urlscan.io logo urlscan.io
SecurityTrails logo

fp.admin.recitcn.ca Open in urlscan Pro
49.12.119.46  Public Scan

Go To Rescan Add Verdict Report
URL: https://fp.admin.recitcn.ca/
Submission: On May 23 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 10 domains to perform 38 HTTP transactions. The main IP is 49.12.119.46, located in Germany and belongs to HETZNER-AS, DE. The main domain is fp.admin.recitcn.ca.
TLS certificate: Issued by R3 on May 23rd 2024. Valid for: 3 months.
This is the only time fp.admin.recitcn.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 49.12.119.46 24940 (HETZNER-AS)
1 172.66.40.60 13335 (CLOUDFLAR...)
3 34.120.195.249 396982 (GOOGLE-CL...)
3 142.251.111.97 15169 (GOOGLE)
2 31.13.66.19 32934 (FACEBOOK)
1 18.165.98.118 16509 (AMAZON-02)
2 142.251.163.155 15169 (GOOGLE)
2 216.239.34.181 15169 (GOOGLE)
2 142.250.31.155 15169 (GOOGLE)
4 142.251.163.94 15169 (GOOGLE)
2 142.251.163.103 15169 (GOOGLE)
2 31.13.66.35 32934 (FACEBOOK)
38 12
14    49.12.119.46 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.46.119.12.49.clients.your-server.de
fp.admin.recitcn.ca
1    172.66.40.60 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.paddle.com
3    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o926083.ingest.sentry.io
3    142.251.111.97 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f97.1e100.net
www.googletagmanager.com
2    31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net
connect.facebook.net
1    18.165.98.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-98-118.iad55.r.cloudfront.net
public.profitwell.com
2    142.251.163.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f155.1e100.net
googleads.g.doubleclick.net
2    216.239.34.181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    142.250.31.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f155.1e100.net
stats.g.doubleclick.net
4    142.251.163.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f94.1e100.net
www.google.ca
2    142.251.163.103 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f103.1e100.net
www.google.com
2    31.13.66.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-iad3.facebook.com
www.facebook.com
Apex Domain
Subdomains		 Transfer
14 recitcn.ca
fp.admin.recitcn.ca
2 MB
4 google.ca
www.google.ca — Cisco Umbrella Rank: 10035
254 B
4 google.com
analytics.google.com — Cisco Umbrella Rank: 154
www.google.com — Cisco Umbrella Rank: 2
438 B
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
stats.g.doubleclick.net — Cisco Umbrella Rank: 89
3 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
333 KB
3 sentry.io
o926083.ingest.sentry.io
438 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
4 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
72 KB
1 profitwell.com
public.profitwell.com — Cisco Umbrella Rank: 12342
9 KB
1 paddle.com
cdn.paddle.com — Cisco Umbrella Rank: 25354
72 KB
38 10
Domain Requested by
14 fp.admin.recitcn.ca fp.admin.recitcn.ca
4 www.google.ca fp.admin.recitcn.ca
3 www.googletagmanager.com fp.admin.recitcn.ca
www.googletagmanager.com
3 o926083.ingest.sentry.io fp.admin.recitcn.ca
2 www.facebook.com fp.admin.recitcn.ca
2 www.google.com fp.admin.recitcn.ca
2 stats.g.doubleclick.net www.googletagmanager.com
2 analytics.google.com www.googletagmanager.com
2 googleads.g.doubleclick.net www.googletagmanager.com
2 connect.facebook.net fp.admin.recitcn.ca
connect.facebook.net
1 public.profitwell.com fp.admin.recitcn.ca
1 cdn.paddle.com fp.admin.recitcn.ca
38 12

This site contains no links.

Subject Issuer Validity Valid
fp.admin.recitcn.ca
R3		 2024-05-23 -
2024-08-21		 3 months crt.sh
paddle.com
Cloudflare Inc ECC CA-3		 2023-08-08 -
2024-08-07		 a year crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-02 -
2024-12-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-02 -
2024-05-31		 3 months crt.sh
*.profitwell.com
Amazon RSA 2048 M02		 2024-05-03 -
2025-06-01		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2024-05-06 -
2024-07-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://fp.admin.recitcn.ca/
Frame ID: C900CA4DF644CC511A8401CA7F7AC8B1
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MEMORA | Login

Detected technologies

Overall confidence: 100%
Detected patterns
  • <(?:div|button) class="el-(?:table-column|table-filter|popper|pagination|pager|select-group|form|form-item|color-predefine|color-hue-slider|color-svpanel|color-alpha-slider|color-dropdown|color-picker|badge|tree|tree-node|select|message|dialog|checkbox|checkbox-button|checkbox-group|container|steps|carousel|menu|menu-item|submenu|menu-item-group|button|button-group|card|table|select-dropdown|row|tabs|notification|radio|progress|progress-bar|tag|popover|tooltip|cascader|cascader-menus|cascader-menu|time-spinner|spinner|spinner-inner|transfer|transfer-panel|rate|slider|dropdown|dropdown-menu|textarea|input|input-group|popup-parent|radio-group|main|breadcrumb|time-range-picker|date-range-picker|year-table|date-editor|range-editor|time-spinner|date-picker|time-panel|date-table|month-table|picker-panel|collapse|collapse-item|alert|select-dropdown|select-dropdown__empty|select-dropdown__wrap|select-dropdown__list|scrollbar|switch|carousel|upload|upload-dragger|upload-list|upload-cover|aside|input-number|header|message-box|footer|radio-button|step|autocomplete|autocomplete-suggestion|loading-parent|loading-mask|loading-spinner|)
Overall confidence: 100%
Detected patterns
  • cdn\.paddle\.com/paddle/paddle\.js
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • public\.profitwell\.com/js/profitwell\.js

Page Statistics

38
Requests

100 %
HTTPS

0 %
IPv6

10
Domains

12
Subdomains

12
IPs

2
Countries

2366 kB
Transfer

7818 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
fp.admin.recitcn.ca/ 		1 KB
835 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fp.admin.recitcn.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.12.119.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.119.12.49.clients.your-server.de
Software
Apache /
Resource Hash
67625cf86d122470993e356867cdec2b53ab6646b44135739aa614d6f387f03a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-headers
Access-Control-Allow-Headers,Origin,Accept,X-Requested-With,Content-Type,Access-Control-Request-Method,Access-Control-Request-Headers,Authorization
cache-control
no-store, must-revalidate
content-encoding
gzip
content-length
511
content-type
text/html; charset=UTF-8
date
Thu, 23 May 2024 22:09:16 GMT
etag
"45a-6191a2e9b201c-gzip"
last-modified
Thu, 23 May 2024 07:41:42 GMT
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
style.css
fp.admin.recitcn.ca/api/v1/settings/dashboard/ 		413 B
381 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fp.admin.recitcn.ca/api/v1/settings/dashboard/style.css
Requested by
Host: fp.admin.recitcn.ca
URL: https://fp.admin.recitcn.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.12.119.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.119.12.49.clients.your-server.de
Software
Apache /
Resource Hash
2aed49afe262a31cdf094f47a72901125cf3031a0f5ae224af51fcc94c436409
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fp.admin.recitcn.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 22:09:16 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 23 May 2024 22:09:17 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
cache-control
public, must-revalidate, max-age=0
content-disposition
inline; filename="style.css"
access-control-allow-headers
Access-Control-Allow-Headers,Origin,Accept,X-Requested-With,Content-Type,Access-Control-Request-Method,Access-Control-Request-Headers,Authorization
content-length
261
settings.js
fp.admin.recitcn.ca/api/v1/settings/dashboard/ 		736 B
537 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fp.admin.recitcn.ca/api/v1/settings/dashboard/settings.js
Requested by
Host: fp.admin.recitcn.ca
URL: https://fp.admin.recitcn.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.12.119.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.119.12.49.clients.your-server.de
Software
Apache /
Resource Hash
7f8ade26adc88aa3e2ea695fcea5b50659f32c2e3c7770518d62d62d10333918
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fp.admin.recitcn.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 22:09:16 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 23 May 2024 22:09:17 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, must-revalidate, max-age=0
content-disposition
inline; filename="settings.js"
access-control-allow-headers
Access-Control-Allow-Headers,Origin,Accept,X-Requested-With,Content-Type,Access-Control-Request-Method,Access-Control-Request-Headers,Authorization
content-length
365
chunk-vendors.c26cf73f45ee57f0.js
fp.admin.recitcn.ca/dist-admin/ 		2 MB
518 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fp.admin.recitcn.ca/dist-admin/chunk-vendors.c26cf73f45ee57f0.js
Requested by
Host: fp.admin.recitcn.ca
URL: https://fp.admin.recitcn.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.12.119.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.119.12.49.clients.your-server.de
Software
Apache /
Resource Hash
64e23ad3c1cd74c58ced8ef5b4f6c3aeea906083a30b7d73e33599c7f8cb9cab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fp.admin.recitcn.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 22:09:17 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 23 May 2024 07:41:41 GMT
server
Apache
etag
"1e66cc-6191a2e99c08c-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
access-control-allow-headers
Access-Control-Allow-Headers,Origin,Accept,X-Requested-With,Content-Type,Access-Control-Request-Method,Access-Control-Request-Headers,Authorization
index.5391c0d341c7f57e.js
fp.admin.recitcn.ca/dist-admin/ 		3 MB
803 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fp.admin.recitcn.ca/dist-admin/index.5391c0d341c7f57e.js
Requested by
Host: fp.admin.recitcn.ca
URL: https://fp.admin.recitcn.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.12.119.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.119.12.49.clients.your-server.de
Software
Apache /
Resource Hash
bc73dbb26f322f82dd0bbd2f722989454f46c269fa09c3225cfb4193fe3d5a51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fp.admin.recitcn.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 22:09:17 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 23 May 2024 07:41:41 GMT
server
Apache
etag
"30481a-6191a2e993004-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
access-control-allow-headers
Access-Control-Allow-Headers,Origin,Accept,X-Requested-With,Content-Type,Access-Control-Request-Method,Access-Control-Request-Headers,Authorization
chunk-vendors.1bf94e04.css
fp.admin.recitcn.ca/dist-admin/css/ 		195 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fp.admin.recitcn.ca/dist-admin/css/chunk-vendors.1bf94e04.css
Requested by
Host: fp.admin.recitcn.ca
URL: https://fp.admin.recitcn.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.12.119.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.119.12.49.clients.your-server.de
Software
Apache /
Resource Hash
200b537a7d0c942ec2cd1a92dbfe9d4ce7e1469195ececce8222b812327bfae0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fp.admin.recitcn.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 22:09:16 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 23 May 2024 07:41:41 GMT
server
Apache
etag
"30a63-6191a2e99c08c-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
access-control-allow-headers
Access-Control-Allow-Headers,Origin,Accept,X-Requested-With,Content-Type,Access-Control-Request-Method,Access-Control-Request-Headers,Authorization
content-length
26076
index.ffd41279.css
fp.admin.recitcn.ca/dist-admin/css/ 		698 KB
212 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fp.admin.recitcn.ca/dist-admin/css/index.ffd41279.css
Requested by
Host: fp.admin.recitcn.ca
URL: https://fp.admin.recitcn.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.12.119.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.119.12.49.clients.your-server.de
Software
Apache /
Resource Hash
79be8c6f27203bb748ba4b8291e303db54552127e2fbe6e5c298156c0fe1a03d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fp.admin.recitcn.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 22:09:16 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 23 May 2024 07:41:41 GMT
server
Apache
etag
"ae704-6191a2e993004-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
access-control-allow-headers
Access-Control-Allow-Headers,Origin,Accept,X-Requested-With,Content-Type,Access-Control-Request-Method,Access-Control-Request-Headers,Authorization
paddle.js
cdn.paddle.com/paddle/ 		225 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.paddle.com/paddle/paddle.js
Requested by
Host: fp.admin.recitcn.ca
URL: https://fp.admin.recitcn.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8890bd007fbbfa6910667dfe03f67a6baaa7372ce8eafd7e7288bd0749ce1578

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fp.admin.recitcn.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 22:09:16 GMT
via
1.1 fc2f37d7003b9d84c9f65e09b5236c1e.cloudfront.net (CloudFront)
content-encoding
br
x-amz-version-id
U_EK3jOHPOSWC8pT80OUvqSGabtczZYY
cf-cache-status
HIT
age
18925
x-amz-cf-pop
YTO50-C3
cf-polished
origSize=229976
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cf-bgj
minify
last-modified
Wed, 10 Apr 2024 08:17:47 GMT
server
cloudflare
etag
W/"170daf7e01371a1cc3c280cc1cd6aa5c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
88885e901df8ab06-YYZ
x-amz-cf-id
dcPDLwrEfTc8NVscU0XbWaohf8M_BFesZtX_M9gBt_xLOtQA0fkSVg==
expires
Fri, 24 May 2024 02:09:16 GMT
/
o926083.ingest.sentry.io/api/6313590/envelope/ 		2 B
308 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o926083.ingest.sentry.io/api/6313590/envelope/?sentry_key=9b9c25256c7f4ce58842d78705544570&sentry_version=7&sentry_client=sentry.javascript.vue%2F7.112.2
Requested by
Host: fp.admin.recitcn.ca
URL: https://fp.admin.recitcn.ca/dist-admin/chunk-vendors.c26cf73f45ee57f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://fp.admin.recitcn.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 23 May 2024 22:09:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
login.8a865a57.css
fp.admin.recitcn.ca/dist-admin/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fp.admin.recitcn.ca/dist-admin/css/login.8a865a57.css
Requested by
Host: fp.admin.recitcn.ca
URL: https://fp.admin.recitcn.ca/dist-admin/index.5391c0d341c7f57e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.12.119.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.119.12.49.clients.your-server.de
Software
Apache /
Resource Hash
83448b98b2306a24b6780ef7362412294167a9f94aeb419cb9360960bddb0ecc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fp.admin.recitcn.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 22:09:18 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 23 May 2024 07:41:41 GMT
server
Apache
etag
"25da-6191a2e9991ac-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
access-control-allow-headers
Access-Control-Allow-Headers,Origin,Accept,X-Requested-With,Content-Type,Access-Control-Request-Method,Access-Control-Request-Headers,Authorization
content-length
2153
login.a1ac51427996b4f1.js
fp.admin.recitcn.ca/dist-admin/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fp.admin.recitcn.ca/dist-admin/login.a1ac51427996b4f1.js
Requested by
Host: fp.admin.recitcn.ca
URL: https://fp.admin.recitcn.ca/dist-admin/index.5391c0d341c7f57e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.12.119.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.119.12.49.clients.your-server.de
Software
Apache /
Resource Hash
1e9682453f7ce3d65bfb194be97b4c377f44817b165c7c9a22b7088787837194
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fp.admin.recitcn.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 22:09:18 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 23 May 2024 07:41:41 GMT
server
Apache
etag
"5a3e-6191a2e998dc4-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
access-control-allow-headers
Access-Control-Allow-Headers,Origin,Accept,X-Requested-With,Content-Type,Access-Control-Request-Method,Access-Control-Request-Headers,Authorization
content-length
7062
gtm.js
www.googletagmanager.com/ 		288 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WFQMRGC
Requested by
Host: fp.admin.recitcn.ca
URL: https://fp.admin.recitcn.ca/dist-admin/chunk-vendors.c26cf73f45ee57f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
74d6b63ffb5c159e0362e2fdc50c9e11b6a48ad2c6d3cccaf3932e8d6b0b1242
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fp.admin.recitcn.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 22:09:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
101771
x-xss-protection
0
last-modified
Thu, 23 May 2024 21:38:33 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 23 May 2024 22:09:18 GMT
/
o926083.ingest.sentry.io/api/6313590/envelope/ 		2 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o926083.ingest.sentry.io/api/6313590/envelope/?sentry_key=9b9c25256c7f4ce58842d78705544570&sentry_version=7&sentry_client=sentry.javascript.vue%2F7.112.2
Requested by
Host: fp.admin.recitcn.ca
URL: https://fp.admin.recitcn.ca/dist-admin/chunk-vendors.c26cf73f45ee57f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://fp.admin.recitcn.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 23 May 2024 22:09:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
/
o926083.ingest.sentry.io/api/6313590/envelope/ 		2 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o926083.ingest.sentry.io/api/6313590/envelope/?sentry_key=9b9c25256c7f4ce58842d78705544570&sentry_version=7&sentry_client=sentry.javascript.vue%2F7.112.2
Requested by
Host: fp.admin.recitcn.ca
URL: https://fp.admin.recitcn.ca/dist-admin/chunk-vendors.c26cf73f45ee57f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://fp.admin.recitcn.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 23 May 2024 22:09:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
full
fp.admin.recitcn.ca/api/v1/settings/dashboard/logo/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fp.admin.recitcn.ca/api/v1/settings/dashboard/logo/full
Requested by
Host: fp.admin.recitcn.ca
URL: https://fp.admin.recitcn.ca/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.12.119.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.119.12.49.clients.your-server.de
Software
Apache /
Resource Hash
6399569b2c1bfdd4637f8045520a986c8c8618ee5e6e27123529401e04748676
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fp.admin.recitcn.ca/login
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 22:09:18 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 23 May 2024 22:09:19 GMT
server
Apache
content-type
image/png
cache-control
public, must-revalidate, max-age=0
content-disposition
inline; filename="logo-full.png"
access-control-allow-headers
Access-Control-Allow-Headers,Origin,Accept,X-Requested-With,Content-Type,Access-Control-Request-Method,Access-Control-Request-Headers,Authorization
content-length
26464
Inter-Bold.17fc55dd.woff2
fp.admin.recitcn.ca/dist-admin/fonts/ 		94 KB
94 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fp.admin.recitcn.ca/dist-admin/fonts/Inter-Bold.17fc55dd.woff2
Requested by
Host: fp.admin.recitcn.ca
URL: https://fp.admin.recitcn.ca/dist-admin/css/index.ffd41279.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.12.119.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.119.12.49.clients.your-server.de
Software
Apache /
Resource Hash
d9d881c1431d22971476f4e6f219a97d7f89fbcf4e1058366510512f9d8df7c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fp.admin.recitcn.ca/dist-admin/css/index.ffd41279.css
Origin
https://fp.admin.recitcn.ca
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 22:09:18 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 23 May 2024 07:41:41 GMT
server
Apache
etag
"176f8-6191a2e98c68d"
content-type
font/woff2
accept-ranges
bytes
access-control-allow-headers
Access-Control-Allow-Headers,Origin,Accept,X-Requested-With,Content-Type,Access-Control-Request-Method,Access-Control-Request-Headers,Authorization
content-length
95992
Inter-Medium.fadc0302.woff2
fp.admin.recitcn.ca/dist-admin/fonts/ 		93 KB
93 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fp.admin.recitcn.ca/dist-admin/fonts/Inter-Medium.fadc0302.woff2
Requested by
Host: fp.admin.recitcn.ca
URL: https://fp.admin.recitcn.ca/dist-admin/css/index.ffd41279.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.12.119.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.119.12.49.clients.your-server.de
Software
Apache /
Resource Hash
6a74b41ee40c7b4fc8dd38ac231f8a66d17d853554f7801d983057137d711b05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fp.admin.recitcn.ca/dist-admin/css/index.ffd41279.css
Origin
https://fp.admin.recitcn.ca
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 22:09:18 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 23 May 2024 07:41:41 GMT
server
Apache
etag
"173f8-6191a2e98bebd"
content-type
font/woff2
accept-ranges
bytes
access-control-allow-headers
Access-Control-Allow-Headers,Origin,Accept,X-Requested-With,Content-Type,Access-Control-Request-Method,Access-Control-Request-Headers,Authorization
content-length
95224
Inter-Regular.a2b4ebbf.woff2
fp.admin.recitcn.ca/dist-admin/fonts/ 		87 KB
87 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fp.admin.recitcn.ca/dist-admin/fonts/Inter-Regular.a2b4ebbf.woff2
Requested by
Host: fp.admin.recitcn.ca
URL: https://fp.admin.recitcn.ca/dist-admin/css/index.ffd41279.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.12.119.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.119.12.49.clients.your-server.de
Software
Apache /
Resource Hash
77ca56870309a85759fb7116aef2119a26e358145e808868543ca1fe16c27720
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fp.admin.recitcn.ca/dist-admin/css/index.ffd41279.css
Origin
https://fp.admin.recitcn.ca
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 22:09:18 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 23 May 2024 07:41:41 GMT
server
Apache
etag
"15c7c-6191a2e98bebd"
content-type
font/woff2
accept-ranges
bytes
access-control-allow-headers
Access-Control-Allow-Headers,Origin,Accept,X-Requested-With,Content-Type,Access-Control-Request-Method,Access-Control-Request-Headers,Authorization
content-length
89212
js
www.googletagmanager.com/gtag/ 		347 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-618Q80Y31V&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WFQMRGC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
857952a8a0a9f6b4f5d8348eff68ad5c09e880f8f34edadc6e7fafd989b58bc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fp.admin.recitcn.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 22:09:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
117604
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 23 May 2024 22:09:18 GMT
destination
www.googletagmanager.com/gtag/ 		369 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-973499369&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WFQMRGC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
4c45fd9910d2ec504b34014011816a5e20ddd65931a4e29a662b589384e9e386
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fp.admin.recitcn.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 22:09:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
121367
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 23 May 2024 22:09:18 GMT
fbevents.js
connect.facebook.net/en_US/ 		218 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: fp.admin.recitcn.ca
URL: https://fp.admin.recitcn.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fp.admin.recitcn.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 23 May 2024 22:09:18 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57845
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=12, mss=1380, tbw=2789, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
AegO0GSyVeJmkyKiqV34qopioLmyoD6v5TstzkN22qDeDdLFHPkr1YTcqJCZ4YhIu8couoEJXt4ObDc7k0BGbA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
profitwell.js
public.profitwell.com/js/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://public.profitwell.com/js/profitwell.js?auth=37f49c117397f33344e85ca973641cac
Requested by
Host: fp.admin.recitcn.ca
URL: https://fp.admin.recitcn.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.98.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-98-118.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d19b7af86a35dfda3a91657fb0f532541ad1bf34b75c68bb9992a374cd5fd5f2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fp.admin.recitcn.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 17:51:46 GMT
x-amz-version-id
uxIt1SCydrYnaOCuzhsDaHENAdMuSyNO
content-encoding
gzip
last-modified
Thu, 21 Dec 2023 14:58:22 GMT
server
AmazonS3
via
1.1 e20259e84d7d881ed453b1f0e4f9a4c6.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P4
etag
W/"40097cdf413c1f1f303c66489742cb44"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
15453
x-amz-cf-id
RH4A-Wknghk0NLO0WJXhrB0mSstMm6eh6V6vydmyYZOfeS5Vsi5NMw==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10939733662/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10939733662/?random=1716502158461&cv=11&fst=1716502158461&bg=ffffff&guid=ON&async=1&gtm=45je45m0v9178768382z8813136024za200zb813136024&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffp.admin.recitcn.ca%2Flogin&hn=www.googleadservices.com&frm=0&tiba=MEMORA%20%7C%20Login&npa=0&pscdl=noapi&auid=745728001.1716502158&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-618Q80Y31V&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
97007aa30ee3c24638c5cd3e861473e35fc26b3ae534fd67e4aa62a27aa3b3c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fp.admin.recitcn.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 23 May 2024 22:09:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1431
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-618Q80Y31V&gtm=45je45m0v9178768382z8813136024za200zb813136024&_p=1716502158003&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=1153943349.1716502158&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1716502158&sct=1&seg=0&dl=https%3A%2F%2Ffp.admin.recitcn.ca%2Flogin&dt=MEMORA%20%7C%20Login&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2387
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-618Q80Y31V&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fp.admin.recitcn.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 23 May 2024 22:09:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fp.admin.recitcn.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-618Q80Y31V&cid=1153943349.1716502158&gtm=45je45m0v9178768382z8813136024za200zb813136024&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-618Q80Y31V&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fp.admin.recitcn.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 23 May 2024 22:09:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fp.admin.recitcn.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-618Q80Y31V&cid=1153943349.1716502158&gtm=45je45m0v9178768382z8813136024za200zb813136024&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&z=738434266
Requested by
Host: fp.admin.recitcn.ca
URL: https://fp.admin.recitcn.ca/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fp.admin.recitcn.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 23 May 2024 22:09:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/973499369/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/973499369/?random=1716502158524&cv=11&fst=1716502158524&bg=ffffff&guid=ON&async=1&gtm=45be45m0v9172614532z8813136024za201zb813136024&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffp.admin.recitcn.ca%2Flogin&hn=www.googleadservices.com&frm=0&tiba=MEMORA%20%7C%20Login&npa=0&pscdl=noapi&auid=745728001.1716502158&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-973499369&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
197e37318a6a6b80172820394ef51044594a7062f71e6d620ae1c1d43d90f7cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fp.admin.recitcn.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 23 May 2024 22:09:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1415
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-DXWCJGBR6F&gtm=45be45m0v9172614532za201zb813136024&_p=1716502158003&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=1153943349.1716502158&ecid=524795738&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEAE&_s=1&sid=1716502158&sct=1&seg=0&dl=https%3A%2F%2Ffp.admin.recitcn.ca%2Flogin&dt=MEMORA%20%7C%20Login&en=scroll&_fv=1&_ss=1&epn.percent_scrolled=90&tfd=2464
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-973499369&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fp.admin.recitcn.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 23 May 2024 22:09:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fp.admin.recitcn.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DXWCJGBR6F&cid=1153943349.1716502158&gtm=45be45m0v9172614532za201zb813136024&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-973499369&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fp.admin.recitcn.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 23 May 2024 22:09:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fp.admin.recitcn.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DXWCJGBR6F&cid=1153943349.1716502158&gtm=45be45m0v9172614532za201zb813136024&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&z=1567360069
Requested by
Host: fp.admin.recitcn.ca
URL: https://fp.admin.recitcn.ca/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fp.admin.recitcn.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 23 May 2024 22:09:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
811493419432307
connect.facebook.net/signals/config/ 		66 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/811493419432307?v=2.9.156&r=stable&domain=fp.admin.recitcn.ca&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
5e2cc4836a961b4d590efaa19f635cb962eca5fcbd3e0e07da3e3ca5f11bdbe5
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fp.admin.recitcn.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 23 May 2024 22:09:18 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=25, rtx=0, c=63, mss=1380, tbw=63364, tp=-1, tpl=-1, uplat=64, ullat=0
pragma
public
x-fb-debug
ilYC8Z6LCcW8Ho1I480HKQ9kUXNOQKKq6Zs4JbhBOT8Y9MX0hvzvMYq4xdcc6HQlDngznM3RaZGjMWd7WKD3Aw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/973499369/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/973499369/?random=1716502158524&cv=11&fst=1716501600000&bg=ffffff&guid=ON&async=1&gtm=45be45m0v9172614532z8813136024za201zb813136024&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffp.admin.recitcn.ca%2Flogin&hn=www.googleadservices.com&frm=0&tiba=MEMORA%20%7C%20Login&npa=0&pscdl=noapi&auid=745728001.1716502158&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooL7HFwufPzMz8J3IijgsocHWdUXmat-Q&random=3704117085&rmt_tld=0&ipr=y
Requested by
Host: fp.admin.recitcn.ca
URL: https://fp.admin.recitcn.ca/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.103 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f103.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fp.admin.recitcn.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 23 May 2024 22:09:18 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/973499369/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/973499369/?random=1716502158524&cv=11&fst=1716501600000&bg=ffffff&guid=ON&async=1&gtm=45be45m0v9172614532z8813136024za201zb813136024&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffp.admin.recitcn.ca%2Flogin&hn=www.googleadservices.com&frm=0&tiba=MEMORA%20%7C%20Login&npa=0&pscdl=noapi&auid=745728001.1716502158&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooL7HFwufPzMz8J3IijgsocHWdUXmat-Q&random=3704117085&rmt_tld=1&ipr=y
Requested by
Host: fp.admin.recitcn.ca
URL: https://fp.admin.recitcn.ca/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fp.admin.recitcn.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 23 May 2024 22:09:18 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/10939733662/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10939733662/?random=1716502158461&cv=11&fst=1716501600000&bg=ffffff&guid=ON&async=1&gtm=45je45m0v9178768382z8813136024za200zb813136024&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffp.admin.recitcn.ca%2Flogin&hn=www.googleadservices.com&frm=0&tiba=MEMORA%20%7C%20Login&npa=0&pscdl=noapi&auid=745728001.1716502158&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLKkwy7Cz4T7wHhMyW73rb4wftm62C2Q&random=2500377460&rmt_tld=0&ipr=y
Requested by
Host: fp.admin.recitcn.ca
URL: https://fp.admin.recitcn.ca/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.103 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f103.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fp.admin.recitcn.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 23 May 2024 22:09:18 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/10939733662/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/10939733662/?random=1716502158461&cv=11&fst=1716501600000&bg=ffffff&guid=ON&async=1&gtm=45je45m0v9178768382z8813136024za200zb813136024&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffp.admin.recitcn.ca%2Flogin&hn=www.googleadservices.com&frm=0&tiba=MEMORA%20%7C%20Login&npa=0&pscdl=noapi&auid=745728001.1716502158&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLKkwy7Cz4T7wHhMyW73rb4wftm62C2Q&random=2500377460&rmt_tld=1&ipr=y
Requested by
Host: fp.admin.recitcn.ca
URL: https://fp.admin.recitcn.ca/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fp.admin.recitcn.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 23 May 2024 22:09:18 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=811493419432307&ev=PageView&dl=https%3A%2F%2Ffp.admin.recitcn.ca%2Flogin&rl=&if=false&ts=1716502158712&sw=1600&sh=1200&v=2.9.156&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1716502158709.1568370683&cs_est=true&ler=empty&cdl=API_unavailable&it=1716502158575&coo=false&rqm=GET
Requested by
Host: fp.admin.recitcn.ca
URL: https://fp.admin.recitcn.ca/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fp.admin.recitcn.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=10, mss=1380, tbw=2772, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 23 May 2024 22:09:18 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=811493419432307&ev=PageView&dl=https%3A%2F%2Ffp.admin.recitcn.ca%2Flogin&rl=&if=false&ts=1716502158712&sw=1600&sh=1200&v=2.9.156&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1716502158709.1568370683&cs_est=true&ler=empty&cdl=API_unavailable&it=1716502158575&coo=false&rqm=FGET
Requested by
Host: fp.admin.recitcn.ca
URL: https://fp.admin.recitcn.ca/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fp.admin.recitcn.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x050e77dd058cc784","source_keys":["1","2"]},{"key_piece":"0x30eb143cb840c348","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
nel
{"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Thu, 23 May 2024 22:09:18 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=31, rtx=0, c=10, mss=1380, tbw=3090, tp=-1, tpl=-1, uplat=95, ullat=0
pragma
no-cache
x-fb-debug
YZE6QwZCunaL5bemh31n0hphy2ULXv9vu4K+sKDjgaNgTLgUiyA3YX+yFLISQEe4c6gHuuqkXPjZz8HvrgQyfg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
favicon
fp.admin.recitcn.ca/api/v1/settings/dashboard/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://fp.admin.recitcn.ca/api/v1/settings/dashboard/favicon
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.12.119.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.119.12.49.clients.your-server.de
Software
Apache /
Resource Hash
93af942dc5f6cad4ea32a6636ef147026abb85a949688f0694fc225a557d76f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fp.admin.recitcn.ca/login
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 22:09:19 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 23 May 2024 22:09:21 GMT
server
Apache
content-type
image/png
cache-control
public, must-revalidate, max-age=0
content-disposition
inline; filename="logo-favicon.png"
access-control-allow-headers
Access-Control-Allow-Headers,Origin,Accept,X-Requested-With,Content-Type,Access-Control-Request-Method,Access-Control-Request-Headers,Authorization
content-length
1361

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| agencyUuid string| agencyName string| agencyLogoSquareUrl string| agencyLogoFullUrl boolean| isSocialLoginGoogleVisible boolean| isSocialLoginLinkedinVisible boolean| isSocialLoginFacebookVisible boolean| isSocialLoginAppleVisible string| themeColor string| language object| integrations function| setImmediate function| clearImmediate number| _hthck object| Paddle object| webpackChunktrafft object| SENTRY_RELEASE object| SENTRY_RELEASES object| core object| regeneratorRuntime object| Prism object| $cookies object| __SENTRY__ object| dataLayer function| postscribe object| google_tag_manager_external object| google_tag_manager object| google_tag_data function| fbq function| _fbq function| profitwell function| onYouTubeIframeAPIReady object| GooglebQhCsO object| gaGlobal

7 Cookies

Domain/Path Name / Value
fp.admin.recitcn.ca/ Name: locale
Value: en_US
.recitcn.ca/ Name: _gcl_au
Value: 1.1.745728001.1716502158
.recitcn.ca/ Name: _ga
Value: GA1.1.1153943349.1716502158
.recitcn.ca/ Name: _ga_618Q80Y31V
Value: GS1.1.1716502158.1.0.1716502158.60.0.0
.recitcn.ca/ Name: _ga_DXWCJGBR6F
Value: GS1.1.1716502158.1.0.1716502158.60.0.524795738
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.recitcn.ca/ Name: _fbp
Value: fb.1.1716502158709.1568370683

2 Console Messages

Source Level URL
Text
other warning URL: https://fp.admin.recitcn.ca/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://fp.admin.recitcn.ca/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
cdn.paddle.com
connect.facebook.net
fp.admin.recitcn.ca
googleads.g.doubleclick.net
o926083.ingest.sentry.io
public.profitwell.com
stats.g.doubleclick.net
www.facebook.com
www.google.ca
www.google.com
www.googletagmanager.com
142.250.31.155
142.251.111.97
142.251.163.103
142.251.163.155
142.251.163.94
172.66.40.60
18.165.98.118
216.239.34.181
31.13.66.19
31.13.66.35
34.120.195.249
49.12.119.46
197e37318a6a6b80172820394ef51044594a7062f71e6d620ae1c1d43d90f7cf
1e9682453f7ce3d65bfb194be97b4c377f44817b165c7c9a22b7088787837194
200b537a7d0c942ec2cd1a92dbfe9d4ce7e1469195ececce8222b812327bfae0
2aed49afe262a31cdf094f47a72901125cf3031a0f5ae224af51fcc94c436409
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4c45fd9910d2ec504b34014011816a5e20ddd65931a4e29a662b589384e9e386
5e2cc4836a961b4d590efaa19f635cb962eca5fcbd3e0e07da3e3ca5f11bdbe5
6399569b2c1bfdd4637f8045520a986c8c8618ee5e6e27123529401e04748676
64e23ad3c1cd74c58ced8ef5b4f6c3aeea906083a30b7d73e33599c7f8cb9cab
67625cf86d122470993e356867cdec2b53ab6646b44135739aa614d6f387f03a
6a74b41ee40c7b4fc8dd38ac231f8a66d17d853554f7801d983057137d711b05
74d6b63ffb5c159e0362e2fdc50c9e11b6a48ad2c6d3cccaf3932e8d6b0b1242
77ca56870309a85759fb7116aef2119a26e358145e808868543ca1fe16c27720
79be8c6f27203bb748ba4b8291e303db54552127e2fbe6e5c298156c0fe1a03d
7f8ade26adc88aa3e2ea695fcea5b50659f32c2e3c7770518d62d62d10333918
83448b98b2306a24b6780ef7362412294167a9f94aeb419cb9360960bddb0ecc
857952a8a0a9f6b4f5d8348eff68ad5c09e880f8f34edadc6e7fafd989b58bc4
8890bd007fbbfa6910667dfe03f67a6baaa7372ce8eafd7e7288bd0749ce1578
93af942dc5f6cad4ea32a6636ef147026abb85a949688f0694fc225a557d76f7
97007aa30ee3c24638c5cd3e861473e35fc26b3ae534fd67e4aa62a27aa3b3c6
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
bc73dbb26f322f82dd0bbd2f722989454f46c269fa09c3225cfb4193fe3d5a51
d19b7af86a35dfda3a91657fb0f532541ad1bf34b75c68bb9992a374cd5fd5f2
d9d881c1431d22971476f4e6f219a97d7f89fbcf4e1058366510512f9d8df7c9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629