55	Name: _igdmvp Value: 1724935118
.trilliumgiving.ca/	1970-01-21 08:44:55	Name: _igdmvc Value: 1724935118
.trilliumgiving.ca/	1970-01-20 23:10:21	Name: _uetsid Value: 9d0d0460660311ef89772d791e31f2b3
.trilliumgiving.ca/	1970-01-21 08:30:31	Name: _uetvid Value: 9d0d65f0660311ef96b2dbb5f151c7db
.doubleclick.net/	1970-01-21 08:44:55	Name: IDE Value: AHWqTUmBwIXVM5YHIcra28Eez_pOfwxqAPfqkE0au7IPe6Ve3UwO0A6p4QM_nVCw
.bing.com/	1970-01-21 08:30:31	Name: MUID Value: 029F80672A1560AB18BB948D2B996137
.bat.bing.com/	1970-01-20 23:18:59	Name: MR Value: 0
.homelottery.ca/	1970-01-21 08:44:55	Name: _igdmia Value: IA2c88b4a51c3d2445214d
.homelottery.ca/	1970-01-21 08:44:55	Name: _igdmib Value: IB9e5f24b6110de1c390a2
www.clarity.ms/	1970-01-21 07:54:31	Name: CLID Value: ab31962f686843068143ee5c68210433.20240829.20250829
.trilliumgiving.ca/	1970-01-21 07:54:31	Name: _clck Value: 1qkipim%7C2%7Cfoq%7C0%7C1702
.trilliumgiving.ca/	1970-01-20 23:10:21	Name: _clsk Value: 12m2wc1%7C1724935119047%7C1%7C1%7Cq.clarity.ms%2Fcollect
.c.bing.com/	1970-01-20 23:18:59	Name: MR Value: 0
.c.bing.com/	1970-01-21 08:30:31	Name: SRM_B Value: 029F80672A1560AB18BB948D2B996137
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 08:30:31	Name: MUID Value: 029F80672A1560AB18BB948D2B996137
.c.clarity.ms/	1970-01-20 23:18:59	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 23:08:55	Name: ANONCHK Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://trilliumgiving.ca/win-for-health-5050 Message: The resource https://www.facebook.com/tr?id=1719598294908838&ev=PageView&noscript=1 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn.builder.io
connect.facebook.net
googleads.g.doubleclick.net
homelottery.ca
p.typekit.net
q.clarity.ms
stats.g.doubleclick.net
td.doubleclick.net
ticker.rafflebox.ca
trilliumgiving.ca
use.typekit.net
winforhealth.ca
www.clarity.ms
www.facebook.com
www.google.ca
www.google.com
www.googletagmanager.com
104.22.17.208
104.26.1.105
13.107.21.237
13.107.246.40
142.250.80.66
142.251.16.157
142.251.32.99
142.251.40.130
142.251.40.136
142.251.40.206
142.251.41.4
15.197.225.128
150.171.30.10
162.159.140.98
18.164.124.97
20.110.205.119
20.231.53.73
23.204.152.149
23.223.209.41
31.13.71.36
31.13.71.7
00334cdb5050573ecebc331d406e388d56043f65444160dc769877e5da0dbe76
08508245f47146a774ceed5e2276e9934c40383cc819aef22803cef49fbd0077
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1d5839be1d1549506a3e4bd24fb7eff1a24dee35becacc91dea111002c9d1dd5
264532af47b2cfb6620970592478c442a0cd429beccead9d062ff5a91284dc15
2853f3de86b93b2706d2666e481d8342ad8a7fec6d9718a214eb3fb51564ecac
2f2076d5f2c262136cda36055a0df6a4eb233cb92cd733974a33f21dfa5c2572
302460f4992d26feb5ddcf6af2f9685e85f02a1533ef117a5c2597eb7d18384e
3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1
437f4822c0ef19333a0939d569eace5614ac4ce879886539013bbcd4ed135d40
521eff5b7583a9c5498c424a911043be709b4286cac2aa5c1610814024198355
5315b871c1d7901262d778ec5e61a9f14d3e376258164b8bc01c12729270d9c4
5f60cdb7d0c23aa8d4167b562114e1d8876c29d6722a533e2a3a281aa6c72bcd
6053e2837bb3d5edc361852f09e9d4b510a92e785e159a4e02d699389e856d17
62eed46ddbc8cf416dd3bcd0252516955f9bb183f3fc78bdb5b48d26bed568b6
6abb4e47b84d4df60188a941f3d232d32164e4fa74c323a83ec1e85023f3d11a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
71ff708b86e68aa58cca2a8796d079acddc2e4febf8153e5179108d7d8c18040
72631edada7ecb6686904506efc336bb997bad276c4f34a416f81ef5bb96df0d
75d31e6eeece7a10a170f1d1b55984fc6ae29d9232b2bf0f250646bdfc334405
799b6e6f79ad49e3031b4e5b1579ec9319f4a3c63efb078df19fa916e31a061a
94d961d3b1d15b664ccbe1d098bfe2581a78f082e95cf825a3e7c328e610233a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9dbcb789cce44f6a1ebf8b0c8b1f453538fa057a271a75c5dd3dff663b8b4cc8
a385e9b0e7c0b4ad493d87969f5149f248a32a89a7ffaad6928a7911993d8ea5
a3be0b5685b1d809b0528ea67f3786834db636abaec1f530e9744ca41d3a14c8
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
b193c3689bd264c4cec2f33b460dc52868b6a780a32c76afdca5aed7b069f968
b24179ac1d62d8a3c90ee1522e9904485173b516b9e57827ed4ac2bddbd0fc3f
b6f8630293e69741eef6db05fde538c7fdba6479db248df1bb8f386b39e52918
bb0a8eb23706285ca06fad2adfa936f92570d4e1302f52cbb8c8834bc3e6c5d4
bd1c262d2aa20a8f4798a607900b4d460eb20bcab455d4269e2c8d1401b0e768
bddb86b5d103ef5b74467f1873ea76db85c6150cc75a031e8739da96201d4fcd
bf8f782c3a5f0a3eda69c6691dacc29ba7efdeca5ad9348e6f5852445f723304
c229a5b62d9762343b2ac81f9a0b8d0af9376e657c7769cebec6f00822a7a184
cd27af4f3a4746370cbb6cb7b1d98085a75b8999991e3d3e65e0b94c7241501b
cd91d4ee41db99ee2c11bb7141a25e972edc3dd634cee00033f80243c6ca983f
ce4915f46dedc519fc4f4d36b20eed8caa79dfc7d73a627924af7efa35359a19
d3d45fe1af4c316f2ff3d90fe95239260484de64ab87a1d54ecf14c3d425f0ab
d7279d313ebacbd4801d5e482cc07103308b8eee2c565d67e79b364342f9689c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eed486dca413a94823f1fe32721f9c64adbdb2f032444334bcce44c0bca17822
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f277430a99a1d855768fd72e061219cff0ade9326eabffea2a1ad86d221bcfa3
f2d1c5de73c90dae9eb2def6e40895ccb897d5cdbdd744dfacb58da6186947e5

trilliumgiving.ca Open in urlscan Pro 162.159.140.98 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

64 Requests

97 %HTTPS

0 %IPv6

14 Domains

21 Subdomains

19 IPs

2 Countries

1796 kBTransfer

3421 kBSize

29 Cookies

9 Outgoing links

Page URL History

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

trilliumgiving.ca Open in urlscan Pro
162.159.140.98 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

97 %
HTTPS

0 %
IPv6

14
Domains

21
Subdomains

19
IPs

2
Countries

1796 kB
Transfer

3421 kB
Size

29
Cookies

64 HTTP transactions
0 data transactions