8.8.8.8:53

8.8.8.8:53

151.101.3.52:443

GET /auth/reset/29693b09a7e56c1d43593e79779e07d3bfd8897a8b9a4fb90e1055de7f16ae53%7CParesh_Mistry%40manulife.com HTTP/2.0
host: heartandstrokerideforheart.crowdchange.ca
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
x-ratelimit-limit: 10
cache-control: max-age=0, public
x-content-type-options: nosniff
x-xss-protection: 0
permissions-policy: accelerometer=()
content-type: text/html; charset=UTF-8
set-cookie: XSRF-TOKEN=eyJpdiI6IjRVY3dkbXJ0RnluYzlMZjdOTDk4TXc9PSIsInZhbHVlIjoibTFseWlTRkhRcE5VZm9XYVN5MlFvR1ZzdDlnNXI4ZEszZ1hTelJwUFFueExqcmo5YmZEVVUrVFJZeUQxNEpSK0xlQllVZXdER21rcjRacXFycUU1UFI4d1R6ak9tUXR5VldYRlhyeW5za0dIakkwLzl5TGFCR1NSNGEzdVFLQUYiLCJtYWMiOiJmNTI4NGYxZmMzNTk5NGVkZTE3YjhjYmI1NDFiYmZkM2Y3N2JiNmQyODc1YWM1YTU4Y2QzOWRlZDhkMGQyOWQzIiwidGFnIjoiIn0%3D; expires=Mon, 29 Apr 2024 15:37:05 GMT; Max-Age=604800; path=/; domain=.crowdchange.ca; secure; samesite=lax
set-cookie: ccp_sid=eyJpdiI6IkJxaFgzT3l2RWpPVERQVm1jY1NjS3c9PSIsInZhbHVlIjoiWGFjaXkvL2d1V0JQYnlaNmpEN3ZGdE9laHdubEZweGJBWDh4bGxNcnpJejQ5aTM2UW9tanFXR1Y5M1Zackpqazg2SEtMcDBHVXM4T0c1Zjc5VUtDZkgzTmp0eHFGVDdabzM0Q2Y0MG5MRUtST0FWdEkvYUxYem5ic1RNVWxrenciLCJtYWMiOiIxODcwNzU5YWE1YzU2NzBjNzJkOGU1OThkM2I1Yjg0OGQ4ZjVlMDI5Zjk5ZTZjNzM3Y2M5Yzg3Mjc2YjExNmQwIiwidGFnIjoiIn0%3D; expires=Mon, 29 Apr 2024 15:37:05 GMT; Max-Age=604800; path=/; domain=.crowdchange.ca; secure; httponly; samesite=lax
x-ratelimit-remaining: 9
accept-ranges: bytes
x-frame-options: sameorigin
etag: "cbc8d1bb93ffb2bee14271a608aef0d2"
content-security-policy: base-uri 'self'
server: unknown
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
date: Mon, 22 Apr 2024 15:37:05 GMT
x-served-by: cache-yul1970025-YUL, cache-yul1970043-YUL, cache-lcy-eglc8600091-LCY
x-cache: MISS, MISS, MISS
x-cache-hits: 0, 0, 0
x-timer: S1713800225.382332,VS0,VE204
vary: Accept, Accept-Encoding
strict-transport-security: max-age=31557600
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 19936

151.101.3.52:443

GET /build/styles.ae4632c69bbe13de.css HTTP/2.0
host: cdn.crowdchange.ca
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://heartandstrokerideforheart.crowdchange.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6IjRVY3dkbXJ0RnluYzlMZjdOTDk4TXc9PSIsInZhbHVlIjoibTFseWlTRkhRcE5VZm9XYVN5MlFvR1ZzdDlnNXI4ZEszZ1hTelJwUFFueExqcmo5YmZEVVUrVFJZeUQxNEpSK0xlQllVZXdER21rcjRacXFycUU1UFI4d1R6ak9tUXR5VldYRlhyeW5za0dIakkwLzl5TGFCR1NSNGEzdVFLQUYiLCJtYWMiOiJmNTI4NGYxZmMzNTk5NGVkZTE3YjhjYmI1NDFiYmZkM2Y3N2JiNmQyODc1YWM1YTU4Y2QzOWRlZDhkMGQyOWQzIiwidGFnIjoiIn0%3D
cookie: ccp_sid=eyJpdiI6IkJxaFgzT3l2RWpPVERQVm1jY1NjS3c9PSIsInZhbHVlIjoiWGFjaXkvL2d1V0JQYnlaNmpEN3ZGdE9laHdubEZweGJBWDh4bGxNcnpJejQ5aTM2UW9tanFXR1Y5M1Zackpqazg2SEtMcDBHVXM4T0c1Zjc5VUtDZkgzTmp0eHFGVDdabzM0Q2Y0MG5MRUtST0FWdEkvYUxYem5ic1RNVWxrenciLCJtYWMiOiIxODcwNzU5YWE1YzU2NzBjNzJkOGU1OThkM2I1Yjg0OGQ4ZjVlMDI5Zjk5ZTZjNzM3Y2M5Yzg3Mjc2YjExNmQwIiwidGFnIjoiIn0%3D

HTTP/2.0 200
last-modified: Fri, 19 Apr 2024 19:28:55 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-amz-meta-version: 2024.19.9
x-amz-version-id: Koi2BxlMmVU2meoGXj.J9NAZSfFhETNe
cache-control: public,max-age=36500000,immutable
etag: "3b3f104a40b5b5b54702290dc4257335"
x-amz-request-id: XGD8VNR61FK92QT7
x-amz-id-2: BvKFSgAIxvIv/icn++e/Kl5FWZ7yHCZ1YT/l3ERprO70Hu8zODqbTLvvVtUjbAmfCwHQeiCyApA=
content-encoding: br
access-control-allow-origin: *
accept-ranges: bytes
age: 184434
date: Mon, 22 Apr 2024 15:37:05 GMT
x-served-by: cache-lga21978-LGA, cache-lga21972-LGA, cache-lcy-eglc8600091-LCY
x-cache: MISS, HIT, HIT
x-cache-hits: 0, 31, 0
x-timer: S1713800226.722697,VS0,VE1
vary: Accept-Encoding
strict-transport-security: max-age=31557600
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 32789

151.101.3.52:443

GET /build/polyfills.e86d88f2ef61a8d3.js HTTP/2.0
host: cdn.crowdchange.ca
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://heartandstrokerideforheart.crowdchange.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6IjRVY3dkbXJ0RnluYzlMZjdOTDk4TXc9PSIsInZhbHVlIjoibTFseWlTRkhRcE5VZm9XYVN5MlFvR1ZzdDlnNXI4ZEszZ1hTelJwUFFueExqcmo5YmZEVVUrVFJZeUQxNEpSK0xlQllVZXdER21rcjRacXFycUU1UFI4d1R6ak9tUXR5VldYRlhyeW5za0dIakkwLzl5TGFCR1NSNGEzdVFLQUYiLCJtYWMiOiJmNTI4NGYxZmMzNTk5NGVkZTE3YjhjYmI1NDFiYmZkM2Y3N2JiNmQyODc1YWM1YTU4Y2QzOWRlZDhkMGQyOWQzIiwidGFnIjoiIn0%3D
cookie: ccp_sid=eyJpdiI6IkJxaFgzT3l2RWpPVERQVm1jY1NjS3c9PSIsInZhbHVlIjoiWGFjaXkvL2d1V0JQYnlaNmpEN3ZGdE9laHdubEZweGJBWDh4bGxNcnpJejQ5aTM2UW9tanFXR1Y5M1Zackpqazg2SEtMcDBHVXM4T0c1Zjc5VUtDZkgzTmp0eHFGVDdabzM0Q2Y0MG5MRUtST0FWdEkvYUxYem5ic1RNVWxrenciLCJtYWMiOiIxODcwNzU5YWE1YzU2NzBjNzJkOGU1OThkM2I1Yjg0OGQ4ZjVlMDI5Zjk5ZTZjNzM3Y2M5Yzg3Mjc2YjExNmQwIiwidGFnIjoiIn0%3D

HTTP/2.0 200
last-modified: Fri, 19 Apr 2024 19:28:56 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-type: text/css
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-amz-meta-version: 2024.19.9
x-amz-version-id: z0odGmbOZn8yDmW1zlpob6Zsh0X.ilYN
cache-control: public,max-age=36500000,immutable
etag: "2f53b33e96ca5e4fc70f6fac8b60d6e8"
x-amz-request-id: XGDESAWEK11PXEJT
x-amz-id-2: F3cKs+uOeqQm861se/gaTLtsjEbqC3IfUkcYGCs/jbxUD7pdcma+q5jI+sR04Vm9YXXfEhHiekCZF87akD9kLR/ppgmO4Wv7pQhqwe9/uBQ=
content-encoding: br
access-control-allow-origin: *
accept-ranges: bytes
age: 184434
date: Mon, 22 Apr 2024 15:37:05 GMT
x-served-by: cache-lga21983-LGA, cache-lga21930-LGA, cache-lcy-eglc8600091-LCY
x-cache: MISS, HIT, HIT
x-cache-hits: 0, 31, 0
x-timer: S1713800226.722048,VS0,VE2
vary: Accept-Encoding
strict-transport-security: max-age=31557600
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 92346

151.101.3.52:443

GET /build/scripts.df09a65eed54167b.js HTTP/2.0
host: cdn.crowdchange.ca
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://heartandstrokerideforheart.crowdchange.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6IjRVY3dkbXJ0RnluYzlMZjdOTDk4TXc9PSIsInZhbHVlIjoibTFseWlTRkhRcE5VZm9XYVN5MlFvR1ZzdDlnNXI4ZEszZ1hTelJwUFFueExqcmo5YmZEVVUrVFJZeUQxNEpSK0xlQllVZXdER21rcjRacXFycUU1UFI4d1R6ak9tUXR5VldYRlhyeW5za0dIakkwLzl5TGFCR1NSNGEzdVFLQUYiLCJtYWMiOiJmNTI4NGYxZmMzNTk5NGVkZTE3YjhjYmI1NDFiYmZkM2Y3N2JiNmQyODc1YWM1YTU4Y2QzOWRlZDhkMGQyOWQzIiwidGFnIjoiIn0%3D
cookie: ccp_sid=eyJpdiI6IkJxaFgzT3l2RWpPVERQVm1jY1NjS3c9PSIsInZhbHVlIjoiWGFjaXkvL2d1V0JQYnlaNmpEN3ZGdE9laHdubEZweGJBWDh4bGxNcnpJejQ5aTM2UW9tanFXR1Y5M1Zackpqazg2SEtMcDBHVXM4T0c1Zjc5VUtDZkgzTmp0eHFGVDdabzM0Q2Y0MG5MRUtST0FWdEkvYUxYem5ic1RNVWxrenciLCJtYWMiOiIxODcwNzU5YWE1YzU2NzBjNzJkOGU1OThkM2I1Yjg0OGQ4ZjVlMDI5Zjk5ZTZjNzM3Y2M5Yzg3Mjc2YjExNmQwIiwidGFnIjoiIn0%3D

HTTP/2.0 200
content-type: application/javascript
cache-control: public,max-age=36500000,immutable
x-amz-meta-version: 2024.16.4
etag: "9a40841d579176d24c0794a3c9c3dfba"
x-amz-version-id: GvUO.pMY.qzfewf7YKCReChCgZUza85Y
x-amz-server-side-encryption: AES256
x-amz-request-id: NK0AMNDKY2DG87F2
last-modified: Wed, 10 Apr 2024 11:32:40 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
server: AmazonS3
x-amz-id-2: KmRRxVbg4hfXIzh2KiNChB7OCQpc70A/NZISYR7QS5UazYhLpfqAjh+n2ILJTkt/ebdufgj4hYU=
content-encoding: br
access-control-allow-origin: *
accept-ranges: bytes
age: 1050034
date: Mon, 22 Apr 2024 15:37:05 GMT
x-served-by: cache-lga21965-LGA, cache-lga21957-LGA, cache-lcy-eglc8600091-LCY
x-cache: MISS, HIT, HIT
x-cache-hits: 0, 31, 0
x-timer: S1713800226.722588,VS0,VE1
vary: Accept-Encoding
strict-transport-security: max-age=31557600
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 280

151.101.3.52:443

GET /build/manifest.3e26cd751c57975c.js HTTP/2.0
host: cdn.crowdchange.ca
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://heartandstrokerideforheart.crowdchange.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6IjRVY3dkbXJ0RnluYzlMZjdOTDk4TXc9PSIsInZhbHVlIjoibTFseWlTRkhRcE5VZm9XYVN5MlFvR1ZzdDlnNXI4ZEszZ1hTelJwUFFueExqcmo5YmZEVVUrVFJZeUQxNEpSK0xlQllVZXdER21rcjRacXFycUU1UFI4d1R6ak9tUXR5VldYRlhyeW5za0dIakkwLzl5TGFCR1NSNGEzdVFLQUYiLCJtYWMiOiJmNTI4NGYxZmMzNTk5NGVkZTE3YjhjYmI1NDFiYmZkM2Y3N2JiNmQyODc1YWM1YTU4Y2QzOWRlZDhkMGQyOWQzIiwidGFnIjoiIn0%3D
cookie: ccp_sid=eyJpdiI6IkJxaFgzT3l2RWpPVERQVm1jY1NjS3c9PSIsInZhbHVlIjoiWGFjaXkvL2d1V0JQYnlaNmpEN3ZGdE9laHdubEZweGJBWDh4bGxNcnpJejQ5aTM2UW9tanFXR1Y5M1Zackpqazg2SEtMcDBHVXM4T0c1Zjc5VUtDZkgzTmp0eHFGVDdabzM0Q2Y0MG5MRUtST0FWdEkvYUxYem5ic1RNVWxrenciLCJtYWMiOiIxODcwNzU5YWE1YzU2NzBjNzJkOGU1OThkM2I1Yjg0OGQ4ZjVlMDI5Zjk5ZTZjNzM3Y2M5Yzg3Mjc2YjExNmQwIiwidGFnIjoiIn0%3D

HTTP/2.0 200
last-modified: Fri, 19 Apr 2024 19:29:48 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-amz-meta-version: 2024.19.9
x-amz-version-id: RGREHzsCy_ULbDFWcdKOXZ6gM2PeUquJ
cache-control: public,max-age=36500000,immutable
etag: "c5450ba47d9a3d6a7434aaeffc32e983"
x-amz-request-id: XGD4NZZTPFEWVV8C
x-amz-id-2: YSmu6Zl/EMQcP5LTDHt7z37CUgflKarDi6B8jcUYMFBJZ720SrlIr3OKkfFB3lgqIpmWzoYIUF0=
content-encoding: br
access-control-allow-origin: *
accept-ranges: bytes
age: 184434
date: Mon, 22 Apr 2024 15:37:05 GMT
x-served-by: cache-lga21934-LGA, cache-lga21977-LGA, cache-lcy-eglc8600091-LCY
x-cache: MISS, HIT, HIT
x-cache-hits: 0, 30, 0
x-timer: S1713800226.723120,VS0,VE1
vary: Accept-Encoding
strict-transport-security: max-age=31557600
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2572

151.101.3.52:443

GET /build/ckeditor.3106ec04f13ba51b.js HTTP/2.0
host: cdn.crowdchange.ca
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://heartandstrokerideforheart.crowdchange.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6IjRVY3dkbXJ0RnluYzlMZjdOTDk4TXc9PSIsInZhbHVlIjoibTFseWlTRkhRcE5VZm9XYVN5MlFvR1ZzdDlnNXI4ZEszZ1hTelJwUFFueExqcmo5YmZEVVUrVFJZeUQxNEpSK0xlQllVZXdER21rcjRacXFycUU1UFI4d1R6ak9tUXR5VldYRlhyeW5za0dIakkwLzl5TGFCR1NSNGEzdVFLQUYiLCJtYWMiOiJmNTI4NGYxZmMzNTk5NGVkZTE3YjhjYmI1NDFiYmZkM2Y3N2JiNmQyODc1YWM1YTU4Y2QzOWRlZDhkMGQyOWQzIiwidGFnIjoiIn0%3D
cookie: ccp_sid=eyJpdiI6IkJxaFgzT3l2RWpPVERQVm1jY1NjS3c9PSIsInZhbHVlIjoiWGFjaXkvL2d1V0JQYnlaNmpEN3ZGdE9laHdubEZweGJBWDh4bGxNcnpJejQ5aTM2UW9tanFXR1Y5M1Zackpqazg2SEtMcDBHVXM4T0c1Zjc5VUtDZkgzTmp0eHFGVDdabzM0Q2Y0MG5MRUtST0FWdEkvYUxYem5ic1RNVWxrenciLCJtYWMiOiIxODcwNzU5YWE1YzU2NzBjNzJkOGU1OThkM2I1Yjg0OGQ4ZjVlMDI5Zjk5ZTZjNzM3Y2M5Yzg3Mjc2YjExNmQwIiwidGFnIjoiIn0%3D

HTTP/2.0 200
content-type: application/javascript
cache-control: public,max-age=36500000,immutable
x-amz-meta-version: 2024.16.4
etag: "a5fa5d890509dd56d83abe7bbda3424c"
x-amz-version-id: T8uQNZ79saGycUGSwaLFEvg9t3JGMGA5
x-amz-server-side-encryption: AES256
x-amz-request-id: NK00TP2Z9Y2BP8H4
last-modified: Wed, 10 Apr 2024 11:32:35 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
server: AmazonS3
x-amz-id-2: kgVxh5W9YBv9T71y/lSw915nrM+YZCzK7Lv6zBhmjsdo5/2ej/8Cbo9TZoPtxvUiffTOlwEqYq8=
content-encoding: br
access-control-allow-origin: *
accept-ranges: bytes
age: 1050034
date: Mon, 22 Apr 2024 15:37:05 GMT
x-served-by: cache-lga21966-LGA, cache-lga21965-LGA, cache-lcy-eglc8600091-LCY
x-cache: MISS, HIT, HIT
x-cache-hits: 0, 31, 0
x-timer: S1713800226.723430,VS0,VE1
vary: Accept-Encoding
strict-transport-security: max-age=31557600
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2576

151.101.3.52:443

GET /build/vendor.9c866481b550d04e.js HTTP/2.0
host: cdn.crowdchange.ca
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://heartandstrokerideforheart.crowdchange.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6IjRVY3dkbXJ0RnluYzlMZjdOTDk4TXc9PSIsInZhbHVlIjoibTFseWlTRkhRcE5VZm9XYVN5MlFvR1ZzdDlnNXI4ZEszZ1hTelJwUFFueExqcmo5YmZEVVUrVFJZeUQxNEpSK0xlQllVZXdER21rcjRacXFycUU1UFI4d1R6ak9tUXR5VldYRlhyeW5za0dIakkwLzl5TGFCR1NSNGEzdVFLQUYiLCJtYWMiOiJmNTI4NGYxZmMzNTk5NGVkZTE3YjhjYmI1NDFiYmZkM2Y3N2JiNmQyODc1YWM1YTU4Y2QzOWRlZDhkMGQyOWQzIiwidGFnIjoiIn0%3D
cookie: ccp_sid=eyJpdiI6IkJxaFgzT3l2RWpPVERQVm1jY1NjS3c9PSIsInZhbHVlIjoiWGFjaXkvL2d1V0JQYnlaNmpEN3ZGdE9laHdubEZweGJBWDh4bGxNcnpJejQ5aTM2UW9tanFXR1Y5M1Zackpqazg2SEtMcDBHVXM4T0c1Zjc5VUtDZkgzTmp0eHFGVDdabzM0Q2Y0MG5MRUtST0FWdEkvYUxYem5ic1RNVWxrenciLCJtYWMiOiIxODcwNzU5YWE1YzU2NzBjNzJkOGU1OThkM2I1Yjg0OGQ4ZjVlMDI5Zjk5ZTZjNzM3Y2M5Yzg3Mjc2YjExNmQwIiwidGFnIjoiIn0%3D

HTTP/2.0 200
last-modified: Fri, 19 Apr 2024 19:29:43 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-amz-meta-version: 2024.19.9
x-amz-version-id: FojCjNcAAwWAeH20FJakuzT2I27kiGGR
cache-control: public,max-age=36500000,immutable
etag: "5cd3a1c6340afa1198d6010256abe66f"
x-amz-request-id: XGD35RVZBWTBVMZP
x-amz-id-2: dfOwcYdGKb3TsCdIPR6ZjDLkuv2BmeOvK0fujxqLrpMDPZnrpTmBZV2r94Itb8WR+PzzvqBbvUMtT+n5NUAWSEMRQZp3yHKpv5gczpj4uf4=
content-encoding: br
access-control-allow-origin: *
accept-ranges: bytes
age: 184434
date: Mon, 22 Apr 2024 15:37:05 GMT
x-served-by: cache-lga21939-LGA, cache-lga21929-LGA, cache-lcy-eglc8600091-LCY
x-cache: MISS, HIT, HIT
x-cache-hits: 0, 31, 0
x-timer: S1713800226.723116,VS0,VE2
vary: Accept-Encoding
strict-transport-security: max-age=31557600
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 299645

151.101.3.52:443

GET /build/ckeditorFr.11bb350b334d0ca6.js HTTP/2.0
host: cdn.crowdchange.ca
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://heartandstrokerideforheart.crowdchange.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6IjRVY3dkbXJ0RnluYzlMZjdOTDk4TXc9PSIsInZhbHVlIjoibTFseWlTRkhRcE5VZm9XYVN5MlFvR1ZzdDlnNXI4ZEszZ1hTelJwUFFueExqcmo5YmZEVVUrVFJZeUQxNEpSK0xlQllVZXdER21rcjRacXFycUU1UFI4d1R6ak9tUXR5VldYRlhyeW5za0dIakkwLzl5TGFCR1NSNGEzdVFLQUYiLCJtYWMiOiJmNTI4NGYxZmMzNTk5NGVkZTE3YjhjYmI1NDFiYmZkM2Y3N2JiNmQyODc1YWM1YTU4Y2QzOWRlZDhkMGQyOWQzIiwidGFnIjoiIn0%3D
cookie: ccp_sid=eyJpdiI6IkJxaFgzT3l2RWpPVERQVm1jY1NjS3c9PSIsInZhbHVlIjoiWGFjaXkvL2d1V0JQYnlaNmpEN3ZGdE9laHdubEZweGJBWDh4bGxNcnpJejQ5aTM2UW9tanFXR1Y5M1Zackpqazg2SEtMcDBHVXM4T0c1Zjc5VUtDZkgzTmp0eHFGVDdabzM0Q2Y0MG5MRUtST0FWdEkvYUxYem5ic1RNVWxrenciLCJtYWMiOiIxODcwNzU5YWE1YzU2NzBjNzJkOGU1OThkM2I1Yjg0OGQ4ZjVlMDI5Zjk5ZTZjNzM3Y2M5Yzg3Mjc2YjExNmQwIiwidGFnIjoiIn0%3D

HTTP/2.0 200
last-modified: Fri, 19 Apr 2024 19:29:53 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-amz-meta-version: 2024.19.9
x-amz-version-id: WuDIfvKxXL0IOXaMF_xVNZeGC3AWNyoT
cache-control: public,max-age=36500000,immutable
etag: "0cc7de5ceb2aeb3ae707d21697693b99"
x-amz-request-id: XGDEDJ113QFWY2BY
x-amz-id-2: 24iMV5G2HVw85S7yPpytP2Fa/Vk+c/kr8F/n3m1cF2HI9LfPISdIpu0AGP/+QXcffcMV/tA0FP0=
content-encoding: br
access-control-allow-origin: *
accept-ranges: bytes
age: 184434
date: Mon, 22 Apr 2024 15:37:05 GMT
x-served-by: cache-lga21935-LGA, cache-lga21948-LGA, cache-lcy-eglc8600091-LCY
x-cache: MISS, HIT, HIT
x-cache-hits: 0, 31, 0
x-timer: S1713800226.723603,VS0,VE2
vary: Accept-Encoding
strict-transport-security: max-age=31557600
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1307579

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

192.124.249.31:80

GET /repository/sfroot-g2.crt.cer HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: certificates.starfieldtech.com

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 22 Apr 2024 15:37:04 GMT
Content-Type: application/pkix-cert
Content-Length: 993
Connection: keep-alive
X-Sucuri-ID: 13031
Last-Modified: Tue, 16 Apr 2024 20:08:26 GMT
ETag: "3e1-6163c4d00a280"
Cache-Control: public, no-transform, must-revalidate
Expires: Sat, 20 Apr 2024 03:17:59 GMT
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
X-Sucuri-Cache: HIT
Accept-Ranges: bytes

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

18.172.89.114:443

GET /chariot-connect.umd.js HTTP/2.0
host: cdn.givechariot.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://heartandstrokerideforheart.crowdchange.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
content-type: application/javascript
date: Mon, 22 Apr 2024 14:27:05 GMT
last-modified: Mon, 22 Apr 2024 01:48:52 GMT
etag: W/"60d9dc56316e3b769abc8bd3004b7a41"
x-amz-server-side-encryption: AES256
x-amz-version-id: s0SgRywDF2G5w9VU4kP8oCn.mndhjTVl
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 90a04b21046e94f26928809a15bdd7ac.cloudfront.net (CloudFront)
x-amz-cf-pop: MAN51-P1
x-amz-cf-id: f2U5IQ80IagJrLFWsux_g4gH672EGH8RrW22ojnyAdXtdX8D82Ck3g==
age: 4202
cache-control: no-cache,no-store,must-revalidate,max-age=0

151.101.0.176:443

GET /v3/ HTTP/2.0
host: js.stripe.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://heartandstrokerideforheart.crowdchange.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
last-modified: Fri, 19 Apr 2024 21:28:14 GMT
etag: "9da8ff7a51979cbce3c7c2acae197be9"
cache-control: max-age=60
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Mon, 22 Apr 2024 15:37:05 GMT
via: 1.1 varnish
age: 11
x-request-id: 0b469fbf-ca70-41f6-a53c-9e005188bc8e
x-served-by: cache-lcy-eglc8600071-LCY
x-cache: HIT
x-cache-hits: 5
vary: Accept-Encoding
timing-allow-origin: *
content-length: 170400

151.101.0.176:443

GET /v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html HTTP/2.0
host: js.stripe.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://heartandstrokerideforheart.crowdchange.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
last-modified: Fri, 11 Nov 2022 20:25:37 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
cache-control: max-age=31536000
content-type: text/html; charset=utf-8
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Mon, 22 Apr 2024 15:37:09 GMT
via: 1.1 varnish
age: 1225894
x-request-id: ff7f6b86-e677-4a38-8f4a-335d15905b61
x-served-by: cache-lcy-eglc8600071-LCY
x-cache: HIT
x-cache-hits: 1077902
vary: Accept-Encoding
timing-allow-origin: *
content-length: 154

151.101.0.176:443

GET /v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js HTTP/2.0
host: js.stripe.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
last-modified: Fri, 11 Nov 2022 20:25:36 GMT
etag: "d96c709017743c0759cf3853d1806ba5"
cache-control: max-age=31536000
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Mon, 22 Apr 2024 15:37:09 GMT
via: 1.1 varnish
age: 1429711
x-request-id: 367c2316-06a8-4f5f-9a52-46a1fb2b2047
x-served-by: cache-lcy-eglc8600071-LCY
x-cache: HIT
x-cache-hits: 1011351
vary: Accept-Encoding
timing-allow-origin: *
content-length: 315

151.101.0.176:443

GET /v3/controller-with-preconnect-f5282affe3c1d903364a837590431600.html HTTP/2.0
host: js.stripe.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://heartandstrokerideforheart.crowdchange.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
last-modified: Fri, 19 Apr 2024 20:52:18 GMT
etag: "f5282affe3c1d903364a837590431600"
cache-control: max-age=60, stale-while-revalidate=900
content-type: text/html; charset=utf-8
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Mon, 22 Apr 2024 15:37:09 GMT
via: 1.1 varnish
age: 23
x-request-id: fc99dc42-e434-4bb4-b1c9-a73c157f8450
x-served-by: cache-lcy-eglc8600071-LCY
x-cache: HIT
x-cache-hits: 29
vary: Accept-Encoding
timing-allow-origin: *
content-length: 229

151.101.0.176:443

GET /v3/fingerprinted/js/shared-8c3a12bfd44bc3812e112f739812ca84.js HTTP/2.0
host: js.stripe.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://js.stripe.com/v3/controller-with-preconnect-f5282affe3c1d903364a837590431600.html
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
last-modified: Fri, 19 Apr 2024 20:52:31 GMT
etag: "ee6c77a8e04155ee539555c921d69d18"
cache-control: max-age=31536000
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Mon, 22 Apr 2024 15:37:09 GMT
via: 1.1 varnish
age: 240013
x-request-id: c9ea94ae-5738-4321-8dee-a768909e9416
x-served-by: cache-lcy-eglc8600071-LCY
x-cache: HIT
x-cache-hits: 95048
vary: Accept-Encoding
timing-allow-origin: *
content-length: 137155

151.101.0.176:443

GET /v3/fingerprinted/js/controller-f6b791467bea10c838c9f5429acef4dd.js HTTP/2.0
host: js.stripe.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://js.stripe.com/v3/controller-with-preconnect-f5282affe3c1d903364a837590431600.html
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
last-modified: Fri, 19 Apr 2024 20:52:29 GMT
etag: "3bb286beca247f1d509a4d417cd8d881"
cache-control: max-age=31536000
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Mon, 22 Apr 2024 15:37:09 GMT
via: 1.1 varnish
age: 240013
x-request-id: 5b445e09-3339-4402-9572-42bc86bbb216
x-served-by: cache-lcy-eglc8600071-LCY
x-cache: HIT
x-cache-hits: 93988
vary: Accept-Encoding
timing-allow-origin: *
content-length: 192337

151.101.0.176:443

GET /v3/fingerprinted/js/trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js HTTP/2.0
host: js.stripe.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://heartandstrokerideforheart.crowdchange.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
last-modified: Thu, 21 Dec 2023 18:13:43 GMT
etag: "96f5b26d366f47393b3ff36fe7471474"
cache-control: max-age=31536000
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Mon, 22 Apr 2024 15:37:16 GMT
via: 1.1 varnish
age: 1216363
x-request-id: 515adbbe-6f46-48d7-9fab-c31a144f9f61
x-served-by: cache-lcy-eglc8600071-LCY
x-cache: HIT
x-cache-hits: 183181
vary: Accept-Encoding
timing-allow-origin: *
content-length: 127

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

93.184.220.66:443

GET /widgets.js HTTP/1.1
Host: platform.twitter.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://heartandstrokerideforheart.crowdchange.ca/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 1291
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Mon, 22 Apr 2024 15:37:06 GMT
Etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
Last-Modified: Mon, 11 Dec 2023 17:20:28 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (lhd/35AA)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
x-amz-server-side-encryption: AES256
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 27597

93.184.220.66:443

GET /widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fheartandstrokerideforheart.crowdchange.ca HTTP/1.1
Host: platform.twitter.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://heartandstrokerideforheart.crowdchange.ca/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 2464130
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 22 Apr 2024 15:37:09 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:49 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (lhd/359E)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
x-amz-server-side-encryption: AES256
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105429

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

35.190.88.7:443

OPTIONS / HTTP/2.0
host: sessions.bugsnag.com
accept: */*
access-control-request-method: POST
access-control-request-headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
origin: https://heartandstrokerideforheart.crowdchange.ca
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://heartandstrokerideforheart.crowdchange.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

3.162.20.80:443

GET /inner.html HTTP/2.0
host: m.stripe.network
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://js.stripe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
content-type: text/html; charset=utf-8
content-length: 930
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
accept-ranges: bytes
server: Cloudfront
date: Mon, 22 Apr 2024 15:36:29 GMT
cache-control: max-age=300, public
etag: "06bfcd88af438673a8bf9b845a11aa6e"
vary: Accept-Encoding, Origin
via: 1.1 690e43471aef3bb47bb08a72f71583a8.cloudfront.net (CloudFront)
age: 41
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-pop: MAN51-P3
x-amz-cf-id: X-jYoZIm5_lLliFwst-xeAfTS16A_17jMKW80toGtvQIGCBzkICsHA==

3.162.20.80:443

GET /out-4.5.43.js HTTP/2.0
host: m.stripe.network
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://m.stripe.network/inner.html
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
content-type: text/javascript; charset=utf-8
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
content-encoding: br
date: Mon, 22 Apr 2024 15:32:16 GMT
cache-control: max-age=300, public
etag: W/"69cb7809b5011312e716f29b3d19dce6"
vary: Accept-Encoding, Origin
via: 1.1 690e43471aef3bb47bb08a72f71583a8.cloudfront.net (CloudFront)
age: 294
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-pop: MAN51-P3
x-amz-cf-id: Fz9TKbN7VwT3CAkFSiV3m7lfE7NFwKjq-lI3rTGee4g3VJ9DP8vQIQ==

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

216.58.204.78:443

POST /g/collect?v=2&tid=G-CMKF97WDFL&gtm=45je44h0v9103827295za200&_p=1713800228310&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=2093093195.1713800229&ul=en-us&sr=1280x720&uaa=x86&uab=64&uafvl=Chromium%3B106.0.5249.119%7CGoogle%2520Chrome%3B106.0.5249.119%7CNot%253BA%253DBrand%3B99.0.0.0&uamb=0&uam=&uap=Windows&uapv=4.0.0&uaw=0&pscdl=noapi&_s=1&sid=1713800229&sct=1&seg=0&dl=https%3A%2F%2Fheartandstrokerideforheart.crowdchange.ca%2Fauth%2Freset%2F29693b09a7e56c1d43593e79779e07d3bfd8897a8b9a4fb90e1055de7f16ae53%7CParesh_Mistry%40manulife.com&dt=Heart%20%26%20Stroke%20Ride%20for%20Heart&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=5613 HTTP/2.0
host: analytics.google.com
content-length: 0
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://heartandstrokerideforheart.crowdchange.ca
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://heartandstrokerideforheart.crowdchange.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

216.58.204.78:443

POST /g/collect?v=2&tid=G-RW7D5M2J52&gtm=45je44h0v9163957040z86295854za200&_p=1713800228310&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=2093093195.1713800229&ul=en-us&sr=1280x720&ir=1&uaa=x86&uab=64&uafvl=Chromium%3B106.0.5249.119%7CGoogle%2520Chrome%3B106.0.5249.119%7CNot%253BA%253DBrand%3B99.0.0.0&uamb=0&uam=&uap=Windows&uapv=4.0.0&uaw=0&pscdl=noapi&_eu=EA&_s=1&dl=https%3A%2F%2Fheartandstrokerideforheart.crowdchange.ca%2Fauth%2Freset%2F29693b09a7e56c1d43593e79779e07d3bfd8897a8b9a4fb90e1055de7f16ae53%7CParesh_Mistry%40manulife.com&sid=1713800229&sct=1&seg=0&dt=Heart%20%26%20Stroke%20Ride%20for%20Heart&en=page_view&_fv=1&_ss=1&tfd=5738 HTTP/2.0
host: analytics.google.com
content-length: 0
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://heartandstrokerideforheart.crowdchange.ca
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://heartandstrokerideforheart.crowdchange.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

64.233.184.157:443

POST /g/collect?v=2&tid=G-CMKF97WDFL&cid=2093093195.1713800229&gtm=45je44h0v9103827295za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0 HTTP/2.0
host: stats.g.doubleclick.net
content-length: 0
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://heartandstrokerideforheart.crowdchange.ca
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://heartandstrokerideforheart.crowdchange.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

64.233.184.157:443

POST /g/collect?v=2&tid=G-RW7D5M2J52&cid=2093093195.1713800229&gtm=45je44h0v9163957040z86295854za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0 HTTP/2.0
host: stats.g.doubleclick.net
content-length: 0
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://heartandstrokerideforheart.crowdchange.ca
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://heartandstrokerideforheart.crowdchange.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

8.8.8.8:53

142.250.200.2:443

GET /pagead/viewthroughconversion/1003371904/?random=1713800229183&cv=11&fst=1713800229183&bg=ffffff&guid=ON&async=1&gtm=45be44h0v895064540z86295854za201&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=720&url=https%3A%2F%2Fheartandstrokerideforheart.crowdchange.ca%2Fauth%2Freset%2F29693b09a7e56c1d43593e79779e07d3bfd8897a8b9a4fb90e1055de7f16ae53%257CParesh_Mistry%2540manulife.com&hn=www.googleadservices.com&frm=0&tiba=Heart%20%26%20Stroke%20Ride%20for%20Heart&npa=0&pscdl=noapi&auid=1235326913.1713800229&uaa=x86&uab=64&uafvl=Chromium%3B106.0.5249.119%7CGoogle%2520Chrome%3B106.0.5249.119%7CNot%253BA%253DBrand%3B99.0.0.0&uamb=0&uam=&uap=Windows&uapv=4.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4 HTTP/2.0
host: googleads.g.doubleclick.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://heartandstrokerideforheart.crowdchange.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

142.250.200.10:443

GET /v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSEAnuZEMZq2jo-hIFDc5BTHo=?alt=proto HTTP/2.0
host: content-autofill.googleapis.com
x-goog-encode-response-if-executable: base64
x-goog-api-key: AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
x-client-data: COiBywE=
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

104.244.42.72:443

GET /settings?session_id=67b57b2086164d016f53c6db8616fed2453ee40c HTTP/2.0
host: syndication.twitter.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://platform.twitter.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://platform.twitter.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
date: Mon, 22 Apr 2024 15:37:09 GMT
perf: 7402827104
vary: Origin
server: tsa_f
content-type: application/json; charset=utf-8
cache-control: must-revalidate, max-age=600
last-modified: Mon, 22 Apr 2024 15:37:10 GMT
content-length: 363
content-encoding: gzip
x-transaction-id: 6353827e249d4051
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 109
x-connection-hash: 5fe59de1488d4d2e27b5173d6ffd2f38fef56bd0e86dc6933be7e1abc4ee22ce

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

151.101.0.176:443

GET /v3/.deploy_status_henson.json HTTP/2.0
host: js.stripe.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
accept: application/json
content-type: application/x-www-form-urlencoded
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://js.stripe.com/v3/controller-with-preconnect-f5282affe3c1d903364a837590431600.html
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
last-modified: Fri, 19 Apr 2024 21:31:27 GMT
etag: "9a401ef88a9bf9407746ac17d268a7cf"
cache-control: max-age=60
content-type: application/json
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Mon, 22 Apr 2024 15:37:10 GMT
via: 1.1 varnish
age: 57
x-request-id: b32f3d35-17a8-4815-bb26-ddbda3accf4c
x-served-by: cache-lcy-eglc8600084-LCY
x-cache: HIT
x-cache-hits: 119
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-length: 297

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53