exch2016.prudentialselect.ca Open in urlscan Pro
199.59.243.224  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response exch2016.prudentialselect.ca/	1 KB 2 KB	127ms 60ms	Document text/html	199.59.243.224 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://exch2016.prudentialselect.ca/ Protocol HTTP/1.1 Server 199.59.243.224 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 578e64578f74868d865c0470bf005fc565762870c557dfacf97d207565390584 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ch sec-ch-prefers-color-scheme cache-control no-store, max-age=0 content-length 1053 content-type text/html; charset=utf-8 critical-ch sec-ch-prefers-color-scheme date Thu, 31 Aug 2023 20:02:48 GMT vary sec-ch-prefers-color-scheme x-adblock-key MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_Tu9QoavE/GwY5ydxKwyTgW9f5rU03r/hO1VWxhe0nYdqGFCu+pd+2gzqG5ySUuzZfIdpsYQKpJTd9yFrqOR/7A== x-request-id abc5682f-2159-45ab-98bb-02be66978102
GET H/1.1	200 OK	aTvwhCBdt.js Show response exch2016.prudentialselect.ca/	67 KB 67 KB	38ms 38ms	Script application/javascript	199.59.243.224 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://exch2016.prudentialselect.ca/aTvwhCBdt.js Requested by Host: exch2016.prudentialselect.ca URL: http://exch2016.prudentialselect.ca/ Protocol HTTP/1.1 Server 199.59.243.224 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 7128591ce2852ff92fd3ca220b9fdd6e99a901dd2e4164ba264e5a0b9a19965b Request headers accept-language en-CA,en;q=0.9 Referer http://exch2016.prudentialselect.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Thu, 31 Aug 2023 20:02:48 GMT content-length 68406 x-request-id 647cf809-0499-4977-8fc3-002a9247e97a content-type application/javascript; charset=utf-8
POST H/1.1	200 OK	_fd Show response exch2016.prudentialselect.ca/	5 KB 3 KB	74ms 74ms	Fetch text/html	199.59.243.224 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://exch2016.prudentialselect.ca/_fd Requested by Host: exch2016.prudentialselect.ca URL: http://exch2016.prudentialselect.ca/aTvwhCBdt.js Protocol HTTP/1.1 Server 199.59.243.224 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty / Resource Hash 462ea39de1cf875633b36026ab3ef0d91f394046a2b3885eef925af5b21d8e17 Request headers Accept application/json Referer http://exch2016.prudentialselect.ca/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Content-Type application/json Response headers x-version 2.106.5 date Thu, 31 Aug 2023 20:02:48 GMT content-encoding gzip pragma no-cache server openresty content-type text/html; charset=UTF-8 cache-control no-cache, no-store, must-revalidate, post-check=0, pre-check=0 content-length 2381 expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	caf.js Show response www.google.com/adsense/domains/	148 KB 54 KB	114ms 49ms	Script text/javascript	172.217.13.196 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/adsense/domains/caf.js Requested by Host: exch2016.prudentialselect.ca URL: http://exch2016.prudentialselect.ca/aTvwhCBdt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.196 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f4.1e100.net Software sffe / Resource Hash 38bac8a86e5324b16563cb849939c1960ac1973ff8d1455596226410f3afbe3b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer http://exch2016.prudentialselect.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Thu, 31 Aug 2023 20:02:49 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="ads-afs-ui" etag "14945598756537575529" vary Accept-Encoding report-to {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 accept-ranges bytes expires Thu, 31 Aug 2023 20:02:49 GMT
GET H/1.1	200 OK	px.gif exch2016.prudentialselect.ca/	42 B 397 B	77ms 61ms	Image image/gif	199.59.243.224 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://exch2016.prudentialselect.ca/px.gif?ch=1&rn=2.7662809857573283 Requested by Host: exch2016.prudentialselect.ca URL: http://exch2016.prudentialselect.ca/ Protocol HTTP/1.1 Server 199.59.243.224 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-CA,en;q=0.9 Referer http://exch2016.prudentialselect.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers pragma no-cache date Thu, 31 Aug 2023 20:02:48 GMT last-modified Tue, 18 Jul 2023 15:33:43 GMT server openresty content-type image/gif cache-control no-cache, no-store, must-revalidate, post-check=0, pre-check=0 accept-ranges bytes content-length 42 expires Thu, 01 Jan 1970 00:00:01 GMT
GET H/1.1	200 OK	px.gif exch2016.prudentialselect.ca/	42 B 397 B	76ms 60ms	Image image/gif	199.59.243.224 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://exch2016.prudentialselect.ca/px.gif?ch=2&rn=2.7662809857573283 Requested by Host: exch2016.prudentialselect.ca URL: http://exch2016.prudentialselect.ca/ Protocol HTTP/1.1 Server 199.59.243.224 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-CA,en;q=0.9 Referer http://exch2016.prudentialselect.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers pragma no-cache date Thu, 31 Aug 2023 20:02:48 GMT last-modified Tue, 18 Jul 2023 15:33:43 GMT server openresty content-type image/gif cache-control no-cache, no-store, must-revalidate, post-check=0, pre-check=0 accept-ranges bytes content-length 42 expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	392 B 599 B	115ms 50ms	Script text/javascript	172.217.13.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=exch2016.prudentialselect.ca&client=dp-bodis30_3ph&product=SAS&callback=__sasCookie Requested by Host: www.google.com URL: https://www.google.com/adsense/domains/caf.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s05-in-f2.1e100.net Software cafe / Resource Hash 6721535eb59d978cadc103ee07bc829d97908c2425cb2d5f78650b584a363507 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer http://exch2016.prudentialselect.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Thu, 31 Aug 2023 20:02:49 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 247 x-xss-protection 0
GET H2	200	ads Show response www.google.com/afs/ Frame 6636	14 KB 3 KB	170ms 170ms	Document text/html	172.217.13.196 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/afs/ads?adtest=off&psid=1255567885&pcsa=false&channel=pid-bodis-gcontrol201%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol320%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol480&client=dp-bodis30_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fexch2016.prudentialselect.ca%3Fcaf%26&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2442788251544177&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301293%2C17301321%2C17301323&format=r3&nocache=8991693512169219&num=0&output=afd_ads&domain_name=exch2016.prudentialselect.ca&v=3&bsl=8&pac=0&u_his=2&u_tz=-420&dt=1693512169220&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1584&psh=258&frm=0&cl=560704565&uio=-&cont=rs&jsid=caf&jsv=560704565&rurl=http%3A%2F%2Fexch2016.prudentialselect.ca%2F&adbw=master-1%3A1584 Requested by Host: www.google.com URL: https://www.google.com/adsense/domains/caf.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.196 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f4.1e100.net Software gws / Resource Hash ad4dfe6dd072ad6c6efad1a0b310ca3fe42e2914b3457c196b1cf0b59be2867e Security Headers Name Value Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-RJ3WWpBgWXrNs2twQ8tbAw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other X-Xss-Protection 0 Request headers Referer http://exch2016.prudentialselect.ca/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=3600 content-disposition inline content-encoding br content-length 2951 content-security-policy object-src 'none';base-uri 'self';script-src 'nonce-RJ3WWpBgWXrNs2twQ8tbAw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other content-type text/html; charset=UTF-8 cross-origin-opener-policy same-origin-allow-popups; report-to="gws" date Thu, 31 Aug 2023 20:02:49 GMT expires Thu, 31 Aug 2023 20:02:49 GMT report-to {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} server gws x-xss-protection 0
GET H2	200	chevron.svg afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 6636	200 B 700 B	92ms 25ms	Image image/svg+xml	172.217.13.161 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b Requested by Host: www.google.com URL: https://www.google.com/afs/ads?adtest=off&psid=1255567885&pcsa=false&channel=pid-bodis-gcontrol201%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol320%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol480&client=dp-bodis30_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fexch2016.prudentialselect.ca%3Fcaf%26&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2442788251544177&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301293%2C17301321%2C17301323&format=r3&nocache=8991693512169219&num=0&output=afd_ads&domain_name=exch2016.prudentialselect.ca&v=3&bsl=8&pac=0&u_his=2&u_tz=-420&dt=1693512169220&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1584&psh=258&frm=0&cl=560704565&uio=-&cont=rs&jsid=caf&jsv=560704565&rurl=http%3A%2F%2Fexch2016.prudentialselect.ca%2F&adbw=master-1%3A1584 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.161 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s04-in-f1.1e100.net Software sffe / Resource Hash 5a0687ea8c9aa404a7724490f046e30023ec6b5aa81d01ae4f225889a64174f6 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers content-security-policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers content-encoding gzip x-content-type-options nosniff date Thu, 31 Aug 2023 14:05:28 GMT age 21441 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 174 x-xss-protection 0 last-modified Tue, 27 Jun 2023 17:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="afs-native-asset-managers" vary Accept-Encoding report-to {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} content-type image/svg+xml cache-control public, max-age=82800 accept-ranges bytes expires Fri, 01 Sep 2023 13:05:28 GMT
GET H2	200	launch.svg afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 6636	287 B 344 B	93ms 26ms	Image image/svg+xml	172.217.13.161 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/launch.svg?c=%23ffffff Requested by Host: www.google.com URL: https://www.google.com/afs/ads?adtest=off&psid=1255567885&pcsa=false&channel=pid-bodis-gcontrol201%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol320%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol480&client=dp-bodis30_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fexch2016.prudentialselect.ca%3Fcaf%26&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2442788251544177&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301293%2C17301321%2C17301323&format=r3&nocache=8991693512169219&num=0&output=afd_ads&domain_name=exch2016.prudentialselect.ca&v=3&bsl=8&pac=0&u_his=2&u_tz=-420&dt=1693512169220&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1584&psh=258&frm=0&cl=560704565&uio=-&cont=rs&jsid=caf&jsv=560704565&rurl=http%3A%2F%2Fexch2016.prudentialselect.ca%2F&adbw=master-1%3A1584 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.161 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s04-in-f1.1e100.net Software sffe / Resource Hash 091dd9d913b2a6170b918ebb13e4a61545ee55de4204f4a321c1c28776dcf695 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers content-security-policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers content-encoding gzip x-content-type-options nosniff date Thu, 31 Aug 2023 06:33:34 GMT age 48555 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 229 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="afs-native-asset-managers" vary Accept-Encoding report-to {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} content-type image/svg+xml cache-control public, max-age=82800 accept-ranges bytes expires Fri, 01 Sep 2023 05:33:34 GMT
GET H3	200	caf.js Show response www.google.com/adsense/domains/ Frame 6636	148 KB 54 KB	50ms 49ms	Script text/javascript	172.217.13.196 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/adsense/domains/caf.js?pac=0 Requested by Host: www.google.com URL: https://www.google.com/afs/ads?adtest=off&psid=1255567885&pcsa=false&channel=pid-bodis-gcontrol201%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol320%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol480&client=dp-bodis30_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fexch2016.prudentialselect.ca%3Fcaf%26&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2442788251544177&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301293%2C17301321%2C17301323&format=r3&nocache=8991693512169219&num=0&output=afd_ads&domain_name=exch2016.prudentialselect.ca&v=3&bsl=8&pac=0&u_his=2&u_tz=-420&dt=1693512169220&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1584&psh=258&frm=0&cl=560704565&uio=-&cont=rs&jsid=caf&jsv=560704565&rurl=http%3A%2F%2Fexch2016.prudentialselect.ca%2F&adbw=master-1%3A1584 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.13.196 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f4.1e100.net Software sffe / Resource Hash 2fc87ef7ccc4e6ef81783eda58a2dd5cca0f7ba63c6490085c380a5090b4333a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Thu, 31 Aug 2023 20:02:49 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="ads-afs-ui" etag "16187962316882473904" vary Accept-Encoding report-to {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 accept-ranges bytes expires Thu, 31 Aug 2023 20:02:49 GMT
GET H/1.1	200 OK	enhance.js Show response parking3.parklogic.com/page/ Frame 3B5B	1009 B 1 KB	156ms 53ms	Script text/javascript	45.79.244.209 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Full URL https://parking3.parklogic.com/page/enhance.js?pcId=7&pId=1129&domain=Prudentialselect.ca Requested by Host: exch2016.prudentialselect.ca URL: http://exch2016.prudentialselect.ca/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 45.79.244.209 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 45-79-244-209.ip.linodeusercontent.com Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38 / PHP/5.5.38 Resource Hash f8a978646ec32418422e29c9e0de027a6de58d6db720d9b8b9d284cac84f892d Request headers accept-language en-CA,en;q=0.9 Referer http://exch2016.prudentialselect.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Thu, 31 Aug 2023 20:02:49 GMT server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38 connection close x-powered-by PHP/5.5.38 transfer-encoding chunked content-type text/javascript;charset=UTF-8
POST H/1.1	200 OK	_tr exch2016.prudentialselect.ca/	2 B 0	57ms 56ms	Fetch text/html	199.59.243.224 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://exch2016.prudentialselect.ca/_tr Requested by Host: exch2016.prudentialselect.ca URL: http://exch2016.prudentialselect.ca/aTvwhCBdt.js Protocol HTTP/1.1 Server 199.59.243.224 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty / Resource Hash Request headers Accept application/json Referer http://exch2016.prudentialselect.ca/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Content-Type application/json Response headers x-version 2.106.5 date Thu, 31 Aug 2023 20:02:48 GMT content-encoding gzip pragma no-cache server openresty content-type text/html; charset=UTF-8 cache-control no-cache, no-store, must-revalidate, post-check=0, pre-check=0 content-length 22 expires Thu, 01 Jan 1970 00:00:01 GMT
GET H/1.1	200 OK	hero_nc.svg parking3.parklogic.com/page/images/pe262/ Frame 3B5B	47 KB 47 KB	178ms 81ms	Image image/svg+xml	45.79.244.209 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Show image Full URL https://parking3.parklogic.com/page/images/pe262/hero_nc.svg Requested by Host: exch2016.prudentialselect.ca URL: http://exch2016.prudentialselect.ca/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 45.79.244.209 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 45-79-244-209.ip.linodeusercontent.com Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38 / Resource Hash 878da09a057ec8f1775cdc522e5f7ec44966df547a87a9c29826ba114833c24b Request headers accept-language en-CA,en;q=0.9 Referer http://exch2016.prudentialselect.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Thu, 31 Aug 2023 20:02:49 GMT last-modified Mon, 08 Mar 2021 23:04:00 GMT server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38 etag "bbe1-5bd0e72fe1800" content-type image/svg+xml connection close accept-ranges bytes content-length 48097
GET H3	204	gen_204 www.google.com/afs/	0 21 B	60ms 59ms	Image text/html	172.217.13.196 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=b9dn5sq4nwj2&aqid=6fHwZI6LE8vlowamwYiYAQ&psid=1255567885&pbt=bs&adbx=450&adby=311&adbh=480&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=560704565&csala=4%7C0%7C185%7C78%7C22&lle=0&ifv=1&usr=0&hpt=0 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.13.196 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f4.1e100.net Software gws / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-slwQCCC9rPk1GjyMtQfNEg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer http://exch2016.prudentialselect.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers content-security-policy object-src 'none';base-uri 'self';script-src 'nonce-slwQCCC9rPk1GjyMtQfNEg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other date Thu, 31 Aug 2023 20:02:51 GMT server gws cross-origin-opener-policy same-origin-allow-popups; report-to="gws" x-frame-options SAMEORIGIN report-to {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." content-type text/html; charset=UTF-8 permissions-policy unload=() origin-trial Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0= alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	204	gen_204 www.google.com/afs/	0 19 B	57ms 56ms	Image text/html	172.217.13.196 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=i7x2ictt3fvh&aqid=6fHwZI6LE8vlowamwYiYAQ&psid=1255567885&pbt=bv&adbx=450&adby=311&adbh=480&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=560704565&csala=4%7C0%7C185%7C78%7C22&lle=0&ifv=1&usr=0&hpt=0 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.13.196 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f4.1e100.net Software gws / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-jSJdAq1_9kDjgALSGGypoA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer http://exch2016.prudentialselect.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers content-security-policy object-src 'none';base-uri 'self';script-src 'nonce-jSJdAq1_9kDjgALSGGypoA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other date Thu, 31 Aug 2023 20:02:51 GMT server gws cross-origin-opener-policy same-origin-allow-popups; report-to="gws" x-frame-options SAMEORIGIN report-to {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} content-type text/html; charset=UTF-8 permissions-policy unload=() origin-trial Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0= alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 string| park object| regeneratorRuntime function| setImmediate function| clearImmediate number| googleNDT_ number| googleAltLoader object| google function| __sasCookie number| experimentId_

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			exch2016.prudentialselect.ca/	1970-01-20 14:25:13	Name: parking_session Value: abc5682f-2159-45ab-98bb-02be66978102
			.prudentialselect.ca/	1970-01-20 23:46:48	Name: __gsas Value: ID=48e5d959936bb9e5:T=1693512169:RT=1693512169:S=ALNI_MYmkIAUAxdfAV8K-CC_1coXI2L4zQ
			.google.com/	1970-01-20 18:48:43	Name: NID Value: 511=hEznFmJbhLr4HWzanKuOOrwOh80GnxDBqgBejiSWyQd_2rf8ux7u69Mcevlj_EV2QjELlQbxalm8x7UEjavos6rWFo8ivuUqVfEZ-U4w2EEn-vh5WJTgrZtIpW4AXxl2afTyj4J2meHc27Z27aJK4yyuLE3_mtaKIa-S8R0Zwx4

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.google.com/adsense/domains/caf.js(Line 220) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

afs.googleusercontent.com
exch2016.prudentialselect.ca
parking3.parklogic.com
partner.googleadservices.com
www.google.com
172.217.13.130
172.217.13.161
172.217.13.196
199.59.243.224
45.79.244.209
091dd9d913b2a6170b918ebb13e4a61545ee55de4204f4a321c1c28776dcf695
2fc87ef7ccc4e6ef81783eda58a2dd5cca0f7ba63c6490085c380a5090b4333a
38bac8a86e5324b16563cb849939c1960ac1973ff8d1455596226410f3afbe3b
462ea39de1cf875633b36026ab3ef0d91f394046a2b3885eef925af5b21d8e17
578e64578f74868d865c0470bf005fc565762870c557dfacf97d207565390584
5a0687ea8c9aa404a7724490f046e30023ec6b5aa81d01ae4f225889a64174f6
6721535eb59d978cadc103ee07bc829d97908c2425cb2d5f78650b584a363507
7128591ce2852ff92fd3ca220b9fdd6e99a901dd2e4164ba264e5a0b9a19965b
878da09a057ec8f1775cdc522e5f7ec44966df547a87a9c29826ba114833c24b
ad4dfe6dd072ad6c6efad1a0b310ca3fe42e2914b3457c196b1cf0b59be2867e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8a978646ec32418422e29c9e0de027a6de58d6db720d9b8b9d284cac84f892d