donate.redcross.ca Open in urlscan Pro
2606:4700::6810:c8f3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://donate.redcross.ca/page/100227/donate/
Effective URL:
https://donate.redcross.ca/page/100227/donate/1
Submission: On February 28 via manual (February 28th 2022, 2:05:13 pm UTC) from CA — Scanned from CA

Summary HTTP 123 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 69 IPs in 9 countries across 72 domains to perform 123 HTTP transactions. The main IP is 2606:4700::6810:c8f3, located in United States and belongs to CLOUDFLARENET, US. The main domain is donate.redcross.ca.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 16th 2021. Valid for: a year.

This is the only time donate.redcross.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	2606:4700::68... 2606:4700::6810:c8f3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	40.86.230.96 40.86.230.96	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2607:f8b0:400... 2607:f8b0:4006:80d::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80c::200a	15169 (GOOGLE) (GOOGLE)
1	2600:141b:13:... 2600:141b:13::17d7:8262	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	209.171.43.224 209.171.43.224	852 (TELUS Com...) (TELUS Communications)
3	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::6815:4e07	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1400:d:4... 2600:1400:d:488::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	23.52.161.206 23.52.161.206	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2607:f8b0:400... 2607:f8b0:4006:80f::2008	15169 (GOOGLE) (GOOGLE)
1	23.5.226.225 23.5.226.225	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2607:f8b0:400... 2607:f8b0:4006:81d::2003	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:400... 2607:f8b0:4006:820::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	146.75.32.157 146.75.32.157	54113 (FASTLY) (FASTLY)
2	2600:141b:13:... 2600:141b:13::17d7:82d0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.129.131 151.101.129.131	54113 (FASTLY) (FASTLY)
1	2620:1ec:27::... 2620:1ec:27::cafe:1841	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	185.167.164.46 185.167.164.46	198622 (ADFORM) (ADFORM)
1 2	142.250.80.70 142.250.80.70	15169 (GOOGLE) (GOOGLE)
7	35.169.229.32 35.169.229.32	14618 (AMAZON-AES) (AMAZON-AES)
1	54.82.140.43 54.82.140.43	14618 (AMAZON-AES) (AMAZON-AES)
1	13.249.184.81 13.249.184.81	16509 (AMAZON-02) (AMAZON-02)
1 2	185.167.164.39 185.167.164.39	198622 (ADFORM) (ADFORM)
2	40.76.174.66 40.76.174.66	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	20.36.253.92 20.36.253.92	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.64.66 142.250.64.66	15169 (GOOGLE) (GOOGLE)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	2607:f8b0:400... 2607:f8b0:4006:80a::2002	15169 (GOOGLE) (GOOGLE)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	108.174.10.24 108.174.10.24	14413 (LINKEDIN) (LINKEDIN)
1 2	104.18.98.194 104.18.98.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:402... 2607:f8b0:4023:1407::9a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 16	185.167.164.42 185.167.164.42	198622 (ADFORM) (ADFORM)
1	185.167.164.43 185.167.164.43	198622 (ADFORM) (ADFORM)
1	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
1 2	3.224.164.141 3.224.164.141	14618 (AMAZON-AES) (AMAZON-AES)
1	23.3.124.187 23.3.124.187	16625 (AKAMAI-AS) (AKAMAI-AS)
1	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	3.122.33.49 3.122.33.49	16509 (AMAZON-02) (AMAZON-02)
1 1	199.187.193.166 199.187.193.166	47043 (SMARTADSE...) (SMARTADSERVER)
1	63.251.28.219 63.251.28.219	13789 (INTERNAP-...) (INTERNAP-BLK3)
2 2	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
1 3	52.223.22.214 52.223.22.214	16509 (AMAZON-02) (AMAZON-02)
1 2	23.52.162.21 23.52.162.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	50.57.31.206 50.57.31.206	19994 (RACKSPACE) (RACKSPACE)
1 3	3.233.22.19 3.233.22.19	14618 (AMAZON-AES) (AMAZON-AES)
1	34.229.3.43 34.229.3.43	14618 (AMAZON-AES) (AMAZON-AES)
1	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1 2	18.233.240.143 18.233.240.143	14618 (AMAZON-AES) (AMAZON-AES)
3	23.209.184.224 23.209.184.224	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1 1	54.77.170.127 54.77.170.127	16509 (AMAZON-02) (AMAZON-02)
1	52.218.106.107 52.218.106.107	16509 (AMAZON-02) (AMAZON-02)
2 2	51.79.83.225 51.79.83.225	16276 (OVH) (OVH)
1	52.204.93.102 52.204.93.102	14618 (AMAZON-AES) (AMAZON-AES)
3 3	142.251.41.2 142.251.41.2	15169 (GOOGLE) (GOOGLE)
2 3	68.67.179.91 68.67.179.91	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.36.115.109 104.36.115.109	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	13.35.73.57 13.35.73.57	16509 (AMAZON-02) (AMAZON-02)
2 2	34.206.192.53 34.206.192.53	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.88.128.19 52.88.128.19	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:9000:210... 2600:9000:2105:5200:1a:609a:6780:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	23.200.196.208 23.200.196.208	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	3.90.158.177 3.90.158.177	14618 (AMAZON-AES) (AMAZON-AES)
3 3	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	64.58.232.179 64.58.232.179	13649 (ASN-VINS) (ASN-VINS)
1	64.58.232.177 64.58.232.177	13649 (ASN-VINS) (ASN-VINS)
3 4	51.89.7.205 51.89.7.205	16276 (OVH) (OVH)
2 2	68.67.179.89 68.67.179.89	29990 (ASN-APPNEX) (ASN-APPNEX)
4 4	164.132.158.126 164.132.158.126	16276 (OVH) (OVH)
2 2	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
1	96.6.28.96 96.6.28.96	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	88.99.214.77 88.99.214.77	24940 (HETZNER-AS) (HETZNER-AS)
1	2600:9000:210... 2600:9000:2105:5200:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	107.178.246.49 107.178.246.49	15169 (GOOGLE) (GOOGLE)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1	52.200.119.241 52.200.119.241	14618 (AMAZON-AES) (AMAZON-AES)
1	54.234.88.163 54.234.88.163	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4006:808::2004	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80e::2003	15169 (GOOGLE) (GOOGLE)
123	69

7 2606:4700::6810:c8f3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

donate.redcross.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 40.86.230.96 (Québec, Canada)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

phil-cdn-web.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::200a (Queens, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::200a (Queens, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:13::17d7:8262 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

philanthropy.cdn.redcross.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.171.43.224 (Ottawa, Canada)

ASN852 (TELUS Communications, CA)
PTR: ip224-43-171-209.toro1.na.psigh.com

sechosted.redcross.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:4e07 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1400:d:488::13b8 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.52.161.206 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-161-206.deploy.static.akamaitechnologies.com

aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80f::2008 (Queens, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.5.226.225 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-5-226-225.deploy.static.akamaitechnologies.com

a280747077.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::2003 (Queens, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:820::200e (Queens, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.32.157 (Ashburn, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:141b:13::17d7:82d0 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.131 (United States)

ASN54113 (FASTLY, US)

bf098b5490a14f9d86e99cc566def128.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:27::cafe:1841 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.167.164.46 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f6.1e100.net

10474121.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.169.229.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-229-32.compute-1.amazonaws.com

secure.pointillist.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mihistream.pointillist.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.82.140.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-140-43.compute-1.amazonaws.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.249.184.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-184-81.bos50.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.39 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

a2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.76.174.66 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

d.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.36.253.92 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.64.66 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s30-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80a::2002 (Queens, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:22::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.24 (United States) 1 redirects

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-24.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.98.194 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

p.adsymptotic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4023:1407::9a (Columbus, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 185.167.164.42 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.167.164.43 (Denmark)

ASN198622 (ADFORM, DK)

a1.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::2002 (Queens, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::2002 (Queens, United States)

ASN15169 (GOOGLE, US)

adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.224.164.141 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-164-141.compute-1.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.3.124.187 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-3-124-187.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.33.49 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-33-49.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.187.193.166 (Canada) 1 redirects

ASN47043 (SMARTADSERVER, CA)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.28.219 (United States)

ASN13789 (INTERNAP-BLK3, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.223.22.214 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.52.162.21 (New York, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-162-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.57.31.206 (United States) 1 redirects

ASN19994 (RACKSPACE, US)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.233.22.19 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-22-19.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.229.3.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-3-43.compute-1.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.233.240.143 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-240-143.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.209.184.224 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-209-184-224.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.170.127 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-170-127.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.106.107 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.79.83.225 (Beauharnois, Canada) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-us-2.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.204.93.102 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-93-102.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.41.2 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.179.91 (Secaucus, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.115.109 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.73.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-73-57.bos50.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.206.192.53 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-192-53.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.88.128.19 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-88-128-19.us-west-2.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2105:5200:1a:609a:6780:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.200.196.208 (Piscataway, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-200-196-208.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.90.158.177 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-90-158-177.compute-1.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.220.150 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.58.232.179 (United States) 1 redirects

ASN13649 (ASN-VINS, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.58.232.177 (United States)

ASN13649 (ASN-VINS, US)
PTR: be31-199.crrt01.las04.flexential.net

ib.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.89.7.205 (London, United Kingdom) 3 redirects

ASN16276 (OVH, FR)
PTR: p28.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.179.89 (Secaucus, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 565.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 164.132.158.126 (France) 4 redirects

ASN16276 (OVH, FR)
PTR: ip126.ip-164-132-158.eu

cookie-matching.mediarithmics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.16.14 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.6.28.96 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a96-6-28-96.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.99.214.77 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.88-99-214-77.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2105:5200:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.178.246.49 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.200.119.241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-119-241.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.234.88.163 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-88-163.compute-1.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:808::2004 (Queens, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::2003 (Queens, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	adform.net 2 redirects s2.adform.net — Cisco Umbrella Rank: 4863 a2.adform.net — Cisco Umbrella Rank: 6075 c1.adform.net — Cisco Umbrella Rank: 529 dmp.adform.net — Cisco Umbrella Rank: 2002	39 KB
9	redcross.ca 1 redirects donate.redcross.ca philanthropy.cdn.redcross.ca sechosted.redcross.ca	85 KB
8	azurewebsites.net phil-cdn-web.azurewebsites.net	21 KB
7	pointillist.com secure.pointillist.com — Cisco Umbrella Rank: 232173 mihistream.pointillist.com — Cisco Umbrella Rank: 993939	64 KB
7	doubleclick.net 4 redirects 10474121.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 67 googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 cm.g.doubleclick.net — Cisco Umbrella Rank: 175	4 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	56 KB
5	adnxs.com 4 redirects secure.adnxs.com — Cisco Umbrella Rank: 350 ib.adnxs.com — Cisco Umbrella Rank: 210	5 KB
5	linkedin.com 5 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 439 www.linkedin.com — Cisco Umbrella Rank: 602 px4.ads.linkedin.com — Cisco Umbrella Rank: 5087	4 KB
5	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1248 d.clarity.ms — Cisco Umbrella Rank: 2006 c.clarity.ms — Cisco Umbrella Rank: 693	25 KB
4	mediarithmics.com 4 redirects cookie-matching.mediarithmics.com — Cisco Umbrella Rank: 1452	2 KB
4	id5-sync.com 3 redirects id5-sync.com — Cisco Umbrella Rank: 493	5 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 331 c.bing.com — Cisco Umbrella Rank: 212	12 KB
3	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 357	1 KB
3	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 295	2 KB
3	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 425	2 KB
3	eyeota.net 1 redirects ps.eyeota.net — Cisco Umbrella Rank: 845	2 KB
3	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 356	1 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	201 KB
3	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 703 a280747077.cdn.optimizely.com logx.optimizely.com — Cisco Umbrella Rank: 1141	114 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 197	35 KB
2	1dmp.io 1 redirects sync.1dmp.io — Cisco Umbrella Rank: 10149	809 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 8499	518 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 704	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 187	2 KB
2	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 2683	4 KB
2	onaudience.com 2 redirects pixel.onaudience.com — Cisco Umbrella Rank: 1400	718 B
2	openx.net 1 redirects eu-u.openx.net — Cisco Umbrella Rank: 1733	382 B
2	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 662	826 B
2	semasio.net 1 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1051	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 488	2 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 265	1 KB
2	adscale.de 2 redirects ih.adscale.de — Cisco Umbrella Rank: 4945	693 B
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 621	829 B
2	google.ca adservice.google.ca — Cisco Umbrella Rank: 12901 www.google.ca — Cisco Umbrella Rank: 8810	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	497 B
2	adsymptotic.com 1 redirects p.adsymptotic.com — Cisco Umbrella Rank: 497	539 B
2	google.com adservice.google.com — Cisco Umbrella Rank: 59 www.google.com — Cisco Umbrella Rank: 2	1 KB
2	ubembed.com bf098b5490a14f9d86e99cc566def128.js.ubembed.com assets.ubembed.com — Cisco Umbrella Rank: 9272	48 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 830	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	114 KB
2	rackcdn.com aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com — Cisco Umbrella Rank: 137855	852 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 610	83 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 ajax.googleapis.com — Cisco Umbrella Rank: 250	32 KB
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 1066	120 B
1	rtactivate.com bpi.rtactivate.com — Cisco Umbrella Rank: 1708	109 B
1	contentexchange.me match.contentexchange.me — Cisco Umbrella Rank: 16797	49 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 659	239 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 792	287 B
1	mookie1.com ib.mookie1.com — Cisco Umbrella Rank: 1493	421 B
1	ib-ibi.com 1 redirects global.ib-ibi.com — Cisco Umbrella Rank: 1301	500 B
1	mathtag.com 1 redirects pixel.mathtag.com — Cisco Umbrella Rank: 1050	628 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1393	456 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 388	646 B
1	userreport.com pdw-adf.userreport.com — Cisco Umbrella Rank: 13074	444 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 552	545 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 371	338 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net — Cisco Umbrella Rank: 16481	406 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 283
1	exelator.com loadm.exelator.com — Cisco Umbrella Rank: 891	324 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 614	672 B
1	smartadserver.com 1 redirects rtb-csync.smartadserver.com — Cisco Umbrella Rank: 535	667 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 593	663 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 3482	522 B
1	seadform.net a1.seadform.net — Cisco Umbrella Rank: 13866	344 B
1	t.co t.co — Cisco Umbrella Rank: 456	335 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 468	457 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 99	15 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 539	6 KB
1	gstatic.com fonts.gstatic.com	44 KB
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 800	247 KB
0	yahoo.com Failed ups.analytics.yahoo.com Failed
123	72

	Domain	Requested by
12	c1.adform.net	1 redirects a2.adform.net c1.adform.net
8	phil-cdn-web.azurewebsites.net	donate.redcross.ca
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com donate.redcross.ca
7	donate.redcross.ca	1 redirects donate.redcross.ca
4	cookie-matching.mediarithmics.com	4 redirects
4	id5-sync.com	3 redirects c1.adform.net
4	dmp.adform.net	c1.adform.net
4	mihistream.pointillist.com	secure.pointillist.com
3	pixel.tapad.com	3 redirects
3	match.adsrvr.org	3 redirects
3	secure.adnxs.com	2 redirects c1.adform.net
3	cm.g.doubleclick.net	3 redirects
3	tags.bluekai.com	c1.adform.net
3	ps.eyeota.net	1 redirects c1.adform.net
3	eb2.3lift.com	1 redirects c1.adform.net
3	px.ads.linkedin.com	3 redirects
3	secure.pointillist.com	donate.redcross.ca
3	bat.bing.com	www.googletagmanager.com bat.bing.com donate.redcross.ca
3	www.googletagmanager.com	donate.redcross.ca www.googletagmanager.com
3	cdnjs.cloudflare.com	donate.redcross.ca
2	sync.1dmp.io	1 redirects c1.adform.net
2	redirect.frontend.weborama.fr	2 redirects
2	ib.adnxs.com	2 redirects
2	pm.w55c.net	2 redirects
2	dpm.demdex.net	2 redirects
2	a.audrte.com	2 redirects
2	pixel.onaudience.com	2 redirects
2	eu-u.openx.net	1 redirects c1.adform.net
2	sync.crwdcntrl.net	1 redirects c1.adform.net
2	uipglob.semasio.net	1 redirects c1.adform.net
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	x.bidswitch.net	2 redirects
2	ih.adscale.de	2 redirects
2	ad.360yield.com	1 redirects c1.adform.net
2	www.facebook.com	donate.redcross.ca
2	p.adsymptotic.com	1 redirects donate.redcross.ca
2	c.clarity.ms	1 redirects donate.redcross.ca
2	d.clarity.ms	www.clarity.ms d.clarity.ms
2	a2.adform.net	1 redirects donate.redcross.ca
2	10474121.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	connect.facebook.net	donate.redcross.ca connect.facebook.net
2	aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com	donate.redcross.ca
2	maxcdn.bootstrapcdn.com	donate.redcross.ca maxcdn.bootstrapcdn.com
1	www.google.ca	donate.redcross.ca
1	www.google.com	donate.redcross.ca
1	e1.emxdgt.com	c1.adform.net
1	bpi.rtactivate.com	c1.adform.net
1	match.contentexchange.me	c1.adform.net
1	s.ad.smaato.net	c1.adform.net
1	sync.teads.tv	c1.adform.net
1	ib.mookie1.com	c1.adform.net
1	global.ib-ibi.com	1 redirects
1	pixel.mathtag.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	aa.agkn.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	beacon.krxd.net	c1.adform.net
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	idsync.rlcdn.com	c1.adform.net
1	loadm.exelator.com	c1.adform.net
1	ads.stickyadstv.com	c1.adform.net
1	rtb-csync.smartadserver.com	1 redirects
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	adservice.google.ca	adservice.google.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	a1.seadform.net	donate.redcross.ca
1	stats.g.doubleclick.net	www.google-analytics.com
1	px4.ads.linkedin.com	1 redirects
1	www.linkedin.com	1 redirects
1	adservice.google.com	10474121.fls.doubleclick.net
1	t.co	donate.redcross.ca
1	analytics.twitter.com	static.ads-twitter.com
1	www.googleadservices.com	www.googletagmanager.com
1	c.bing.com	1 redirects
1	assets.ubembed.com	bf098b5490a14f9d86e99cc566def128.js.ubembed.com
1	logx.optimizely.com	cdn.optimizely.com
1	s2.adform.net	donate.redcross.ca
1	www.clarity.ms	donate.redcross.ca
1	bf098b5490a14f9d86e99cc566def128.js.ubembed.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	a280747077.cdn.optimizely.com	cdn.optimizely.com
1	cdn.optimizely.com	donate.redcross.ca
1	use.fontawesome.com	donate.redcross.ca
1	sechosted.redcross.ca	donate.redcross.ca
1	philanthropy.cdn.redcross.ca	donate.redcross.ca
1	ajax.googleapis.com	donate.redcross.ca
1	fonts.googleapis.com	donate.redcross.ca
0	ups.analytics.yahoo.com Failed	c1.adform.net
123	93

This site contains links to these domains. Also see Links.

Domain
www.redcross.ca
donnez.croixrouge.ca

Subject Issuer	Validity	Valid
donate.redcross.ca Cloudflare Inc ECC CA-3	`2021-07-16` - `2022-07-15`	a year	crt.sh
*.azurewebsites.net Microsoft RSA TLS CA 02	`2021-07-07` - `2022-07-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
cert00027-azurecdn.akamaized.net R3	`2022-02-28` - `2022-05-29`	3 months	crt.sh
sechosted.redcross.ca Entrust Certification Authority - L1K	`2020-04-08` - `2022-04-07`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-12-24` - `2022-12-24`	a year	crt.sh
*.ssl.cf5.rackcdn.com DigiCert SHA2 Secure Server CA	`2021-03-22` - `2022-03-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-07` - `2022-03-07`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.js.ubembed.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2022-01-04` - `2023-02-05`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2021-06-01` - `2022-06-01`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.pointillist.com Amazon	`2021-06-02` - `2022-07-01`	a year	crt.sh
logx.optimizely.com Amazon	`2021-08-23` - `2022-09-21`	a year	crt.sh
assets.ubembed.com Amazon	`2022-02-04` - `2023-03-05`	a year	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-22` - `2023-02-22`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2022-02-22` - `2023-02-22`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.seadform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-11-04`	a year	crt.sh
*.google.ca GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2022-01-14` - `2023-01-13`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-12` - `2023-02-12`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.userreport.com Amazon	`2022-01-19` - `2023-02-17`	a year	crt.sh
teads.tv R3	`2022-01-03` - `2022-04-03`	3 months	crt.sh
s.ad.smaato.net Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2021-05-05` - `2022-06-04`	a year	crt.sh
rtactivate.com Amazon	`2021-05-13` - `2022-06-11`	a year	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2021-05-18` - `2022-06-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://donate.redcross.ca/page/100227/donate/1
Frame ID: 350AC8254ABC7DF8E57DA69E2AAB7ED0
Requests: 71 HTTP requests in this frame

Frame: https://a280747077.cdn.optimizely.com/client_storage/a280747077.html
Frame ID: E8E9C4022D6E073D2D2B8263D0070853
Requests: 1 HTTP requests in this frame

Frame: https://10474121.fls.doubleclick.net/activityi;dc_pre=CL3P8cjIovYCFeoHigMd9dkLtw;src=10474121;type=retar0;cat=crc-d0;ord=1318250752926;gtm=2wg2n0;auiddc=212352000.1646057106;~oref=https%3A%2F%2Fdonate.redcross.ca%2Fpage%2F100227%2Fdonate%2F1
Frame ID: ADE5D506689828E3F0FF650F50D66E65
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CL3P8cjIovYCFeoHigMd9dkLtw;src=10474121;type=retar0;cat=crc-d0;ord=1318250752926;gtm=2wg2n0;auiddc=212352000.1646057106;~oref=https%3A%2F%2Fdonate.redcross.ca%2Fpage%2F100227%2Fdonate%2F1
Frame ID: 8E6FF48E1FF43A05F76015BB9F9EC93F
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159
Frame ID: 895BE9D4179AC8EC7E36BFEAE831F860
Requests: 46 HTTP requests in this frame

Frame: https://adservice.google.ca/ddm/fls/i/dc_pre=CL3P8cjIovYCFeoHigMd9dkLtw;src=10474121;type=retar0;cat=crc-d0;ord=1318250752926;gtm=2wg2n0;auiddc=212352000.1646057106;~oref=https%3A%2F%2Fdonate.redcross.ca%2Fpage%2F100227%2Fdonate%2F1
Frame ID: 869FDAAA73E2E88C3F1BA4D0EC92AD90
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Donate to the Ukraine Humanitarian Crisis Appeal - UHCA MWF DonCanadian Red Cross

Page URL History Show full URLs

https://donate.redcross.ca/page/100227/donate/ HTTP 303
https://donate.redcross.ca/page/100227/donate/1 Page URL

Detected technologies

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

123
Requests

76 %
HTTPS

29 %
IPv6

72
Domains

93
Subdomains

69
IPs

9
Countries

2114 kB
Transfer

4589 kB
Size

124
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.redcross.ca/
Title: .cls-1{fill:#ec1c24;} Canadian Red Cross

Search URL Search Domain Scan URL

URL: https://donnez.croixrouge.ca/page/100227/donate/1?locale=fr-CA
Title: Français

Search URL Search Domain Scan URL

URL: https://www.redcross.ca/donate/information-for-donors/donor-rights
Title: Donor Rights

Search URL Search Domain Scan URL

URL: https://www.redcross.ca/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://donate.redcross.ca/page/100227/donate/ HTTP 303
https://donate.redcross.ca/page/100227/donate/1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://10474121.fls.doubleclick.net/activityi;src=10474121;type=retar0;cat=crc-d0;ord=1318250752926;gtm=2wg2n0;auiddc=212352000.1646057106;~oref=https%3A%2F%2Fdonate.redcross.ca%2Fpage%2F100227%2Fdonate%2F1 HTTP 302
https://10474121.fls.doubleclick.net/activityi;dc_pre=CL3P8cjIovYCFeoHigMd9dkLtw;src=10474121;type=retar0;cat=crc-d0;ord=1318250752926;gtm=2wg2n0;auiddc=212352000.1646057106;~oref=https%3A%2F%2Fdonate.redcross.ca%2Fpage%2F100227%2Fdonate%2F1

Request Chain 48

https://a2.adform.net/Serving/TrackPoint/?pm=2318615&ADFdivider=%7C&ord=599396010713&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fdonate.redcross.ca%2Fpage%2F100227%2Fdonate%2F1 HTTP 302
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2318615&ADFdivider=%7C&ord=599396010713&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fdonate.redcross.ca%2Fpage%2F100227%2Fdonate%2F1

Request Chain 55

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=46C64457862F487D97F0819DF3EC4BEF&RedC=c.clarity.ms&MXFR=04B312CEA5AE6DAC0FE30397A1AE6376 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=46C64457862F487D97F0819DF3EC4BEF&MUID=30AF93CE6FE26899371282976EC86975

Request Chain 63

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2689321&time=1646057107283&url=https%3A%2F%2Fdonate.redcross.ca%2Fpage%2F100227%2Fdonate%2F1 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2689321&time=1646057107283&url=https%3A%2F%2Fdonate.redcross.ca%2Fpage%2F100227%2Fdonate%2F1&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2689321%26time%3D1646057107283%26url%3Dhttps%253A%252F%252Fdonate.redcross.ca%252Fpage%252F100227%252Fdonate%252F1%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2689321&time=1646057107283&url=https%3A%2F%2Fdonate.redcross.ca%2Fpage%2F100227%2Fdonate%2F1&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2689321&time=1646057107283&url=https%3A%2F%2Fdonate.redcross.ca%2Fpage%2F100227%2Fdonate%2F1&cookiesTest=true&liSync=true&e_ipv6=AQJ2tqApHoHizAAAAX9ApjPNsLBVY1WA5EGoWhUxBtUE9PpKmxLUU86MBytnCvi3ls0TyL-i HTTP 302
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=28fe3317-036f-419d-83fe-0eb16b01b36c HTTP 302
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=28fe3317-036f-419d-83fe-0eb16b01b36c&_expected_cookie=6dc245ac3158732b3ad857442af7c8ba

Request Chain 73

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=7939222677145615786&Expiration=1647266708 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=7939222677145615786&Expiration=1647266708

Request Chain 76

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=7939222677145615786&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__ HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=7939222677145615786&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=21d31304bd744d4b9ffe0a459d8e4107 HTTP 307
https://c1.adform.net/serving/cookie/match?party=9&uid=400b5fcfeeff0c143d1171d046d0b36aabebd77de85b237d4f40c9d3d6e99c10

Request Chain 77

https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=7939222677145615786&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID HTTP 302
https://c1.adform.net/serving/cookie/match?party=10&cid=902079940044352974

Request Chain 78

https://pixel.advertising.com/ups/55944/sync?uid=7939222677145615786&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55944/sync?uid=7939222677145615786&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=7939222677145615786&_origin=1&apid=UP6fb0c355-989f-11ec-a566-0abbe81edb23

Request Chain 80

https://x.bidswitch.net/sync?dsp_id=70&user_id=7939222677145615786 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=7939222677145615786 HTTP 302
https://eb2.3lift.com/xuid?mid=2409&xuid=4f4bdd93-7264-417b-8a24-a64d88913f30&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2409&xuid=4f4bdd93-7264-417b-8a24-a64d88913f30&dongle=d3d3&gdpr=0&cmp_cs=&us_privacy=

Request Chain 81

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=7939222677145615786&expiration=1647266708 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=7939222677145615786&expiration=1647266708&C=1

Request Chain 82

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=7939222677145615786&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=7939222677145615786&sInitiator=external

Request Chain 83

https://ps.eyeota.net/match?uid=7939222677145615786&bid=9gdtmu1 HTTP 302
https://ps.eyeota.net/match/bounce/?uid=7939222677145615786&bid=9gdtmu1

Request Chain 86

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=7939222677145615786 HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=7939222677145615786

Request Chain 88

https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7939222677145615786 HTTP 302
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=7939222677145615786

Request Chain 89

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 90

https://pixel.onaudience.com/?mapped=7939222677145615786&partner=68 HTTP 302
https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
https://tags.bluekai.com/site/33141?&id=9b6236d8e9a329f1

Request Chain 92

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NzkzOTIyMjY3NzE0NTYxNTc4Ng HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECBw2HfwYjRslZC9RS0avFo&google_cver=1&google_ula=1641347,0

Request Chain 93

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=852964474137401761&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=7939222677145615786

Request Chain 97

https://a.audrte.com/a?adform_uid=7939222677145615786 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESEJfYClD_RQYvaYygoXQIMGM&google_cver=1 HTTP 302
https://ps.eyeota.net/match?bid=kh51m51&uid=ba9syeL0B-USeC2babLc72vMA&gdpr=0&gdpr_consent=

Request Chain 98

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=7939222677145615786&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=7939222677145615786&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=69396817622757705921350859102122899349&noredirect=1

Request Chain 99

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=7939222677145615786 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=163850504076008067646

Request Chain 100

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7069761446230489228

Request Chain 102

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D HTTP 302
https://c1.adform.net/serving/cookie/match?party=1066&cid=f55e621c-d694-4200-bb85-42e40adc3709

Request Chain 103

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=bnQfEtcJ1NoGEc5

Request Chain 104

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=5e922fe7-bc3b-4309-a87b-4c74f070f723

Request Chain 105

https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=7939222677145615786 HTTP 302
https://ib.mookie1.com/image.sbmx?go=302927&pid=567&xid=7939222677145615786

Request Chain 106

https://id5-sync.com/s/10/0.gif?puid=7939222677145615786 HTTP 302
https://id5-sync.com/c/10/10/2/1.gif?puid=7939222677145615786&gdpr=0&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/10/2/1/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/10/2/1/2.gif?puid=852964474137401761&gdpr=0&gdpr_consent= HTTP 302
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&domid=1033 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&gdpr_consent=&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&gdpr_consent=&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEFT6G0CJUiIUahvYZlwqBR0&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEFT6G0CJUiIUahvYZlwqBR0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&gdpr_consent=&gdpr=0&action=GET_ID&etid=&domid=1033 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=852964474137401761&opid=apx&ops=&utidl=tech:goo:CAESEFT6G0CJUiIUahvYZlwqBR0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&gdpr_consent=&gdpr=0&action=GET_ID&etid=&domid=1033 HTTP 303
https://id5-sync.com/qp/18.gif?puid=vec%3A25582254849&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&gdpr=0&gdpr_consent=

Request Chain 107

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 302
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=3466025044 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=e3FTm0JlbbuBmncMK8jv1O

Request Chain 109

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=7939222677145615786 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=7939222677145615786&cs=1

Request Chain 111

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=7939222677145615786&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=7939222677145615786&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=72fe70eb-34ec-488e-a67e-578bbb7eb792%252Chttps%253A%252F%252Fc1.adform.net%252Fserving%252Fcookie%252Fmatch%253Fparty%253D2007%2526cid%253D72fe70eb-34ec-488e-a67e-578bbb7eb792&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=5e922fe7-bc3b-4309-a87b-4c74f070f723&ttd_puid=72fe70eb-34ec-488e-a67e-578bbb7eb792%2Chttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D2007%26cid%3D72fe70eb-34ec-488e-a67e-578bbb7eb792 HTTP 302
https://c1.adform.net/serving/cookie/match?party=2007&cid=72fe70eb-34ec-488e-a67e-578bbb7eb792

123 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 1 Show response
donate.redcross.ca/page/100227/donate/
Redirect Chain

https://donate.redcross.ca/page/100227/donate/
https://donate.redcross.ca/page/100227/donate/1

46 KB
11 KB

83ms
82ms

Document
text/html

2606:4700::6810:c8f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.redcross.ca/page/100227/donate/1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:c8f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

083749c5b5ff36d6e2802f89c71dbd30f177465d1df21c04e289c3fbda2d8f3f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

date: Mon, 28 Feb 2022 14:05:05 GMT
content-type: text/html
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 6e4a34ad6f5b7151-YUL
content-encoding: br

Redirect headers

date: Mon, 28 Feb 2022 14:05:05 GMT
content-length: 0
location: https://donate.redcross.ca/page/100227/donate/1
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 6e4a34aceeb37151-YUL

GET
H/1.1 200
OK styles-main.css
phil-cdn-web.azurewebsites.net/engagingnetworks/css/ 34 KB
7 KB 372ms
38ms Stylesheet
text/css 40.86.230.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://phil-cdn-web.azurewebsites.net/engagingnetworks/css/styles-main.css
Requested by: Host: donate.redcross.ca
URL: https://donate.redcross.ca/page/100227/donate/1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.86.230.96 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b3a29df47435cf60d7ab7743ace9e6285ccb4f1093b403b8a76431aea2987ff0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 14:05:05 GMT
Content-Encoding: gzip
ETag: "8075b11de622d61:0"
Last-Modified: Tue, 05 May 2020 14:04:39 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 6596

GET
H/1.1 200
OK styles-main-appeal.css
phil-cdn-web.azurewebsites.net/engagingnetworks/css/ 3 KB
2 KB 362ms
29ms Stylesheet
text/css 40.86.230.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://phil-cdn-web.azurewebsites.net/engagingnetworks/css/styles-main-appeal.css
Requested by: Host: donate.redcross.ca
URL: https://donate.redcross.ca/page/100227/donate/1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.86.230.96 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: bc430ba6a5ccf078ad82a4c4d1e1d1a91086a0a817e7219c80381aaa087c6e92

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 14:05:05 GMT
Content-Encoding: gzip
ETag: "80b292c56b5d51:0"
Last-Modified: Wed, 18 Dec 2019 03:49:39 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 939

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 87ms
36ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600

Requested by

Host: donate.redcross.ca
URL: https://donate.redcross.ca/page/100227/donate/1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

315d85265aa0ac246b654a861960ead0d94ef1a58cf699fe81716d9bd604a619

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 12:31:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 28 Feb 2022 14:05:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Feb 2022 14:05:05 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 71ms
20ms Script
text/javascript 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: donate.redcross.ca
URL: https://donate.redcross.ca/page/100227/donate/1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 06:09:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114921
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Feb 2023 06:09:44 GMT

GET
H2 200 form-appeal-template.js Show response
philanthropy.cdn.redcross.ca/engagingnetworks/js/ 43 KB
9 KB 275ms
31ms Script
application/x-javascript 2600:141b:13::17d7:8262
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://philanthropy.cdn.redcross.ca/engagingnetworks/js/form-appeal-template.js?v=2021-06-02
Requested by: Host: donate.redcross.ca
URL: https://donate.redcross.ca/page/100227/donate/1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:8262 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d96b4a46439ecf983f79eb2cebdc9d0361cd57dab6b7ec427545a552a8517b58

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 14:05:05 GMT
content-encoding: gzip
etag: "0c4dafd2857d71:0"
last-modified: Tue, 01 Jun 2021 20:59:20 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
content-length: 9103

GET
H/1.1 200
OK jquery.visible.js Show response
sechosted.redcross.ca/unbounce/ 4 KB
2 KB 104ms
18ms Script
application/javascript 209.171.43.224
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://sechosted.redcross.ca/unbounce/jquery.visible.js

Requested by

Host: donate.redcross.ca
URL: https://donate.redcross.ca/page/100227/donate/1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.171.43.224 Ottawa, Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

ip224-43-171-209.toro1.na.psigh.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

abe469131b74f3a3b7806f859ecf26be924f5db29de5f57a7bf432186ac81e5c

Security Headers

Name	Value
Content-Security-Policy	"default-src 'self' ; img-src 'self' 'data' ; connect-src 'self' 'wss' ; report-uri https://report-uri.io/report/URL;"
Public-Key-Pins	pin-sha256="Lr/20+FES0d43hF/F80hiqMGCRs28/K1fD4GE4pxv1I="; pin-sha256="du6FkDdMcVQ3u8prumAo6t3i3G27uMP2EOhR8R0at/U="; pin-sha256="980Ionqp3wkYtN9SZVgMzuWQzJta1nfxNPwTem1X0uc="; max-age=2592000; includeSubDomains
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 14:05:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: ASP.NET
Strict-Transport-Security: max-age=157680000
Content-Length: 1123
X-Xss-Protection: 1; mode=block
Public-Key-Pins: pin-sha256="Lr/20+FES0d43hF/F80hiqMGCRs28/K1fD4GE4pxv1I="; pin-sha256="du6FkDdMcVQ3u8prumAo6t3i3G27uMP2EOhR8R0at/U="; pin-sha256="980Ionqp3wkYtN9SZVgMzuWQzJta1nfxNPwTem1X0uc="; max-age=2592000; includeSubDomains
Last-Modified: Fri, 21 Apr 2017 15:14:24 GMT
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
ETag: "0489ff5b1bad21:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Content-Security-Policy: "default-src 'self' ; img-src 'self' 'data' ; connect-src 'self' 'wss' ; report-uri https://report-uri.io/report/URL;"
Accept-Ranges: bytes

GET
H2 200 jquery.inputmask.bundle.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/3.2.6/ 104 KB
22 KB 45ms
18ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/3.2.6/jquery.inputmask.bundle.min.js

Requested by

Host: donate.redcross.ca
URL: https://donate.redcross.ca/page/100227/donate/1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a54c0f0abc017f802b8a68c2233d679d4a302a322b196116b4d03b015e66fec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 14:05:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2810007
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21791
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-1a19e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qd1ZfAZ58I8sgYQ5usi5XtaUcumt4GpMDrFhCJCeQh8M1bnyK7JPz6FgFp08bndRiGQIrqY3%2BIjx1DmKqyW2txpkCRuU4rIt1vCzdMLTav76crQMb1rNK87vZkXVZzXRVOxylkntE4PEuXgpAsGytNT7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e4a34ae3eae7156-YUL
expires: Sat, 18 Feb 2023 14:05:05 GMT

GET
H2 200 jquery.number.min.js Show response
cdnjs.cloudflare.com/ajax/libs/df-number-format/2.1.6/ 6 KB
2 KB 47ms
21ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/df-number-format/2.1.6/jquery.number.min.js

Requested by

Host: donate.redcross.ca
URL: https://donate.redcross.ca/page/100227/donate/1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e54682a356915c846c7e786b7afd6d7e4dcb5ab7e8d8a77f27d0f11e6dee540a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 14:05:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1069002
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2108
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:30 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e3a-188d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lZlbSvQ70TLq90sG8eQxPLctbEi3Ppwe11kgJDGC%2B%2BbU0e87zVAReRjZ3qS0dsA9A%2B%2BFX7VhiqnQZZeskEOr98rC0D%2BD3soE0y%2F6%2Fa2dQqCastMe42li0SmpsD6h%2B4nC4SizB3mSx9Qh2nB1kqCS3C4F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e4a34ae3eb07156-YUL
expires: Sat, 18 Feb 2023 14:05:05 GMT

GET
H2 200 imask.min.js Show response
cdnjs.cloudflare.com/ajax/libs/imask/3.4.0/ 45 KB
11 KB 46ms
19ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/imask/3.4.0/imask.min.js

Requested by

Host: donate.redcross.ca
URL: https://donate.redcross.ca/page/100227/donate/1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b76b3502583edddf22df0b9c6ee640053a2cdfeaa113ceff3ea9b61d1f6410d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 14:05:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7585742
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10899
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e9f-b217"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VKnjmKkuYpVSK6%2F2rybICIsMr7fkeRDRpRzJF9KKcDQ0rccSI6f%2Fh6CKvhS7QlcTBpMfM2L5YKdQEbyndvTlYTn4%2F9hguAbu3RCayVrNXH8aMPB3dsDTfl50iy8rC34mVTqHXdzSCbsuI8ZYYZ9CRC%2Bp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e4a34ae3eb17156-YUL
expires: Sat, 18 Feb 2023 14:05:05 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 48ms
21ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: donate.redcross.ca
URL: https://donate.redcross.ca/page/100227/donate/1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.redcross.ca/
Origin: https://donate.redcross.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 14:05:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 617, 617
age: 26878110
cdn-cachedat: 2021-03-10 13:26:27
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 3334bb0cc8b8ee94a9cc35a1d0d7c24f
cf-ray: 6e4a34ae3bb97148-YUL
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H2 200 all.js Show response
use.fontawesome.com/releases/v5.0.9/js/ 682 KB
247 KB 66ms
39ms Script
application/javascript 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.9/js/all.js
Requested by: Host: donate.redcross.ca
URL: https://donate.redcross.ca/page/100227/donate/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2fec0e2942f49dd3cad4650431d550d761f11dded17834d4835768c2ca730c0

Request headers

Referer: https://donate.redcross.ca/
Origin: https://donate.redcross.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 14:05:06 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20454988
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 693EXGMV4SA3ZVBN
x-amz-id-2: TSjYGeBCayWhrI9n2mFGAA+r3LwkpmPbsS9f1kgXMZGv1UhooPQmyqyz+kbyyvBoA0BM3XE6rjc=
last-modified: Wed, 30 Jun 2021 15:28:17 GMT
server: cloudflare
etag: W/"bffc6023835e717c0348c41583e56eba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dfDxrO6FZeH45kT5KttaS%2Bnu%2FjepLnMUZr2bGXTH6%2FO2glOSCETFvb1gqzPH7Wv%2BaYP1idERsDCEj%2BSowFY6a0UrqmIbZmgQX2%2BzN94YtJWVS4BXIqaYrWP2CrY09WEZqp4NRfLJlXGVgf7tLW5fjvGj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6e4a34b08ebb713c-YUL

GET
H2 200 537170380.js Show response
cdn.optimizely.com/js/ 356 KB
112 KB 105ms
44ms Script
text/javascript 2600:1400:d:488::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/537170380.js

Requested by

Host: donate.redcross.ca
URL: https://donate.redcross.ca/page/100227/donate/1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:488::13b8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0c4084d820cd3d44de01ed47895a376c284090091d70e11b1b9d5f95734c0455

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: ZDI3epEiGBTTat3wxOgIWAZw3g_nLnBQ
content-encoding: gzip
etag: "9849696848e11d83712fc322956b645d"
x-amz-request-id: 91S1R98394A68NNN
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 3001
x-amz-replication-status: PENDING
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="18";dur=0,cdnip;desc="2600:1400:d:488::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 114043
x-amz-id-2: UOnpZ4LLdKpf4OfMNhOLec2ImRdjhthMEsxj6lc525cCVCnZout6GrewYSfuh3ZHrrCTkfTwKXI=
last-modified: Fri, 31 Dec 2021 05:02:15 GMT
server: AmazonS3
date: Mon, 28 Feb 2022 14:05:05 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 enPage.css
donate.redcross.ca/pageassets/css/ 42 KB
9 KB 23ms
23ms Stylesheet
text/css 2606:4700::6810:c8f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.redcross.ca/pageassets/css/enPage.css?v=4.0.0

Requested by

Host: donate.redcross.ca
URL: https://donate.redcross.ca/page/100227/donate/1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:c8f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b14f2d91bbb2fe1172ea0dd32285ae83707e9f194900cf5f9bfc064d0b4a7e28

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/page/100227/donate/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 14:05:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 03 Feb 2022 14:15:28 GMT
server: cloudflare
age: 6983
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=1800
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=15552000; includeSubDomains
cf-ray: 6e4a34ae186d7151-YUL
expires: Mon, 28 Feb 2022 14:35:05 GMT

GET
H2 200 pagedata.js Show response
donate.redcross.ca/page/100227/ 11 KB
2 KB 81ms
80ms Script
text/javascript 2606:4700::6810:c8f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.redcross.ca/page/100227/pagedata.js?locale=en-CA&ea.profile.id=0

Requested by

Host: donate.redcross.ca
URL: https://donate.redcross.ca/page/100227/donate/1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:c8f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba3edd5c7b28ac12c593ad6269c147b6051cdd8d86b62e3dcc98fdf274b761b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/page/100227/donate/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 14:05:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: text/javascript
cf-ray: 6e4a34ae186f7151-YUL

GET
H2 200 enPage.js Show response
donate.redcross.ca/pageassets/js/ 166 KB
50 KB 40ms
40ms Script
application/javascript 2606:4700::6810:c8f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.redcross.ca/pageassets/js/enPage.js?v=4.0.0

Requested by

Host: donate.redcross.ca
URL: https://donate.redcross.ca/page/100227/donate/1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:c8f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08e82a4b3e2c8fdda7bb85a003b6aff2d41553188380b02077047e3ca284933c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/page/100227/donate/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 14:05:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 03 Feb 2022 14:15:28 GMT
server: cloudflare
age: 6983
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1800
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=15552000; includeSubDomains
cf-ray: 6e4a34ae18707151-YUL
expires: Mon, 28 Feb 2022 14:35:05 GMT

GET
H/1.1 200
OK Ukraine_donation+page.jpg
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1951/ 846 KB
847 KB 99ms
21ms Image
image/jpeg 23.52.161.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1951/Ukraine_donation+page.jpg?v=1645730543000
Requested by: Host: donate.redcross.ca
URL: https://donate.redcross.ca/page/100227/donate/1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.52.161.206 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-161-206.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 071026625b597e0ac09d3b7505a0dca502638a867303d3b3d4926f68955470a5

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 14:05:06 GMT
Last-Modified: Thu, 24 Feb 2022 19:52:13 GMT
X-Object-Meta-Enid: 1645732332696
ETag: 76e22149f4e1d1faa5d392d521ff664e
Content-Type: image/jpeg
X-Timestamp: 1645732332.89836
Cache-Control: public, max-age=641
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 866717
X-Trans-Id: tx3b1e3b198e08460db978c-00621c1171iad3
Expires: Mon, 28 Feb 2022 14:15:47 GMT

GET
H/1.1 200
OK visa-default.png
phil-cdn-web.azurewebsites.net/engagingnetworks/img/icons/cc/ 1 KB
2 KB 32ms
30ms Image
image/png 40.86.230.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phil-cdn-web.azurewebsites.net/engagingnetworks/img/icons/cc/visa-default.png
Requested by: Host: donate.redcross.ca
URL: https://donate.redcross.ca/page/100227/donate/1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.86.230.96 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5153aaa72206b8694ccb3dd3b071625c09f83c807aee46066299def6f3fd7798

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 14:05:05 GMT
Last-Modified: Wed, 18 Dec 2019 03:49:39 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "75e1ab2c56b5d51:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1306

GET
H/1.1 200
OK visa-active.png
phil-cdn-web.azurewebsites.net/engagingnetworks/img/icons/cc/ 1 KB
2 KB 31ms
29ms Image
image/png 40.86.230.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phil-cdn-web.azurewebsites.net/engagingnetworks/img/icons/cc/visa-active.png
Requested by: Host: donate.redcross.ca
URL: https://donate.redcross.ca/page/100227/donate/1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.86.230.96 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ec933a40fc3614824d2be2bc1a8250a6d7935d3b2cd428c5f25915ab27883a7b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 14:05:05 GMT
Last-Modified: Wed, 18 Dec 2019 03:49:39 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "977ea92c56b5d51:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1420

GET
H/1.1 200
OK mastercard-default.png
phil-cdn-web.azurewebsites.net/engagingnetworks/img/icons/cc/ 2 KB
2 KB 62ms
28ms Image
image/png 40.86.230.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phil-cdn-web.azurewebsites.net/engagingnetworks/img/icons/cc/mastercard-default.png
Requested by: Host: donate.redcross.ca
URL: https://donate.redcross.ca/page/100227/donate/1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.86.230.96 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2408fb2f22a5e5ecf62b81531023588996c3396d219800883408d81e0373fa53

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 14:05:05 GMT
Last-Modified: Wed, 18 Dec 2019 03:49:39 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "7e57a22c56b5d51:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1734

GET
H/1.1 200
OK mastercard-active.png
phil-cdn-web.azurewebsites.net/engagingnetworks/img/icons/cc/ 2 KB
2 KB 62ms
29ms Image
image/png 40.86.230.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phil-cdn-web.azurewebsites.net/engagingnetworks/img/icons/cc/mastercard-active.png
Requested by: Host: donate.redcross.ca
URL: https://donate.redcross.ca/page/100227/donate/1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.86.230.96 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7a780fa66e9a2fd586956043dbef0ffcdced445450279d66eb5e14715daf0d4a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 14:05:05 GMT
Last-Modified: Wed, 18 Dec 2019 03:49:39 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "13f59f2c56b5d51:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1700

GET
H/1.1 200
OK amex-default.png
phil-cdn-web.azurewebsites.net/engagingnetworks/img/icons/cc/ 1 KB
2 KB 89ms
29ms Image
image/png 40.86.230.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phil-cdn-web.azurewebsites.net/engagingnetworks/img/icons/cc/amex-default.png
Requested by: Host: donate.redcross.ca
URL: https://donate.redcross.ca/page/100227/donate/1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.86.230.96 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 609616cab12340fb5643b48fbf86cf0b70cf136500e832bdf70b4aa38d0da594

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 14:05:05 GMT
Last-Modified: Wed, 18 Dec 2019 03:49:39 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "13f59f2c56b5d51:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1359

GET
H/1.1 200
OK amex-active.png
phil-cdn-web.azurewebsites.net/engagingnetworks/img/icons/cc/ 1 KB
2 KB 92ms
28ms Image
image/png 40.86.230.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phil-cdn-web.azurewebsites.net/engagingnetworks/img/icons/cc/amex-active.png
Requested by: Host: donate.redcross.ca
URL: https://donate.redcross.ca/page/100227/donate/1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.86.230.96 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8a32f8c017eaecaf22f5daeb2b63e00262ed1444afecb8a618c27e10dc6d8db4

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 14:05:05 GMT
Last-Modified: Wed, 18 Dec 2019 03:49:39 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "9d939d2c56b5d51:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1503

GET
H2 200 email-decode.min.js Show response
donate.redcross.ca/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
825 B 13ms
13ms Script
application/javascript 2606:4700::6810:c8f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.redcross.ca/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: donate.redcross.ca
URL: https://donate.redcross.ca/page/100227/donate/1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:c8f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/page/100227/donate/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 14:05:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 23 Feb 2022 21:08:07 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"6216a237-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=172800, public
strict-transport-security: max-age=15552000; includeSubDomains
cf-ray: 6e4a34b05be77151-YUL
expires: Wed, 02 Mar 2022 14:05:05 GMT

GET
H/1.1 200
OK loading2.gif
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1951/ 5 KB
5 KB 97ms
19ms Image
image/gif 23.52.161.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1951/loading2.gif?v=1528315630000
Requested by: Host: donate.redcross.ca
URL: https://donate.redcross.ca/page/100227/donate/1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.52.161.206 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-161-206.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 65453c292217b13dc5d87139ff688e2c8f82b70db8f802c3243649df65fbcd2d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 14:05:06 GMT
Last-Modified: Wed, 06 Jun 2018 20:07:11 GMT
X-Object-Meta-Enid: 1528315629746
ETag: 72797db7759377a1f6573422f992aacb
Content-Type: image/gif
X-Timestamp: 1528315630.00168
Cache-Control: public, max-age=587
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4843
X-Trans-Id: tx4d27df2d60b04b4996b15-00621bf377iad3
Expires: Mon, 28 Feb 2022 14:14:53 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 338 KB
97 KB 84ms
36ms Script
application/javascript 2607:f8b0:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WHSKGB

Requested by

Host: donate.redcross.ca
URL: https://donate.redcross.ca/page/100227/donate/1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2008 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b8e55150ac12048d8bdfd8a07ce361853d0574dcc6fa28373c64a82ba735aeea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 14:05:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98470
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 28 Feb 2022 14:05:06 GMT

GET
H2 200 pagedata Show response
donate.redcross.ca/page/100227/donate/1/ 171 B
620 B 70ms
67ms XHR
application/json 2606:4700::6810:c8f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.redcross.ca/page/100227/donate/1/pagedata

Requested by

Host: donate.redcross.ca
URL: https://donate.redcross.ca/pageassets/js/enPage.js?v=4.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:c8f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3e15afb0bafcc6f3112ec53b425d0519107277f69e583f7d19ddff667a98901

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: application/json, text/javascript
Referer: https://donate.redcross.ca/page/100227/donate/1
X-Requested-With: XMLHttpRequest
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 28 Feb 2022 14:05:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/json
cf-ray: 6e4a34b12cdf7151-YUL

GET
H2 200 a280747077.html Show response
a280747077.cdn.optimizely.com/client_storage/ Frame E8E9 2 KB
1 KB 143ms
66ms Document
text/html 23.5.226.225
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a280747077.cdn.optimizely.com/client_storage/a280747077.html

Requested by

Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/537170380.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.5.226.225 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-5-226-225.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

297f3dba6fc020ee4c9a987aa372a452ce72b285d7f9a83d6f9f6206ed3eb809

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/

Response headers

x-amz-id-2: /vy6eGA5jrjdaUtCo0LkDbGBcxh7Xn2wDVqY6AGRi+CDBFrgekTJ2+YxhxUh083vN2eLcaV1vQM=
x-amz-request-id: QTJD62DJ1J2F4K17
x-amz-replication-status: PENDING
last-modified: Fri, 31 Dec 2021 05:02:05 GMT
etag: "5db7fa56ac1033fe369a5556cc3cad83"
x-amz-server-side-encryption: AES256
x-amz-meta-pci_enabled: False
content-encoding: gzip
x-amz-version-id: luGsu9q19_5IBt4prgHEjGEiZH8Fbw7P
accept-ranges: bytes
content-type: text/html; charset=utf-8
server: AmazonS3
content-length: 787
vary: Accept-Encoding
cache-control: max-age=120
date: Mon, 28 Feb 2022 14:05:06 GMT
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="17";dur=0,cdnip;desc="23.5.226.225";dur=0,cdnmap;desc="a4728.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 74ms
21ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://donate.redcross.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 13:43:38 GMT
x-content-type-options: nosniff
age: 174088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sun, 26 Feb 2023 13:43:38 GMT

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 19ms
18ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://donate.redcross.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 14:05:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 617, 617
age: 26875132
cdn-cachedat: 2021-04-23 06:30:10
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: a656152f0a81012885457a96938dd2ff
accept-ranges: bytes
cf-ray: 6e4a34b249807148-YUL
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 90 KB
35 KB 90ms
35ms Script
application/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=OPT-NXQQRSD

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHSKGB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ac82b890a40f6af46e240e8e06404df715a954f2180a9d5c8e1c0d86ab2e08a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 14:05:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35955
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 28 Feb 2022 14:05:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 67ms
19ms Script
text/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHSKGB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5047
date: Mon, 28 Feb 2022 12:40:59 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 28 Feb 2022 14:40:59 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 57ms
19ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: donate.redcross.ca
URL: https://donate.redcross.ca/page/100227/donate/1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: uF6xZeHFZBtUNTYbXWDvvda3cdJ7ytM87cS99F3+y+biFT0Hn2CqS5N5QRKivFP35JAzG4pE44ch71qE1Xgojw==
x-fb-trip-id: 1512268381
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 28 Feb 2022 14:05:06 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 79ms
34ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHSKGB
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 14:05:06 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 74771D2B3EAC4202A5F5DEBD713FB7AA Ref B: YTO01EDGE0816 Ref C: 2022-02-28T14:05:06Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11333

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 175 KB
64 KB 84ms
56ms Script
application/javascript 2607:f8b0:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-376D8LHM0R&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHSKGB

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2008 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f82ea87d7f2da059163ff8ec38b9665b007f081a38ead749313dfa4ba843d2fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 14:05:06 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65446
x-xss-protection: 0
expires: Mon, 28 Feb 2022 14:05:06 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 102ms
20ms Script
application/javascript 146.75.32.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHSKGB
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.32.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 14:05:06 GMT
content-encoding: gzip
last-modified: Sat, 05 Feb 2022 00:34:56 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kjyo7100084-IAD

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1006 B
792 B 94ms
19ms Script
application/x-javascript 2600:141b:13::17d7:82d0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHSKGB
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82d0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0055b9d0429e9c194b4aa6b5f49cbc2ec31a7220ee7c8c186a9ee951feabd482

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 14:05:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Feb 2022 18:48:07 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=11945
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 479

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
40 KB 58ms
35ms Script
application/javascript 2607:f8b0:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-984083230

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHSKGB

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2008 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a88d9934847e8c1dead752777f9f271b29eedf1b26949d86e1177f266dc8197e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 14:05:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40924
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 28 Feb 2022 14:05:06 GMT

GET
H2 200 / Show response
bf098b5490a14f9d86e99cc566def128.js.ubembed.com/ 482 B
760 B 47ms
10ms Script
application/json 151.101.129.131
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bf098b5490a14f9d86e99cc566def128.js.ubembed.com/
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHSKGB
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: dc0e5d1707b8ec12f120ea203af5ef231ed8b71ebded6325613a58198270c34c

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 14:05:06 GMT
content-encoding: br
x-backend-region: us_east_1
age: 7006
etag: 57c762bd3a62e3b6bc6a9457bae72f3c-v0.179.1
vary: Accept-Encoding, Referer
x-cache: Miss from cloudfront, HIT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
x-amz-cf-pop: YUL62-C1
accept-ranges: none
x-amz-apigw-id: OQIwOEiwIAMFhEw=

GET
H2 200 56dlrt3m9e Show response
www.clarity.ms/tag/ 615 B
995 B 298ms
142ms Script
application/x-javascript 2620:1ec:27::cafe:1841
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/56dlrt3m9e
Requested by: Host: donate.redcross.ca
URL: https://donate.redcross.ca/page/100227/donate/1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1841 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: ee558b4c2383ff532e2788af2f06f7b3c3e2229931fb891fa273e4cfc5ca730b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 14:05:05 GMT
x-powered-by: ASP.NET
x-azure-ref: 0ktYcYgAAAACc8YG1z7VQQaY2NGFacpaOWVZSMzBFREdFMDMxNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
content-length: 615
expires: -1

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 81 KB
29 KB 58ms
19ms Script
application/x-javascript 185.167.164.46
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: donate.redcross.ca
URL: https://donate.redcross.ca/page/100227/donate/1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.164.46 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 14:05:06 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 14:10:54 GMT
server: nginx
etag: W/"61f1566e-14282"
x-cache-status: HIT, EXPIRED, HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H3

200

activityi;dc_pre=CL3P8cjIovYCFeoHigMd9dkLtw;src=10474121;type=retar0;cat=crc-d0;ord=1318250752926;gtm=2wg2n0;auiddc=212352000.1646057106;~oref=https%3A%2F%2Fdonate.redcross.ca%2Fpage%2F100227%2Fdon... Show response
10474121.fls.doubleclick.net/ Frame ADE5
Redirect Chain

https://10474121.fls.doubleclick.net/activityi;src=10474121;type=retar0;cat=crc-d0;ord=1318250752926;gtm=2wg2n0;auiddc=212352000.1646057106;~oref=https%3A%2F%2Fdonate.redcross.ca%2Fpage%2F100227%2F...
https://10474121.fls.doubleclick.net/activityi;dc_pre=CL3P8cjIovYCFeoHigMd9dkLtw;src=10474121;type=retar0;cat=crc-d0;ord=1318250752926;gtm=2wg2n0;auiddc=212352000.1646057106;~oref=https%3A%2F%2Fdon...

509 B
420 B

72ms
45ms

Document
text/html

142.250.80.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10474121.fls.doubleclick.net/activityi;dc_pre=CL3P8cjIovYCFeoHigMd9dkLtw;src=10474121;type=retar0;cat=crc-d0;ord=1318250752926;gtm=2wg2n0;auiddc=212352000.1646057106;~oref=https%3A%2F%2Fdonate.redcross.ca%2Fpage%2F100227%2Fdonate%2F1?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHSKGB

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f6.1e100.net

Software

cafe /

Resource Hash

7534539536cb97fba91eecd43410e692bccd4c3361348cbd6bdc6f6c18720f73

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 28 Feb 2022 14:05:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 395
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 28 Feb 2022 14:05:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10474121.fls.doubleclick.net/activityi;dc_pre=CL3P8cjIovYCFeoHigMd9dkLtw;src=10474121;type=retar0;cat=crc-d0;ord=1318250752926;gtm=2wg2n0;auiddc=212352000.1646057106;~oref=https%3A%2F%2Fdonate.redcross.ca%2Fpage%2F100227%2Fdonate%2F1?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK pntlst-main.css
secure.pointillist.com/analytics/ 106 B
396 B 130ms
34ms Stylesheet
text/css 35.169.229.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.pointillist.com/analytics/pntlst-main.css

Requested by

Host: donate.redcross.ca
URL: https://donate.redcross.ca/page/100227/donate/1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.169.229.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-169-229-32.compute-1.amazonaws.com

Software

Pointillist /

Resource Hash

811bdac1feca25f94532db062c71e79097f075363ed7e120dfdd342885aca5e1

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 14:05:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Nov 2018 19:28:35 GMT
Server: Pointillist
ETag: "5bfeec63-66"
X-Frame-Options: DENY
Content-Type: text/css
Cache-Control: public, max-age=0
Connection: keep-alive
Content-Length: 102

GET
H/1.1 200
OK analytics.min.js Show response
secure.pointillist.com/analytics/ 106 KB
35 KB 156ms
60ms Script
application/javascript 35.169.229.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.pointillist.com/analytics/analytics.min.js

Requested by

Host: donate.redcross.ca
URL: https://donate.redcross.ca/page/100227/donate/1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.169.229.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-169-229-32.compute-1.amazonaws.com

Software

Pointillist /

Resource Hash

c80d481a27afd8c370d9cb01680d7749e5197e1b92bd3fe6ad96cc6398ca4d9f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 14:05:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Nov 2018 19:28:35 GMT
Server: Pointillist
ETag: "5bfeec63-8a8e"
X-Frame-Options: DENY
Content-Type: application/javascript
Cache-Control: public, max-age=0
Connection: keep-alive
Content-Length: 35470

GET
H/1.1 200
OK consumeable-redcross.js Show response
secure.pointillist.com/analytics/ 259 KB
28 KB 150ms
61ms Script
application/javascript 35.169.229.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.pointillist.com/analytics/consumeable-redcross.js

Requested by

Host: donate.redcross.ca
URL: https://donate.redcross.ca/page/100227/donate/1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.169.229.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-169-229-32.compute-1.amazonaws.com

Software

Pointillist /

Resource Hash

04ebfc7054f729404e7605aa39af6369d89b806efef4a3d93fbf208a483f130c

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 14:05:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 Mar 2021 20:39:56 GMT
Server: Pointillist
ETag: "6064de1c-70b0"
X-Frame-Options: DENY
Content-Type: application/javascript
Cache-Control: public, max-age=0
Connection: keep-alive
Content-Length: 28848

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
363 B 128ms
25ms XHR
text/plain 54.82.140.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/537170380.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.82.140.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-82-140-43.compute-1.amazonaws.com
Software: nginx/1.17.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://donate.redcross.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 28 Feb 2022 14:05:07 GMT
Server: nginx/1.17.2
Content-Type: text/plain
Access-Control-Allow-Origin: https://donate.redcross.ca
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: 14d7c5fe-ed03-49d9-9bac-135d32d4e065

GET
H/1.1 200
OK insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 20ms
20ms Script
application/x-javascript 2600:141b:13::17d7:82d0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82d0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 14:05:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Feb 2022 23:50:54 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=17914
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 48ms
20ms Script
text/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 14:02:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 185
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 28 Feb 2022 15:02:02 GMT

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.179.1/ 173 KB
47 KB 97ms
29ms Script
application/javascript 13.249.184.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.179.1/bundle.js
Requested by: Host: bf098b5490a14f9d86e99cc566def128.js.ubembed.com
URL: https://bf098b5490a14f9d86e99cc566def128.js.ubembed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.184.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-184-81.bos50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b1ccb8141195307117c737c7f49f99de131fb55290a5f4c1431cc74ca93119dc

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 19:43:51 GMT
content-encoding: gzip
last-modified: Fri, 30 Jul 2021 19:19:04 GMT
server: AmazonS3
age: 4645277
etag: W/"4d21402425377bf4a0f3a4f7ab8db2ad"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 da6ac7fe2ce4440b4aa52fe43d9dbf52.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: BOS50-C2
x-amz-cf-id: 26ly8FaaA5Voz_ox0BLdeVG94URioKICfGOEIJQ2l9SxNbw09RgS6w==

GET
H2

200

/ Show response
a2.adform.net/Serving/TrackPoint/
Redirect Chain

https://a2.adform.net/Serving/TrackPoint/?pm=2318615&ADFdivider=%7C&ord=599396010713&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fdonate.redcross.ca%2Fpage%2F100227%2Fdonate%2F1
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2318615&ADFdivider=%7C&ord=599396010713&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fdonate.redcross.ca%2Fpage%2F100227%2Fdona...

855 B
1 KB

20ms
19ms

Script
text/javascript

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2318615&ADFdivider=%7C&ord=599396010713&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fdonate.redcross.ca%2Fpage%2F100227%2Fdonate%2F1

Requested by

Host: donate.redcross.ca
URL: https://donate.redcross.ca/page/100227/donate/1

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8a6341c5b7812472b8c8713ad1d0fb0480f264556ff750a43f8d801782577b2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Feb 2022 14:05:07 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 691
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 28 Feb 2022 14:05:07 GMT
server: nginx
location: https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2318615&ADFdivider=%7C&ord=599396010713&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fdonate.redcross.ca%2Fpage%2F100227%2Fdonate%2F1
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H3 200 1839820762947010 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 42ms
20ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1839820762947010?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e0f19431575c4abfcb99693fc10b8a7333f0390a6d32bff7dfe732611bfeebb2

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89144
x-xss-protection: 0
pragma: public
x-fb-debug: utsqJg4zQqBHP+QW4WUXBwzcNbc4LlZxtnZtCNZrRX1dgW7TPMBDJgQL8Hb/r2pPmw/DSIwuq05KR3aDTob+1w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 28 Feb 2022 14:05:07 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H/1.1 200 events
mihistream.pointillist.com/ Frame 0
0 121ms
37ms Preflight 35.169.229.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mihistream.pointillist.com/events
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.229.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-229-32.compute-1.amazonaws.com
Software: Pointillist /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: apitoken
Origin: https://donate.redcross.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Mon, 28 Feb 2022 14:05:07 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Headers: Origin,Content-Type,Accept,apiToken
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE,HEAD
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Allow: GET, HEAD, POST, OPTIONS
Server: Pointillist

OPTIONS
H/1.1 200 events
mihistream.pointillist.com/ Frame 0
0 106ms
32ms Preflight 35.169.229.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mihistream.pointillist.com/events
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.229.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-229-32.compute-1.amazonaws.com
Software: Pointillist /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: apitoken
Origin: https://donate.redcross.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Mon, 28 Feb 2022 14:05:07 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Headers: Origin,Content-Type,Accept,apiToken
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE,HEAD
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Allow: GET, HEAD, POST, OPTIONS
Server: Pointillist

POST
H/1.1 200 events Show response
mihistream.pointillist.com/ 0
314 B 34ms
33ms XHR
text/plain 35.169.229.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mihistream.pointillist.com/events
Requested by: Host: secure.pointillist.com
URL: https://secure.pointillist.com/analytics/analytics.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.229.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-229-32.compute-1.amazonaws.com
Software: Pointillist /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json;charset=UTF-8
apiToken: 4d07e4c3-5b89-461f-b9a3-37aae778790e
Referer: https://donate.redcross.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

Date: Mon, 28 Feb 2022 14:05:07 GMT
Server: Pointillist
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE,HEAD
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Origin,Content-Type,Accept,apiToken
Content-Length: 0

POST
H/1.1 200 events Show response
mihistream.pointillist.com/ 0
314 B 36ms
35ms XHR
text/plain 35.169.229.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mihistream.pointillist.com/events
Requested by: Host: secure.pointillist.com
URL: https://secure.pointillist.com/analytics/analytics.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.229.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-229-32.compute-1.amazonaws.com
Software: Pointillist /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json;charset=UTF-8
apiToken: 4d07e4c3-5b89-461f-b9a3-37aae778790e
Referer: https://donate.redcross.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

Date: Mon, 28 Feb 2022 14:05:07 GMT
Server: Pointillist
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE,HEAD
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Origin,Content-Type,Accept,apiToken
Content-Length: 0

GET
H2 200 clarity.js Show response
d.clarity.ms/s/0.6.32/ 53 KB
23 KB 105ms
31ms Script
application/javascript 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/s/0.6.32/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/56dlrt3m9e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 14:05:06 GMT
content-encoding: br
etag: "1d8191fe855c690"
last-modified: Thu, 03 Feb 2022 17:03:04 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=46C64457862F487D97F0819DF3EC4BEF&RedC=c.clarity.ms&MXFR=04B312CEA5AE6DAC0FE30397A1AE6376
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=46C64457862F487D97F0819DF3EC4BEF&MUID=30AF93CE6FE26899371282976EC86975

42 B
466 B

31ms
31ms

Image
image/gif

20.36.253.92
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=46C64457862F487D97F0819DF3EC4BEF&MUID=30AF93CE6FE26899371282976EC86975
Requested by: Host: donate.redcross.ca
URL: https://donate.redcross.ca/page/100227/donate/1
Protocol: H2
Server: 20.36.253.92 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Feb 2022 14:05:07 GMT
last-modified: Fri, 18 Feb 2022 23:15:27 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "6afd196a1d25d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 28 Feb 2022 14:05:07 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 980AC1A355F947DDBD3690C239799602 Ref B: YTO01EDGE0816 Ref C: 2022-02-28T14:05:08Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=46C64457862F487D97F0819DF3EC4BEF&MUID=30AF93CE6FE26899371282976EC86975
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 38ms
38ms Ping
text/plain 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-376D8LHM0R&gtm=2oe2n0&_p=294624498&_z=ccd.B&ul=en&cid=237479286.1646057107&sr=1600x1200&_s=1&dl=%2Fpage%2F100227%2Fdonate%2F1%2Fyourgift&sid=1646057106&sct=1&seg=0&dt=Donate%20to%20the%20Ukraine%20Humanitarian%20Crisis%20Appeal%20-%20UHCA%20MWF%20Don&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-376D8LHM0R&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Feb 2022 14:05:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donate.redcross.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 185ms
135ms Script
text/javascript 142.250.64.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-984083230

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s30-in-f2.1e100.net

Software

cafe /

Resource Hash

cae0ae2d67aac89367108586ebd25e00afc5d0f8110e6eb71b8d274037f7a5d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 14:05:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14884
x-xss-protection: 0
server: cafe
etag: 16747055602125368176
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 28 Feb 2022 14:05:07 GMT

GET
H2 204 18003115.js Show response
bat.bing.com/p/action/ 0
112 B 205ms
205ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/18003115.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 28 Feb 2022 14:05:07 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5B628DE755DB481282D000B1CC90C903 Ref B: YTO01EDGE0816 Ref C: 2022-02-28T14:05:07Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
175 B 35ms
35ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=18003115&tm=gtm002&Ver=2&mid=98dc9f4c-312a-4bcf-bb20-12ae53e6d202&sid=6f15e7d0989f11ec8477db03821aa974&vid=6f161910989f11ecb226573d7d616587&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Donate%20to%20the%20Ukraine%20Humanitarian%20Crisis%20Appeal%20-%20UHCA%20MWF%20Don&p=https%3A%2F%2Fdonate.redcross.ca%2Fpage%2F100227%2Fdonate%2F1&r=&lt=800&evt=pageLoad&msclkid=N&sv=1&rn=600565
Requested by: Host: donate.redcross.ca
URL: https://donate.redcross.ca/page/100227/donate/1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Feb 2022 14:05:07 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2C8140CAB3E947E8AC414BC4CB1596B6 Ref B: YTO01EDGE0816 Ref C: 2022-02-28T14:05:07Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
457 B 114ms
41ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o7u51&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=fe318372-0430-4983-b726-ac61b109c748&tw_document_href=https%3A%2F%2Fdonate.redcross.ca%2Fpage%2F100227%2Fdonate%2F1&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time: 6
date: Mon, 28 Feb 2022 14:05:06 GMT
content-encoding: gzip
server: tsa_b
strict-transport-security: max-age=631138519
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 6c2bed3ac10e6cffdeaa52b587f8cd76d48e062067cf44866761acd0b494a2e6
content-type: application/javascript;charset=utf-8
content-length: 57

GET
H2 200 adsct
t.co/i/ 43 B
335 B 164ms
52ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o7u51&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=fe318372-0430-4983-b726-ac61b109c748&tw_document_href=https%3A%2F%2Fdonate.redcross.ca%2Fpage%2F100227%2Fdonate%2F1

Requested by

Host: donate.redcross.ca
URL: https://donate.redcross.ca/page/100227/donate/1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time: 7
date: Mon, 28 Feb 2022 14:05:07 GMT
server: tsa_b
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: ea06e249159863c7c050228538dfca1236a68c1804fac70c353072d1dc085aea
content-length: 43

GET
H2 200 dc_pre=CL3P8cjIovYCFeoHigMd9dkLtw;src=10474121;type=retar0;cat=crc-d0;ord=1318250752926;gtm=2wg2n0;auiddc=212352000.1646057106;~oref=https%3A%2F%2Fdonate.redcross.ca%2Fpage%2F100227%2Fdonate%2F1 Show response
adservice.google.com/ddm/fls/i/ Frame 8E6F 508 B
863 B 138ms
83ms Document
text/html 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CL3P8cjIovYCFeoHigMd9dkLtw;src=10474121;type=retar0;cat=crc-d0;ord=1318250752926;gtm=2wg2n0;auiddc=212352000.1646057106;~oref=https%3A%2F%2Fdonate.redcross.ca%2Fpage%2F100227%2Fdonate%2F1

Requested by

Host: 10474121.fls.doubleclick.net
URL: https://10474121.fls.doubleclick.net/activityi;dc_pre=CL3P8cjIovYCFeoHigMd9dkLtw;src=10474121;type=retar0;cat=crc-d0;ord=1318250752926;gtm=2wg2n0;auiddc=212352000.1646057106;~oref=https%3A%2F%2Fdonate.redcross.ca%2Fpage%2F100227%2Fdonate%2F1?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16c31cebb0f22a45ef17f73f1c6e992e2e6360f007f063b677e591fdb46a39b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://10474121.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 28 Feb 2022 14:05:07 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 394
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

/
p.adsymptotic.com/d/px/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2689321&time=1646057107283&url=https%3A%2F%2Fdonate.redcross.ca%2Fpage%2F100227%2Fdonate%2F1
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2689321&time=1646057107283&url=https%3A%2F%2Fdonate.redcross.ca%2Fpage%2F100227%2Fdonate%2F1&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2689321%26time%3D1646057107283%26url%3Dhttps%253A%252F%252Fdonate.redcross.ca%252...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2689321&time=1646057107283&url=https%3A%2F%2Fdonate.redcross.ca%2Fpage%2F100227%2Fdonate%2F1&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2689321&time=1646057107283&url=https%3A%2F%2Fdonate.redcross.ca%2Fpage%2F100227%2Fdonate%2F1&cookiesTest=true&liSync=true&e_ipv6=AQJ2tqApHoHizAAA...
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=28fe3317-036f-419d-83fe-0eb16b01b36c
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=28fe3317-036f-419d-83fe-0eb16b01b36c&_expected_cookie=6dc245ac3158732b3ad85744...

43 B
142 B

52ms
52ms

Image
image/gif

104.18.98.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=28fe3317-036f-419d-83fe-0eb16b01b36c&_expected_cookie=6dc245ac3158732b3ad857442af7c8ba
Requested by: Host: donate.redcross.ca
URL: https://donate.redcross.ca/page/100227/donate/1
Protocol: H2
Server: 104.18.98.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 14:05:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6e4a34c158995443-YYZ
p3p: CP='NON DSP COR CONi OUR BUS CNT'
content-type: image/gif
content-length: 43

Redirect headers

location: https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=28fe3317-036f-419d-83fe-0eb16b01b36c&_expected_cookie=6dc245ac3158732b3ad857442af7c8ba
date: Mon, 28 Feb 2022 14:05:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6e4a34c10fef5443-YYZ
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
440 B 127ms
53ms XHR
text/plain 2607:f8b0:4023:1407::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-817860-6&cid=237479286.1646057107&jid=542308155&gjid=513057764&_gid=1733496088.1646057107&_u=aGBAiUAjRAAAAE~&z=789275939

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1407::9a Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.redcross.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 28 Feb 2022 14:05:08 GMT
content-type: text/plain
access-control-allow-origin: https://donate.redcross.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
20ms Image
image/gif 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=294624498&t=pageview&_s=1&dl=https%3A%2F%2Fdonate.redcross.ca%2Fpage%2F100227%2Fdonate%2F1&ul=en-us&de=UTF-8&dt=Donate%20to%20the%20Ukraine%20Humanitarian%20Crisis%20Appeal%20-%20UHCA%20MWF%20Don&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAiUAjR~&jid=542308155&gjid=513057764&cid=237479286.1646057107&tid=UA-817860-6&_gid=1733496088.1646057107&gtm=2wg2n0WHSKGB&cd4=Abandoned&cd6=en&cd15=no&cd17=&cd12=237479286.1646057107&z=1846710966

Requested by

Host: donate.redcross.ca
URL: https://donate.redcross.ca/page/100227/donate/1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Feb 2022 00:16:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49721
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
21ms Image
image/gif 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=294624498&t=pageview&_s=1&dl=%2Fpage%2F100227%2Fdonate%2F1%2Fyourgift&ul=en-us&de=UTF-8&dt=Donate%20to%20the%20Ukraine%20Humanitarian%20Crisis%20Appeal%20-%20UHCA%20MWF%20Don&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiUAjRAAAAE~&jid=&gjid=&cid=237479286.1646057107&tid=UA-817860-6&_gid=1733496088.1646057107&gtm=2wg2n0WHSKGB&cd4=Abandoned&cd6=en&cd12=237479286.1646057107&cd1=UA%20Pageview%20-%20VPV%20-%20Transaction%20Pages&z=1902533485

Requested by

Host: donate.redcross.ca
URL: https://donate.redcross.ca/page/100227/donate/1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Feb 2022 00:16:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49721
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
406 B 62ms
19ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1839820762947010&ev=PageView&dl=https%3A%2F%2Fdonate.redcross.ca%2Fpage%2F100227%2Fdonate%2F1&rl=&if=false&ts=1646057108096&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1646057108095.519035472&it=1646057107135&coo=false&exp=p1&rqm=GET

Requested by

Host: donate.redcross.ca
URL: https://donate.redcross.ca/page/100227/donate/1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 14:05:08 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 28 Feb 2022 14:05:08 GMT

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame 895B 5 KB
2 KB 58ms
19ms Document
text/html 185.167.164.42
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159

Requested by

Host: a2.adform.net
URL: https://a2.adform.net/Serving/TrackPoint/?pm=2318615&ADFdivider=%7C&ord=599396010713&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fdonate.redcross.ca%2Fpage%2F100227%2Fdonate%2F1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.42 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

d4e39ad5436ac92b21ddfcff063f9ba134dd4659d623dcba6c6f8a7c8a00a27a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/

Response headers

server: nginx
date: Mon, 28 Feb 2022 14:05:08 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip

GET
H2 200 /
a1.seadform.net/serving/cookie/sync/ 35 B
344 B 195ms
18ms Image
image/gif 185.167.164.43
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a1.seadform.net/serving/cookie/sync/?uid=7939222677145615786&stamp=islGVnezbZQDvP-67D9Y4w2

Requested by

Host: donate.redcross.ca
URL: https://donate.redcross.ca/page/100227/donate/1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 28 Feb 2022 14:05:08 GMT
cache-control: private
server: nginx
content-type: image/gif
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/984083230/ 2 KB
2 KB 113ms
56ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/984083230/?random=1646057108148&cv=9&fst=1646057108148&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2n0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdonate.redcross.ca%2Fpage%2F100227%2Fdonate%2F1&tiba=Donate%20to%20the%20Ukraine%20Humanitarian%20Crisis%20Appeal%20-%20UHCA%20MWF%20Don&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c520636b80fc2f1373d536ede92e227614897978ffc07dc60db4928f331804f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Feb 2022 14:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1077
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CL3P8cjIovYCFeoHigMd9dkLtw;src=10474121;type=retar0;cat=crc-d0;ord=1318250752926;gtm=2wg2n0;auiddc=212352000.1646057106;~oref=https%3A%2F%2Fdonate.redcross.ca%2Fpage%2F100227%2Fdonate%2F1 Show response
adservice.google.ca/ddm/fls/i/ Frame 869F 194 B
870 B 159ms
83ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/ddm/fls/i/dc_pre=CL3P8cjIovYCFeoHigMd9dkLtw;src=10474121;type=retar0;cat=crc-d0;ord=1318250752926;gtm=2wg2n0;auiddc=212352000.1646057106;~oref=https%3A%2F%2Fdonate.redcross.ca%2Fpage%2F100227%2Fdonate%2F1

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CL3P8cjIovYCFeoHigMd9dkLtw;src=10474121;type=retar0;cat=crc-d0;ord=1318250752926;gtm=2wg2n0;auiddc=212352000.1646057106;~oref=https%3A%2F%2Fdonate.redcross.ca%2Fpage%2F100227%2Fdonate%2F1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 28 Feb 2022 14:05:08 GMT
expires: Mon, 28 Feb 2022 14:05:08 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 plf
c1.adform.net/imatch/ Frame 895B 0
261 B 18ms
17ms Image
text/plain 185.167.164.42
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.42 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 14:05:08 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 895B
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=7939222677145615786&Expiration=1647266708
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=7939222677145615786&Expiration=1647266708

43 B
424 B

28ms
27ms

Image
image/gif

3.224.164.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=7939222677145615786&Expiration=1647266708
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159
Protocol: H2
Server: 3.224.164.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-164-141.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 28 Feb 2022 14:05:08 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=7939222677145615786&Expiration=1647266708
date: Mon, 28 Feb 2022 14:05:08 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 895B 0
522 B 149ms
98ms Image
text/plain 23.3.124.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=4879&ext_id=7939222677145615786

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.3.124.187 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-3-124-187.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Feb 2022 14:05:08 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Sun, 27 Feb 2022 14:05:08 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 895B 0
663 B 108ms
25ms Image
text/plain 8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5253&puid=7939222677145615786
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: ab995a74221271a8dc253760ec78ee1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 895B
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=7939222677145615786&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=7939222677145615786&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=21d31304bd744d4b9...
https://c1.adform.net/serving/cookie/match?party=9&uid=400b5fcfeeff0c143d1171d046d0b36aabebd77de85b237d4f40c9d3d6e99c10

35 B
468 B

18ms
18ms

Image
image/gif

185.167.164.42
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=9&uid=400b5fcfeeff0c143d1171d046d0b36aabebd77de85b237d4f40c9d3d6e99c10

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159

Protocol

Server

185.167.164.42 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Feb 2022 14:05:08 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=9&uid=400b5fcfeeff0c143d1171d046d0b36aabebd77de85b237d4f40c9d3d6e99c10
date: Mon, 28 Feb 2022 14:05:08 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 895B
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=7939222677145615786&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
https://c1.adform.net/serving/cookie/match?party=10&cid=902079940044352974

35 B
468 B

20ms
19ms

Image
image/gif

185.167.164.42
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=10&cid=902079940044352974

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159

Protocol

Server

185.167.164.42 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Feb 2022 14:05:08 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=10&cid=902079940044352974
pragma: no-cache
date: Mon, 28 Feb 2022 14:05:08 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET

sync
ups.analytics.yahoo.com/ups/55944/ Frame 895B
Redirect Chain

https://pixel.advertising.com/ups/55944/sync?uid=7939222677145615786&_origin=1
https://pixel.advertising.com/ups/55944/sync?uid=7939222677145615786&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/55944/sync?uid=7939222677145615786&_origin=1&apid=UP6fb0c355-989f-11ec-a566-0abbe81edb23

0
0

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame 895B 43 B
672 B 297ms
19ms Image
image/gif 63.251.28.219
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=7939222677145615786
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 63.251.28.219 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Feb 2022 14:05:08 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1646057108445091-139

GET
H2

200

xuid
eb2.3lift.com/ Frame 895B
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=70&user_id=7939222677145615786
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=7939222677145615786
https://eb2.3lift.com/xuid?mid=2409&xuid=4f4bdd93-7264-417b-8a24-a64d88913f30&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
https://eb2.3lift.com/xuid?ld=1&mid=2409&xuid=4f4bdd93-7264-417b-8a24-a64d88913f30&dongle=d3d3&gdpr=0&cmp_cs=&us_privacy=

37 B
355 B

28ms
28ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2409&xuid=4f4bdd93-7264-417b-8a24-a64d88913f30&dongle=d3d3&gdpr=0&cmp_cs=&us_privacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159
Protocol: H2
Server: 52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 14:05:08 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=2409&xuid=4f4bdd93-7264-417b-8a24-a64d88913f30&dongle=d3d3&gdpr=0&cmp_cs=&us_privacy=
date: Mon, 28 Feb 2022 14:05:08 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 895B
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=7939222677145615786&expiration=1647266708
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=7939222677145615786&expiration=1647266708&C=1

43 B
1004 B

33ms
32ms

Image
image/gif

23.52.162.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=7939222677145615786&expiration=1647266708&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159
Protocol: HTTP/1.1
Server: 23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Feb 2022 14:05:08 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 28 Feb 2022 14:05:08 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 28 Feb 2022 14:05:08 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=7939222677145615786&expiration=1647266708&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 309
Expires: Mon, 28 Feb 2022 14:05:08 GMT

GET
H/1.1

200
OK

info2
uipglob.semasio.net/adform/1/ Frame 895B
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=7939222677145615786&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=7939222677145615786&sInitiator=external

42 B
604 B

32ms
32ms

Image
image/gif

50.57.31.206
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=7939222677145615786&sInitiator=external
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159
Protocol: HTTP/1.1
Server: 50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Feb 2022 14:05:08 GMT
Frontend-ID: 10
P3P: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Access-Control-Allow-Origin: *
UIP-Response-Status: Ok
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type: image/gif
Content-Length: 42
Routing-Server-ID: -1
Expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 28 Feb 2022 14:05:08 GMT
Frontend-ID: 14
Location: /adform/1/info2?sType=sync&sExtCookieId=7939222677145615786&sInitiator=external
P3P: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Access-Control-Allow-Origin: *
UIP-Response-Status: Ok
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Length: 0
Routing-Server-ID: -1
Expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

/
ps.eyeota.net/match/bounce/ Frame 895B
Redirect Chain

https://ps.eyeota.net/match?uid=7939222677145615786&bid=9gdtmu1
https://ps.eyeota.net/match/bounce/?uid=7939222677145615786&bid=9gdtmu1

70 B
440 B

24ms
24ms

Image
image/gif

3.233.22.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match/bounce/?uid=7939222677145615786&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159
Protocol: HTTP/1.1
Server: 3.233.22.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-22-19.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 14:05:08 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /match/bounce/?uid=7939222677145615786&bid=9gdtmu1
Date: Mon, 28 Feb 2022 14:05:08 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 204 /
loadm.exelator.com/load/ Frame 895B 0
324 B 79ms
24ms Image
text/plain 34.229.3.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=7939222677145615786
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.229.3.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-229-3-43.compute-1.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 14:05:08 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2 400 398366.gif
idsync.rlcdn.com/ Frame 895B 0
0 67ms
42ms Image
text/plain 35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/398366.gif?partner_uid=7939222677145615786
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2

200

tpid=7939222677145615786
sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/ Frame 895B
Redirect Chain

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=7939222677145615786
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=7939222677145615786

49 B
545 B

36ms
36ms

Image
image/gif

18.233.240.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=7939222677145615786
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159
Protocol: H2
Server: 18.233.240.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-240-143.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Feb 2022 14:05:08 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.40.234
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 28 Feb 2022 14:05:08 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=7939222677145615786
cache-control: no-cache
x-server: 10.40.45.178
content-length: 0
expires: 0

GET
H/1.1 200
OK 29729
tags.bluekai.com/site/ Frame 895B 62 B
587 B 141ms
83ms Image
image/gif 23.209.184.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=7939222677145615786
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.209.184.224 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-209-184-224.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 14:05:08 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame 895B
Redirect Chain

https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7939222677145615786
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=7939222677145615786

43 B
61 B

49ms
35ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=7939222677145615786
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Feb 2022 14:05:08 GMT
via: 1.1 google
server: OXGW/17.1.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=7939222677145615786
date: Mon, 28 Feb 2022 14:05:08 GMT
via: 1.1 google
server: OXGW/17.1.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame 895B
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

413ms
106ms

Image
image/gif

52.218.106.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159
Protocol: HTTP/1.1
Server: 52.218.106.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 14:05:10 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: ZC63XKVQR2GAN9BD
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: mEO+stq/vDmkSJRUlCiEz+gzNZiGx3vzR4ivWQl4u/TgeE+LOsVO8nsHjSrSctYifoq+WdsjQeY=

Redirect headers

X-Error-Reason: Missing UserId
Date: Mon, 28 Feb 2022 14:05:08 GMT
Server: akka-http/10.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 137

GET
H/1.1

200
OK

33141
tags.bluekai.com/site/ Frame 895B
Redirect Chain

https://pixel.onaudience.com/?mapped=7939222677145615786&partner=68
https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
https://tags.bluekai.com/site/33141?&id=9b6236d8e9a329f1

62 B
583 B

118ms
81ms

Image
image/gif

23.209.184.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33141?&id=9b6236d8e9a329f1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159
Protocol: HTTP/1.1
Server: 23.209.184.224 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-209-184-224.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 14:05:08 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/33141?&id=9b6236d8e9a329f1
content-length: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 895B 0
338 B 73ms
23ms Image
text/plain 52.204.93.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=7939222677145615786
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.93.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-93-102.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 14:05:08 GMT
cache-control: private, no-cache, no-store
x-request-time: D=36 t=1646057108
x-served-by: beacon-n011-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame 895B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NzkzOTIyMjY3NzE0NTYxNTc4Ng
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECBw2HfwYjRslZC9RS0avFo&google_cver=1&google_ula=1641347,0

35 B
468 B

18ms
18ms

Image
image/gif

185.167.164.42
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECBw2HfwYjRslZC9RS0avFo&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159

Protocol

Server

185.167.164.42 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Feb 2022 14:05:08 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 28 Feb 2022 14:05:08 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECBw2HfwYjRslZC9RS0avFo&google_cver=1&google_ula=1641347,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
secure.adnxs.com/ Frame 895B
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1
https://c1.adform.net/serving/cookie/match?party=3&id=852964474137401761&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=7939222677145615786

43 B
995 B

25ms
25ms

Image
image/gif

68.67.179.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=7939222677145615786

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159

Protocol

HTTP/1.1

Server

68.67.179.91 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Feb 2022 14:05:08 GMT
X-Proxy-Origin: 149.56.153.183; 149.56.153.183; 576.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: ce3b7fde-4f5e-47c1-9d35-8fc50a9881d3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Feb 2022 14:05:08 GMT
server: nginx
location: https://secure.adnxs.com/setuid?entity=91&code=7939222677145615786
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 plf
c1.adform.net/imatch/ Frame 895B 0
261 B 23ms
18ms Image
text/plain 185.167.164.42
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.42 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 14:05:08 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 895B 42 B
545 B 60ms
19ms Image
image/gif 104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7939222677145615786
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 14:05:08 GMT
cache-control: no-store, no-cache, private
x-lat: njrpug002:0:436
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame 895B 43 B
444 B 108ms
27ms Image
image/gif 13.35.73.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.73.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-73-57.bos50.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 27 Feb 2022 20:04:46 GMT
Via: 1.1 3ab520e9829594afd161e678c0434f7a.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.18.0
Age: 64822
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
X-Amz-Cf-Pop: BOS50-C1
Content-Length: 43
X-Amz-Cf-Id: _OnOnGMQpUUd-FOX79OYKZ2vnNYEQ807YGicm_4I48ZKCbPVPO2Hjw==

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 895B
Redirect Chain

https://a.audrte.com/a?adform_uid=7939222677145615786
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESEJfYClD_RQYvaYygoXQIMGM&google_cver=1
https://ps.eyeota.net/match?bid=kh51m51&uid=ba9syeL0B-USeC2babLc72vMA&gdpr=0&gdpr_consent=

70 B
440 B

24ms
24ms

Image
image/gif

3.233.22.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=kh51m51&uid=ba9syeL0B-USeC2babLc72vMA&gdpr=0&gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159
Protocol: HTTP/1.1
Server: 3.233.22.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-22-19.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 14:05:08 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date: Mon, 28 Feb 2022 14:05:08 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Location: https://ps.eyeota.net/match?bid=kh51m51&uid=ba9syeL0B-USeC2babLc72vMA&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 895B
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=7939222677145615786&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=7939222677145615786&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
https://c1.adform.net/serving/cookie/match?party=1007&cid=69396817622757705921350859102122899349&noredirect=1

35 B
468 B

19ms
19ms

Image
image/gif

185.167.164.42
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=69396817622757705921350859102122899349&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159

Protocol

Server

185.167.164.42 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Feb 2022 14:05:09 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

DCS: dcs-prod-usw2-2-v025-08da844be.edge-usw2.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Tb23rZVFQcs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://c1.adform.net/serving/cookie/match?party=1007&cid=69396817622757705921350859102122899349&noredirect=1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 895B
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=7939222677145615786
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=163850504076008067646

35 B
468 B

19ms
18ms

Image
image/gif

185.167.164.42
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=163850504076008067646

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159

Protocol

Server

185.167.164.42 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Feb 2022 14:05:08 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 28 Feb 2022 14:05:08 GMT
via: 1.1 44ff34c350a3caf3ee6c495fff64077a.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: BOS50-C3
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=163850504076008067646
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id: 6b9RhApf5xcPSlyyIdtLVKCe5SEJXzbiGhi4B9whE_NwQ0fLCcKSkg==
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 895B
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7069761446230489228

35 B
468 B

32ms
32ms

Image
image/gif

185.167.164.42
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7069761446230489228

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159

Protocol

Server

185.167.164.42 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Feb 2022 14:05:08 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7069761446230489228
Date: Mon, 28 Feb 2022 14:05:08 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1 200
OK 33302
tags.bluekai.com/site/ Frame 895B 62 B
587 B 106ms
105ms Image
image/gif 23.209.184.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=7939222677145615786
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.209.184.224 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-209-184-224.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 14:05:08 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 895B
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D
https://c1.adform.net/serving/cookie/match?party=1066&cid=f55e621c-d694-4200-bb85-42e40adc3709

35 B
468 B

18ms
18ms

Image
image/gif

185.167.164.42
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1066&cid=f55e621c-d694-4200-bb85-42e40adc3709

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159

Protocol

Server

185.167.164.42 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Feb 2022 14:05:08 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Date: Mon, 28 Feb 2022 14:05:08 GMT
Server: MT3 4172 645ee8c master iad-pixel-x10 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://c1.adform.net/serving/cookie/match?party=1066&cid=f55e621c-d694-4200-bb85-42e40adc3709
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Mon, 28 Feb 2022 14:05:07 GMT

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 895B
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=bnQfEtcJ1NoGEc5

35 B
468 B

19ms
19ms

Image
image/gif

185.167.164.42
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=bnQfEtcJ1NoGEc5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159

Protocol

Server

185.167.164.42 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Feb 2022 14:05:08 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Mon, 28 Feb 2022 14:05:08 GMT
Server: PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-0129ed93b0f66b107@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=bnQfEtcJ1NoGEc5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 895B
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=5e922fe7-bc3b-4309-a87b-4c74f070f723

35 B
468 B

20ms
20ms

Image
image/gif

185.167.164.42
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=5e922fe7-bc3b-4309-a87b-4c74f070f723

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159

Protocol

Server

185.167.164.42 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Feb 2022 14:05:08 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 28 Feb 2022 14:05:08 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=5e922fe7-bc3b-4309-a87b-4c74f070f723
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 225

GET
H/1.1

200
OK

image.sbmx
ib.mookie1.com/ Frame 895B
Redirect Chain

https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=7939222677145615786
https://ib.mookie1.com/image.sbmx?go=302927&pid=567&xid=7939222677145615786

0
421 B

400ms
83ms

Image
image/png

64.58.232.177
ASN-VINS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.mookie1.com/image.sbmx?go=302927&pid=567&xid=7939222677145615786
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159
Protocol: HTTP/1.1
Server: 64.58.232.177 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS: be31-199.crrt01.las04.flexential.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Feb 2022 14:05:09 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
p3p: CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
X-Server: LAS07
Content-Type: image/png
Content-Length: 0
Expires: -1

Redirect headers

Date: Mon, 28 Feb 2022 14:05:08 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Location: https://ib.mookie1.com:443/image.sbmx?go=302927&pid=567&xid=7939222677145615786
p3p: CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin: *
Cache-Control: private
X-Server: LAS09
Content-Type: text/html; charset=utf-8
Content-Length: 204

GET
H/1.1

200

18.gif
id5-sync.com/qp/ Frame 895B
Redirect Chain

https://id5-sync.com/s/10/0.gif?puid=7939222677145615786
https://id5-sync.com/c/10/10/2/1.gif?puid=7939222677145615786&gdpr=0&gdpr_consent=
https://ib.adnxs.com/getuid?https://id5-sync.com/c/10/2/1/2.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/10/2/1/2.gif?puid=852964474137401761&gdpr=0&gdpr_consent=
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg
https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&domid=1033
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&gdpr_consent=&gdpr=0&action=GET_ID...
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&gdpr_consent=&gdpr=0&action=GET_ID&opid...
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEFT6G0CJUiIUahvYZlwqBR0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0Rv...
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=852964474137401761&opid=apx&ops=&utidl=tech:goo:CAESEFT6G0CJUiIUahvYZlwqBR0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aW...
https://id5-sync.com/qp/18.gif?puid=vec%3A25582254849&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&gdpr=0&gdpr_consent=

43 B
1 KB

111ms
110ms

Image
image/gif

51.89.7.205
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/qp/18.gif?puid=vec%3A25582254849&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&gdpr=0&gdpr_consent=

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159

Protocol

HTTP/1.1

Server

51.89.7.205 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

p28.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 14:05:09 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

location: https://id5-sync.com/qp/18.gif?puid=vec%3A25582254849&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&gdpr=0&gdpr_consent=
date: Mon, 28 Feb 2022 14:05:10 GMT
content-length: 0
strict-transport-security: max-age=63072000;includeSubDomains;preload

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 895B
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=3466025044
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=e3FTm0JlbbuBmncMK8jv1O

35 B
468 B

22ms
21ms

Image
image/gif

185.167.164.42
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=e3FTm0JlbbuBmncMK8jv1O

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159

Protocol

Server

185.167.164.42 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Feb 2022 14:05:09 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 28 Feb 2022 14:05:08 GMT
via: 1.1 google
last-modified: Mon, 28 Feb 2022 14:05:08 GMT
server: nginx/1.18.0
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=e3FTm0JlbbuBmncMK8jv1O
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 895B 23 B
287 B 101ms
44ms Image
image/gif 96.6.28.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=7939222677145615786
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.6.28.96 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-6-28-96.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Feb 2022 14:05:08 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 28 Feb 2022 14:05:08 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame 895B
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=7939222677145615786
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=7939222677145615786&cs=1

35 B
378 B

112ms
111ms

Image
image/gif

88.99.214.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=7939222677145615786&cs=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159
Protocol: H2
Server: 88.99.214.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-99-214-77.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 14:05:09 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=7939222677145615786&cs=1
date: Mon, 28 Feb 2022 14:05:09 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2 204 /
s.ad.smaato.net/c/ Frame 895B 0
239 B 93ms
30ms Image
text/plain 2600:9000:2105:5200:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=7939222677145615786
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2105:5200:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 14:05:08 GMT
via: 1.1 5d90b9fb6ab804caa33b8aa5260094e8.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: BOS50-C3
x-amz-cf-id: bfXtg8d1wOMhcUmicyaNcUIRO07t4gOerhhfARQPdWhF_MpbagKsBw==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 895B
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=7939222677145615786&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DE...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=7939222677145615786&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=72fe70eb-34ec-488e-a67e-578bbb7eb792%252Chttps%253A%252F%252Fc1.adform.net%252Fserving%252Fcookie%252Fmatch%253Fparty%253...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=5e922fe7-bc3b-4309-a87b-4c74f070f723&ttd_puid=72fe70eb-34ec-488e-a67e-578bbb7eb792%2Chttps%3A%2F%2Fc1.adform.net%2Fservin...
https://c1.adform.net/serving/cookie/match?party=2007&cid=72fe70eb-34ec-488e-a67e-578bbb7eb792

35 B
468 B

18ms
18ms

Image
image/gif

185.167.164.42
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=2007&cid=72fe70eb-34ec-488e-a67e-578bbb7eb792

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159

Protocol

Server

185.167.164.42 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Feb 2022 14:05:09 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=2007&cid=72fe70eb-34ec-488e-a67e-578bbb7eb792
date: Mon, 28 Feb 2022 14:05:09 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 200 7939222677145615786
match.contentexchange.me/adform/ Frame 895B 0
49 B 385ms
128ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/7939222677145615786?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 14:05:09 GMT
content-length: 0
server: nginx/1.16.1

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame 895B 43 B
109 B 125ms
51ms Image
image/gif 52.200.119.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=16974&user_id=7939222677145615786
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.200.119.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-200-119-241.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 14:05:09 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 895B 37 B
355 B 27ms
26ms Image
image/gif 52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7354&xuid=7939222677145615786&dongle=AD20
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 14:05:08 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 put
e1.emxdgt.com/ Frame 895B 43 B
120 B 118ms
28ms Image
image/gif 54.234.88.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d52&uid=7939222677145615786
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.234.88.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-88-163.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 14:05:08 GMT
content-length: 43
x-nosync: emp
content-type: image/gif

GET
H2 200 plf
c1.adform.net/imatch/ Frame 895B 0
261 B 21ms
19ms Image
text/plain 185.167.164.42
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.42 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=7939222677145615786&agencyId=7384&advertiserId=2090653&src=tp&rnd=524159
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 14:05:08 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

POST
H2 204 collect Show response
d.clarity.ms/ 0
94 B 59ms
58ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: d.clarity.ms
URL: https://d.clarity.ms/s/0.6.32/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://donate.redcross.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: https://donate.redcross.ca
date: Mon, 28 Feb 2022 14:05:07 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 /
www.google.com/pagead/1p-user-list/984083230/ 42 B
548 B 101ms
47ms Image
image/gif 2607:f8b0:4006:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/984083230/?random=1646057108148&cv=9&fst=1646056800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2n0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdonate.redcross.ca%2Fpage%2F100227%2Fdonate%2F1&tiba=Donate%20to%20the%20Ukraine%20Humanitarian%20Crisis%20Appeal%20-%20UHCA%20MWF%20Don&async=1&fmt=3&is_vtc=1&random=1652987802&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: donate.redcross.ca
URL: https://donate.redcross.ca/page/100227/donate/1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2004 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Feb 2022 14:05:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/984083230/ 42 B
548 B 97ms
44ms Image
image/gif 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/984083230/?random=1646057108148&cv=9&fst=1646056800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2n0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdonate.redcross.ca%2Fpage%2F100227%2Fdonate%2F1&tiba=Donate%20to%20the%20Ukraine%20Humanitarian%20Crisis%20Appeal%20-%20UHCA%20MWF%20Don&async=1&fmt=3&is_vtc=1&random=1652987802&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: donate.redcross.ca
URL: https://donate.redcross.ca/page/100227/donate/1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Feb 2022 14:05:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 41ms
19ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1839820762947010&ev=Microdata&dl=https%3A%2F%2Fdonate.redcross.ca%2Fpage%2F100227%2Fdonate%2F1&rl=&if=false&ts=1646057108600&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Donate%20to%20the%20Ukraine%20Humanitarian%20Crisis%20Appeal%20-%20UHCA%20MWF%20Don%22%2C%22meta%3Adescription%22%3A%22Your%20donation%20goes%20where%20it%20is%20needed%20most.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Donate%20to%20the%20Ukraine%20Humanitarian%20Crisis%20Appeal%22%2C%22og%3Adescription%22%3A%22Your%20donation%20goes%20where%20it%20is%20needed%20most.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Faaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com%2F1951%2FUkraine_donation%2Bpage.jpg%3Fv%3D1645730543000%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fdonate.redcross.ca%2Fpage%2F100227%2Fdonate%2F1%3Flocale%3Den-CA%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.52&r=stable&ec=1&o=30&fbp=fb.1.1646057108095.519035472&it=1646057107135&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Requested by

Host: donate.redcross.ca
URL: https://donate.redcross.ca/page/100227/donate/1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 14:05:08 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 28 Feb 2022 14:05:08 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 33ms
33ms Ping
text/plain 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-376D8LHM0R&gtm=2oe2n0&_p=294624498&_z=ccd.B&ul=en&cid=237479286.1646057107&sr=1600x1200&_s=2&sid=1646057106&sct=1&seg=1&dl=https%3A%2F%2Fdonate.redcross.ca%2Fpage%2F100227%2Fdonate%2F1&dt=Donate%20to%20the%20Ukraine%20Humanitarian%20Crisis%20Appeal%20-%20UHCA%20MWF%20Don&en=page_view&_et=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-376D8LHM0R&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://donate.redcross.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Feb 2022 14:05:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donate.redcross.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ups.analytics.yahoo.com
URL: https://ups.analytics.yahoo.com/ups/55944/sync?uid=7939222677145615786&_origin=1&apid=UP6fb0c355-989f-11ec-a566-0abbe81edb23

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

124 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
donate.redcross.ca/page	1969-12-31 23:59:59	Name: JSESSIONID Value: kYsRmikVNBiSK38oMDjuVSVyrWJQ4FY2RrW9Khmu.cac1-prd-web3
.redcross.ca/page	1970-01-20 01:14:20	Name: en_sessionId Value: ee1b3ad3c03f42f7adcd79e2afc87308-cac1-prd-web3
.phil-cdn-web.azurewebsites.net/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 4cd3828ef171ec932669c1ad4c996a11463e338647e085b727290ba1c07cdab1
.redcross.ca/	1970-01-20 05:33:29	Name: optimizelyEndUserId Value: oeu1646057106045r0.6164087297219458
donate.redcross.ca/	1970-01-20 01:24:21	Name: AWSALB Value: MPvOtlxXoCG2ZQBk/nRKhR3L6EBHzif4NPWALq8I7W5ojnYznuWGYuNMstg4NqBK1hLHcubfLGPY53w7O448ws/Ss5tbBx0mcTFyqUFXgK/4XVLPlvaUKTlodMrS
donate.redcross.ca/	1970-01-20 01:24:21	Name: AWSALBCORS Value: MPvOtlxXoCG2ZQBk/nRKhR3L6EBHzif4NPWALq8I7W5ojnYznuWGYuNMstg4NqBK1hLHcubfLGPY53w7O448ws/Ss5tbBx0mcTFyqUFXgK/4XVLPlvaUKTlodMrS
.redcross.ca/	1970-01-20 03:23:53	Name: _gcl_au Value: 1.1.212352000.1646057106
.bing.com/	1970-01-20 10:35:53	Name: MUID Value: 30AF93CE6FE26899371282976EC86975
.bat.bing.com/	1970-01-20 01:24:21	Name: MR Value: 0
www.clarity.ms/	1970-01-20 09:59:53	Name: CLID Value: b92f40142c884296804559ce5e278442.20220228.20230228
.redcross.ca/	1970-01-24 01:35:53	Name: temp_pointillist_cookie_id Value: 8ea85303-ba63-4a05-b7d9-cccc125245d5
.redcross.ca/	1970-01-23 16:50:17	Name: _pointillist_cookie_id Value: ccaa49d7-21e5-4c48-9554-2fe0d6058e6e
.redcross.ca/	1969-12-31 23:59:59	Name: _pointillist_traffic_source Value:
.redcross.ca/	1969-12-31 23:59:59	Name: _pointillist_landing_page Value: https://donate.redcross.ca/page/100227/donate/1
.redcross.ca/	1970-01-20 01:14:18	Name: _pointillist_session_id Value: 9123b578-088e-4ad9-bdbd-e96e71a02d06
donate.redcross.ca/	1969-12-31 23:59:59	Name: _pointillist_referring_url Value:
.redcross.ca/	1969-12-31 23:59:59	Name: _pointillist_current_domain Value: https://donate.redcross.ca/page/100227/donate/1
.adform.net/	1970-01-20 01:54:32	Name: C Value: 1
.redcross.ca/	1970-01-20 01:15:43	Name: _gid Value: GA1.2.1733496088.1646057107
.redcross.ca/	1970-01-20 18:45:29	Name: _ga_376D8LHM0R Value: GS1.1.1646057106.1.1.1646057107.0
.redcross.ca/	1970-01-20 01:15:43	Name: _uetsid Value: 6f15e7d0989f11ec8477db03821aa974
.redcross.ca/	1970-01-20 10:35:53	Name: _uetvid Value: 6f161910989f11ecb226573d7d616587
.adform.net/	1970-01-20 02:40:41	Name: uid Value: 7939222677145615786
.adform.net/	1970-01-20 01:15:43	Name: CM Value: 1\|1
.twitter.com/	1970-01-20 18:45:29	Name: personalization_id Value: "v1_xawimLftINpXLkfvJID8CA=="
.linkedin.com/	1970-01-20 03:23:53	Name: li_sugr Value: 28fe3317-036f-419d-83fe-0eb16b01b36c
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 18:46:10	Name: bcookie Value: "v=2&0a369fe8-67ef-4919-85cd-348f78e7613b"
.t.co/	1970-01-20 18:45:29	Name: muc_ads Value: 0bb268bd-f226-4528-8eb3-ff67baf440b0
.redcross.ca/	1970-01-20 01:14:17	Name: _dc_gtm_UA-817860-6 Value: 1
.redcross.ca/	1970-01-20 18:45:29	Name: _ga Value: GA1.2.237479286.1646057107
.donate.redcross.ca/	1970-01-20 18:45:29	Name: _ga Value: GA1.3.237479286.1646057107
.donate.redcross.ca/	1970-01-20 01:15:43	Name: _gid Value: GA1.3.1733496088.1646057107
.c.bing.com/	1970-01-20 01:24:21	Name: MR Value: 0
.c.bing.com/	1970-01-20 10:35:53	Name: SRM_B Value: 30AF93CE6FE26899371282976EC86975
.redcross.ca/	1970-01-20 03:23:53	Name: _fbp Value: fb.1.1646057108095.519035472
.redcross.ca/	1970-01-20 09:59:53	Name: _clck Value: 143xvr1\|1\|ezd\|0
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 10:35:53	Name: MUID Value: 30AF93CE6FE26899371282976EC86975
.c.clarity.ms/	1970-01-20 01:24:21	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 01:14:17	Name: ANONCHK Value: 0
.facebook.com/	1970-01-20 03:23:53	Name: fr Value: 0PW8i54j2f6IlkV3x..BiHNaU...1.0.BiHNaU.
.linkedin.com/	1970-01-20 01:57:29	Name: UserMatchHistory Value: AQK05E35NoNkwgAAAX9ApjKTAR_kHObPKfpbd_wZRAbhAnsvU1zItAQfj-ABwlx-xQCYr08E0NfUxw
.linkedin.com/	1970-01-20 01:57:29	Name: AnalyticsSyncHistory Value: AQL79Oz3lLyJngAAAX9ApjKTq7LjYipMjz43XG5lw-IZ2tYJxvzpHr6CFq7hAnmkPJN-VXCGjjQc-QcINUV-RQ
.adform.net/	1970-01-20 01:34:26	Name: CM14 Value: 1646143508_1646057108_1_Hu7u4e4e4e7u7u4REREeERERERHhEQ
.doubleclick.net/	1970-01-20 18:45:29	Name: IDE Value: AHWqTUkb_tU_oPnwRti4SFD1S0yjIE8UMc4mtNJRCY6KlsyoQqCS0LoFkJUaObGs
.360yield.com/	1970-01-20 03:23:53	Name: tuuid Value: 78a17057-9195-43cf-801e-0f4b41ad82f8
.360yield.com/	1970-01-20 03:23:53	Name: tuuid_lu Value: 1646057108
.advertising.com/	1970-01-20 10:01:19	Name: APID Value: UP6fb0c355-989f-11ec-a566-0abbe81edb23
.redcross.ca/	1970-01-20 01:15:43	Name: _clsk Value: 1hretuh\|1646057108284\|1\|1\|d.clarity.ms/collect
.casalemedia.com/	1970-01-20 09:59:53	Name: CMID Value: YhzWlIhsCZzUffKqNHkQmwAA
.casalemedia.com/	1970-01-20 03:23:53	Name: CMPS Value: 465
.seadform.net/	1970-01-20 02:40:37	Name: uid Value: 7939222677145615786
.rubiconproject.com/	1970-01-20 09:59:53	Name: khaos Value: L06RWHFN-U-EOE6
.rubiconproject.com/	1970-01-20 09:59:53	Name: audit Value: 1\|4WbmlxjadocQtdcTgcGaMiS86oWrk3s7ptp8h3oL563WaDs14xzbSE08vuB08OGSMLsFCcZ2+5zyUhTWCqUS/KD7UwfComeT75y3iFXPeQQJ+duWP/5g16no/tgOC4PUfY0V14FIbwMO0IUNKolgwaZr5ZVxLWDe
.360yield.com/	1970-01-20 03:23:53	Name: um Value: !42,4qLkPa64ZDyMfIMwareKjoudzgf0hvuDUgqZ0ZiFF5xL,1647266708
.360yield.com/	1970-01-20 03:23:53	Name: umeh Value: !42,0,1708265108,-1
.bidswitch.net/	1970-01-20 09:59:53	Name: tuuid Value: 4f4bdd93-7264-417b-8a24-a64d88913f30
.bidswitch.net/	1970-01-20 09:59:53	Name: c Value: 1646057108
.bidswitch.net/	1970-01-20 09:59:53	Name: tuuid_lu Value: 1646057108
.casalemedia.com/	1970-01-20 03:23:53	Name: CMPRO Value: 996
.casalemedia.com/	1970-01-20 09:59:53	Name: CMRUM3 Value: 6f621cd69427607939222677145615786
.casalemedia.com/	1970-01-20 01:15:43	Name: CMST Value: YhzWlGIc1pQA
.yieldlab.net/	1970-01-20 09:59:53	Name: id Value: 2407761f-14a4-49bb-ae5d-3188015b283e
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.www.linkedin.com/	1970-01-20 18:46:10	Name: bscookie Value: "v=1&2022022814050822880d6b-0fa1-4e9f-81bc-c4d3e6c6bf12AQFFchFhbI5Jnp2uCA_XEoNkHrMJR39m"
.smartadserver.com/	1970-01-20 10:40:12	Name: pid Value: 902079940044352974
.smartadserver.com/	1970-01-20 10:40:12	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 10:40:12	Name: csync Value: 22:7939222677145615786
.eyeota.net/	1970-01-20 09:59:53	Name: mako_uid Value: 17f40a633b1-42990000010a517f
.eyeota.net/	1970-01-20 01:14:17	Name: SERVERID Value: 20863~DM
.3lift.com/	1970-01-20 03:23:53	Name: tluid Value: 3164144999033065738659
.semasio.net/	1970-01-20 09:59:53	Name: SEUNCY Value: A2746DAF60922021
.openx.net/	1970-01-20 09:59:53	Name: i Value: 6056d725-c327-4256-9c4b-59fc110838ed\|1646057108
.onaudience.com/	1970-01-20 09:59:53	Name: cookie Value: 5ae3011b922e738d
.onaudience.com/	1970-01-20 01:15:43	Name: done_redirects109 Value: 1
ads.stickyadstv.com/	1970-01-20 02:40:41	Name: uid-bp-617 Value: 7939222677145615786
ads.stickyadstv.com/	1970-01-20 01:57:29	Name: UID Value: 9e5312ef6e4474d4cd309c56d2fecaa
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: 9c63b8bb367266a2649d991c2f48a65a
.adscale.de/	1970-01-20 09:56:33	Name: uu Value: 21d31304bd744d4b9ffe0a459d8e4107
.adscale.de/	1970-01-20 09:56:33	Name: cct Value: 1646057108458
.krxd.net/	1970-01-20 05:33:29	Name: _kuid_ Value: OsIwch3q
.linkedin.com/	1970-01-20 01:15:43	Name: lidc Value: "b=VGST01:s=V:r=V:a=V:p=V:g=2551:u=1:x=1:i=1646057108:t=1646143508:v=2:sig=AQHAzk-KFUbqCJIDHbaHTX5z6BeDQ9Ea"
.adnxs.com/	1970-01-20 03:23:53	Name: uuid2 Value: 852964474137401761
.pubmatic.com/	1970-01-20 01:57:29	Name: KRTBCOOKIE_391 Value: 22924-7939222677145615786&KRTB&23263-7939222677145615786
.pubmatic.com/	1970-01-20 01:57:29	Name: PugT Value: 1646057108
.pubmatic.com/	1970-01-20 03:23:53	Name: PUBMDCID Value: 2
.crwdcntrl.net/	1970-01-20 07:43:05	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 07:43:05	Name: _cc_id Value: a3f27414568afda85df934f38a062267
.ih.adscale.de/	1970-01-20 09:56:33	Name: tu Value: 4#3741974789#42~7939222677145615786~457238~0~0
.adnxs.com/	1970-01-20 03:23:53	Name: anj Value: dTM7k!M4/YD>6NRF']wIg2GVIk!G(r!]tbPl1M66+q([OUf#$x_+-WJSi[goXt$g>XwKWZVHB(uX0uo:3If)y3KL9D3I?+ZnAWqi
.audrte.com/	1970-01-20 01:35:53	Name: arcki2 Value: ba9syeL0B-USeC2babLc72vMA!20210804!1646057108647
.audrte.com/	1970-01-20 01:35:53	Name: arcki2_adform Value: 7939222677145615786!20210804!1646057108647
.audrte.com/	1970-01-20 01:24:21	Name: arcki2_TTT Value: 1646057108648!ba9syeL0B-USeC2babLc72vMA!H4sIAAAAAAAAAB2Wy4qtNw6FH8Zjgy3LFw0PJIEQ0g2h6bltWe//CPn+GtWmtrclLa2Ly3jSfN/s8iy3ODub1J2Pteu9uUQ9aY6ldcXN6z3N7c7IpnvnHT2eTZMtO9l066KSZ30jq23JtmfJzfT4vW/5m6meItH1ZtF9sr7q2V6UrD6i1Rv9hKU2ZMTYmt+7/L4dzyda5DmMy3x7M0m/fvv/r9/++O8/f+dRs5SqUiTJtYhSRp7v9Nx6fXnXs/Kp28bpJe5dSbzF1Ttz9Eujaj0vodBcOuYqdUi5SV6/y67k+4ZlPa9zyTq5LDvLGftET1cKUxXPVwfTmJS8Znn0LfXwr3CfadwRb6yXtRjlRHvePTRrSK+3lnK2pvUEROVSyRn5jeCmPvOz2FVirVgn+XUZfkY+U1rWHS2v1nceo9526j3gmaKOyQSb7zVyO0vyLmxNxuVq2dv6TZfiY4Tl8LZoXC3biAMEsTebPV4tzbXkzTLpZHGoO1uXfnNtauFyaqNcjf1e6S3fqDXr2CXDgpaLyimjl/fmTKoe5TTlJhBVhUn26G7002W/K4NyO6q3ck4ezQGrMp0Fw25I2KVMl33Tu0+mt52Lt8kh5rRSgF2ZxE5f2z09qwXiat6bmjo3C65awKFuP4y0lqXXz25WV+YiDr0Hnf0GjTedvTGDRDpVIRY91dJqhpfOnatBry5rm9JMJBYE/4LdBogqK6Kn1aFXBYF9zig79QXr69J8Gog355JTXTNy8HGkF2iefKk+QM92vumuSV6Hm+zqnh4fnJas60QYnl/bgXA6d67ec18F4vrcdcLMcdaWCUvGhVQuiHEeyy9cn64WRRcQ0IfpyNLCgaDA8aEUfneWOlttUpIMXb5PzfcCu46+2CJsf7t0vvhgfOlVW4oWMphSs+ECm37y83rG4bsBmFUfnIEqW5wiKAeqDA7tC83HmPWOdNwriopcH7tBLZW1oVAvw+bWXpag4M4SP5wbv/oUjFq8gMMoYx2R1mZLe619RWCZrU9Xh552OXmPKL5VPyWn0areoFPb7AYXOnlFt7xGf8H65qo3sZ/5NqRGNhwyqxjGgQVi9vpYFz0mbrl77pmZAz8LdHkapLh25noerwxJ9BfLDNLOh1p+3LawpUU9g/97iqc5XZ2PeYa1j08Tt10VydwGg7RF76m8TjEIFDaBYOoHazN8mz+nymisBfHzyaGKQQAdj90NYB1i0q55Y51pWWDtHMKi4XCdkE6BnVDQM730SzkvCK8jlOpC4wWw8G3c1e6NcCwMMKPTkDUUfB6N93bhAyPiwPtbjZ06k1hRnXhmr6OxQMR5VHe+4264tO4K7PDc2r2xsQvRFf7j4zIzB3TNEyDxcN/hJvA1vsBqX+rYmJ5l9m4LxTN9alh13fcgqXE/f8J61tgftqttUUxjpXtPs8UeYrWH+xbskBjJFZHDlHP93KS3jYJn5/42zMRIQXzW3KMd40PHXNPjtBSs7fp4n/Wwu3AK8+1cHt5hQbWjd+Ckz+4XC4eegsZilIoP2aJ7Gn/kIfI4F4Vrq4P0BVvdjhJOwfZ20hVUrw15fCGKfedTPt2922/oGKftBJvYOq6ywjExPJIFD9Tir1k/REuUpITMsFIBBlKp4HSn1QkY5y2Vu7gkobZHrOAFP4kQWNPpiBPTeH3pNJBO5SIdAhdJftmyXbjJeDuUeW6xaxYtLehUWRG6E+zQCPs9f5INuUyIelsHzC7v2spsu4MThoHLgIOtGEwHyXuCMpgnPyWSyLv1CaGSMlGnTyN4SZP053/+/vXPX7//D5agFl4KhY2ljq2iDiHRhGfN5gG0P/+qLaBNJ5iOJCKvFFz4c+JvDx1D2vuBsy2BbwR9IbvwWx/0L9hMwyfwIl5JpU1/NeI8H2TXHtvJ427f4+ShptWht8UMTKBukuALk/n8Y8Ra6Doqki6c3HdLFEjGcEh2ln0i8NfP3ePBsu/5Rq4x8v2AgUCr3AXV6PlzShuM8IFNYBNIc/bBRpWPL+hJv+RVcTQk3IlmeBPBjT0ersUMzEFiHVg2lBSsgRpNG48p/UkcjB3wUHPfF117kKfySQ5ruVW89lFTYU5gkwxdWZY9Qnl+Jgcrcf9aYRMRMAtQsPF2IVC9qNGD6k8KTJ5KOCaMAR2zLCyedyvc+w693Pv7LEtbqz2xKOjGk2R+7xZejri/v6+6Hw2471rTYdWk6PlYitfgLhgS9MWOPl7P4J2V5McM64VgvMrUyREChWesTKqt+Lb5L/sQtvVLCwAA
.adsymptotic.com/	1970-01-20 03:23:53	Name: U Value: 6dc245ac3158732b3ad857442af7c8ba
.mathtag.com/	1970-01-20 10:40:12	Name: uuid Value: f55e621c-d694-4200-bb85-42e40adc3709
.adsrvr.org/	1970-01-20 09:59:53	Name: TDID Value: 5e922fe7-bc3b-4309-a87b-4c74f070f723
.w55c.net/	1970-01-20 10:40:12	Name: wfivefivec Value: bnQfEtcJ1NoGEc5
.agkn.com/	1970-01-20 09:59:53	Name: ab Value: 0001%3A%2FpG6xPXWqWujhzgtG0d8FgWKtkBojaCP
.w55c.net/	1970-01-20 01:57:29	Name: matchadform Value: 5
.audrte.com/	1970-01-20 01:35:53	Name: arcki2_ddp Value: CAESEJfYClD_RQYvaYygoXQIMGM!20210804!1646057108756
.teads.tv/	1970-01-20 09:58:26	Name: tt_viewer Value: 4aae4d7f-0538-4041-87ed-7f043a71e31f
.weborama.fr/	1970-01-20 10:45:57	Name: AFFICHE_W Value: H60ckjglTsgf38
.adfarm1.adition.com/	1970-01-20 03:23:53	Name: UserID1 Value: 7069761446230489228
.tapad.com/	1970-01-20 02:40:41	Name: TapAd_TS Value: 1646057108926
.tapad.com/	1970-01-20 02:40:41	Name: TapAd_DID Value: 72fe70eb-34ec-488e-a67e-578bbb7eb792
.demdex.net/	1970-01-20 05:33:29	Name: demdex Value: 69396817622757705921350859102122899349
.adsrvr.org/	1970-01-20 09:59:53	Name: TDCPM Value: CAESFAoFdGFwYWQSCwjs_vPJq7O9OhAFGAEgASgCMgsI7Pb29sGzvToQBTgBWgV0YXBhZGAC
.dpm.demdex.net/	1970-01-20 05:33:29	Name: dpm Value: 69396817622757705921350859102122899349
global.ib-ibi.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 0a3dlzafahfxrrafjdths3mb
.tapad.com/	1970-01-20 02:40:41	Name: TapAd_3WAY_SYNCS Value: 1!1430
.1dmp.io/	1970-01-20 09:59:53	Name: uid Value: 702b4a30-989f-11ec-9752-901b0e8d9836
.id5-sync.com/	1970-01-20 01:14:17	Name: cf Value:
.id5-sync.com/	1970-01-20 01:14:17	Name: cip Value:
.id5-sync.com/	1970-01-20 01:14:17	Name: cnac Value:
.id5-sync.com/	1970-01-20 01:14:17	Name: car Value:
.id5-sync.com/	1970-01-20 01:14:17	Name: gdpr Value:
.id5-sync.com/	1970-01-20 01:14:17	Name: callback Value:
.id5-sync.com/	1970-01-20 03:23:53	Name: id5 Value: 710c1640-b4b4-43d2-930f-c2bba23c65a8#1646057109090#2
ib.mookie1.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: tm4b1h0hpg5otm2rynuxsl1b
.mediarithmics.com/	1970-01-20 09:59:53	Name: mics_vid Value: 25582254849
.mediarithmics.com/	1970-01-20 09:59:53	Name: mics_uaid Value: web:1:252c1378-9145-4359-b224-7ae7d6a6770c
.mediarithmics.com/	1970-01-20 09:59:53	Name: mics_lts Value: 1646057110044
.id5-sync.com/	1970-01-20 03:23:53	Name: 3pi Value: 2#1646057109361#-757552061#852964474137401761\|18#1646057110161#1126686130\|10#1646057109191#1694480289#7939222677145615786

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHSKGB(Line 50) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://idsync.rlcdn.com/398366.gif?partner_uid=7939222677145615786 Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10474121.fls.doubleclick.net
a.audrte.com
a1.seadform.net
a2.adform.net
a280747077.cdn.optimizely.com
aa.agkn.com
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com
ad.360yield.com
ad.yieldlab.net
ads.stickyadstv.com
adservice.google.ca
adservice.google.com
ajax.googleapis.com
analytics.twitter.com
api.adrtx.net
assets.ubembed.com
bat.bing.com
beacon.krxd.net
bf098b5490a14f9d86e99cc566def128.js.ubembed.com
bpi.rtactivate.com
c.bing.com
c.clarity.ms
c1.adform.net
cdn.optimizely.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
cookie-matching.mediarithmics.com
d.clarity.ms
dmp.adform.net
donate.redcross.ca
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
global.ib-ibi.com
googleads.g.doubleclick.net
ib.adnxs.com
ib.mookie1.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
loadm.exelator.com
logx.optimizely.com
match.adsrvr.org
match.contentexchange.me
maxcdn.bootstrapcdn.com
mihistream.pointillist.com
p.adsymptotic.com
pdw-adf.userreport.com
phil-cdn-web.azurewebsites.net
philanthropy.cdn.redcross.ca
pixel.mathtag.com
pixel.onaudience.com
pixel.tapad.com
pm.w55c.net
ps.eyeota.net
px.ads.linkedin.com
px4.ads.linkedin.com
redirect.frontend.weborama.fr
rtb-csync.smartadserver.com
s.ad.smaato.net
s2.adform.net
s3-eu-west-1.amazonaws.com
sechosted.redcross.ca
secure.adnxs.com
secure.pointillist.com
simage2.pubmatic.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
sync.1dmp.io
sync.crwdcntrl.net
sync.teads.tv
t.co
tags.bluekai.com
token.rubiconproject.com
uipglob.semasio.net
ups.analytics.yahoo.com
use.fontawesome.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
x.bidswitch.net
ups.analytics.yahoo.com
104.18.98.194
104.244.42.3
104.244.42.69
104.36.115.109
107.178.246.49
108.174.10.24
13.249.184.81
13.35.73.57
142.250.64.66
142.250.80.70
142.251.41.2
146.75.32.157
151.101.129.131
164.132.158.126
18.233.240.143
185.167.164.39
185.167.164.42
185.167.164.43
185.167.164.46
199.187.193.166
20.36.253.92
209.171.43.224
23.200.196.208
23.209.184.224
23.3.124.187
23.5.226.225
23.52.161.206
23.52.162.21
2600:1400:d:488::13b8
2600:141b:13::17d7:8262
2600:141b:13::17d7:82d0
2600:9000:2105:5200:1a:609a:6780:93a1
2600:9000:2105:5200:1b:5138:8a40:93a1
2606:4700:3037::6815:4e07
2606:4700::6810:125e
2606:4700::6810:c8f3
2606:4700::6812:bcf
2607:f8b0:4006:808::2004
2607:f8b0:4006:80a::2002
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80c::200a
2607:f8b0:4006:80d::200a
2607:f8b0:4006:80e::2003
2607:f8b0:4006:80f::2002
2607:f8b0:4006:80f::2008
2607:f8b0:4006:81d::2003
2607:f8b0:4006:820::200e
2607:f8b0:4023:1407::9a
2620:1ec:21::14
2620:1ec:22::14
2620:1ec:27::cafe:1841
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
3.122.33.49
3.224.164.141
3.233.22.19
3.33.220.150
3.90.158.177
34.206.192.53
34.229.3.43
34.98.64.218
35.169.229.32
35.190.16.14
35.190.60.146
35.211.178.172
40.76.174.66
40.86.230.96
46.19.11.36
50.57.31.206
51.79.83.225
51.89.7.205
52.200.119.241
52.204.93.102
52.218.106.107
52.223.22.214
52.88.128.19
54.234.88.163
54.77.170.127
54.82.140.43
63.251.28.219
64.58.232.177
64.58.232.179
68.67.179.89
68.67.179.91
8.43.72.97
85.114.159.118
88.99.214.77
96.6.28.96
0055b9d0429e9c194b4aa6b5f49cbc2ec31a7220ee7c8c186a9ee951feabd482
04ebfc7054f729404e7605aa39af6369d89b806efef4a3d93fbf208a483f130c
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
071026625b597e0ac09d3b7505a0dca502638a867303d3b3d4926f68955470a5
083749c5b5ff36d6e2802f89c71dbd30f177465d1df21c04e289c3fbda2d8f3f
08e82a4b3e2c8fdda7bb85a003b6aff2d41553188380b02077047e3ca284933c
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0c4084d820cd3d44de01ed47895a376c284090091d70e11b1b9d5f95734c0455
0c520636b80fc2f1373d536ede92e227614897978ffc07dc60db4928f331804f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16c31cebb0f22a45ef17f73f1c6e992e2e6360f007f063b677e591fdb46a39b1
2408fb2f22a5e5ecf62b81531023588996c3396d219800883408d81e0373fa53
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
297f3dba6fc020ee4c9a987aa372a452ce72b285d7f9a83d6f9f6206ed3eb809
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
315d85265aa0ac246b654a861960ead0d94ef1a58cf699fe81716d9bd604a619
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5153aaa72206b8694ccb3dd3b071625c09f83c807aee46066299def6f3fd7798
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
609616cab12340fb5643b48fbf86cf0b70cf136500e832bdf70b4aa38d0da594
65453c292217b13dc5d87139ff688e2c8f82b70db8f802c3243649df65fbcd2d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7534539536cb97fba91eecd43410e692bccd4c3361348cbd6bdc6f6c18720f73
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a780fa66e9a2fd586956043dbef0ffcdced445450279d66eb5e14715daf0d4a
811bdac1feca25f94532db062c71e79097f075363ed7e120dfdd342885aca5e1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8a32f8c017eaecaf22f5daeb2b63e00262ed1444afecb8a618c27e10dc6d8db4
8a6341c5b7812472b8c8713ad1d0fb0480f264556ff750a43f8d801782577b2d
8b76b3502583edddf22df0b9c6ee640053a2cdfeaa113ceff3ea9b61d1f6410d
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a54c0f0abc017f802b8a68c2233d679d4a302a322b196116b4d03b015e66fec
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3e15afb0bafcc6f3112ec53b425d0519107277f69e583f7d19ddff667a98901
a88d9934847e8c1dead752777f9f271b29eedf1b26949d86e1177f266dc8197e
abe469131b74f3a3b7806f859ecf26be924f5db29de5f57a7bf432186ac81e5c
ac82b890a40f6af46e240e8e06404df715a954f2180a9d5c8e1c0d86ab2e08a1
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14f2d91bbb2fe1172ea0dd32285ae83707e9f194900cf5f9bfc064d0b4a7e28
b1ccb8141195307117c737c7f49f99de131fb55290a5f4c1431cc74ca93119dc
b3a29df47435cf60d7ab7743ace9e6285ccb4f1093b403b8a76431aea2987ff0
b8e55150ac12048d8bdfd8a07ce361853d0574dcc6fa28373c64a82ba735aeea
ba3edd5c7b28ac12c593ad6269c147b6051cdd8d86b62e3dcc98fdf274b761b1
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc430ba6a5ccf078ad82a4c4d1e1d1a91086a0a817e7219c80381aaa087c6e92
c80d481a27afd8c370d9cb01680d7749e5197e1b92bd3fe6ad96cc6398ca4d9f
cae0ae2d67aac89367108586ebd25e00afc5d0f8110e6eb71b8d274037f7a5d8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2fec0e2942f49dd3cad4650431d550d761f11dded17834d4835768c2ca730c0
d4e39ad5436ac92b21ddfcff063f9ba134dd4659d623dcba6c6f8a7c8a00a27a
d96b4a46439ecf983f79eb2cebdc9d0361cd57dab6b7ec427545a552a8517b58
dc0e5d1707b8ec12f120ea203af5ef231ed8b71ebded6325613a58198270c34c
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e0f19431575c4abfcb99693fc10b8a7333f0390a6d32bff7dfe732611bfeebb2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54682a356915c846c7e786b7afd6d7e4dcb5ab7e8d8a77f27d0f11e6dee540a
ec933a40fc3614824d2be2bc1a8250a6d7935d3b2cd428c5f25915ab27883a7b
ee558b4c2383ff532e2788af2f06f7b3c3e2229931fb891fa273e4cfc5ca730b
ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f82ea87d7f2da059163ff8ec38b9665b007f081a38ead749313dfa4ba843d2fb
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

donate.redcross.ca Open in urlscan Pro 2606:4700::6810:c8f3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

123 Requests

76 %HTTPS

29 %IPv6

72 Domains

93 Subdomains

69 IPs

9 Countries

2114 kBTransfer

4589 kBSize

124 Cookies

4 Outgoing links

Page URL History

Redirected requests

123 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

donate.redcross.ca Open in urlscan Pro
2606:4700::6810:c8f3 Public Scan

Screenshot
Live screenshot

Full Image

123
Requests

76 %
HTTPS

29 %
IPv6

72
Domains

93
Subdomains

69
IPs

9
Countries

2114 kB
Transfer

4589 kB
Size

124
Cookies

123 HTTP transactions
0 data transactions