urlscan.io logo urlscan.io
SecurityTrails logo

cheet-1814-canadianfamilyoffices.gdev.postmedia.digital Open in urlscan Pro
34.95.11.30  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Effective URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Submission: On February 23 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 43 IPs in 4 countries across 36 domains to perform 155 HTTP transactions. The main IP is 34.95.11.30, located in Montreal, Canada and belongs to GOOGLE-PRIVATE-CLOUD, US. The main domain is cheet-1814-canadianfamilyoffices.gdev.postmedia.digital.
TLS certificate: Issued by R3 on February 23rd 2022. Valid for: 3 months.
This is the only time cheet-1814-canadianfamilyoffices.gdev.postmedia.digital was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 17 34.95.11.30 396982 (GOOGLE-PR...)
8 142.251.40.130 15169 (GOOGLE)
15 104.16.68.69 13335 (CLOUDFLAR...)
1 99.84.125.24 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 13.33.60.107 16509 (AMAZON-02)
3 52.95.147.53 16509 (AMAZON-02)
3 143.204.143.59 16509 (AMAZON-02)
5 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 5 13.33.60.120 16509 (AMAZON-02)
2 2a04:4e42:200... 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 3.212.45.149 14618 (AMAZON-AES)
8 34.149.157.221 15169 (GOOGLE)
6 34.107.254.252 15169 (GOOGLE)
4 2a04:4e42:600... 54113 (FASTLY)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
8 2607:f8b0:400... 15169 (GOOGLE)
2 142.250.65.226 15169 (GOOGLE)
2 2600:141b:13:... 20940 (AKAMAI-ASN1)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 146.75.32.157 54113 (FASTLY)
4 75.2.40.13 16509 (AMAZON-02)
1 104.244.42.195 13414 (TWITTER)
1 104.244.42.69 13414 (TWITTER)
1 99.84.112.62 16509 (AMAZON-02)
1 1 52.3.54.123 14618 (AMAZON-AES)
3 3 52.45.33.138 14618 (AMAZON-AES)
2 2 34.236.180.141 14618 (AMAZON-AES)
1 1 54.81.207.173 14618 (AMAZON-AES)
2 2 185.184.10.30 203690 (RTB-HOUSE...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2 2607:f8b0:400... 15169 (GOOGLE)
4 4 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 108.174.10.24 14413 (LINKEDIN)
1 2 104.18.101.194 13335 (CLOUDFLAR...)
1 4 2607:f8b0:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 34.239.25.47 14618 (AMAZON-AES)
4 2600:9000:21d... 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
18 100.26.94.123 14618 (AMAZON-AES)
6 2607:f8b0:400... 15169 (GOOGLE)
1 142.250.111.156 15169 (GOOGLE)
1 2600:9000:214... 16509 (AMAZON-02)
155 43
17    34.95.11.30 (Montreal, Canada)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: 30.11.95.34.bc.googleusercontent.com
cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
8    142.251.40.130 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net
securepubads.g.doubleclick.net
15    104.16.68.69 (None, )

ASN13335 (CLOUDFLARENET, US)
hb.districtm.io
cdn.districtm.io
dmx.districtm.io
1    99.84.125.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-125-24.ewr52.r.cloudfront.net
cdn.adsafeprotected.com
1    2607:f8b0:4006:822::200a (Queens, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:3032::ac43:c0b6 (United States)

ASN13335 (CLOUDFLARENET, US)
www.npttech.com
1    2606:4700:10::6816:49e8 (United States)

ASN13335 (CLOUDFLARENET, US)
auth.lrcontent.com
1    13.33.60.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-60-107.ewr52.r.cloudfront.net
ak.sail-horizon.com
3    52.95.147.53 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: s3-w.ca-central-1.amazonaws.com
pmd-dev-frontend-modules.s3.amazonaws.com
3    143.204.143.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-143-59.ewr52.r.cloudfront.net
smartcdn.prod.postmedia.digital
5    2607:f8b0:4006:807::2003 (Queens, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2607:f8b0:4006:824::2008 (Queens, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    13.33.60.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-60-120.ewr52.r.cloudfront.net
sb.scorecardresearch.com
2    2a04:4e42:200::645 (United States)

ASN54113 (FASTLY, US)
jssdkcdns.mparticle.com
jssdks.mparticle.com
1    2606:4700::6812:551 (United States)

ASN13335 (CLOUDFLARENET, US)
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
5    3.212.45.149 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-45-149.compute-1.amazonaws.com
pixel.adsafeprotected.com
8    34.149.157.221 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 221.157.149.34.bc.googleusercontent.com
smartcdn.gprod.postmedia.digital
6    34.107.254.252 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
4    2a04:4e42:600::645 (United States)

ASN54113 (FASTLY, US)
identity.mparticle.com
1    2607:f8b0:4006:823::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
1    2607:f8b0:4006:817::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
8    2607:f8b0:4006:80c::2001 (Queens, United States)

ASN15169 (GOOGLE, US)
4452e993218b6ee5f36daf92b9024209.safeframe.googlesyndication.com
tpc.googlesyndication.com
2    142.250.65.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net
www.googleadservices.com
2    2600:141b:13::17d7:82d2 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
2    2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    146.75.32.157 (Ashburn, United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
4    75.2.40.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com
api.sail-personalize.com
1    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    104.244.42.69 (United States)

ASN13414 (TWITTER, US)
t.co
1    99.84.112.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-112-62.ewr52.r.cloudfront.net
cdn.parsely.com
1    52.3.54.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-54-123.compute-1.amazonaws.com
match.sharethrough.com
3    52.45.33.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com
ups.analytics.yahoo.com
2    34.236.180.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-180-141.compute-1.amazonaws.com
pixel.advertising.com
1    54.81.207.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-207-173.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net
us.creativecdn.com
2    2607:f8b0:4006:809::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2607:f8b0:4006:820::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    108.174.10.24 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-24.fwd.linkedin.com
px4.ads.linkedin.com
2    104.18.101.194 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
4    2607:f8b0:4006:822::2004 (Queens, United States)

ASN15169 (GOOGLE, US)
www.google.com
2    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    34.239.25.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-25-47.compute-1.amazonaws.com
srv-2022-02-23-14.pixel.parsely.com
4    2600:9000:21dd:1e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
2    2607:f8b0:4006:80f::2003 (Queens, United States)

ASN15169 (GOOGLE, US)
www.google.ca
18    100.26.94.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-26-94-123.compute-1.amazonaws.com
dt.adsafeprotected.com
6    2607:f8b0:4006:80b::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    142.250.111.156 (United States)

ASN15169 (GOOGLE, US)
PTR: gb-in-f156.1e100.net
bid.g.doubleclick.net
1    2600:9000:2140:4c00:7:75d4:e40:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.ribn.com
Apex Domain
Subdomains		 Transfer
28 adsafeprotected.com
cdn.adsafeprotected.com — Cisco Umbrella Rank: 3336
pixel.adsafeprotected.com — Cisco Umbrella Rank: 519
static.adsafeprotected.com — Cisco Umbrella Rank: 502
dt.adsafeprotected.com — Cisco Umbrella Rank: 465
217 KB
28 postmedia.digital
cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
smartcdn.prod.postmedia.digital — Cisco Umbrella Rank: 178808
smartcdn.gprod.postmedia.digital — Cisco Umbrella Rank: 68899
416 KB
15 districtm.io
hb.districtm.io — Cisco Umbrella Rank: 70016
cdn.districtm.io — Cisco Umbrella Rank: 1644
dmx.districtm.io — Cisco Umbrella Rank: 1164
18 KB
14 googlesyndication.com
4452e993218b6ee5f36daf92b9024209.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 120
pagead2.googlesyndication.com — Cisco Umbrella Rank: 92
217 KB
11 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
googleads.g.doubleclick.net — Cisco Umbrella Rank: 37
bid.g.doubleclick.net — Cisco Umbrella Rank: 448
177 KB
6 permutive.com
api.permutive.com — Cisco Umbrella Rank: 1845
1 KB
6 mparticle.com
jssdkcdns.mparticle.com — Cisco Umbrella Rank: 5051
identity.mparticle.com — Cisco Umbrella Rank: 2515
jssdks.mparticle.com — Cisco Umbrella Rank: 4790
48 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 439
www.linkedin.com — Cisco Umbrella Rank: 602
px4.ads.linkedin.com — Cisco Umbrella Rank: 5087
4 KB
5 google.com
adservice.google.com — Cisco Umbrella Rank: 59
www.google.com — Cisco Umbrella Rank: 2
1 KB
5 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 129
3 KB
5 gstatic.com
fonts.gstatic.com
108 KB
4 sail-personalize.com
api.sail-personalize.com — Cisco Umbrella Rank: 2482
949 B
3 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 269
842 B
3 google.ca
adservice.google.ca — Cisco Umbrella Rank: 12901
www.google.ca — Cisco Umbrella Rank: 8810
1 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
200 KB
3 amazonaws.com
pmd-dev-frontend-modules.s3.amazonaws.com
303 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
424 B
2 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 497
540 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 146
76 KB
2 creativecdn.com
us.creativecdn.com — Cisco Umbrella Rank: 2383
697 B
2 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 307
676 B
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 2498
srv-2022-02-23-14.pixel.parsely.com
20 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126
115 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 830
3 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 99
16 KB
1 ribn.com
assets.ribn.com — Cisco Umbrella Rank: 44469
4 KB
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 768
548 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 561
222 B
1 t.co
t.co — Cisco Umbrella Rank: 456
336 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 468
458 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 539
6 KB
1 permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
61 KB
1 sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 2571
43 KB
1 lrcontent.com
auth.lrcontent.com — Cisco Umbrella Rank: 37875
47 KB
1 npttech.com
www.npttech.com — Cisco Umbrella Rank: 4023
3 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
155 36
Domain Requested by
18 dt.adsafeprotected.com cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
17 cheet-1814-canadianfamilyoffices.gdev.postmedia.digital 1 redirects cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
12 dmx.districtm.io hb.districtm.io
cdn.districtm.io
cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
8 smartcdn.gprod.postmedia.digital cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
8 securepubads.g.doubleclick.net cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
securepubads.g.doubleclick.net
www.googletagservices.com
7 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
6 api.permutive.com 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
5 pixel.adsafeprotected.com cdn.adsafeprotected.com
cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
5 sb.scorecardresearch.com 2 redirects pmd-dev-frontend-modules.s3.amazonaws.com
cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
5 fonts.gstatic.com fonts.googleapis.com
4 static.adsafeprotected.com pixel.adsafeprotected.com
cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
4 www.google.com 1 redirects securepubads.g.doubleclick.net
cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
tpc.googlesyndication.com
4 api.sail-personalize.com ak.sail-horizon.com
4 identity.mparticle.com jssdkcdns.mparticle.com
3 px.ads.linkedin.com 3 redirects
3 ups.analytics.yahoo.com 3 redirects
3 www.googletagmanager.com pmd-dev-frontend-modules.s3.amazonaws.com
www.googletagmanager.com
3 smartcdn.prod.postmedia.digital cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
3 pmd-dev-frontend-modules.s3.amazonaws.com cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
pmd-dev-frontend-modules.s3.amazonaws.com
2 www.google.ca cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
2 www.facebook.com cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
2 p.adsymptotic.com 1 redirects cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
2 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
2 www.googletagservices.com securepubads.g.doubleclick.net
2 us.creativecdn.com 2 redirects
2 pixel.advertising.com 2 redirects
2 connect.facebook.net cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
connect.facebook.net
2 snap.licdn.com www.googletagmanager.com
snap.licdn.com
2 www.googleadservices.com www.googletagmanager.com
www.googleadservices.com
2 cdn.districtm.io hb.districtm.io
cdn.districtm.io
1 jssdks.mparticle.com jssdkcdns.mparticle.com
1 assets.ribn.com cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
1 bid.g.doubleclick.net www.googleadservices.com
1 srv-2022-02-23-14.pixel.parsely.com cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
1 px4.ads.linkedin.com 1 redirects
1 www.linkedin.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 match.sharethrough.com 1 redirects
1 cdn.parsely.com www.googletagmanager.com
1 t.co cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
1 analytics.twitter.com static.ads-twitter.com
1 static.ads-twitter.com cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
1 4452e993218b6ee5f36daf92b9024209.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.ca securepubads.g.doubleclick.net
1 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app pmd-dev-frontend-modules.s3.amazonaws.com
1 jssdkcdns.mparticle.com pmd-dev-frontend-modules.s3.amazonaws.com
1 ak.sail-horizon.com cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
1 auth.lrcontent.com cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
1 www.npttech.com cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
1 fonts.googleapis.com cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
1 cdn.adsafeprotected.com cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
1 hb.districtm.io cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
155 54
Subject Issuer Validity Valid
cheet-1814-driving.gdev.postmedia.digital
R3		 2022-02-23 -
2022-05-24		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2021-06-02 -
2022-06-01		 a year crt.sh
*.adsafeprotected.com
Amazon		 2021-07-21 -
2022-08-19		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-05 -
2022-07-04		 a year crt.sh
ak.sail-horizon.com
Amazon		 2022-01-06 -
2023-02-02		 a year crt.sh
*.s3.amazonaws.com
Amazon		 2021-12-15 -
2022-12-03		 a year crt.sh
*.prod.postmedia.digital
Amazon		 2022-01-15 -
2023-02-13		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
jssdkcdns.mparticle.com
R3		 2021-12-27 -
2022-03-27		 3 months crt.sh
permutive.app
Cloudflare Inc ECC CA-3		 2022-01-16 -
2022-04-16		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2021-08-11 -
2022-09-09		 a year crt.sh
smartcdn.gprod.postmedia.digital
GTS CA 1D4		 2022-02-12 -
2022-05-13		 3 months crt.sh
api.permutive.com
R3		 2022-02-18 -
2022-05-19		 3 months crt.sh
identity.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2021-07-07 -
2022-08-08		 a year crt.sh
*.google.ca
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-12-02 -
2022-03-02		 3 months crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
api.sail-personalize.com
Amazon		 2021-06-24 -
2022-07-23		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-22 -
2023-02-22		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-22 -
2023-02-22		 a year crt.sh
*.parsely.com
Amazon		 2021-07-05 -
2022-08-03		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.pixel.parsely.com
R3		 2022-01-22 -
2022-04-22		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2021-04-22 -
2022-05-21		 a year crt.sh
*.ribn.com
Amazon		 2021-09-20 -
2022-10-19		 a year crt.sh
jssdks.mparticle.com
R3		 2021-12-27 -
2022-03-27		 3 months crt.sh

This page contains 14 frames:

Primary Page: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Frame ID: 2C4F5C2DB55ECB8560CF839B3E050984
Requests: 110 HTTP requests in this frame

Frame: https://pmd-dev-frontend-modules.s3.amazonaws.com/AA-606-0c8bf33/xd.html
Frame ID: D883E6184EC53BC1951C6C9BAC359897
Requests: 2 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: EA62AF3ED32C5C1592A63915E4C8C80F
Requests: 10 HTTP requests in this frame

Frame: https://4452e993218b6ee5f36daf92b9024209.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 55C13D26F0F216425AD9A7608B4BB409
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=928934&campId=970x250&pubId=5077387114&chanId=22429240359&placementId=5848972077&pubCreative=138372108537&pubOrder=2918923800&cb=602399458&custom=index&custom2=1&adsafe_par&impId=f62bc6bb-94b8-11ec-ba99-02a00c42b491
Frame ID: 9542C90D1CEDF5A43003FB73A9CFCD0C
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstrqYkSSFJzrJyu1zXTxw8Q0w_hRlF37TedtzLH7xIMPT9rzKw0gut6LGawI7CphqBEo-18Jhsc_ka9sVw2_4DcMiP8S3IxTrY7jjVRjaBh8C8utNE0mE91Q7U4G2Z0Vd6yNTZr6qyzGG8T8Wq-fhWsppbca1cL4HwdPAcnrEU80qyObvX7DwPHTqpDgBiksE7Yk20Bk7-uPCl4DiatcaAz77tbuX3xQHdwCuABhvqpm8TKhNkRDujs90x-E4aESuFZkcfTxFAlUBkpLKSu9ZUWCwaoPsYuwn4IYXLzLnUcC2QaG1rgwAgCbJlcI9DOI-qNpbPf9fRkVfJ1pzdCuebqOmX5NKzmjqSPXTY&sai=AMfl-YSyoXuKE7v1KlPxjBF7uInMw-S7pmYigZiReh2eAhBlQlJFY3wt10Y340MysCd33KxRsO1dAldPxxQ7jIDLXRGsQ57XqhRklmCk-Ei6aAmCWGTHK265wjeeE9oOizhE&sig=Cg0ArKJSzFC8aEctfQOcEAE&uach_m=[UACH]&adurl=
Frame ID: 0BE1AAA587C2D3B5D88E335D1B3263FA
Requests: 7 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=928934&campId=970x250&pubId=5077387114&chanId=22429240359&placementId=5848972077&pubCreative=138372095175&pubOrder=2918923800&cb=892279366&custom=index&custom2=2&adsafe_par&impId=f62bc6bc-94b8-11ec-ba99-02a00c42b491
Frame ID: ED3F4BF2FD844FCCD7B51F599F8B6FB9
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOkRc4imROYR1t2HvZ09BmkxIcQIA_I-tWWqSMhSGy6upxJQSz0ZLv5cEC0K3rBvnh8TVRkTVWym01W4c_2HooWPnrKugqtkzyAaDMTiy2m7iEG7hlmjaf0CFz9z3nNaV8PcZZgAqLpbr0AxQJABvvOdBwsifTsLIXg0nHFyVwPaBGsL8vwL9Rnl7Tf0Dm9hJslkAcaBV2yZKUHCvNv5rZ-7OuUYb71EY8kjijrWQ5aMFGrszf-IOQsjusRQj06Kb0F1BIXQ_deXj59O2ibypttrzQgdAq7LHCg8lqx6veYfqaW-RpaygDnUxrDk4sLTTd5Fa22jY67sPH2KTn788L2aF97l08v7zHFzM&sai=AMfl-YQhqYcVIA7y-IBulntEatiYJi5J3kgb9xoL47zkIVm-O3ZDgghraM2lh1PjOwaGsu-L0FVL9jhUXnuD2yCrEHLyjzZR11FX57GUTYwZzpPo812A452GVR4YHyUTeZkb&sig=Cg0ArKJSzP7oc8DRTFz1EAE&uach_m=[UACH]&adurl=
Frame ID: 823C271DF2EA06D3BE4846E758E65905
Requests: 8 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 6F83F92CE3E862D1262A354413DA9A14
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 711A6FCD40ADAE6DA399E08A45156E7B
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 3A64F81ACE7366001DB36ACF7C199B25
Requests: 1 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: C2E174CA24C91DC952630D896341FD3F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BB83D0CE62DE2A533789ADEFB18672BB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D4AC8E1318A015324897F27F9206C1D2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home | Canadian Family OfficesCanadian Family Offices

Page URL History Show full URLs

  1. http://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/ HTTP 308
    https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • require.*\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

155
Requests

93 %
HTTPS

45 %
IPv6

36
Domains

54
Subdomains

43
IPs

4
Countries

2108 kB
Transfer

5655 kB
Size

36
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/ HTTP 308
    https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67
  • https://sb.scorecardresearch.com/b?c1=2&c2=10276888&ns__t=1645628266999&ns_c=UTF-8&c8=Home%20%7C%20Canadian%20Family%20Offices&c7=https%3A%2F%2Fcheet-1814-canadianfamilyoffices.gdev.postmedia.digital%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&ns__t=1645628266999&ns_c=UTF-8&c8=Home%20%7C%20Canadian%20Family%20Offices&c7=https%3A%2F%2Fcheet-1814-canadianfamilyoffices.gdev.postmedia.digital%2F&c9=
Request Chain 81
  • https://match.sharethrough.com/1PQ8qgv7/v1/ HTTP 302
  • https://dmx.districtm.io/s/10059/6468403d-3e1d-4d76-bc65-705ec03c3c71
Request Chain 82
  • https://ups.analytics.yahoo.com/ups/58377/occ?gdpr=&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58377/occ?gdpr=&gdpr_consent=&verify=true HTTP 302
  • https://dmx.districtm.io/s/10057/y-B.uMt.FE2uEZiIyNSINpnC7LY8wip_LfP.Svd74-~A
Request Chain 83
  • https://pixel.advertising.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPf6a03304-94b8-11ec-8aa4-02ca691a5cc1 HTTP 302
  • https://dmx.districtm.io/s/10051/y-DPhmgYZE2uGwAISKGMAmlbBoZdjF3gi7~A~UPf6a03304-94b8-11ec-8aa4-02ca691a5cc1
Request Chain 84
  • https://sync.srv.stackadapt.com/sync?nid=132 HTTP 302
  • https://dmx.districtm.io/s/10026/0qh3gYjvTuZ7rdU6YgncXpU4mbQ
Request Chain 85
  • https://us.creativecdn.com/cm-notify?pi=districtm HTTP 302
  • https://us.creativecdn.com/cm-notify?pi=districtm&tc=1 HTTP 302
  • https://dmx.districtm.io/s/10027/xg1PJg74MRB2qo9Gv2lK?pi=districtm&tc=1
Request Chain 93
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1645628267394&url=https%3A%2F%2Fcheet-1814-canadianfamilyoffices.gdev.postmedia.digital%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1645628267394&url=https%3A%2F%2Fcheet-1814-canadianfamilyoffices.gdev.postmedia.digital%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1747836%26time%3D1645628267394%26url%3Dhttps%253A%252F%252Fcheet-1814-canadianfamilyoffices.gdev.postmedia.digital%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1645628267394&url=https%3A%2F%2Fcheet-1814-canadianfamilyoffices.gdev.postmedia.digital%2F&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1645628267394&url=https%3A%2F%2Fcheet-1814-canadianfamilyoffices.gdev.postmedia.digital%2F&cookiesTest=true&liSync=true&e_ipv6=AQI6e3_6dOi_TQAAAX8nFp17D2i3OtHV_7Q6FQn0O78tD6ScF14fcFhkukgqVWO06_UeYGLq HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f428e9de-092e-464e-bf22-d7ea34c7d606 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f428e9de-092e-464e-bf22-d7ea34c7d606&_expected_cookie=3ca2083b30d567a683f1645665f8fa2f
Request Chain 105
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/580448699/?random=1757224757&cv=9&fst=1645628267382&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcheet-1814-canadianfamilyoffices.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Canadian%20Family%20Offices&auid=1685494586.1645628267&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=a0sWYvCrG7KFoPMPyMGl-A4&sscte=1&crd=CNPgGw&eitems=ChAIgNPXkAYQzYr32cfxkaYBEh0AVHbWph-hShs8NAkp1c7S2Xvdneq6dmWDX_Tmsw HTTP 302
  • https://www.google.com/pagead/1p-conversion/580448699/?random=1757224757&cv=9&fst=1645628267382&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcheet-1814-canadianfamilyoffices.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Canadian%20Family%20Offices&auid=1685494586.1645628267&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=a0sWYvCrG7KFoPMPyMGl-A4&cid=CAQSKQCNIrLM0JhjWJZ5rtf6WI8YAQjzMmZ-fzr2WaRIwnXMk3RFau2FgSSd&eitems=ChAIgNPXkAYQzYr32cfxkaYBEh0AVHbWplxp14wQwMiMAtxio8-xZbEKe3lwfptcBA&random=62675386&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.ca/pagead/1p-conversion/580448699/?random=1757224757&cv=9&fst=1645628267382&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcheet-1814-canadianfamilyoffices.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Canadian%20Family%20Offices&auid=1685494586.1645628267&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=a0sWYvCrG7KFoPMPyMGl-A4&cid=CAQSKQCNIrLM0JhjWJZ5rtf6WI8YAQjzMmZ-fzr2WaRIwnXMk3RFau2FgSSd&eitems=ChAIgNPXkAYQzYr32cfxkaYBEh0AVHbWplxp14wQwMiMAtxio8-xZbEKe3lwfptcBA&random=62675386&resp=GooglemKTybQhCsO&ipr=y&prhg=0
Request Chain 133
  • https://sb.scorecardresearch.com/c2/10276888/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js

155 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Redirect Chain
  • http://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
  • https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
452 KB
65 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
e2944bb8d103d137f4813d1b0062ecf65f0a5209736df258b999796da07f2b76
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

date
Wed, 23 Feb 2022 14:57:46 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding user-agent
expires
Wed, 23 Feb 2022 15:02:45 GMT
cache-control
max-age=300
x-frame-options
SAMEORIGIN
x-pmd-backend
cheetah-nginx
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains

Redirect headers

Date
Wed, 23 Feb 2022 14:57:37 GMT
Content-Type
text/html
Content-Length
164
Connection
keep-alive
Location
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
sffe /
Resource Hash
67286908ff4a4fdfcbed0ac77fe99c00f6974bcaa14b77ace42a9dfb189024d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 14:57:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27609
x-xss-protection
0
server
sffe
etag
"1140 / 669 of 1000 / last-modified: 1645618101"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 23 Feb 2022 14:57:46 GMT
all.postmedia.js
hb.districtm.io/prod/100549/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.districtm.io/prod/100549/all.postmedia.js
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5f7c1c0cbec2c27d4165db4cd06b7780f477fc9161008bde67c7a9d62b223aa

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 14:57:46 GMT
via
1.1 befa97a817eaed04a94855080a3e4a54.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
1539
x-cache
Miss from cloudfront
cf-bgj
minify
content-encoding
br
last-modified
Thu, 10 Dec 2020 10:37:54 GMT
server
cloudflare
etag
W/"5f2e83162e71fb84bb30df8f49e91eee"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=43200
x-amz-cf-pop
ATL56-C2
cf-ray
6e214ef7fa321835-EWR
x-amz-cf-id
UvKBKNC1l2Dje_IN3dd2EQPGDIXFGixhxY_vCwTtKg6HTlAv9gtXSw==
expires
Thu, 24 Feb 2022 02:57:46 GMT
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.125.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-125-24.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 19 Feb 2022 06:40:28 GMT
Via
1.1 1f6489805a1a0c23aa23a8aa0cb28716.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
Age
375439
ETag
"51636de3ce868a2172f9e6996c2934e0"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=604800
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Content-Length
22521
X-Amz-Cf-Id
gWrDHrecqX9vbWvQr5ja15x3ldqTuOFRkivEEvp5IRr4PZgSL9d_fA==
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Frank+Ruhl+Libre:400,700%7CInter:400,700%7CRoboto:400,700&display=swap
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1dd1a6a145e1ea2750d60fd2f3de8e823197e98eba48ce407bf5bc471e4ba3a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 14:57:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 23 Feb 2022 14:57:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 23 Feb 2022 14:57:46 GMT
advertising.js
www.npttech.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c0b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 14:57:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4410
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
JNMEQGQ9NJ9E6X1S
x-amz-id-2
fxImh/8M8kos4PfArLZQ66EMsMP9XUBIudAFPFkNaHH9tQrUf3+tzsmbOphXS4daZ7ig6eUbrKc=
last-modified
Wed, 19 Jun 2019 08:25:01 GMT
server
cloudflare
etag
W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hexCJExTCdYkKIfMZK5GPXdtt4kTBZPXoZj0ZMxD8mjUVeiXFAcIWMkoLKYGL7IKQZqE9cbE5ymrC%2BQANuM36x%2Bmo%2BAcmrcv8HVS9XhTwnyceAz6ZVHsI%2FTx5vTv9h0uj%2FYLhbYkxSrI5YySX9k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
x-amz-version-id
hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cf-ray
6e214ef8bced7145-YUL
LoginRadiusV2.js
auth.lrcontent.com/v2/js/ 		199 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.lrcontent.com/v2/js/LoginRadiusV2.js
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:49e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68a335c0d87dce935fee1811892070e78c514828d50bfe2ae21fde739ec1002c
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 14:57:46 GMT
via
1.1 c1c976b1b60b605adb44f62da9e0bb8a.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
age
5130
cf-polished
origSize=1238069
x-cache
Miss from cloudfront
content-encoding
gzip
last-modified
Mon, 13 Dec 2021 05:19:58 GMT
server
cloudflare
etag
W/"ae3463c4a59ae100b160ed4dd5dbf4b8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age= 63072000; includeSubdomains; preload
content-type
application/javascript
cache-control
max-age=14400
x-amz-cf-pop
EWR52-C3
cf-ray
6e214ef85cf0ca4b-YUL
x-amz-cf-id
UKx_SLTr25mJR9OxZ3Jl1iZpjZMyCaPjbVBPFMpyn7yVrNt_E6CAIg==
cf-bgj
minify
spm.v1.min.js
ak.sail-horizon.com/spm/ 		121 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.60.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-60-107.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d06ae5e97e495832fc4526c3e93d7e9440f1faf5f77669b41678c9d564a25faf

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 14:49:36 GMT
content-encoding
gzip
last-modified
Tue, 08 Jun 2021 04:22:34 GMT
server
AmazonS3
age
490
etag
W/"b22b4f4738e8722be1636447be239da2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3b1807627d3f1dc0cdeb157fc313627a.cloudfront.net (CloudFront)
cache-control
max-age=600; must-revalidate
x-amz-cf-pop
EWR52-C1
x-amz-cf-id
JRry0Y4u3ZG2BvQVm32_qXXJtSOlcG7pnAGUtz_L1aNqCDzIxE-aBg==
fem.js
pmd-dev-frontend-modules.s3.amazonaws.com/AA-606-0c8bf33/ 		265 KB
265 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pmd-dev-frontend-modules.s3.amazonaws.com/AA-606-0c8bf33/fem.js
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.147.53 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-w.ca-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
bfe59bd642bfb002cede8d9aa3fdfb08da38e7841521e9d24bc4da59e0986d76

Request headers

Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Origin
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 23 Feb 2022 14:57:47 GMT
Last-Modified
Fri, 18 Feb 2022 18:41:06 GMT
Server
AmazonS3
x-amz-request-id
E0GDP8GRNYAPCY9X
ETag
"855c41473eedb90d6c5d854b870fbf74"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
271134
x-amz-id-2
qkg357Pg8EtIaTXMhGobjzhSu9KlwD3eji2tTtAwMNZpJeKAvscqpEzoY8FBqIZ4AYtFquc/ZYg=
MicrosoftTeams-image-1.png
smartcdn.prod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2021/06/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.prod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2021/06/MicrosoftTeams-image-1.png
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.143.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-143-59.ewr52.r.cloudfront.net
Software
nginx/1.19.10 /
Resource Hash
7fb0c7ff737b4e24b5779966ab33cf471e3902f26e598e3f4e8ea365c370aff9

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester
canadianfamilyoffices
date
Thu, 24 Jun 2021 18:26:02 GMT
via
1.1 59d9797319b555b25abd21e200e6e428.cloudfront.net (CloudFront)
server
nginx/1.19.10
age
21069104
etag
"a25ac1ee0b9191ef57801138f8c77e081f5450c3"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31536000,public
x-amz-cf-pop
EWR52-C2
x-pmd-smart-cdn-proxy
93319da2bf59
content-length
6864
x-amz-cf-id
DjMjuf8ZI2Xg3KY6ui00G3s2bzyyqd1vBObRSGLl2C6Iz4yBolxk3A==
expires
Fri, 24 Jun 2022 18:26:02 GMT
icon-soc-tw.svg
cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/10.0.0/websites/images/share-icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/10.0.0/websites/images/share-icons/icon-soc-tw.svg
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
975a64dc9bbc5e1884ba8ca2e76d9b2791d16d5c9f3619bf30477cd21a8636d2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Wed, 23 Feb 2022 14:57:46 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 14:43:17 GMT
etag
W/"62164805-6a2"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sat, 18 Feb 2023 14:57:46 GMT
icon-soc-li.svg
cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/10.0.0/websites/images/share-icons/ 		739 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/10.0.0/websites/images/share-icons/icon-soc-li.svg
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
73f5cb8f7a137847e41aeb849588174535651b6e140d8b13575f46fff0c496a2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Wed, 23 Feb 2022 14:57:46 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 14:43:17 GMT
etag
W/"62164805-2e3"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sat, 18 Feb 2023 14:57:46 GMT
shared.d75ef42fcd07.js
cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/10.0.0/CACHE/js/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/10.0.0/CACHE/js/shared.d75ef42fcd07.js
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
d75ef42fcd07b5fab32a6313d56b4147bfb26d88aa53d2de1c7039852253bcfa
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Origin
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Wed, 23 Feb 2022 14:57:46 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 14:43:21 GMT
etag
W/"62164809-5e1e"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sat, 18 Feb 2023 14:57:46 GMT
main.1177a49ea8ff.js
cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/10.0.0/CACHE/js/ 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/10.0.0/CACHE/js/main.1177a49ea8ff.js
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
1177a49ea8ffd2316eab0c580c5b89802b1355e872356187f16893f688fb5435
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Origin
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Wed, 23 Feb 2022 14:57:46 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 14:43:21 GMT
etag
W/"62164809-17ded"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sat, 18 Feb 2023 14:57:46 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Frank+Ruhl+Libre:400,700%7CInter:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 01:28:42 GMT
x-content-type-options
nosniff
age
480544
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 18 Feb 2023 01:28:42 GMT
j8_36_fAw7jrcalD7oKYNX0QfAnPUwvA9JfGhA.woff2
fonts.gstatic.com/s/frankruhllibre/v10/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/frankruhllibre/v10/j8_36_fAw7jrcalD7oKYNX0QfAnPUwvA9JfGhA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Frank+Ruhl+Libre:400,700%7CInter:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef1ef95b3042a40188772fba913faf3582345ea35868a2340b9f0ea1954f2c0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 00:13:48 GMT
x-content-type-options
nosniff
age
571438
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20468
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:04:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 17 Feb 2023 00:13:48 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v7/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v7/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Frank+Ruhl+Libre:400,700%7CInter:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acdc8f60059cbf557957869f544dce756689a499c506856522204b3ea06be8c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 16:21:37 GMT
x-content-type-options
nosniff
age
81369
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37780
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 17:59:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 22 Feb 2023 16:21:37 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Frank+Ruhl+Libre:400,700%7CInter:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 16:23:56 GMT
x-content-type-options
nosniff
age
81230
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 22 Feb 2023 16:23:56 GMT
j8_w6_fAw7jrcalD7oKYNX0QfAnPW7Dl4Q.woff2
fonts.gstatic.com/s/frankruhllibre/v10/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/frankruhllibre/v10/j8_w6_fAw7jrcalD7oKYNX0QfAnPW7Dl4Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Frank+Ruhl+Libre:400,700%7CInter:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c6db249df1966e3ac79a1330df310a02acbe88c1ec9caa389fb1ee13c103102
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 00:14:07 GMT
x-content-type-options
nosniff
age
571419
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20072
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:58:31 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 17 Feb 2023 00:14:07 GMT
newsletter-envelope.svg
cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/10.0.0/websites/images/newsletters/logo/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/10.0.0/websites/images/newsletters/logo/newsletter-envelope.svg
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
e592c023e395d520e95efed9c15d14c77d5c101e3ce6b5d71413384508b55d59
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Wed, 23 Feb 2022 14:57:46 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 14:43:17 GMT
etag
W/"62164805-978"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sat, 18 Feb 2023 14:57:46 GMT
xd.html
pmd-dev-frontend-modules.s3.amazonaws.com/AA-606-0c8bf33/ Frame D883 		188 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pmd-dev-frontend-modules.s3.amazonaws.com/AA-606-0c8bf33/xd.html
Requested by
Host: pmd-dev-frontend-modules.s3.amazonaws.com
URL: https://pmd-dev-frontend-modules.s3.amazonaws.com/AA-606-0c8bf33/fem.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.147.53 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-w.ca-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
6c8ee3f969943732ebe4bec6db2f9593e601405cb74b58a677f435d2d2b72b68

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/

Response headers

x-amz-id-2
USMtrc28PvaJvb6JnF7iMm2UGZ8cvAz2EmunOIOKx6wFwn66GpJFJe1Ie9wkI4RRqdAd15Y6uwA=
x-amz-request-id
E0G9Z9ZYMHVJBVJP
Date
Wed, 23 Feb 2022 14:57:47 GMT
Last-Modified
Fri, 18 Feb 2022 18:41:06 GMT
ETag
"eafe5fc79af4b8eea93d579b2d82cca7"
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Type
text/html
Server
AmazonS3
Content-Length
188
gtm.js
www.googletagmanager.com/ 		496 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Requested by
Host: pmd-dev-frontend-modules.s3.amazonaws.com
URL: https://pmd-dev-frontend-modules.s3.amazonaws.com/AA-606-0c8bf33/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e8984ce1f1130d58ee929e7ce60e27bafcfa536124ae2d1a8597fd6ea8c49327
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 14:57:46 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112786
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 23 Feb 2022 14:57:46 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: pmd-dev-frontend-modules.s3.amazonaws.com
URL: https://pmd-dev-frontend-modules.s3.amazonaws.com/AA-606-0c8bf33/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.60.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-60-120.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 10:45:30 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
42952
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c7f2e710eb5e4c599a030513a5a7ed22.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C1
x-amz-cf-id
S0fvMANZ8dnQDPhlU770d--WHNDxBc8RsQleuNWfl8PcraiJJWHIhg==
mparticle.js
jssdkcdns.mparticle.com/js/v2/us1-a9588c0ddc27594cabd152e47ffe27ee/ 		184 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jssdkcdns.mparticle.com/js/v2/us1-a9588c0ddc27594cabd152e47ffe27ee/mparticle.js
Requested by
Host: pmd-dev-frontend-modules.s3.amazonaws.com
URL: https://pmd-dev-frontend-modules.s3.amazonaws.com/AA-606-0c8bf33/fem.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f7914b4836b5815c4b3dcd79c44fa3390dedf00785d79f90dc7f6c6f38c947c5

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 14:57:46 GMT
via
1.1 varnish, 1.1 varnish
server
Kestrel
age
10
x-origin-name
fastlyshield--shield_ssl_cache_iad_kcgs7200085_IAD
x-served-by
cache-iad-kcgs7200085-IAD, cache-yul12827-YUL
vary
Accept, Accept-Encoding
x-cache
MISS, HIT
content-type
application/javascript
content-encoding
gzip
cache-control
public, max-age=3600
accept-ranges
bytes
x-timer
S1645628267.574549,VS0,VE0
content-length
48496
x-cache-hits
0, 1
gtm.js
www.googletagmanager.com/ 		112 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Requested by
Host: pmd-dev-frontend-modules.s3.amazonaws.com
URL: https://pmd-dev-frontend-modules.s3.amazonaws.com/AA-606-0c8bf33/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9cc76f7842eb03c9dd1ded8bacd8da378daea69f5170b53dc2be924e75bc3442
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 14:57:46 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34667
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 23 Feb 2022 14:57:46 GMT
23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/ 		226 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Requested by
Host: pmd-dev-frontend-modules.s3.amazonaws.com
URL: https://pmd-dev-frontend-modules.s3.amazonaws.com/AA-606-0c8bf33/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab0662b330b8e0d7f53c3c3c6a994b515fe6b3ee61cf89540c81a925a6d60fe1

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 14:57:46 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
23dc09d6-b664-425a-a76e-0eed6a6cc102
age
1231
x-guploader-uploadid
ADPycdtTrsNfxa77MuOrjleeGxPWWPiDsw2Ts9f5qOZsLaGvqhsusvtstXYXEgxGTN8hN-6TcFGqIvh0cQ4EH7XA6fGUUzSW1w
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
application/javascript
last-modified
Thu, 10 Feb 2022 21:39:24 GMT
server
cloudflare
etag
W/"91ad277471ce32db5713bb9158e088b8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=TJAkbA==, md5=ka0ndHHOMttXE7uRWOCIuA==
x-goog-generation
1644529164683435
cache-control
public, max-age=900
x-goog-stored-content-length
65296
cf-ray
6e214efa28da713f-YUL
expires
Wed, 23 Feb 2022 15:12:46 GMT
pubads_impl_2022021701.js
securepubads.g.doubleclick.net/gpt/ 		363 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
sffe /
Resource Hash
80df80639eff50b28f33ab6354c5f7448973e4f47c47fe0c3813c7dea361a7c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 06:32:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30343
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124510
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 09:34:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 23 Feb 2023 06:32:03 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		137 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
72197a129636634bea180fb17d00e71452ee0209f7b4e2fff7141e5e15c1ed21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 23 Feb 2022 14:57:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123
x-xss-protection
0
expires
Wed, 23 Feb 2022 14:57:46 GMT
pub
pixel.adsafeprotected.com/services/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=928934&slot=%7Bid:ad-1,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/cfo.com/index,t:display%7D&slot=%7Bid:ad-2,ss:%5B6.6,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/cfo.com/index,t:display%7D&slot=%7Bid:ad-native-1,ss:%5B5.5%5D,p:/3081/cfo.com/index,t:display%7D&slot=%7Bid:ad-3,ss:%5B7.7,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/cfo.com/index,t:display%7D&slot=%7Bid:ad-native-2,ss:%5B5.5%5D,p:/3081/cfo.com/index,t:display%7D&slot=%7Bid:ad-4,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/cfo.com/index,t:display%7D&slot=%7Bid:ad-native-3,ss:%5B5.5%5D,p:/3081/cfo.com/index,t:display%7D&slot=%7Bid:ad-5,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/cfo.com/index,t:display%7D&slot=%7Bid:ad-native-4,ss:%5B5.5%5D,p:/3081/cfo.com/index,t:display%7D&slot=%7Bid:ad-6,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/cfo.com/index,t:display%7D&slot=%7Bid:ad-native-5,ss:%5B5.5%5D,p:/3081/cfo.com/index,t:display%7D&slot=%7Bid:ad-7,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/cfo.com/index,t:display%7D&slot=%7Bid:ad-native-6,ss:%5B5.5%5D,p:/3081/cfo.com/index,t:display%7D&slot=%7Bid:ad-8,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/cfo.com/index,t:display%7D&slot=%7Bid:ad-native-7,ss:%5B5.5%5D,p:/3081/cfo.com/index,t:display%7D&slot=%7Bid:ad-9,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/cfo.com/index,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=54e25205-2dcd-b83e-b1c4-ec57ce482a7b&url=https%253A%252F%252Fcheet-1814-canadianfamilyoffices.gdev.postmedia.digital%252F
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.45.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-45-149.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f9f6a05c0164ab191af137238768faae96a84df94b8190129eb28314e6868bbc

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 14:57:46 GMT
x-server-name
app12.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
server
nginx
index.html
cdn.districtm.io/ids/ Frame EA62 		116 B
317 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: hb.districtm.io
URL: https://hb.districtm.io/prod/100549/all.postmedia.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/

Response headers

date
Wed, 23 Feb 2022 14:57:46 GMT
content-type
text/html
cf-ray
6e214efacf811835-EWR
age
50500
last-modified
Thu, 20 May 2021 02:18:27 GMT
via
1.1 84998cd5f1fa5882ba3f758f388fd37a.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-cf-id
ZEXBJ6tgBO9WpkJuJTkwv50zI7oZEKeA3h7ny96OGBBh2wRHyfu22A==
x-amz-cf-pop
IAD79-C2
x-cache
Hit from cloudfront
vary
Accept-Encoding
server
cloudflare
content-encoding
br
v1
dmx.districtm.io/b/ 		0
38 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: hb.districtm.io
URL: https://hb.districtm.io/prod/100549/all.postmedia.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 23 Feb 2022 14:57:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6e214efacf851835-EWR
access-control-allow-headers
origin, content-type
v1
dmx.districtm.io/b/ 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: hb.districtm.io
URL: https://hb.districtm.io/prod/100549/all.postmedia.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 23 Feb 2022 14:57:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6e214efacf871835-EWR
access-control-allow-headers
origin, content-type
a556277d29cfe35510470.js
cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/10.0.0/websites/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/10.0.0/websites/js/a556277d29cfe35510470.js
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/10.0.0/CACHE/js/shared.d75ef42fcd07.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
64877850f9e838b0e76c3cf59b45760f44598fae0a8d2b14ba491b682c0ad92e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Wed, 23 Feb 2022 14:57:46 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 14:41:38 GMT
etag
W/"621647a2-24d6"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sat, 18 Feb 2023 14:57:46 GMT
b47e59e4ac72deb523a01.js
cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/10.0.0/websites/js/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/10.0.0/websites/js/b47e59e4ac72deb523a01.js
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/10.0.0/CACHE/js/shared.d75ef42fcd07.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
6f33bb6fb3ab3ed9893e8cf1ad0bda09b99a535be0a54c7a8f1dd1c3a688c4ee
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Wed, 23 Feb 2022 14:57:46 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 14:41:38 GMT
etag
W/"621647a2-4f04"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sat, 18 Feb 2023 14:57:46 GMT
2f6dcc6ecbc4a629d0c58.js
cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/10.0.0/websites/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/10.0.0/websites/js/2f6dcc6ecbc4a629d0c58.js
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/10.0.0/CACHE/js/shared.d75ef42fcd07.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
28ebe438c9cebbf8b49baf284b7c0624f1a1e52c823572afe5dba64d858ebb09
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Wed, 23 Feb 2022 14:57:46 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 14:41:38 GMT
etag
W/"621647a2-2ea9"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sat, 18 Feb 2023 14:57:46 GMT
319134f8edfeb15b070c18.js
cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/10.0.0/websites/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/10.0.0/websites/js/319134f8edfeb15b070c18.js
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/10.0.0/CACHE/js/shared.d75ef42fcd07.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
a1f4086973dc8059c20b2a680c1e4cfae4069ff3a4a063a297bbcd9281115dab
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Wed, 23 Feb 2022 14:57:46 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 14:41:38 GMT
etag
W/"621647a2-2e3e"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sat, 18 Feb 2023 14:57:46 GMT
a31b63a7db010a13439a4.js
cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/10.0.0/websites/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/10.0.0/websites/js/a31b63a7db010a13439a4.js
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/10.0.0/CACHE/js/shared.d75ef42fcd07.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
dea759394a532f5d3ca25e8697fd2077dac60131e9eb3bd1ab3d6aee3a86ec47
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Wed, 23 Feb 2022 14:57:46 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 14:41:38 GMT
etag
W/"621647a2-1eaa"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sat, 18 Feb 2023 14:57:46 GMT
44d6844c95c62adce80b7.js
cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/10.0.0/websites/js/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/10.0.0/websites/js/44d6844c95c62adce80b7.js
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/10.0.0/CACHE/js/shared.d75ef42fcd07.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
5122c98605367c14582885aacdfd443bc832001303f137203ca6ceddc96ceb94
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Wed, 23 Feb 2022 14:57:46 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 14:41:38 GMT
etag
W/"621647a2-4ddf"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sat, 18 Feb 2023 14:57:46 GMT
f25f73887f754ba9ba5513.js
cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/10.0.0/websites/js/ 		50 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/10.0.0/websites/js/f25f73887f754ba9ba5513.js
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/10.0.0/CACHE/js/shared.d75ef42fcd07.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
2338bdf13f439396890e22f1ea22f8c75671c758511529e04ac96bae655b4e7d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Wed, 23 Feb 2022 14:57:46 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 14:41:38 GMT
etag
W/"621647a2-c88e"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sat, 18 Feb 2023 14:57:46 GMT
ebada5baf015643cf58b15.js
cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/10.0.0/websites/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/10.0.0/websites/js/ebada5baf015643cf58b15.js
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/10.0.0/CACHE/js/shared.d75ef42fcd07.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
0a055b94dddc24c4d91c386d3eb855fc8eb2e973346a021eafb4e625398b60da
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Wed, 23 Feb 2022 14:57:46 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 14:41:38 GMT
etag
W/"621647a2-1a84"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sat, 18 Feb 2023 14:57:46 GMT
3b3f819d1ffe0e05145e10.js
cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/10.0.0/websites/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/10.0.0/websites/js/3b3f819d1ffe0e05145e10.js
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/10.0.0/CACHE/js/shared.d75ef42fcd07.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
9008ac843d4735e349bdde45c352caeb6d5c1517622730fa602d6b56cf5e4b3a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Wed, 23 Feb 2022 14:57:46 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 14:41:38 GMT
etag
W/"621647a2-2ab4"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sat, 18 Feb 2023 14:57:46 GMT
ddbb15d55d3fae80804b28.js
cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/10.0.0/websites/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/10.0.0/websites/js/ddbb15d55d3fae80804b28.js
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/10.0.0/CACHE/js/shared.d75ef42fcd07.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
caac5c71c9d790e8cd32ed97b5a978c08c5543b7f25ace068aa767d1f4987488
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Wed, 23 Feb 2022 14:57:46 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 14:41:38 GMT
etag
W/"621647a2-27b8"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sat, 18 Feb 2023 14:57:46 GMT
xd.js
pmd-dev-frontend-modules.s3.amazonaws.com/AA-606-0c8bf33/ Frame D883 		37 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pmd-dev-frontend-modules.s3.amazonaws.com/AA-606-0c8bf33/xd.js
Requested by
Host: pmd-dev-frontend-modules.s3.amazonaws.com
URL: https://pmd-dev-frontend-modules.s3.amazonaws.com/AA-606-0c8bf33/xd.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.147.53 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-w.ca-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
804e46afd5ad7b262335603b1fc216893c3d17fee2cf4346c6be71cdeb663020

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://pmd-dev-frontend-modules.s3.amazonaws.com/AA-606-0c8bf33/xd.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 23 Feb 2022 14:57:47 GMT
Last-Modified
Fri, 18 Feb 2022 18:41:06 GMT
Server
AmazonS3
x-amz-request-id
E0G83A544Z1JA3G2
ETag
"e1a3c96a52aaa5551f578eb374e6065c"
Content-Type
application/javascript
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
37382
x-amz-id-2
P15FIzEoeNZRiuc7wTgUjfke3jzgGAyazeIxP14a/ZwKlPB4246BY1q7oUy5gQkyCIs7524slk4=
Grubman-cropped.jpg
smartcdn.prod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2021/12/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.prod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2021/12/Grubman-cropped.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.143.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-143-59.ewr52.r.cloudfront.net
Software
nginx/1.19.10 /
Resource Hash
fdfc2210363de1666e77ce4a852f46be0c89131a9187965d7c0cdc25dbbd245d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester
canadianfamilyoffices
date
Mon, 21 Feb 2022 16:44:46 GMT
via
1.1 59d9797319b555b25abd21e200e6e428.cloudfront.net (CloudFront)
server
nginx/1.19.10
age
166380
etag
"704b12277d37c5c033a49130f9a9c9fc208eb184"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31536000,public
x-amz-cf-pop
EWR52-C2
x-pmd-smart-cdn-proxy
7f80d7c13d9a
content-length
9242
x-amz-cf-id
nnDSd6B1eMqY6XpfLz2F_BPoE5wJNX075E_54iK4xexR5Ce6wQC3HA==
expires
Tue, 21 Feb 2023 16:44:46 GMT
fosuccess-cropped.jpg
smartcdn.gprod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2021/11/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2021/11/fosuccess-cropped.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
7aa5fa5dbd7eaf358e59874e863d08f2b4aeaefb8a50d6e71a9d5116887269ee

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester
canadianfamilyoffices
date
Mon, 21 Feb 2022 16:44:46 GMT
via
1.1 google
server
nginx/1.19.10
cache-control
max-age=2592000,public
age
166380
etag
"549664c8dbeb09736d282c7b9017aa1dbbf07834"
vary
Accept
content-type
image/webp
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-64c799cd7-nc9ch
alt-svc
clear
content-length
19626
Editors-note-GettyImages-1203194266-WEB.jpg
smartcdn.gprod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2021/10/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2021/10/Editors-note-GettyImages-1203194266-WEB.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
0aaf98b4906ae2f736f8463dc832a021366165eb0446bb52a2c7aaefc240b0b7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester
canadianfamilyoffices
date
Mon, 21 Feb 2022 16:44:46 GMT
via
1.1 google
server
nginx/1.19.10
cache-control
max-age=2592000,public
age
166380
etag
"5e8906f206e7595403348c0191bd953f29a81cba"
vary
Accept
content-type
image/webp
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-64c799cd7-vhmjr
alt-svc
clear
content-length
29972
chaseclients-cropped.jpg
smartcdn.prod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2021/10/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.prod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2021/10/chaseclients-cropped.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.143.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-143-59.ewr52.r.cloudfront.net
Software
nginx/1.19.10 /
Resource Hash
6187651ce0175ec7629341f96570784e3a37d0174fd7f555cc8b3fa43d3596e2

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester
canadianfamilyoffices
date
Mon, 21 Feb 2022 16:44:46 GMT
via
1.1 59d9797319b555b25abd21e200e6e428.cloudfront.net (CloudFront)
server
nginx/1.19.10
age
166380
etag
"cc32895b811e656a8ec352cc472f5a7bd56defb1"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31536000,public
x-amz-cf-pop
EWR52-C2
x-pmd-smart-cdn-proxy
f57c70a41ad7
content-length
7710
x-amz-cf-id
Tzd1xxtxcb5a9QvslY7_vWJpFW1pt0Iu8QTnim41rRPS6kSiRaTSzQ==
expires
Tue, 21 Feb 2023 16:44:46 GMT
events-cropped.jpg
smartcdn.gprod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2021/10/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2021/10/events-cropped.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
878ab7abb1c546ee2581d7645b7417fec02719cbb61551fc232728e622cc8026

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester
canadianfamilyoffices
date
Mon, 21 Feb 2022 16:44:46 GMT
via
1.1 google
server
nginx/1.19.10
cache-control
max-age=2592000,public
age
166380
etag
"f06c2f0f8d0f5a24ff5e19b56c943fac5d15ec1a"
vary
Accept
content-type
image/webp
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-64c799cd7-wf6k7
alt-svc
clear
content-length
22546
GettyImages-1321484348-WEB.jpg
smartcdn.gprod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2022/01/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2022/01/GettyImages-1321484348-WEB.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
5fb6d69941da291501efde94bd6471b8388d0f82fc8d19379d7e62f9f37c10c1

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester
canadianfamilyoffices
date
Wed, 23 Feb 2022 00:23:16 GMT
via
1.1 google
server
nginx/1.19.10
cache-control
max-age=2592000,public
age
52470
etag
"85bc50fd3e700af93b676ae2e55db0e1e03b0d1f"
vary
Accept
content-type
image/webp
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-64c799cd7-wf6k7
alt-svc
clear
content-length
27826
GettyImages-644191738-WEB.jpg
smartcdn.gprod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2021/11/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2021/11/GettyImages-644191738-WEB.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
9b1f9365c306b9269d6dd6849631439a5ce6b315bb2d8e3fa53437892b01fc7e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester
canadianfamilyoffices
date
Wed, 23 Feb 2022 00:23:15 GMT
via
1.1 google
server
nginx/1.19.10
cache-control
max-age=2592000,public
age
52471
etag
"03338ee8dd25e0d95cc6ae8fc8f51b4b0bff9c1c"
vary
Accept
content-type
image/webp
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-64c799cd7-nc9ch
alt-svc
clear
content-length
25212
GettyImages-1129695136-WEB.jpg
smartcdn.gprod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2021/11/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2021/11/GettyImages-1129695136-WEB.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
1574a6c38881f61276f0dd4d78af46e896eeb3faf1c2cd434889366ba01e29d4

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester
canadianfamilyoffices
date
Wed, 23 Feb 2022 12:50:28 GMT
via
1.1 google
server
nginx/1.19.10
cache-control
max-age=2592000,public
age
7638
etag
"df26201c37acc22a37d5a9c50cc13a8e140947dd"
vary
Accept
content-type
image/webp
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-64c799cd7-wf6k7
alt-svc
clear
content-length
37642
crises-cropped.jpg
smartcdn.gprod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2021/11/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2021/11/crises-cropped.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
83e6760e6b0ed51959d006bd35daefe0d84d72e8971b6b33cb2d06fb49199077

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester
canadianfamilyoffices
date
Wed, 23 Feb 2022 12:50:27 GMT
via
1.1 google
server
nginx/1.19.10
cache-control
max-age=2592000,public
age
7639
etag
"94745ecfcddd5e406597b1adff3edbfc75d9e37d"
vary
Accept
content-type
image/webp
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-64c799cd7-vhmjr
alt-svc
clear
content-length
31098
GettyImages-923181658-WEB.jpg
smartcdn.gprod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2021/11/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/canadianfamilyoffices/wp-content/uploads/2021/11/GettyImages-923181658-WEB.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
6aedb63b9517dd4565ba4e81a2bfbf8f164c0e02b1fee262474ca4f04cee633e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester
canadianfamilyoffices
date
Wed, 23 Feb 2022 12:50:27 GMT
via
1.1 google
server
nginx/1.19.10
cache-control
max-age=2592000,public
age
7639
etag
"2bfe77f676a9ba4e1183224202b9711abc805f33"
vary
Accept
content-type
image/webp
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-64c799cd7-4sf87
alt-svc
clear
content-length
41940
geoip
api.permutive.com/v2.0/ 		229 B
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
989d94d8baba214a6dcc1ba6795c35dc9ce9cf94863248b8970cd8e864674347

Request headers

Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 23 Feb 2022 14:57:46 GMT
content-encoding
gzip
server
Permutive
vary
Origin,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
access-control-expose-headers
*
access-control-allow-credentials
true
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166
via
1.1 google
identify
api.permutive.com/v2.0/ 		50 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
98bdfc9d29751a72ee252a8caa5543876f591a3d8124e7a980084ebcd834f75d

Request headers

Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 23 Feb 2022 14:57:46 GMT
content-encoding
gzip
server
Permutive
vary
Origin,Access-Control-Request-Method
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
access-control-expose-headers
*
access-control-allow-credentials
true
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
via
1.1 google
identify
identity.mparticle.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-mp-key
Origin
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Kestrel
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
accept-ranges
bytes
date
Wed, 23 Feb 2022 14:57:46 GMT
via
1.1 varnish
age
2122
x-served-by
cache-yul12826-YUL
x-cache
HIT
x-cache-hits
1610
x-timer
S1645628267.819523,VS0,VE0
strict-transport-security
max-age=900
identify
identity.mparticle.com/v1/ 		175 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-a9588c0ddc27594cabd152e47ffe27ee/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
cc0c10259d551b6a9678e12e6227d69d73fb9ce8d4235c7fa9d22a62794af7aa
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-a9588c0ddc27594cabd152e47ffe27ee
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 23 Feb 2022 14:57:46 GMT
content-encoding
gzip
server
Kestrel
x-timer
S1645628267.831277,VS0,VE72
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-yul12826-YUL
vary
Accept-Encoding
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
strict-transport-security
max-age=900
accept-ranges
bytes
via
1.1 varnish
x-cache-hits
0
31d9f050-3e2b-4286-a3f2-54273acfd16f
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/ 		43 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/31d9f050-3e2b-4286-a3f2-54273acfd16f
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad1cf2cf3e594c9ef7515ff851415c9f50f9a89dd938e6437b944d5d21e5ae1c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length
43580
56bf0bc1-5690-4c9b-81f6-baa22a1f72df
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/ 		19 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/56bf0bc1-5690-4c9b-81f6-baa22a1f72df
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f525313b4ce2e74e5518166fb8568f75c3cf6e54aaffe725d36c7331330eb166

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length
19525
gtm.js
www.googletagmanager.com/ 		176 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6597a3a370855ee3a37f5529da1e687edf9af008c1e5fed856e2dd16a3ea5451
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 14:57:46 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57169
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 23 Feb 2022 14:57:46 GMT
integrator.js
adservice.google.ca/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 23 Feb 2022 14:57:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 23 Feb 2022 14:57:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		471 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1536005961650137&correlator=3385938003229648&output=ldjh&impl=fifs&eid=31063377%2C31064904%2C31064538%2C44756894%2C44756896&vrg=2022021701&ptt=17&sc=1&sfv=1-0-38&ecs=20220223&iu_parts=3081%2Ccfo.com%2Cindex&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C6x6%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C7x7%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250&prev_scp=loc%3D1%26refresh%3Dtrue%26rc%3D0%26id%3Df62bc6bb-94b8-11ec-ba99-02a00c42b491%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%7Cloc%3D2%26refresh%3Dtrue%26rc%3D0%26id%3Df62bc6bc-94b8-11ec-ba99-02a00c42b491%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%7Cloc%3D1%26id%3Df62bc6bd-94b8-11ec-ba99-02a00c42b491%7Cloc%3D3%26refresh%3Dtrue%26rc%3D0%26id%3Df62bc6be-94b8-11ec-ba99-02a00c42b491%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%7Cloc%3D2%26id%3Df62bc6bf-94b8-11ec-ba99-02a00c42b491%7Cloc%3D4%26refresh%3Dtrue%26rc%3D0%26id%3Df62bc6c0-94b8-11ec-ba99-02a00c42b491%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%7Cloc%3D3%26id%3Df62bc6c1-94b8-11ec-ba99-02a00c42b491%7Cloc%3D5%26refresh%3Dtrue%26rc%3D0%26id%3Df62bc6c2-94b8-11ec-ba99-02a00c42b491%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%7Cloc%3D4%26id%3Df62bc6c3-94b8-11ec-ba99-02a00c42b491%7Cloc%3D6%26refresh%3Dtrue%26rc%3D0%26id%3Df62bc6c4-94b8-11ec-ba99-02a00c42b491%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%7Cloc%3D5%26id%3Df62bc6c5-94b8-11ec-ba99-02a00c42b491%7Cloc%3D7%26refresh%3Dtrue%26rc%3D0%26id%3Df62bc6c6-94b8-11ec-ba99-02a00c42b491%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%7Cloc%3D6%26id%3Df62bc6c7-94b8-11ec-ba99-02a00c42b491%7Cloc%3D8%26refresh%3Dtrue%26rc%3D0%26id%3Df62bc6c8-94b8-11ec-ba99-02a00c42b491%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%7Cloc%3D7%26id%3Df62bc6c9-94b8-11ec-ba99-02a00c42b491%7Cloc%3D9%26refresh%3Dtrue%26rc%3D0%26id%3Df62bc6ca-94b8-11ec-ba99-02a00c42b491%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70&eri=1&cust_params=no_pol%3Dtrue%26page%3Dindex%26pr%3Dcfo%26sensitive%3Dn%26negative%3Dn%26ck%3Dindex%26imp%3Dindex%26kuid%3D%26permutive%3D%26puid%3De84e4e4b-3903-4f79-914a-e070c6c22831%26ptime%3D1645628266827%26prmtvvid%3D9f23ad0a-1e80-481a-9812-e1767c317ecb%26prmtvwid%3D23dc09d6-b664-425a-a76e-0eed6a6cc102%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3Dlow%26ias-kw%3DIAS_UNSCORED_PG&cookie_enabled=1&bc=31&abxe=1&dt=1645628266952&lmt=1645628266&dlt=1645628266159&idt=639&frm=20&biw=1600&bih=1200&oid=2&adxs=200%2C797%2C765%2C797%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200&adys=233%2C647%2C1189%2C1928%2C2470%2C3209%2C3751%2C3550%2C4092%2C3891%2C4433%2C4232%2C4774%2C4573%2C5115%2C4914&adks=4183305020%2C3490345154%2C4021159614%2C912055041%2C4021159613%2C4183305023%2C4021159612%2C4183305016%2C4021159587%2C4183305017%2C4021159586%2C4183305018%2C4021159585%2C4183305019%2C4021159584%2C4183305012&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fcheet-1814-canadianfamilyoffices.gdev.postmedia.digital%2F&vis=1&scr_x=0&scr_y=0&psz=1600x250%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250&msz=1600x-1%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1&ga_vid=1951598278.1645628267&ga_sid=1645628267&ga_hid=380661234&ga_fc=false&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600&btvi=0%7C0%7C0%7C1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12%7C13&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
f3e7b18a495e87b10f2a46da5107c83e01419f3f0f8c5227d75a7d42d23c5d8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 14:57:47 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25762
x-xss-protection
0
google-lineitem-id
5848972077,5848972077,-2,5850747974,-2,5848972077,-2,5850747974,-2,5848972077,-2,5850747974,-2,5848972077,-2,5848972077
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138372108537,138372095175,-2,138368903877,-2,138372108528,-2,138368903853,-2,138372107595,-2,138373951889,-2,138372107592,-2,138372043610
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4452e993218b6ee5f36daf92b9024209.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 55C1 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4452e993218b6ee5f36daf92b9024209.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 23 Feb 2022 14:57:47 GMT
expires
Thu, 23 Feb 2023 14:57:47 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
cae0ae2d67aac89367108586ebd25e00afc5d0f8110e6eb71b8d274037f7a5d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 14:57:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14884
x-xss-protection
0
server
cafe
etag
16747055602125368176
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 23 Feb 2022 14:57:47 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		1006 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82d2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0055b9d0429e9c194b4aa6b5f49cbc2ec31a7220ee7c8c186a9ee951feabd482

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 23 Feb 2022 14:57:47 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Feb 2022 18:48:07 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=48428
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
479
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26236
x-xss-protection
0
pragma
public
x-fb-debug
bM9lgYCKouOskH9irvaUNNYUinbKG/Xoa8UhpfJ6K1iAtbX0BPqwUqZKNvt36eTbLGZmGy7KrAYKPCJbd/JSHw==
x-fb-trip-id
1512268381
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 23 Feb 2022 14:57:47 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
uwt.js
static.ads-twitter.com/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.32.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 14:57:47 GMT
content-encoding
gzip
last-modified
Sat, 05 Feb 2022 00:34:56 GMT
etag
"8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
5410
x-served-by
cache-iad-kjyo7100083-IAD
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=10276888&ns__t=1645628266999&ns_c=UTF-8&c8=Home%20%7C%20Canadian%20Family%20Offices&c7=https%3A%2F%2Fcheet-1814-canadianfamilyoffices.gdev.postmedia.digit...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&ns__t=1645628266999&ns_c=UTF-8&c8=Home%20%7C%20Canadian%20Family%20Offices&c7=https%3A%2F%2Fcheet-1814-canadianfamilyoffices.gdev.postmedia.digi...
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&ns__t=1645628266999&ns_c=UTF-8&c8=Home%20%7C%20Canadian%20Family%20Offices&c7=https%3A%2F%2Fcheet-1814-canadianfamilyoffices.gdev.postmedia.digital%2F&c9=
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Server
13.33.60.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-60-120.ewr52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 14:57:47 GMT
via
1.1 c7f2e710eb5e4c599a030513a5a7ed22.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
JPnOXUB4Dqnj0b6UWCHXLnYc200PV5tBCYKkg5G2gm1tMAqzb7NqPQ==
x-cache
Miss from cloudfront

Redirect headers

date
Wed, 23 Feb 2022 14:57:47 GMT
via
1.1 c7f2e710eb5e4c599a030513a5a7ed22.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&ns__t=1645628266999&ns_c=UTF-8&c8=Home%20%7C%20Canadian%20Family%20Offices&c7=https%3A%2F%2Fcheet-1814-canadianfamilyoffices.gdev.postmedia.digital%2F&c9=
content-length
229
x-amz-cf-id
8DPlt0rAMNt00-Kjvv88zLKRHeh-DACCyCvxNq14FKspUmVYbNIXwQ==
idsync.d5cb6b96.js
cdn.districtm.io/ids/ Frame EA62 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/ids/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 14:57:47 GMT
via
1.1 94fb69b274bb5ab206667cb69fcc5932.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
144636
cf-polished
origSize=3302
x-cache
Miss from cloudfront
cf-bgj
minify
content-encoding
br
last-modified
Thu, 20 May 2021 02:18:27 GMT
server
cloudflare
etag
W/"74ede07ef946dc2316f86b2661cf2dd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=172800
x-amz-cf-pop
EWR52-C1
cf-ray
6e214efd6cc11835-EWR
x-amz-cf-id
rkyzaUOYrl-wD0dgDS_ZUp8TbxjERwHUgQJ9ywECXH0OoAtItNrPZQ==
expires
Fri, 25 Feb 2022 14:57:47 GMT
identify
identity.mparticle.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-mp-key
Origin
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Kestrel
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
accept-ranges
bytes
date
Wed, 23 Feb 2022 14:57:47 GMT
via
1.1 varnish
age
2122
x-served-by
cache-yul12826-YUL
x-cache
HIT
x-cache-hits
1611
x-timer
S1645628267.116181,VS0,VE0
strict-transport-security
max-age=900
identify
identity.mparticle.com/v1/ 		175 B
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-a9588c0ddc27594cabd152e47ffe27ee/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e8c18c882ae03fbe2b5256c5e7a32a406befa8bdf0963a40a48e9dbc49478bab
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-a9588c0ddc27594cabd152e47ffe27ee
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 23 Feb 2022 14:57:47 GMT
content-encoding
gzip
server
Kestrel
x-timer
S1645628267.127125,VS0,VE36
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-yul12826-YUL
vary
Accept-Encoding
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
strict-transport-security
max-age=900
accept-ranges
bytes
via
1.1 varnish
x-cache-hits
0
insight.old.min.js
snap.licdn.com/li.lms-analytics/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82d2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 23 Feb 2022 14:57:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Feb 2022 23:50:54 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=57937
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2036
1685973801652415
connect.facebook.net/signals/config/ 		310 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1685973801652415?v=2.9.52&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fc8cbc9e0346721338cd916c7943a71cef34a3bbcefc30a16fbc5ef1d45646c7
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
90182
x-xss-protection
0
pragma
public
x-fb-debug
Pi1vkH+9dd2xIxSnO51AwGjXcsrHGrjTDiq+k88PN6SFGcc65dtIgfHwXXDJrFPoB3JcV5By7rNthM/FTeAZiw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 23 Feb 2022 14:57:47 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
buyers
dmx.districtm.io/s/v1/ Frame EA62 		455 B
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/buyers
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc0277bce41902fa8f44a276c5741bca2b3a33d727dfca8b2d4eb9e309581b3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 14:57:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
content-type
application/json
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6e214efe0dd61835-EWR
access-control-allow-headers
Origin, Content-Type
simple
api.sail-personalize.com/v1/personalize/ 		256 B
475 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash
0bd60955c76e3b789dbadff3f7258b449dfde2341616a3764b44c2452e61ee36

Request headers

x-lib-version
v1.0.1
Accept-Language
en-CA,en;q=0.9
authorization
Bearer b9d3df2fccd108b5eff3c44f573b2cd6
content-type
application/json
accept
application/json
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
x-referring-url
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 14:57:47 GMT
content-encoding
gzip
allowedorigins
*
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
174
allowedmethods
GET,OPTIONS
expires
-1
simple
api.sail-personalize.com/v1/personalize/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-lib-version,x-referring-url
Origin
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 23 Feb 2022 14:57:47 GMT
content-type
text/plain
content-length
18
access-control-allow-origin
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
allow
HEAD,GET,OPTIONS
simple
api.sail-personalize.com/v1/personalize/ 		256 B
474 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=2&isMobile=0
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash
9058ff7155aff7bb21a00590e172c3ea745ab42676fb5d5f86b38260bf419cba

Request headers

x-lib-version
v1.0.1
Accept-Language
en-CA,en;q=0.9
authorization
Bearer b9d3df2fccd108b5eff3c44f573b2cd6
content-type
application/json
accept
application/json
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
x-referring-url
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 14:57:47 GMT
content-encoding
gzip
allowedorigins
*
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
173
allowedmethods
GET,OPTIONS
expires
-1
simple
api.sail-personalize.com/v1/personalize/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=2&isMobile=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-lib-version,x-referring-url
Origin
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 23 Feb 2022 14:57:47 GMT
content-type
text/plain
content-length
18
access-control-allow-origin
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
allow
HEAD,GET,OPTIONS
adsct
analytics.twitter.com/i/ 		31 B
458 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o01de&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=ceda05c1-1754-4d9e-8d5c-54e840c9375a&tw_document_href=https%3A%2F%2Fcheet-1814-canadianfamilyoffices.gdev.postmedia.digital%2F&tpx_cb=twttr.conversion.loadPixels
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time
6
date
Wed, 23 Feb 2022 14:57:46 GMT
content-encoding
gzip
server
tsa_b
strict-transport-security
max-age=631138519
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0
x-connection-hash
17115226e373211389e6be86a183f99ebeb55f119e233092c95e669964a0e8a0
content-type
application/javascript;charset=utf-8
content-length
57
adsct
t.co/i/ 		43 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o01de&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=ceda05c1-1754-4d9e-8d5c-54e840c9375a&tw_document_href=https%3A%2F%2Fcheet-1814-canadianfamilyoffices.gdev.postmedia.digital%2F
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time
5
date
Wed, 23 Feb 2022 14:57:46 GMT
server
tsa_b
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
48d6c2ef6cd89c2656ce6529b2129bec63a9d4530a6029066cd497b530c6e4b0
content-length
43
p.js
cdn.parsely.com/keys/undefined/ 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/undefined/p.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.112.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-112-62.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
004873741130c4c0aec4692ddf6ac8f57442ab746004efded91e189228c5daf8

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 02:07:16 GMT
via
1.1 fa486964c67c2a458a5e0fcec0e6f602.cloudfront.net (CloudFront)
last-modified
Thu, 02 Apr 2020 01:01:04 GMT
server
nginx
age
46231
etag
W/"5e853950-d0b1"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
EWR52-C3
content-encoding
gzip
x-amz-cf-id
A86lr3Juju-wLqZFP1PcENm-OPKJtGXVh0LUFP0j3wl5uaXKaUr-nw==
6468403d-3e1d-4d76-bc65-705ec03c3c71
dmx.districtm.io/s/10059/ Frame EA62
Redirect Chain
  • https://match.sharethrough.com/1PQ8qgv7/v1/
  • https://dmx.districtm.io/s/10059/6468403d-3e1d-4d76-bc65-705ec03c3c71
92 B
177 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10059/6468403d-3e1d-4d76-bc65-705ec03c3c71
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b2ae5cf03240ba6ce00a235d488a0f88ddaea40cd5dabbb348cce03db30f0b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Wed, 23 Feb 2022 14:57:47 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6e214effc8b41835-EWR

Redirect headers

location
https://dmx.districtm.io/s/10059/6468403d-3e1d-4d76-bc65-705ec03c3c71
date
Wed, 23 Feb 2022 14:57:47 GMT
content-length
0
y-B.uMt.FE2uEZiIyNSINpnC7LY8wip_LfP.Svd74-~A
dmx.districtm.io/s/10057/ Frame EA62
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58377/occ?gdpr=&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58377/occ?gdpr=&gdpr_consent=&verify=true
  • https://dmx.districtm.io/s/10057/y-B.uMt.FE2uEZiIyNSINpnC7LY8wip_LfP.Svd74-~A
100 B
164 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10057/y-B.uMt.FE2uEZiIyNSINpnC7LY8wip_LfP.Svd74-~A
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8772ff1dc324bb9d675e89f245a9372f3d0f3d96151193ee8716e378f1b8fa60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Wed, 23 Feb 2022 14:57:47 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6e214f0059a21835-EWR

Redirect headers

location
https://dmx.districtm.io/s/10057/y-B.uMt.FE2uEZiIyNSINpnC7LY8wip_LfP.Svd74-~A
date
Wed, 23 Feb 2022 14:57:47 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
y-DPhmgYZE2uGwAISKGMAmlbBoZdjF3gi7~A~UPf6a03304-94b8-11ec-8aa4-02ca691a5cc1
dmx.districtm.io/s/10051/ Frame EA62
Redirect Chain
  • https://pixel.advertising.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPf6a03304-94b8-11ec-8aa4-02ca691a5cc1
  • https://dmx.districtm.io/s/10051/y-DPhmgYZE2uGwAISKGMAmlbBoZdjF3gi7~A~UPf6a03304-94b8-11ec-8aa4-02ca691a5cc1
131 B
177 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10051/y-DPhmgYZE2uGwAISKGMAmlbBoZdjF3gi7~A~UPf6a03304-94b8-11ec-8aa4-02ca691a5cc1
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fcc243bac5c3a6269a6b77658f9d4e47c095baf2ce7250b0a74318482a8244b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Wed, 23 Feb 2022 14:57:47 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6e214f00ea961835-EWR

Redirect headers

location
https://dmx.districtm.io/s/10051/y-DPhmgYZE2uGwAISKGMAmlbBoZdjF3gi7~A~UPf6a03304-94b8-11ec-8aa4-02ca691a5cc1
date
Wed, 23 Feb 2022 14:57:47 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
0qh3gYjvTuZ7rdU6YgncXpU4mbQ
dmx.districtm.io/s/10026/ Frame EA62
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=132
  • https://dmx.districtm.io/s/10026/0qh3gYjvTuZ7rdU6YgncXpU4mbQ
83 B
138 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10026/0qh3gYjvTuZ7rdU6YgncXpU4mbQ
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22173562dc5efb6a3d9c6ceff4b805a0d21386d73ef6a33b147f65a1471c0c6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Wed, 23 Feb 2022 14:57:47 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6e214f00395c1835-EWR

Redirect headers

Location
https://dmx.districtm.io/s/10026/0qh3gYjvTuZ7rdU6YgncXpU4mbQ
Date
Wed, 23 Feb 2022 14:57:47 GMT
Connection
keep-alive
Content-Length
83
Content-Type
text/html; charset=utf-8
xg1PJg74MRB2qo9Gv2lK
dmx.districtm.io/s/10027/ Frame EA62
Redirect Chain
  • https://us.creativecdn.com/cm-notify?pi=districtm
  • https://us.creativecdn.com/cm-notify?pi=districtm&tc=1
  • https://dmx.districtm.io/s/10027/xg1PJg74MRB2qo9Gv2lK?pi=districtm&tc=1
76 B
142 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10027/xg1PJg74MRB2qo9Gv2lK?pi=districtm&tc=1
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a63f83d1e5d930a7690eaa3ccccd78ac8495dc609eeb40f852abb6d493466cef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Wed, 23 Feb 2022 14:57:47 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6e214f00599c1835-EWR

Redirect headers

location
https://dmx.districtm.io/s/10027/xg1PJg74MRB2qo9Gv2lK?pi=districtm&tc=1
pragma
no-cache
date
Wed, 23 Feb 2022 14:57:47 GMT, Wed, 23 Feb 2022 14:57:47 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
jload
pixel.adsafeprotected.com/ Frame 9542 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=928934&campId=970x250&pubId=5077387114&chanId=22429240359&placementId=5848972077&pubCreative=138372108537&pubOrder=2918923800&cb=602399458&custom=index&custom2=1&adsafe_par&impId=f62bc6bb-94b8-11ec-ba99-02a00c42b491
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.45.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-45-149.compute-1.amazonaws.com
Software
/
Resource Hash
b0c63c55f89ad76db173c17e5ae151a874979c2fad381dcf8197db7328e0420e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 14:57:47 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0BE1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstrqYkSSFJzrJyu1zXTxw8Q0w_hRlF37TedtzLH7xIMPT9rzKw0gut6LGawI7CphqBEo-18Jhsc_ka9sVw2_4DcMiP8S3IxTrY7jjVRjaBh8C8utNE0mE91Q7U4G2Z0Vd6yNTZr6qyzGG8T8Wq-fhWsppbca1cL4HwdPAcnrEU80qyObvX7DwPHTqpDgBiksE7Yk20Bk7-uPCl4DiatcaAz77tbuX3xQHdwCuABhvqpm8TKhNkRDujs90x-E4aESuFZkcfTxFAlUBkpLKSu9ZUWCwaoPsYuwn4IYXLzLnUcC2QaG1rgwAgCbJlcI9DOI-qNpbPf9fRkVfJ1pzdCuebqOmX5NKzmjqSPXTY&sai=AMfl-YSyoXuKE7v1KlPxjBF7uInMw-S7pmYigZiReh2eAhBlQlJFY3wt10Y340MysCd33KxRsO1dAldPxxQ7jIDLXRGsQ57XqhRklmCk-Ei6aAmCWGTHK265wjeeE9oOizhE&sig=Cg0ArKJSzFC8aEctfQOcEAE&uach_m=[UACH]&adurl=
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 23 Feb 2022 14:57:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 23 Feb 2022 14:57:47 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/ Frame 0BE1 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 14:52:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
303
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Mar 2022 14:52:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0BE1 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 14:57:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38723
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015031201889"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 23 Feb 2022 14:57:47 GMT
17743590150768816434
tpc.googlesyndication.com/simgad/ Frame 0BE1 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17743590150768816434
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1c14f2a030971b50bde87f9794843b1dabf6882c87981c22ac58e07ef1b48bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 20:25:38 GMT
x-content-type-options
nosniff
age
412329
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83931
x-xss-protection
0
last-modified
Fri, 19 Nov 2021 03:00:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 18 Feb 2023 20:25:38 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/990309138/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/990309138/?random=1645628267380&cv=9&fst=1645628267380&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcheet-1814-canadianfamilyoffices.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Canadian%20Family%20Offices&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba1eeffc915d25f2e8de35193399793f73138013802de39d1f4806c86343c055
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 14:57:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1057
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/580448699/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/580448699/?random=1645628267382&cv=9&fst=1645628267382&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcheet-1814-canadianfamilyoffices.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Canadian%20Family%20Offices&auid=1685494586.1645628267&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
0468c77f5262250d3a413bd6524b8e9db6c2ba69f8580dd49bdb1089503e3cde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 14:57:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1254
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
p.adsymptotic.com/d/px/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1645628267394&url=https%3A%2F%2Fcheet-1814-canadianfamilyoffices.gdev.postmedia.digital%2F
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1645628267394&url=https%3A%2F%2Fcheet-1814-canadianfamilyoffices.gdev.postmedia.digital%2F&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1747836%26time%3D1645628267394%26url%3Dhttps%253A%252F%252Fcheet-1814-canadianfam...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1645628267394&url=https%3A%2F%2Fcheet-1814-canadianfamilyoffices.gdev.postmedia.digital%2F&cookiesTest=true&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1645628267394&url=https%3A%2F%2Fcheet-1814-canadianfamilyoffices.gdev.postmedia.digital%2F&cookiesTest=true&liSync=true&e_ipv6=AQI6e...
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f428e9de-092e-464e-bf22-d7ea34c7d606
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f428e9de-092e-464e-bf22-d7ea34c7d606&_expected_cookie=3ca2083b30d567a683f16456...
43 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f428e9de-092e-464e-bf22-d7ea34c7d606&_expected_cookie=3ca2083b30d567a683f1645665f8fa2f
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Server
104.18.101.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 14:57:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6e214f03ffb953f5-YYZ
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f428e9de-092e-464e-bf22-d7ea34c7d606&_expected_cookie=3ca2083b30d567a683f1645665f8fa2f
date
Wed, 23 Feb 2022 14:57:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e214f039f1b53f5-YYZ
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
jload
pixel.adsafeprotected.com/ Frame ED3F 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=928934&campId=970x250&pubId=5077387114&chanId=22429240359&placementId=5848972077&pubCreative=138372095175&pubOrder=2918923800&cb=892279366&custom=index&custom2=2&adsafe_par&impId=f62bc6bc-94b8-11ec-ba99-02a00c42b491
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.45.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-45-149.compute-1.amazonaws.com
Software
/
Resource Hash
42d97ac4e75ac242bca24a26a1d3bcd01d81e72c948d6776f131e55b110dbb54

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 14:57:47 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 823C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOkRc4imROYR1t2HvZ09BmkxIcQIA_I-tWWqSMhSGy6upxJQSz0ZLv5cEC0K3rBvnh8TVRkTVWym01W4c_2HooWPnrKugqtkzyAaDMTiy2m7iEG7hlmjaf0CFz9z3nNaV8PcZZgAqLpbr0AxQJABvvOdBwsifTsLIXg0nHFyVwPaBGsL8vwL9Rnl7Tf0Dm9hJslkAcaBV2yZKUHCvNv5rZ-7OuUYb71EY8kjijrWQ5aMFGrszf-IOQsjusRQj06Kb0F1BIXQ_deXj59O2ibypttrzQgdAq7LHCg8lqx6veYfqaW-RpaygDnUxrDk4sLTTd5Fa22jY67sPH2KTn788L2aF97l08v7zHFzM&sai=AMfl-YQhqYcVIA7y-IBulntEatiYJi5J3kgb9xoL47zkIVm-O3ZDgghraM2lh1PjOwaGsu-L0FVL9jhUXnuD2yCrEHLyjzZR11FX57GUTYwZzpPo812A452GVR4YHyUTeZkb&sig=Cg0ArKJSzP7oc8DRTFz1EAE&uach_m=[UACH]&adurl=
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 23 Feb 2022 14:57:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/ Frame 823C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 14:57:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Mar 2022 14:57:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 823C 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 14:57:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38723
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015031201889"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 23 Feb 2022 14:57:47 GMT
l
www.google.com/ads/measurement/ Frame 823C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQI5kPNdsFD8iyTf_T_KVgOqE2RKSejzxhdYfJDt4VUDtU8BZ6hpsZn8AIsUuokpRg1_LEBb-848e9wunJ8NbEaepVLIg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
5787534106586149645
tpc.googlesyndication.com/simgad/ Frame 823C 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5787534106586149645
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99fe38b946e11cc323b148f60c64414245b624d876f7a28fe61b3a056134b2e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 21 Feb 2022 16:44:47 GMT
x-content-type-options
nosniff
age
166380
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95989
x-xss-protection
0
last-modified
Fri, 19 Nov 2021 03:00:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 21 Feb 2023 16:44:47 GMT
/
www.facebook.com/tr/ 		44 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1685973801652415&ev=PageView&dl=https%3A%2F%2Fcheet-1814-canadianfamilyoffices.gdev.postmedia.digital%2F&rl=&if=false&ts=1645628267522&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22514537319740368%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22503487844400487%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%221042784969583558%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%22858678751523779%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[4]=%7B%22extractorID%22%3A%221127243281129742%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[5]=%7B%22extractorID%22%3A%22497819211464386%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1645628267518.402333671&it=1645628267160&coo=false&rqm=GET
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 14:57:47 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Wed, 23 Feb 2022 14:57:47 GMT
/
srv-2022-02-23-14.pixel.parsely.com/plogger/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srv-2022-02-23-14.pixel.parsely.com/plogger/?rand=1645628267588&plid=12052666&idsite=genericconfigfree&url=https%3A%2F%2Fcheet-1814-canadianfamilyoffices.gdev.postmedia.digital%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fcheet-1814-canadianfamilyoffices.gdev.postmedia.digital%2F&sref=&sts=1645628267577&slts=0&title=Home+%7C+Canadian+Family+Offices&date=Wed+Feb+23+2022+14%3A57%3A47+GMT%2B0000+(GMT)&action=pageview&metadata=%7B%22authors%22%3A%5B%5D%2C%22name%22%3A%22Canadian+Family+Offices%22%2C%22title%22%3A%22Home+%7C+Canadian+Family+Offices%22%2C%22link%22%3A%22https%3A%2F%2Fcheet-1814-canadianfamilyoffices.gdev.postmedia.digital%2F%22%2C%22potentialAction%22%3A%7B%22%40type%22%3A%22SearchAction%22%2C%22target%22%3A%22https%3A%2F%2Fcanadianfamilyoffices.com%2Fsearch%2F%3Fsearch_text%3D%7Bsearch_term%7D%22%2C%22query-input%22%3A%22required+name%3Dsearch_term%22%7D%2C%22page_type%22%3A%22index%22%7D&pvid=63601045&u=pid%3D9af9d2b70e62722222eaa0199656ddc4
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.25.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-25-47.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 23 Feb 2022 14:57:47 GMT
Cache-Control
no-cache
Last-Modified
Wednesday, 23-Feb-2022 14:57:47 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
main.gr.19.8.289.js
static.adsafeprotected.com/ Frame 9542 		189 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.289.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=928934&campId=970x250&pubId=5077387114&chanId=22429240359&placementId=5848972077&pubCreative=138372108537&pubOrder=2918923800&cb=602399458&custom=index&custom2=1&adsafe_par&impId=f62bc6bb-94b8-11ec-ba99-02a00c42b491
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:1e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b048e01655cdf47f739c288fc4195c26de3883db4ebc4368242fa38b0ca0062d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 17:07:08 GMT
content-encoding
gzip
age
683440
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 15 Feb 2022 16:52:16 GMT
server
AmazonS3
etag
W/"e894d9dd87d5e06b21396e04a0c29127"
vary
Accept-Encoding
x-amz-version-id
QoliWv7Zm09sOtt_1ftKxG1EPIuNscaU
via
1.1 02f97f00ddc8019c5a1aecbfc33dfaf2.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
EWR53-C2
content-type
application/javascript
x-amz-cf-id
M9ejM-8FCKQkOjSOKZUDlKiOUNLwXowG3wmwVRWjrU8DeZ-7bel8Fg==
view
securepubads.g.doubleclick.net/pcs/ Frame 0BE1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst3wrCrgt76W95lW5O-eOIpquykeX7avstHN01ejCbLxxB2UdReNKPOW6jTOZbuU9s4mfW_77opFXqmdOUlV_OxVz5mSbBvDa1x6_GhjQEo4jWrbtB9ZMeTTxUl3UPaV4zdVjD7C3Zq-YZE9N6gRlNM5EpYzGP1awUdQTVFgdPRdNkEg-3-XLO9op64gDqa_reMPn_x9joV5BxDJ0WIwQSoNJ9fg4J4q3nqLcMgxjIoRqXnQPRxSze-3VzP0THVTurbNKQwzPoU7xtyny0mOR7F2GMbPlAiU82IDjbdFjrg5qEqDTBoXJkKKY-3g_VmD-W0Tcz0S-CrqU6rjPVnUKzAADa5aYBGcGFzzoV6Eg&sai=AMfl-YTsMDfFFVw0IIiKHBZNxq7_rP48IvRWdUUkLpxrSEKVHMklsBGDib9vu9bXU0evg_tcqP52fs5f94c55gWMtr-8x7E59i6SKfkh31OW-qJ3_I_5hH_4h9bq1bpt4IMT&sig=Cg0ArKJSzAKK88W1TuyZEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 23 Feb 2022 14:57:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 23 Feb 2022 14:57:47 GMT
truncated
/ Frame 0BE1 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7aa4fd83133657c6fdca96831e8ba864506916611cfe399a167073a0d1ee55f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
/
www.google.ca/pagead/1p-conversion/580448699/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/580448699/?random=1757224757&cv=9&fst=1645628267382&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO...
  • https://www.google.com/pagead/1p-conversion/580448699/?random=1757224757&cv=9&fst=1645628267382&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=12...
  • https://www.google.ca/pagead/1p-conversion/580448699/?random=1757224757&cv=9&fst=1645628267382&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=120...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-conversion/580448699/?random=1757224757&cv=9&fst=1645628267382&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcheet-1814-canadianfamilyoffices.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Canadian%20Family%20Offices&auid=1685494586.1645628267&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=a0sWYvCrG7KFoPMPyMGl-A4&cid=CAQSKQCNIrLM0JhjWJZ5rtf6WI8YAQjzMmZ-fzr2WaRIwnXMk3RFau2FgSSd&eitems=ChAIgNPXkAYQzYr32cfxkaYBEh0AVHbWplxp14wQwMiMAtxio8-xZbEKe3lwfptcBA&random=62675386&resp=GooglemKTybQhCsO&ipr=y&prhg=0
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H3
Server
2607:f8b0:4006:80f::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 14:57:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 23 Feb 2022 14:57:47 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.ca/pagead/1p-conversion/580448699/?random=1757224757&cv=9&fst=1645628267382&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcheet-1814-canadianfamilyoffices.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Canadian%20Family%20Offices&auid=1685494586.1645628267&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=a0sWYvCrG7KFoPMPyMGl-A4&cid=CAQSKQCNIrLM0JhjWJZ5rtf6WI8YAQjzMmZ-fzr2WaRIwnXMk3RFau2FgSSd&eitems=ChAIgNPXkAYQzYr32cfxkaYBEh0AVHbWplxp14wQwMiMAtxio8-xZbEKe3lwfptcBA&random=62675386&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/990309138/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/990309138/?random=1645628267380&cv=9&fst=1645624800000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&frm=0&url=https%3A%2F%2Fcheet-1814-canadianfamilyoffices.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Canadian%20Family%20Offices&async=1&fmt=3&is_vtc=1&random=2350489841&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 14:57:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/990309138/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/990309138/?random=1645628267380&cv=9&fst=1645624800000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&frm=0&url=https%3A%2F%2Fcheet-1814-canadianfamilyoffices.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Canadian%20Family%20Offices&async=1&fmt=3&is_vtc=1&random=2350489841&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 14:57:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.gr.19.8.289.js
static.adsafeprotected.com/ Frame ED3F 		189 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.289.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=928934&campId=970x250&pubId=5077387114&chanId=22429240359&placementId=5848972077&pubCreative=138372095175&pubOrder=2918923800&cb=892279366&custom=index&custom2=2&adsafe_par&impId=f62bc6bc-94b8-11ec-ba99-02a00c42b491
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:1e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b048e01655cdf47f739c288fc4195c26de3883db4ebc4368242fa38b0ca0062d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 17:07:08 GMT
content-encoding
gzip
age
683440
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 15 Feb 2022 16:52:16 GMT
server
AmazonS3
etag
W/"e894d9dd87d5e06b21396e04a0c29127"
vary
Accept-Encoding
x-amz-version-id
QoliWv7Zm09sOtt_1ftKxG1EPIuNscaU
via
1.1 02f97f00ddc8019c5a1aecbfc33dfaf2.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
EWR53-C2
content-type
application/javascript
x-amz-cf-id
UpQ8__JybGWwalXja8C9caRFZaba45W6g_vApnQ023Fajxvz-GLihA==
view
securepubads.g.doubleclick.net/pcs/ Frame 823C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUR4rQ9o_xruSLsEdlQDaX4DvIb4_hvUeB326FtbGtabjtY8nYoHEG7RvZ9znpxLXRxyTJ0sUgaYsJ1lYhivQP_cTL1HeTlT4WnsqbKlTklaKrMOxuH05Jq5chUZFpB1E3UJ5Tfdq3-uaFtIhKmYwvp3QRCG7m36M3ruWPaUUttYXWBJT3QoXFVaGirOSX62y3lPzGyH4s03Fa81KLapDlmU_YpQi9pp0RRn1NeBeuvl1-YL8PKKekUfEtUbHdNctivC1sYjJSIiC5lyBM7QylMKgxLtDr2TZXsWMbewn3ztOfbVLc5j54tQruFiPiSZlLuVvEszSEPyISN8vOUch5Pa_95dLtAGbrieBi6A&sai=AMfl-YQrJr6R41CzhgFdjGrnKhGr-CzfWxSW-XHrJYvWsvgIhi2Yyksq0I_fUipvdF_rGaUULRw2YiEzXsKWhT8sS2yWtgkC_tpFCPc5oSetmQVQMkheHtORfiV31x4HAGDj&sig=Cg0ArKJSzIQn76aE9tgZEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 23 Feb 2022 14:57:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 23 Feb 2022 14:57:47 GMT
truncated
/ Frame 823C 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c17d4736b40bcf80f86c2db97708954593533f35fbea4293d5d70045686e3539

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
users
dmx.districtm.io/s/v1/ Frame EA62 		0
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cdn.districtm.io/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 23 Feb 2022 14:57:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6e214f01cc3f1835-EWR
access-control-allow-headers
Origin, Content-Type
users
dmx.districtm.io/s/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://cdn.districtm.io
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 23 Feb 2022 14:57:47 GMT
cf-ray
6e214f016f10182d-EWR
access-control-allow-origin
https://cdn.districtm.io
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-max-age
14400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
identify
api.permutive.com/v2.0/ 		50 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
98bdfc9d29751a72ee252a8caa5543876f591a3d8124e7a980084ebcd834f75d

Request headers

Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 23 Feb 2022 14:57:47 GMT
content-encoding
gzip
server
Permutive
vary
Origin,Access-Control-Request-Method
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
access-control-expose-headers
*
access-control-allow-credentials
true
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
via
1.1 google
sca.17.5.12.js
static.adsafeprotected.com/ Frame 6F83 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:1e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 03:16:10 GMT
content-encoding
gzip
age
7645298
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 02f97f00ddc8019c5a1aecbfc33dfaf2.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
EWR53-C2
content-type
application/javascript
x-amz-cf-id
2BGjoejLnDGmS5Cu1VHk4CA3KXIRvpBVCHMZYDETqjrCYoJiJV1MIQ==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=928934&campId=970x250&pubId=5077387114&chanId=22429240359&placementId=5848972077&pubCreative=138372108537&pubOrder=2918923800&cb=602399458&custom=index&custom2=1&adsafe_par&impId=f62bc6bb-94b8-11ec-ba99-02a00c42b491&adsafe_url=https%3A%2F%2Fcheet-1814-canadianfamilyoffices.gdev.postmedia.digital%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:a1200adf-c675-70f0-eec5-7b4bd4d238d7,c:53xSyW,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-79d65fcb9c-vqjzd,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:315.108.970.250,am:i,cc:315.108.970.250,piv:100,obst:0,th:0,reas:,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:121,fm:sYhaviN+11%7C12%7C13%7C14*.928934%7C141%7C151,idMap:14*,pl:,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:142,oid:f6a144ab-94b8-11ec-b775-b27f4da0187b,v:19.8.289,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.45.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-45-149.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 14:57:47 GMT
x-server-name
app13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=a1200adf-c675-70f0-eec5-7b4bd4d238d7&tv=%7Bc:53xSyY,pingTime:-8,time:143,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:144,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:141,wc:0.0.1600.1200,ac:315.108.970.250,am:i,cc:315.108.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B19~100%5D,as:%5B19~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sYhaviN+11%7C12%7C13%7C14*.928934%7C141%7C151,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.26.94.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-26-94-123.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 14:57:47 GMT
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=a1200adf-c675-70f0-eec5-7b4bd4d238d7&tv=%7Bc:53xSzu,pingTime:0,time:175,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:141%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:175,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:141,wc:0.0.1600.1200,ac:315.108.970.250,am:i,cc:315.108.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B51~100%5D,as:%5B51~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sYhaviN+11%7C12%7C13%7C14*.928934%7C141%7C151,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.26.94.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-26-94-123.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 14:57:47 GMT
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 711A 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:1e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 03:16:10 GMT
content-encoding
gzip
age
7645298
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 02f97f00ddc8019c5a1aecbfc33dfaf2.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
EWR53-C2
content-type
application/javascript
x-amz-cf-id
qtlgWHSphKzYC-eTa-XAXHRR2sHNFiqj69OmP4QooIqCdGQ7vBsMpw==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=928934&campId=970x250&pubId=5077387114&chanId=22429240359&placementId=5848972077&pubCreative=138372095175&pubOrder=2918923800&cb=892279366&custom=index&custom2=2&adsafe_par&impId=f62bc6bc-94b8-11ec-ba99-02a00c42b491&adsafe_url=https%3A%2F%2Fcheet-1814-canadianfamilyoffices.gdev.postmedia.digital%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:7825e368-9315-f049-fde2-6e65f516b3c2,c:53xSzF,sl:inView,em:true,fr:true,thd:1,mn:jsserver-experiment-primary-69484fc597-6st6z,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:315.522.970.250,am:i,cc:315.522.970.250,piv:100,obst:0,th:0,reas:,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:114,fm:sYhavjO+11%7C12%7C13%7C141%7C142%7C15*.928934%7C151,idMap:15*,pl:,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:123,oid:f6ae649d-94b8-11ec-ba6b-ea9c8ce49c6b,v:19.8.289,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.45.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-45-149.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 14:57:47 GMT
x-server-name
app23.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=7825e368-9315-f049-fde2-6e65f516b3c2&tv=%7Bc:53xSzF,pingTime:-8,time:123,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:123,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:123,wc:0.0.1600.1200,ac:315.522.970.250,am:i,cc:315.522.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B7~100%5D,as:%5B7~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sYhavjO+11%7C12%7C13%7C141%7C142%7C15*.928934%7C151,idMap:15*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.26.94.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-26-94-123.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 14:57:47 GMT
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=7825e368-9315-f049-fde2-6e65f516b3c2&tv=%7Bc:53xSA0,pingTime:0,time:144,type:pf,im:%7BpBlk:133%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:123%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:144,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:123,wc:0.0.1600.1200,ac:315.522.970.250,am:i,cc:315.522.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B28~100%5D,as:%5B28~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sYhavjO+11%7C12%7C13%7C141%7C142%7C15*.928934%7C151,idMap:15*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.26.94.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-26-94-123.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 14:57:47 GMT
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=a1200adf-c675-70f0-eec5-7b4bd4d238d7&tv=%7Bc:53xSA4,pingTime:-2,time:211,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:228,beZ:229,mfA:349,cmA:351,inA:351,inZ:356,prA:356,prZ:361,si:370,poA:372,poZ:390,cmZ:390,mfZ:390,loA:426,loZ:429,ltA:438,ltZ:438%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:141%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:211,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:141,wc:0.0.1600.1200,ac:315.108.970.250,am:i,cc:315.108.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B86~100%5D,as:%5B86~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sYhaviN+11%7C12%7C13%7C14*.928934%7C141%7C15.928934%7C151,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs,slid:%5Bgoogle_ads_iframe_/3081/cfo.com/index_0,google_ads_iframe_/3081/cfo.com/index_0__container__,ad-1,ad__inner-1,main-content%5D,sinceFw:65,readyFired:true%7D&br=u
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.26.94.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-26-94-123.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 14:57:47 GMT
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=7825e368-9315-f049-fde2-6e65f516b3c2&tv=%7Bc:53xSA6,pingTime:-2,time:150,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:173,beZ:174,mfA:287,cmA:287,inA:287,inZ:289,prA:289,prZ:292,si:296,poA:296,bl:306,poZ:306,cmZ:306,mfZ:306,loA:317,loZ:319,ltA:322,ltZ:322%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:123%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:150,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:123,wc:0.0.1600.1200,ac:315.522.970.250,am:i,cc:315.522.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B34~100%5D,as:%5B34~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sYhavjO+11%7C12%7C13%7C141%7C142%7C15*.928934%7C151,idMap:15*,rmeas:1,rend:1,renddet:IMG.qs,slid:%5Bgoogle_ads_iframe_/3081/cfo.com/index_1,google_ads_iframe_/3081/cfo.com/index_1__container__,ad-2,ad__inner-2,main-content%5D,sinceFw:26,readyFired:true%7D&br=u
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.26.94.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-26-94-123.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 14:57:47 GMT
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=a1200adf-c675-70f0-eec5-7b4bd4d238d7&tv=%7Bc:53xSAP,time:258,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:258,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:141,wc:0.0.1600.1200,ac:315.108.970.250,am:i,cc:315.108.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B133~100%5D,as:%5B133~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:98,fm:sYhaviN+11%7C12%7C13%7C14*.928934%7C141%7C15.928934%7C151,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.26.94.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-26-94-123.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 14:57:47 GMT
x-server-name
dt20.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=7825e368-9315-f049-fde2-6e65f516b3c2&tv=%7Bc:53xSAQ,time:196,type:e,im:%7BpWait:5%7D,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:196,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:123,wc:0.0.1600.1200,ac:315.522.970.250,am:i,cc:315.522.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B80~100%5D,as:%5B80~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:34,fm:sYhavjO+11%7C12%7C13%7C141%7C142%7C15*.928934%7C151,idMap:15*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.26.94.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-26-94-123.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 14:57:47 GMT
x-server-name
dt01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
users
dmx.districtm.io/s/v1/ Frame EA62 		0
703 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cdn.districtm.io/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 23 Feb 2022 14:57:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6e214f027d631835-EWR
access-control-allow-headers
Origin, Content-Type
users
dmx.districtm.io/s/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://cdn.districtm.io
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 23 Feb 2022 14:57:47 GMT
cf-ray
6e214f022857182d-EWR
access-control-allow-origin
https://cdn.districtm.io
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-max-age
14400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
/
www.facebook.com/tr/ Frame 3A64 		0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/

Response headers

content-type
text/plain
access-control-allow-origin
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=0
date
Wed, 23 Feb 2022 14:57:48 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=a1200adf-c675-70f0-eec5-7b4bd4d238d7&tv=%7Bc:53xSFc,pingTime:-10,time:529,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OC4wLjQ3NTguODAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1645628268121%7C%7C2355f40d227925e21764024b88bd4072%7C%7C920bd99aa4265c459f442b819dba176b%7C%7C844e3db75fba08cf545df769b491d709%7C%7C572cddf4a9d1fadc13743f56f958e7fc%7C%7C300044b31f7c0d2b949a4e2989e62d49%7C%7C7515d9c27d03f21eb82bd65451000759%7C%7C22b13ffaac93c6915fae097061941350%7C%7C1629390669%7D
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.26.94.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-26-94-123.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 14:57:48 GMT
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sodar
pagead2.googlesyndication.com/getconfig/ 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022021701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d81dd912444da21f2b352777158306679719c62bb468b366190cb64d0a4a002
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 23 Feb 2022 14:57:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10030
x-xss-protection
0
pixel
bid.g.doubleclick.net/xbbe/ Frame C2E1 		0
434 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.111.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
gb-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 23 Feb 2022 14:57:48 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ribn-postmedia.min.js
assets.ribn.com/v2/production/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ribn.com/v2/production/ribn-postmedia.min.js
Requested by
Host: cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
URL: https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2140:4c00:7:75d4:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 19:39:31 GMT
content-encoding
gzip
last-modified
Wed, 01 Sep 2021 18:06:03 GMT
server
AmazonS3
age
69499
etag
W/"baaa6497dd2dea88d8fdb6d6cca08cf2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 7c972d2210a2e2f3fddbb92b4c35f72e.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C1
x-amz-cf-id
ayYqwlhr2a7QUex4hrnsMlEn82rNnPj6EPRuWV2hbNTtEjZcrX9z_A==
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/10276888/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
349 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
13.33.60.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-60-120.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 14:56:28 GMT
via
1.1 c7f2e710eb5e4c599a030513a5a7ed22.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
age
81
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
EWR52-C1
accept-ranges
bytes
content-length
0
x-amz-cf-id
jz4IU95DC07uP4YYkNHqL5inseBzHj1DWZE8RNkG9Nhu7uzyXPyzfw==

Redirect headers

date
Wed, 23 Feb 2022 14:57:48 GMT
via
1.1 c7f2e710eb5e4c599a030513a5a7ed22.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
/internal-c2/default/cs.js
content-length
48
x-amz-cf-id
y7Xs2yUwIRgcAlMvjQmLt91Jy_CAbSjTiht9pGpZLbzT-SkowFdgQw==
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 14:57:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 23 Feb 2022 14:57:48 GMT
events
api.permutive.com/v2.0/batch/ 		101 B
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
4a4755e058c1903c49cfc3f08168df22d30b8a72869782ab1138d36c508e36ce

Request headers

Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 23 Feb 2022 14:57:48 GMT
content-encoding
gzip
server
Permutive
vary
Origin,Access-Control-Request-Method
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
access-control-expose-headers
*
access-control-allow-credentials
true
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
via
1.1 google
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BB83 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 23 Feb 2022 09:18:02 GMT
expires
Thu, 23 Feb 2023 09:18:02 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
20386
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame D4AC 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d4e12fdb2849b3544a85d1ff3315f47e854ef0cc18d651de77cb3d92390604fc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-+0IA+BaM4jx8Mj4Tfp4GKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 23 Feb 2022 14:57:48 GMT
date
Wed, 23 Feb 2022 14:57:48 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-+0IA+BaM4jx8Mj4Tfp4GKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Hujgl23SVzI3rZSj4hNxUITd7BayDnfI5D3l6J-e8FI.js
pagead2.googlesyndication.com/bg/ Frame BB83 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Hujgl23SVzI3rZSj4hNxUITd7BayDnfI5D3l6J-e8FI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ee8e0976dd2573237ad94a3e213715084ddec16b20e77c8e43de5e89f9ef052
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 08:01:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
456949
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13646
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Feb 2023 08:01:59 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame D4AC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022021701&jk=1536005961650137&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame BB83 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?KlpLgQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 14:57:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022021701&jk=1536005961650137&bg=!NDelN3PNAAbf-5Dq3_s7ACkAdvg8WuBvz6tHAUwfQDuXlYgGiB_Hqt0a0FfMZIbHe7Hze50elMFQBQIAAABrUgAAAAJoAQeZAuDI6EgukfUYqSRrSpZ6rjm1x_WHTx1cT0yGTvnUhWVrStNpqId92wlGJqDAN2UvJ38vEDEMgRIYBClwu4aMaFSn9DSZqltVfKgZeY3_MiMkzg7stCCfx11HqV1di3iN57eUqE5CYjac_Uy3mE6VdicnqtrdDSCkSFUablZcvIl0pHl2TKIi2_8DOc_XzR0W5IS8QBO8sBcIRSQ52xsE8DdFuXVYV64lpb3qmYMhQPnkfNt4cknwK6P34z7hxMrReWa6o9c5Ob-L1c__I5CHkXP2u4W-qQspmHt5a_wdH8jjBujASmoZKfzHulVg8RUwYoHGTaBB9AkTJPJAQZsFW2xOh-aiJcXKQcgPobB7Br7zZzAhc2ldVtX-Hc9piefKz6R5y-xthH7nZ_VpGEnzEwMm2blTo0wcV9nXrvrVhMrVOJ27j234Ykltahth3OXWnAXwFZ2QbuzTLpdsBJtCO8mXnlBcr-bP7aYogkjrSNOpVDgEnSdb_LxS1zgPenz7-yGKE5L-XlXyNd4uAEBPy1j5ag_j9ooXnVkOiVgZ9sxHNPno8N918Y1Q-e9EhqJwK7MXjkG70v5HtOnOskMPG51vW6BH6F2gEbotdPr-bVFVa0iBKmWXHqOrJglWj7GMecdkB8P_7qtCGR9atKFfwApFnfeBz0RP6GfXmTZmthK8aoPTdEcBYbCyVL3eEC_Kc6kGYYc59YnqKRY5CF9ekO8ibObt07p7QW5wNC_aU5RKGm6YzYvgCIbYCNvcS11VFz5-kQpthj221q0_8_FuOnY2IswnE_ERMDM4ZSGMyJLncMReJzdKY0pSniU_PhRogz3P6W38FQTdoHjcPE1a6o-jJhWSOXPTegHKPaRztDl9h4Zy1jO9NXj4qP5QCeyKyy8jNmwUihXDIrYKNNBB8Z4Zg8n9zvUfEki_je02NsdEDy7kRYbRKo3kO4a4SdfGFBqqxkxeRhm9XrICj294_XO4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 14:57:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0BE1 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuwTAHoU5bchCRdVntDNgAGRTqMX_B_iJwMJjWjTeV60eZHHgiOXrrUYNtTX0MiPA2E7cO5Akyon90A9e49OLNRXJX_Nac0UCsUSz7R6kQo6WtcuetE&sig=Cg0ArKJSzHeRUJwiWKmuEAE&id=lidar2&mcvt=1002&p=108,315,358,1285&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20220216&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=4183305020&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645628267358&rpt=276&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 14:57:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 823C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv2uR1Zpzg_b0dea9b_UcS_C6l4J3a3VImWwjxugRnMm9T2PdT8ORBg67rwuPRjkwg7nVY5xmAtQ0ewj8tShPkrsIZP6npvUsHnD4dA5cn5WJuf_ASv&sig=Cg0ArKJSzAu_HMS0JE3eEAE&id=lidar2&mcvt=1000&p=522,315,772,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220216&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=3490345154&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645628267479&rpt=194&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 14:57:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=a1200adf-c675-70f0-eec5-7b4bd4d238d7&tv=%7Bc:53xSPE,pingTime:1,time:1177,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:141%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1177,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:141,wc:0.0.1600.1200,ac:315.108.970.250,am:i,cc:315.108.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1052~100%5D,as:%5B1052~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:28,fm:sYhaviN+11%7C12%7C13%7C14*.928934%7C141%7C15.928934%7C151,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.26.94.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-26-94-123.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 14:57:48 GMT
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=a1200adf-c675-70f0-eec5-7b4bd4d238d7&tv=%7Bc:53xSPF,pingTime:1,time:1178,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:141%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1178,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:141,wc:0.0.1600.1200,ac:315.108.970.250,am:i,cc:315.108.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1053~100%5D,as:%5B1053~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:28,fm:sYhaviN+11%7C12%7C13%7C14*.928934%7C141%7C15.928934%7C151,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs,metricId:publ1,cmr:t%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.26.94.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-26-94-123.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 14:57:48 GMT
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=a1200adf-c675-70f0-eec5-7b4bd4d238d7&tv=%7Bc:53xSPF,pingTime:1,time:1178,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:141%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1178,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:141,wc:0.0.1600.1200,ac:315.108.970.250,am:i,cc:315.108.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1053~100%5D,as:%5B1053~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:28,fm:sYhaviN+11%7C12%7C13%7C14*.928934%7C141%7C15.928934%7C151,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs,metricId:grpm1,cmr:t%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.26.94.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-26-94-123.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 14:57:48 GMT
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=7825e368-9315-f049-fde2-6e65f516b3c2&tv=%7Bc:53xSQ9,pingTime:1,time:1145,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:123%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1145,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:123,wc:0.0.1600.1200,ac:315.522.970.250,am:i,cc:315.522.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1029~100%5D,as:%5B1029~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:32,fm:sYhavjO+11%7C12%7C13%7C141%7C142%7C15*.928934%7C151,idMap:15*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.26.94.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-26-94-123.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 14:57:48 GMT
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=7825e368-9315-f049-fde2-6e65f516b3c2&tv=%7Bc:53xSQa,pingTime:1,time:1146,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:123%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1146,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:123,wc:0.0.1600.1200,ac:315.522.970.250,am:i,cc:315.522.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1030~100%5D,as:%5B1030~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:32,fm:sYhavjO+11%7C12%7C13%7C141%7C142%7C15*.928934%7C151,idMap:15*,rmeas:1,rend:1,renddet:IMG.qs,metricId:publ1,cmr:t%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.26.94.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-26-94-123.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 14:57:48 GMT
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=7825e368-9315-f049-fde2-6e65f516b3c2&tv=%7Bc:53xSQa,pingTime:1,time:1146,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:123%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1146,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:123,wc:0.0.1600.1200,ac:315.522.970.250,am:i,cc:315.522.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1030~100%5D,as:%5B1030~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:32,fm:sYhavjO+11%7C12%7C13%7C141%7C142%7C15*.928934%7C151,idMap:15*,rmeas:1,rend:1,renddet:IMG.qs,metricId:grpm1,cmr:t%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.26.94.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-26-94-123.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 14:57:48 GMT
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=7825e368-9315-f049-fde2-6e65f516b3c2&tv=%7Bc:53xSVl,pingTime:-10,time:1467,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OC4wLjQ3NTguODAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1645628268121%7C%7C2355f40d227925e21764024b88bd4072%7C%7C920bd99aa4265c459f442b819dba176b%7C%7C844e3db75fba08cf545df769b491d709%7C%7C572cddf4a9d1fadc13743f56f958e7fc%7C%7C300044b31f7c0d2b949a4e2989e62d49%7C%7C7515d9c27d03f21eb82bd65451000759%7C%7C22b13ffaac93c6915fae097061941350%7C%7C1629390669,sca:%7Bspg:a1200adf-c675-70f0-eec5-7b4bd4d238d7%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.26.94.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-26-94-123.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 14:57:49 GMT
x-server-name
dt15.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
events
api.permutive.com/v2.0/batch/ 		201 B
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
271361d6be862d87accdcd4f920997a302719843abf9aa25f012579ca9e0e822

Request headers

Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 23 Feb 2022 14:57:49 GMT
content-encoding
gzip
server
Permutive
vary
Origin,Access-Control-Request-Method
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
access-control-expose-headers
*
access-control-allow-credentials
true
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
via
1.1 google
state
api.permutive.com/v1.0/ 		0
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 23 Feb 2022 14:57:49 GMT
content-encoding
gzip
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
via
1.1 google
events
jssdks.mparticle.com/v3/JS/us1-a9588c0ddc27594cabd152e47ffe27ee/ 		41 B
295 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v3/JS/us1-a9588c0ddc27594cabd152e47ffe27ee/events
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-a9588c0ddc27594cabd152e47ffe27ee/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
1dfd2eabe859015a229e6f9b9a4b8addb982da9cf42e48b03a797f630dfe991d

Request headers

Accept
text/plain;charset=UTF-8
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 23 Feb 2022 14:57:52 GMT
content-encoding
gzip
server
Kestrel
x-timer
S1645628272.106787,VS0,VE16
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-served-by
cache-yul12833-YUL
vary
Accept-Encoding
x-cache
MISS
content-type
application/json
access-control-allow-origin
*
accept-ranges
bytes
via
1.1 varnish
x-cache-hits
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=a1200adf-c675-70f0-eec5-7b4bd4d238d7&tv=%7Bc:53xTSa,pingTime:5,time:5177,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:141%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5177,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:141,wc:0.0.1600.1200,ac:315.108.970.250,am:i,cc:315.108.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5052~100%5D,as:%5B5052~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:27,fm:sYhaviN+11%7C12%7C13%7C14*.928934%7C141%7C15.928934%7C151,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.26.94.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-26-94-123.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 14:57:52 GMT
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=7825e368-9315-f049-fde2-6e65f516b3c2&tv=%7Bc:53xTSF,pingTime:5,time:5145,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:123%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5145,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:123,wc:0.0.1600.1200,ac:315.522.970.250,am:i,cc:315.522.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5029~100%5D,as:%5B5029~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:27,fm:sYhavjO+11%7C12%7C13%7C141%7C142%7C15*.928934%7C151,idMap:15*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.26.94.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-26-94-123.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 14:57:52 GMT
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 function| structuredClone function| setNptTechAdblockerCookie object| script object| LRNameSpace object| LoginRadiusDefaults function| LoginRadiusUtility function| LoginRadiusApiFramework function| setLoginRadiusDefaultSchema function| setLoginRadiusModuleFunctions function| LoginRadiusHooksModel function| SetLoginRadiusCommonFunctions function| LoginRadiusControllers function| LoginRadiusV2 function| FormValidator object| hash object| modern_script_elem object| legacy_script_elem object| ytAdTargetingLoadEvent function| script_onload string| locSrc object| ytVideoAdTargetingConfig object| webpackJsonpFrontEndModules object| tp object| FrontEndModules object| googletag object| aax function| Krux object| dataLayer object| permutive object| __iasPET object| mParticle object| gtm_data_layer object| ggeac object| google_js_reporting_queue object| districtmHeader object| diagPixSentCodes object| __iasAdRefreshConfig function| BlockAdBlock object| blockAdBlock object| webpackChunkdjango_content_services string| iasScores object| google_tag_manager function| udm_ object| _comscore object| COMSCORE object| regeneratorRuntime undefined| google_measure_js_timing function| postscribe object| google_tag_manager_external object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| google_tag_data string| _linkedin_data_partner_id function| fbq function| _fbq function| twq function| onYouTubeIframeAPIReady object| twttr object| Sailthru function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| lintrk boolean| _already_called_lintrk object| PARSELY object| __IntegralASExec object| Ribn object| GoogleGcLKhOms object| google_image_requests

36 Cookies

Domain/Path Name / Value
cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/ Name: x-id
Value: {"data":{"id":"bea1hgddgtbu8hgt7bl9twxwf5dahf5i","updated":1645628266485},"exp":604800000,"ts":1645628266533,"mac":-669991091}
.postmedia.digital/ Name: permutive-id
Value: e84e4e4b-3903-4f79-914a-e070c6c22831
.postmedia.digital/ Name: _gcl_au
Value: 1.1.1685494586.1645628267
.scorecardresearch.com/ Name: UID
Value: 171070e7f71f088776e7cd31645628267
pmd-dev-frontend-modules.s3.amazonaws.com/ Name: x-id
Value: {"data":{"id":"bea1hgddgtbu8hgt7bl9twxwf5dahf5i","updated":1645628266485},"exp":604800000,"ts":1645628267094,"mac":-669210728}
cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/ Name: political-ad-opt-out
Value: {"data":false,"exp":604800000,"ts":1645628267105,"mac":1186034430}
cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/ Name: __adblocker
Value: false
cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/ Name: sailthru_pageviews
Value: 2
.postmedia.digital/ Name: __gads
Value: ID=bda466665630d19b-222042bf3fd000e9:T=1645628267:S=ALNI_MZjW_86TbEalnQhJqFIBWvzLhKOUw
.postmedia.digital/ Name: mprtcl-v4_767FC2FC
Value: {'gs':{'ie':1|'dt':'us1-a9588c0ddc27594cabd152e47ffe27ee'|'av':'1.0.0'|'cgid':'6f311d38-dde4-4e70-be7c-2699104441bf'|'das':'7452cb23-4e9a-4bbe-b129-37bad13b5263'|'csm':'WyI2Njg0OTI2NjAxMzI4NjIyNjUwIl0='|'sid':'07098309-C303-4950-B848-3E7C4EB18B1B'|'les':1645628267114|'ssd':1645628266785}|'l':1|'6684926601328622650':{'fst':1645628267035|'ui':'eyIwIjoiYmVhMWhnZGRndGJ1OGhndDdibDl0d3h3ZjVkYWhmNWkifQ=='}|'cu':'6684926601328622650'}
.t.co/ Name: muc_ads
Value: a8af9902-421d-44ff-a002-ef9f114609f3
.twitter.com/ Name: personalization_id
Value: "v1_G0ek5U4TVynX24Q+DVJrzg=="
.sharethrough.com/ Name: stx_user_id
Value: 6468403d-3e1d-4d76-bc65-705ec03c3c71
.yahoo.com/ Name: A3
Value: d=AQABBGtLFmICEMDwCEjthU719d_d2Z8fYyIFEgEBAQGcF2IgYgAAAAAA_eMAAA&S=AQAAAmNr_VJJvFzE6rLNYBh94-Y
.advertising.com/ Name: APID
Value: UPf6a03304-94b8-11ec-8aa4-02ca691a5cc1
.creativecdn.com/ Name: u
Value: xg1PJg74MRB2qo9Gv2lK
.creativecdn.com/ Name: ts
Value: 1645628267
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-d2a87781-88ef-4ee6-7bad-d53a6209dc5e.KykatY%2BNsBKoi%2FNtDRyr10ekBrtbWVWfU3BUECo1a08
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0qh3gYjvTuZ7rdU6YgncXpU4mbQ.zqrTSKcJKnDuFZDuhkPxosiAMo8EmhjZ5%2BAha%2Bn%2B9c0
.doubleclick.net/ Name: IDE
Value: AHWqTUnxb7w7l0mA8txjt93IHj9zpJrgCk0JcTgwbaHPtXOxnS47JuLOw26UhxuU
.postmedia.digital/ Name: _fbp
Value: fb.1.1645628267518.402333671
cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/ Name: sailthru_visitor
Value: a932e363-4a19-47ad-9971-198e69d8d7e1
.postmedia.digital/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://cheet-1814-canadianfamilyoffices.gdev.postmedia.digital/%22%2C%22sref%22:%22%22%2C%22sts%22:1645628267577%2C%22slts%22:0}
.facebook.com/ Name: fr
Value: 0l0qQ2Lxv1HY6R1KQ..BiFktr...1.0.BiFktr.
.postmedia.digital/ Name: _parsely_visitor
Value: {%22id%22:%22pid=9af9d2b70e62722222eaa0199656ddc4%22%2C%22session_count%22:1%2C%22last_session_ts%22:1645628267577}
.linkedin.com/ Name: li_sugr
Value: f428e9de-092e-464e-bf22-d7ea34c7d606
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&e97ede40-7a73-4ec0-8b9b-3cd05d59b679"
.analytics.yahoo.com/ Name: IDSYNC
Value: "191l~23ee:18ym~23ee"
.linkedin.com/ Name: UserMatchHistory
Value: AQK8WmKL5aAdcwAAAX8nFpy6Ba5EQIwyxqwo59En1Y_EKDZOh5bJNJknSEJrto-Za-A9QdItTXpi6g
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQIolvjes73Z6gAAAX8nFpy6MYzgPO0LBZV9mYiBbjgRpduQfSmuybqY-37nDvFgOZzVSkkFf0LXvr2ZIAfREQ
.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.www.linkedin.com/ Name: bscookie
Value: "v=1&202202231457471ac353b8-d479-4bcf-896e-ac7b86eb460dAQHMiiShqI4NvELvGqcVWbiaIoD7oSJp"
.districtm.io/ Name: _dm_uid
Value: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAwLCJ1c3IiOiJxZ2J3QWJJR0d6STFWekYzWVRoTFpuRnhTV3QyUjNkalltY3dlVU5FWVdkNVM3b0dJQWlxVGhJYk1IRm9NMmRaYW5aVWRWbzNjbVJWTmxsbmJtTlljRlUwYldKUnVnWVpDS3RPRWhSNFp6RlFTbWMzTkUxU1FqSnhiemxIZGpKc1M3b0dBd2l1VHJvR0F3aXdUcm9HVUFqRFRoSkxlUzFFVUdodFoxbGFSVEoxUjNkQlNWTkxSMDFCYld4aVFtOWFaR3BHTTJkcE4zNUJmbFZRWmpaaE1ETXpNRFF0T1RSaU9DMHhNV1ZqTFRoaFlUUXRNREpqWVRZNU1XRTFZMk14dWdZeENNbE9FaXg1TFVJdWRVMTBMa1pGTW5WRldtbEplVTVUU1U1d2JrTTNURms0ZDJsd1gweG1VQzVUZG1RM05DMStRUT09IiwiaWF0IjoxNjQ1NjI4MjY3fQ.VMpR4ikCHJ_YfLaujrVqoiWz4B9S7JdJsRoZJOV5LpnMKF3kDwJSyuIMntDZh0Bk6IzHvqy48Bfez8Fj97Vmjw
.linkedin.com/ Name: lidc
Value: "b=VGST00:s=V:r=V:a=V:p=V:g=2625:u=1:x=1:i=1645628268:t=1645714668:v=2:sig=AQFhm2bU6vJpApoUFSDVWkmAKeiRbCXK"
.adsymptotic.com/ Name: U
Value: 3ca2083b30d567a683f1645665f8fa2f

1 Console Messages

Source Level URL
Text
other warning URL: https://www.googleadservices.com/pagead/conversion_async.js(Line 71)
Message:
Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
4452e993218b6ee5f36daf92b9024209.safeframe.googlesyndication.com
adservice.google.ca
adservice.google.com
ak.sail-horizon.com
analytics.twitter.com
api.permutive.com
api.sail-personalize.com
assets.ribn.com
auth.lrcontent.com
bid.g.doubleclick.net
cdn.adsafeprotected.com
cdn.districtm.io
cdn.parsely.com
cheet-1814-canadianfamilyoffices.gdev.postmedia.digital
connect.facebook.net
dmx.districtm.io
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hb.districtm.io
identity.mparticle.com
jssdkcdns.mparticle.com
jssdks.mparticle.com
match.sharethrough.com
p.adsymptotic.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
pixel.advertising.com
pmd-dev-frontend-modules.s3.amazonaws.com
px.ads.linkedin.com
px4.ads.linkedin.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
smartcdn.gprod.postmedia.digital
smartcdn.prod.postmedia.digital
snap.licdn.com
srv-2022-02-23-14.pixel.parsely.com
static.ads-twitter.com
static.adsafeprotected.com
sync.srv.stackadapt.com
t.co
tpc.googlesyndication.com
ups.analytics.yahoo.com
us.creativecdn.com
www.facebook.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
www.npttech.com
100.26.94.123
104.16.68.69
104.18.101.194
104.244.42.195
104.244.42.69
108.174.10.24
13.33.60.107
13.33.60.120
142.250.111.156
142.250.65.226
142.251.40.130
143.204.143.59
146.75.32.157
185.184.10.30
2600:141b:13::17d7:82d2
2600:9000:2140:4c00:7:75d4:e40:93a1
2600:9000:21dd:1e00:8:48e:53c0:93a1
2606:4700:10::6816:49e8
2606:4700:3032::ac43:c0b6
2606:4700::6812:551
2607:f8b0:4006:807::2003
2607:f8b0:4006:809::2002
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80c::2001
2607:f8b0:4006:80f::2003
2607:f8b0:4006:817::2002
2607:f8b0:4006:820::2002
2607:f8b0:4006:822::2004
2607:f8b0:4006:822::200a
2607:f8b0:4006:823::2002
2607:f8b0:4006:824::2008
2620:1ec:21::14
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:200::645
2a04:4e42:600::645
3.212.45.149
34.107.254.252
34.149.157.221
34.236.180.141
34.239.25.47
34.95.11.30
52.3.54.123
52.45.33.138
52.95.147.53
54.81.207.173
75.2.40.13
99.84.112.62
99.84.125.24
004873741130c4c0aec4692ddf6ac8f57442ab746004efded91e189228c5daf8
0055b9d0429e9c194b4aa6b5f49cbc2ec31a7220ee7c8c186a9ee951feabd482
0468c77f5262250d3a413bd6524b8e9db6c2ba69f8580dd49bdb1089503e3cde
0a055b94dddc24c4d91c386d3eb855fc8eb2e973346a021eafb4e625398b60da
0aaf98b4906ae2f736f8463dc832a021366165eb0446bb52a2c7aaefc240b0b7
0bd60955c76e3b789dbadff3f7258b449dfde2341616a3764b44c2452e61ee36
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1177a49ea8ffd2316eab0c580c5b89802b1355e872356187f16893f688fb5435
1574a6c38881f61276f0dd4d78af46e896eeb3faf1c2cd434889366ba01e29d4
1dd1a6a145e1ea2750d60fd2f3de8e823197e98eba48ce407bf5bc471e4ba3a5
1dfd2eabe859015a229e6f9b9a4b8addb982da9cf42e48b03a797f630dfe991d
1ee8e0976dd2573237ad94a3e213715084ddec16b20e77c8e43de5e89f9ef052
22173562dc5efb6a3d9c6ceff4b805a0d21386d73ef6a33b147f65a1471c0c6d
2338bdf13f439396890e22f1ea22f8c75671c758511529e04ac96bae655b4e7d
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
271361d6be862d87accdcd4f920997a302719843abf9aa25f012579ca9e0e822
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
28ebe438c9cebbf8b49baf284b7c0624f1a1e52c823572afe5dba64d858ebb09
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2d81dd912444da21f2b352777158306679719c62bb468b366190cb64d0a4a002
2fcc243bac5c3a6269a6b77658f9d4e47c095baf2ce7250b0a74318482a8244b
42d97ac4e75ac242bca24a26a1d3bcd01d81e72c948d6776f131e55b110dbb54
4a4755e058c1903c49cfc3f08168df22d30b8a72869782ab1138d36c508e36ce
4b2ae5cf03240ba6ce00a235d488a0f88ddaea40cd5dabbb348cce03db30f0b7
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
5122c98605367c14582885aacdfd443bc832001303f137203ca6ceddc96ceb94
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
5fb6d69941da291501efde94bd6471b8388d0f82fc8d19379d7e62f9f37c10c1
6187651ce0175ec7629341f96570784e3a37d0174fd7f555cc8b3fa43d3596e2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64877850f9e838b0e76c3cf59b45760f44598fae0a8d2b14ba491b682c0ad92e
6597a3a370855ee3a37f5529da1e687edf9af008c1e5fed856e2dd16a3ea5451
67286908ff4a4fdfcbed0ac77fe99c00f6974bcaa14b77ace42a9dfb189024d1
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
68a335c0d87dce935fee1811892070e78c514828d50bfe2ae21fde739ec1002c
6aedb63b9517dd4565ba4e81a2bfbf8f164c0e02b1fee262474ca4f04cee633e
6c8ee3f969943732ebe4bec6db2f9593e601405cb74b58a677f435d2d2b72b68
6f33bb6fb3ab3ed9893e8cf1ad0bda09b99a535be0a54c7a8f1dd1c3a688c4ee
72197a129636634bea180fb17d00e71452ee0209f7b4e2fff7141e5e15c1ed21
73f5cb8f7a137847e41aeb849588174535651b6e140d8b13575f46fff0c496a2
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
7aa5fa5dbd7eaf358e59874e863d08f2b4aeaefb8a50d6e71a9d5116887269ee
7fb0c7ff737b4e24b5779966ab33cf471e3902f26e598e3f4e8ea365c370aff9
804e46afd5ad7b262335603b1fc216893c3d17fee2cf4346c6be71cdeb663020
80df80639eff50b28f33ab6354c5f7448973e4f47c47fe0c3813c7dea361a7c8
83e6760e6b0ed51959d006bd35daefe0d84d72e8971b6b33cb2d06fb49199077
8772ff1dc324bb9d675e89f245a9372f3d0f3d96151193ee8716e378f1b8fa60
878ab7abb1c546ee2581d7645b7417fec02719cbb61551fc232728e622cc8026
8c6db249df1966e3ac79a1330df310a02acbe88c1ec9caa389fb1ee13c103102
9008ac843d4735e349bdde45c352caeb6d5c1517622730fa602d6b56cf5e4b3a
9058ff7155aff7bb21a00590e172c3ea745ab42676fb5d5f86b38260bf419cba
975a64dc9bbc5e1884ba8ca2e76d9b2791d16d5c9f3619bf30477cd21a8636d2
989d94d8baba214a6dcc1ba6795c35dc9ce9cf94863248b8970cd8e864674347
98bdfc9d29751a72ee252a8caa5543876f591a3d8124e7a980084ebcd834f75d
99fe38b946e11cc323b148f60c64414245b624d876f7a28fe61b3a056134b2e2
9b1f9365c306b9269d6dd6849631439a5ce6b315bb2d8e3fa53437892b01fc7e
9cc76f7842eb03c9dd1ded8bacd8da378daea69f5170b53dc2be924e75bc3442
a1f4086973dc8059c20b2a680c1e4cfae4069ff3a4a063a297bbcd9281115dab
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a63f83d1e5d930a7690eaa3ccccd78ac8495dc609eeb40f852abb6d493466cef
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ab0662b330b8e0d7f53c3c3c6a994b515fe6b3ee61cf89540c81a925a6d60fe1
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acdc8f60059cbf557957869f544dce756689a499c506856522204b3ea06be8c7
ad1cf2cf3e594c9ef7515ff851415c9f50f9a89dd938e6437b944d5d21e5ae1c
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50
b048e01655cdf47f739c288fc4195c26de3883db4ebc4368242fa38b0ca0062d
b0c63c55f89ad76db173c17e5ae151a874979c2fad381dcf8197db7328e0420e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
ba1eeffc915d25f2e8de35193399793f73138013802de39d1f4806c86343c055
bc0277bce41902fa8f44a276c5741bca2b3a33d727dfca8b2d4eb9e309581b3a
bfe59bd642bfb002cede8d9aa3fdfb08da38e7841521e9d24bc4da59e0986d76
c17d4736b40bcf80f86c2db97708954593533f35fbea4293d5d70045686e3539
c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190
caac5c71c9d790e8cd32ed97b5a978c08c5543b7f25ace068aa767d1f4987488
cae0ae2d67aac89367108586ebd25e00afc5d0f8110e6eb71b8d274037f7a5d8
cc0c10259d551b6a9678e12e6227d69d73fb9ce8d4235c7fa9d22a62794af7aa
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d06ae5e97e495832fc4526c3e93d7e9440f1faf5f77669b41678c9d564a25faf
d4e12fdb2849b3544a85d1ff3315f47e854ef0cc18d651de77cb3d92390604fc
d5f7c1c0cbec2c27d4165db4cd06b7780f477fc9161008bde67c7a9d62b223aa
d75ef42fcd07b5fab32a6313d56b4147bfb26d88aa53d2de1c7039852253bcfa
d7aa4fd83133657c6fdca96831e8ba864506916611cfe399a167073a0d1ee55f
dea759394a532f5d3ca25e8697fd2077dac60131e9eb3bd1ab3d6aee3a86ec47
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e2944bb8d103d137f4813d1b0062ecf65f0a5209736df258b999796da07f2b76
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e592c023e395d520e95efed9c15d14c77d5c101e3ce6b5d71413384508b55d59
e8984ce1f1130d58ee929e7ce60e27bafcfa536124ae2d1a8597fd6ea8c49327
e8c18c882ae03fbe2b5256c5e7a32a406befa8bdf0963a40a48e9dbc49478bab
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1ef95b3042a40188772fba913faf3582345ea35868a2340b9f0ea1954f2c0b
f1c14f2a030971b50bde87f9794843b1dabf6882c87981c22ac58e07ef1b48bb
f3e7b18a495e87b10f2a46da5107c83e01419f3f0f8c5227d75a7d42d23c5d8a
f525313b4ce2e74e5518166fb8568f75c3cf6e54aaffe725d36c7331330eb166
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e
f7914b4836b5815c4b3dcd79c44fa3390dedf00785d79f90dc7f6c6f38c947c5
f9f6a05c0164ab191af137238768faae96a84df94b8190129eb28314e6868bbc
fc8cbc9e0346721338cd916c7943a71cef34a3bbcefc30a16fbc5ef1d45646c7
fdfc2210363de1666e77ce4a852f46be0c89131a9187965d7c0cdc25dbbd245d
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3