d25billingual.rtoero.ca Open in urlscan Pro
104.26.15.178 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://d25billingual.rtoero.ca/
Submission: On July 04 via automatic, source certstream-suspicious (July 4th 2024, 3:10:25 am UTC) — Scanned from CA

Summary HTTP 117 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 38 IPs in 3 countries across 29 domains to perform 117 HTTP transactions. The main IP is 104.26.15.178, located in and belongs to CLOUDFLARENET, US. The main domain is d25billingual.rtoero.ca.
TLS certificate: Issued by E6 on July 1st 2024. Valid for: 3 months.

This is the only time d25billingual.rtoero.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
32	104.26.15.178 104.26.15.178	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	23.204.152.142 23.204.152.142	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.67.142.245 172.67.142.245	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	172.67.74.183 172.67.74.183	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	142.251.163.97 142.251.163.97	15169 (GOOGLE) (GOOGLE)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
4	64.233.180.105 64.233.180.105	15169 (GOOGLE) (GOOGLE)
2	172.217.197.95 172.217.197.95	15169 (GOOGLE) (GOOGLE)
1	23.204.152.170 23.204.152.170	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	108.138.106.49 108.138.106.49	16509 (AMAZON-02) (AMAZON-02)
4	74.125.192.102 74.125.192.102	15169 (GOOGLE) (GOOGLE)
1	173.194.204.94 173.194.204.94	15169 (GOOGLE) (GOOGLE)
1	18.164.96.77 18.164.96.77	16509 (AMAZON-02) (AMAZON-02)
2	173.194.205.93 173.194.205.93	15169 (GOOGLE) (GOOGLE)
1	23.200.3.23 23.200.3.23	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	204.79.197.237 204.79.197.237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	31.13.66.19 31.13.66.19	32934 (FACEBOOK) (FACEBOOK)
1	18.164.116.4 18.164.116.4	16509 (AMAZON-02) (AMAZON-02)
1	108.139.33.128 108.139.33.128	16509 (AMAZON-02) (AMAZON-02)
2	192.184.67.40 192.184.67.40	16509 (AMAZON-02) (AMAZON-02)
4	75.101.206.82 75.101.206.82	14618 (AMAZON-AES) (AMAZON-AES)
2 2	68.67.160.186 68.67.160.186	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.232.232.6 34.232.232.6	14618 (AMAZON-AES) (AMAZON-AES)
1 2	209.54.182.161 209.54.182.161	16509 (AMAZON-02) (AMAZON-02)
3	172.217.222.157 172.217.222.157	15169 (GOOGLE) (GOOGLE)
3 6	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.164.96.54 18.164.96.54	16509 (AMAZON-02) (AMAZON-02)
1	52.208.243.88 52.208.243.88	16509 (AMAZON-02) (AMAZON-02)
4	173.194.205.94 173.194.205.94	15169 (GOOGLE) (GOOGLE)
1	142.251.16.157 142.251.16.157	15169 (GOOGLE) (GOOGLE)
1	216.239.38.181 216.239.38.181	15169 (GOOGLE) (GOOGLE)
1	13.226.34.100 13.226.34.100	16509 (AMAZON-02) (AMAZON-02)
1 2	173.194.68.148 173.194.68.148	15169 (GOOGLE) (GOOGLE)
1	172.217.222.149 172.217.222.149	15169 (GOOGLE) (GOOGLE)
4	31.13.66.35 31.13.66.35	32934 (FACEBOOK) (FACEBOOK)
1 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
117	38

32 104.26.15.178 (None, )

ASN13335 (CLOUDFLARENET, US)

d25billingual.rtoero.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.204.152.142 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-204-152-142.deploy.static.akamaitechnologies.com

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.142.245 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.67.74.183 (United States)

ASN13335 (CLOUDFLARENET, US)

rtoero.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.163.97 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (San Francisco, United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.233.180.105 (United States)

ASN15169 (GOOGLE, US)
PTR: on-in-f105.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.197.95 (United States)

ASN15169 (GOOGLE, US)
PTR: qa-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.204.152.170 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-204-152-170.deploy.static.akamaitechnologies.com

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.106.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-49.jfk50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.125.192.102 (United States)

ASN15169 (GOOGLE, US)
PTR: qn-in-f102.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.204.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qb-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-77.jfk50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.205.93 (United States)

ASN15169 (GOOGLE, US)
PTR: qm-in-f93.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.200.3.23 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-200-3-23.deploy.static.akamaitechnologies.com

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 204.79.197.237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.116.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-4.jfk50.r.cloudfront.net

cdn.calltrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.33.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-33-128.jfk50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.184.67.40 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 75.101.206.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-75-101-206-82.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.160.186 (Colonia, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.232.232.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-232-6.compute-1.amazonaws.com

pixel.mediaiqdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.54.182.161 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.222.157 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.107.42.14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-54.jfk50.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.243.88 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-243-88.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 173.194.205.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qm-in-f94.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.16.157 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f157.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.38.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.34.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-100.ewr53.r.cloudfront.net

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.68.148 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: qr-in-f148.1e100.net

11102789.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.222.149 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f149.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 31.13.66.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-iad3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	rtoero.ca d25billingual.rtoero.ca rtoero.ca	3 MB
7	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 136 googleads.g.doubleclick.net — Cisco Umbrella Rank: 70 11102789.fls.doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 164	3 KB
6	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 360 www.linkedin.com — Cisco Umbrella Rank: 545	3 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	609 KB
6	typekit.net use.typekit.net — Cisco Umbrella Rank: 649 p.typekit.net — Cisco Umbrella Rank: 807	73 KB
5	google.com www.google.com — Cisco Umbrella Rank: 5 analytics.google.com — Cisco Umbrella Rank: 174	1 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	5 KB
4	google.ca www.google.ca — Cisco Umbrella Rank: 8928	253 B
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 3014	10 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 71	21 KB
3	adsrvr.org 1 redirects js.adsrvr.org — Cisco Umbrella Rank: 1585 insight.adsrvr.org — Cisco Umbrella Rank: 1062 match.adsrvr.org — Cisco Umbrella Rank: 405	5 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 204	78 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 361	14 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 894 script.hotjar.com — Cisco Umbrella Rank: 1260	64 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 268	14 KB
3	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1381	163 KB
2	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 3549 content.hotjar.io — Cisco Umbrella Rank: 6487	402 B
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 349	2 KB
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 527	2 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1625 pixel.quantserve.com — Cisco Umbrella Rank: 1193	10 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 96	12 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	3 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3406	25 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1607	1 KB
1	mediaiqdigital.com pixel.mediaiqdigital.com — Cisco Umbrella Rank: 14693	82 B
1	calltrk.com cdn.calltrk.com — Cisco Umbrella Rank: 22877	575 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 902	14 KB
1	gstatic.com www.gstatic.com	212 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 816	29 KB
117	29

	Domain	Requested by
32	d25billingual.rtoero.ca	d25billingual.rtoero.ca
8	rtoero.ca	d25billingual.rtoero.ca rtoero.ca code.jquery.com
6	www.googletagmanager.com	d25billingual.rtoero.ca www.googletagmanager.com www.google-analytics.com
5	px.ads.linkedin.com	2 redirects snap.licdn.com d25billingual.rtoero.ca
5	use.typekit.net	d25billingual.rtoero.ca use.typekit.net
4	www.facebook.com	d25billingual.rtoero.ca
4	www.google.ca	d25billingual.rtoero.ca
4	tags.srv.stackadapt.com	d25billingual.rtoero.ca tags.srv.stackadapt.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	www.google.com	d25billingual.rtoero.ca
3	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
3	connect.facebook.net	d25billingual.rtoero.ca connect.facebook.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com d25billingual.rtoero.ca
3	cdnjs.cloudflare.com	d25billingual.rtoero.ca
3	use.fontawesome.com	d25billingual.rtoero.ca use.fontawesome.com
2	11102789.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	s.amazon-adsystem.com	1 redirects d25billingual.rtoero.ca
2	secure.adnxs.com	2 redirects
2	www.youtube.com	rtoero.ca www.youtube.com
2	static.hotjar.com	d25billingual.rtoero.ca www.googletagmanager.com
2	fonts.googleapis.com	rtoero.ca
2	stackpath.bootstrapcdn.com	d25billingual.rtoero.ca
1	match.adsrvr.org	js.adsrvr.org
1	insight.adsrvr.org	1 redirects
1	pixel.quantserve.com	d25billingual.rtoero.ca
1	ad.doubleclick.net	d25billingual.rtoero.ca
1	rules.quantcount.com	secure.quantserve.com
1	analytics.google.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	content.hotjar.io	script.hotjar.com
1	vc.hotjar.io	script.hotjar.com
1	www.linkedin.com	1 redirects
1	pixel.mediaiqdigital.com	d25billingual.rtoero.ca
1	secure.quantserve.com	d25billingual.rtoero.ca
1	js.adsrvr.org	www.googletagmanager.com
1	cdn.calltrk.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	www.gstatic.com	www.google.com
1	p.typekit.net	use.typekit.net
1	code.jquery.com	d25billingual.rtoero.ca
117	41

This site contains links to these domains. Also see Links.

Domain
rtoero.ca
web.na.bambora.com
www.facebook.com
www.linkedin.com
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
d25billingual.rtoero.ca E6	`2024-07-01` - `2024-09-29`	3 months	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-01` - `2025-03-03`	a year	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-05-25` - `2024-08-23`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
rtoero.ca E1	`2024-05-30` - `2024-08-28`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
www.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-12` - `2024-07-11`	3 months	crt.sh
swappy.callrail.com Amazon RSA 2048 M03	`2024-06-10` - `2025-07-09`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
quantserve.com R10	`2024-06-24` - `2024-09-22`	3 months	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M03	`2023-09-09` - `2024-10-07`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-07-01` - `2025-01-01`	6 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-02-07` - `2025-03-08`	a year	crt.sh
*.google.ca WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.doubleclick.net WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://d25billingual.rtoero.ca/
Frame ID: 277D28980CDD0CD90CCE1FE37FD24076
Requests: 116 HTTP requests in this frame

Frame: https://11102789.fls.doubleclick.net/activityi;dc_pre=COqHscu0jIcDFTTe_QUdG-YBxw;src=11102789;type=invmedia;cat=rtero0;ord=2063301954907;npa=0;auiddc=198772131.1720062618;ps=1;pcor=1407959853;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730za200;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fd25billingual.rtoero.ca%2F
Frame ID: AA58D496EEA6C9BAE643A47754329E8D
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=tquy0jn&ref=https%3A%2F%2Fd25billingual.rtoero.ca%2F&upid=0tup8h9&upv=1.1.0
Frame ID: BE456D3E4F6E13ADF2F32C31ABBBF879
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - Stormont Dundas GlengarryHome - Stormont Dundas Glengarry

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Lightbox (JavaScript Libraries) Expand

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

117
Requests

97 %
HTTPS

0 %
IPv6

29
Domains

41
Subdomains

38
IPs

3
Countries

4178 kB
Transfer

7840 kB
Size

49
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://rtoero.ca/membership/
Title: Learn more

Search URL Search Domain Scan URL

URL: https://rtoero.ca/retirement-planning-workshops/
Title: Register

Search URL Search Domain Scan URL

URL: https://rtoero.ca/
Title: < RTOERO main site

Search URL Search Domain Scan URL

URL: https://rtoero.ca/insurance/
Title: Insurance

Search URL Search Domain Scan URL

URL: https://rtoero.ca/welcome-to-the-membership-portal/
Title: Join

Search URL Search Domain Scan URL

URL: https://web.na.bambora.com/scripts/payment/payment.asp?merchant_id=117689328&ref1=District-25&hashValue=a7e067a3eac359297daa2ff5fb75239470eea3e0
Title: Pay online for District 25 event or activity

Search URL Search Domain Scan URL

URL: https://www.facebook.com/RTOERODistrict25

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/rto-ero

Search URL Search Domain Scan URL

URL: https://twitter.com/rto_ero

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC47hMHrlTrEyXgr2PGoqwSw

Search URL Search Domain Scan URL

URL: https://rtoero.ca/policies/
Title: RTOERO Policies

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74

https://secure.adnxs.com/px?id=1500973&seg=27062092&redir=https%3A%2F%2Fpixel.mediaiqdigital.com%2Fpixel%3F%26pixel_id%3D1500973%26uid%3D%24%7BUID%7D&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1500973%26seg%3D27062092%26redir%3Dhttps%253A%252F%252Fpixel.mediaiqdigital.com%252Fpixel%253F%2526pixel_id%253D1500973%2526uid%253D%2524%257BUID%257D%26t%3D2 HTTP 302
https://pixel.mediaiqdigital.com/pixel?&pixel_id=1500973&uid=8969050809883223490

Request Chain 75

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Daa2d2b86-b867-288a-3ed5-b68b89bc6e9b%26type%3D17%26m%3D7&ex-fch=416613&ex-src=https://rtoero.ca/&ex-hargs=v%3D1.0%3Bc%3D1927224680701%3Bp%3DAA2D2B86-B867-288A-3ED5-B68B89BC6E9B HTTP 302
https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Daa2d2b86-b867-288a-3ed5-b68b89bc6e9b%26type%3D17%26m%3D7&ex-fch=416613&ex-src=https://rtoero.ca/&ex-hargs=v%3D1.0%3Bc%3D1927224680701%3Bp%3DAA2D2B86-B867-288A-3ED5-B68B89BC6E9B&dcc=t

Request Chain 85

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1657994&time=1720062618143&url=https%3A%2F%2Fd25billingual.rtoero.ca%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1657994&time=1720062618143&url=https%3A%2F%2Fd25billingual.rtoero.ca%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1657994%26time%3D1720062618143%26url%3Dhttps%253A%252F%252Fd25billingual.rtoero.ca%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1657994&time=1720062618143&url=https%3A%2F%2Fd25billingual.rtoero.ca%2F&cookiesTest=true&liSync=true

Request Chain 103

https://11102789.fls.doubleclick.net/activityi;src=11102789;type=invmedia;cat=rtero0;ord=2063301954907;npa=0;auiddc=198772131.1720062618;ps=1;pcor=1407959853;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730za200;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fd25billingual.rtoero.ca%2F HTTP 302
https://11102789.fls.doubleclick.net/activityi;dc_pre=COqHscu0jIcDFTTe_QUdG-YBxw;src=11102789;type=invmedia;cat=rtero0;ord=2063301954907;npa=0;auiddc=198772131.1720062618;ps=1;pcor=1407959853;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730za200;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fd25billingual.rtoero.ca%2F

Request Chain 115

https://insight.adsrvr.org/track/up?adv=tquy0jn&ref=https%3A%2F%2Fd25billingual.rtoero.ca%2F&upid=0tup8h9&upv=1.1.0 HTTP 302
https://match.adsrvr.org/track/upb/?adv=tquy0jn&ref=https%3A%2F%2Fd25billingual.rtoero.ca%2F&upid=0tup8h9&upv=1.1.0

117 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
d25billingual.rtoero.ca/ 68 KB
14 KB 4282ms
4150ms Document
text/html 104.26.15.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d25billingual.rtoero.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash: 3c753bea4a64487a3d0e2e1ee365fceae00dc0f4d3ab2bda3e63f6ad85479753

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 89dbebc08f1c3700-YYZ
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 04 Jul 2024 03:10:16 GMT
link: <https://d25billingual.rtoero.ca/wp-json/>; rel="https://api.w.org/" <https://d25billingual.rtoero.ca/wp-json/wp/v2/pages/4>; rel="alternate"; type="application/json" <https://d25billingual.rtoero.ca/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=klWoYg5WRST5zwR9loy8TBsFOo1tPU2m%2FrexqdnPdv9egifULGH0DHFK%2FX6yjmlQH0Fpryo%2BWli538PslNgs%2BmQx1jh47Cx0nenbSc7NpUbV3eQ7%2BCBpem9tvDIUeN5rQiXljaAg1gFr"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: MISS
x-cache-group: normal
x-cacheable: SHORT
x-powered-by: WP Engine

GET
H2 200 gfe3jxu.css
use.typekit.net/ 6 KB
1 KB 258ms
43ms Stylesheet
text/css 23.204.152.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/gfe3jxu.css

Requested by

Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.152.142 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-204-152-142.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

d37c2f7175951a1168acbdd1ac69141f80f218de229582c83c94b00b22d325be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Thu, 04 Jul 2024 03:10:16 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 977

GET
H3 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
8 KB 70ms
34ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 876
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 5658432
cdn-cachedat: 03/18/2024 12:59:19
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: e07030f9921d09bce8159ebf1b933479
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 89dbebdace52ab36-YYZ
cdn-requestpullsuccess: True

GET
H2 200 all.css
use.fontawesome.com/releases/v5.6.3/css/ 52 KB
12 KB 142ms
38ms Stylesheet
text/css 172.67.142.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by: Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.142.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:45:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2282249
etag: W/"dc93d584e41f8417f6b7163320d34329"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tQpEuMq6SWGe8sAtBb0rYemF4ECcbaUD8WCNYd0OKwmrn%2BPwHV23lfKkHy9%2Byb0TiZDRf5%2B7Saj7IHwZtjCOvI6FebcdK6GS8nk9mh%2BXpggkZ5M6b9Uw8qJqgjc1jdV6YejunCxP"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 89dbebdb3b65ab2e-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 animate.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.0/ 76 KB
4 KB 78ms
37ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.0/animate.css

Requested by

Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8150a6e66442996f64560b128d0effe532ed5eabdf0a8c6176c8c4e8ed502e6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1157509
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3779
last-modified: Mon, 04 May 2020 16:04:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d2a-12fb5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tr0WcHawfiqDPap31yqXOXH5TSBfBy12IcDhKcu8cIMENfP9smj7rMx%2BIBdz5EOG6F%2B7blPSXI3FC0Twzmp7J4phX6S5wWGbHS%2BU%2BH8iqapoEzyv456htdWtX1XPSjcb0qeyiem%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89dbebdacf0f39ff-YYZ
expires: Tue, 24 Jun 2025 03:10:16 GMT

GET
H2 200 app.css
rtoero.ca/wp-content/themes/RTO/assets/css/ 272 KB
43 KB 204ms
88ms Stylesheet
text/css 172.67.74.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtoero.ca/wp-content/themes/RTO/assets/css/app.css?v=66861295e9c11
Requested by: Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e662a9d167c0cd245f881345165ebc864daf64dc6d2411b8eb05d18c35bafd2b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 05 Jun 2020 10:34:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5eda1fcd-44038"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8oJi22Qrekf%2FtB30ddoi8R6tctoLGaHbV3Vs%2FPyRqN%2Fd1aR48RpgOox0OoAqoPVsB2E01JPmA5fJHZvOxerg96sB6DATIacEx2%2FVwR4F1tJexkoeiIw5a%2FYe9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 89dbebdb484fac52-YYZ

GET
H2 200 style.min.css
d25billingual.rtoero.ca/wp-includes/css/dist/block-library/ 111 KB
15 KB 105ms
85ms Stylesheet
text/css 104.26.15.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d25billingual.rtoero.ca/wp-includes/css/dist/block-library/style.min.css?ver=6.5.4
Requested by: Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 10 Apr 2024 14:17:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66169f67-1bae5"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MMGPn3sM9%2FeHWC1bJHv6X2ZwN1viEqVz2%2BHp0r%2FCX5XEKmKeALvwyYsaDoZoHRuTFXq3FyGiH%2B4SaTIYvMuOUJ4jQXFDTlJBzfCesJthR5fABUbRne2F81GcJhc7RpxaZwE%2Fq6eg%2Bh7D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 89dbebdaabaa3700-YYZ

GET
H2 200 styles.css
d25billingual.rtoero.ca/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 129ms
110ms Stylesheet
text/css 104.26.15.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d25billingual.rtoero.ca/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.9.5
Requested by: Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 23 May 2024 13:50:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"664f49ab-b4e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yRFBc9EW%2F0DQAOggzWoqTCslVr1EBXWKhoTW2HbqKjq3Ip8fpDSREX3Lv3G8MluuXDzg4wTMLhbE7HTbsPQQXdrh5sMkuqYp5yEyrObiVjnAG0kIgjsAS9qz0HBVFVsTXIyIRxY8mNP0"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 89dbebdaabac3700-YYZ

GET
H2 200 styles.css
d25billingual.rtoero.ca/wp-content/plugins/sitepress-multilingual-cms/dist/css/blocks/ 58 KB
7 KB 159ms
141ms Stylesheet
text/css 104.26.15.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d25billingual.rtoero.ca/wp-content/plugins/sitepress-multilingual-cms/dist/css/blocks/styles.css?ver=4.6.11
Requested by: Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58c855e7eb9b917e71e6b733e73c542c25bacb986f3ba7df2be1570200312135

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 14 Jun 2024 12:22:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"666c3604-e768"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DUiDhBBahMM3wtIseP8moLm8xy4nxltMkJ8wsumm0YcmSbnoCp9eYnaXmasBZUtwgASCor8JqirtZ6O%2Bt057cLRdnTTRp%2BGAkUxIF45TQIniSoLc4oGyLaeXI%2F1JUqZOygkGr4N5QzWx"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 89dbebdaabad3700-YYZ

GET
H2 200 pagenavi-css.css
d25billingual.rtoero.ca/wp-content/plugins/wp-pagenavi/ 374 B
529 B 194ms
178ms Stylesheet
text/css 104.26.15.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d25billingual.rtoero.ca/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70
Requested by: Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 06 May 2024 17:37:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66391547-176"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OEUFkmse8J0fxr2s4FMeZrCmkRdE%2BNzlNRtGk1%2BtUOG2Fj7Dvdf6JyzF1sUx9Kn0oY9gYE9Ivz8yNccttLZrHfEe7ffdgZcocnKu%2B1JE%2BY31qER7xRvEH%2BxwphflLOntclVlMg9TrktP"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 89dbebdaabae3700-YYZ

GET
H2 200 style.css
d25billingual.rtoero.ca/wp-content/themes/RTO%20District/ 194 B
529 B 141ms
125ms Stylesheet
text/css 104.26.15.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d25billingual.rtoero.ca/wp-content/themes/RTO%20District/style.css?ver=6.5.4
Requested by: Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ece4ebac8445ed7227d243d0242943edaad4b16e2e4644379cfc4af1d2a3cab

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 26 Jun 2024 16:30:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"667c4223-c2"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9SbZKdRHmh1usAULFCA0Z7xxVSrjHlOqVso01Tp3tMGHIdFeNrLQjFAmwuKNpnsRjpcq%2F91yol1Z67DK4DJOCKYfmpZxrBFmrVRNA%2BB3%2FQ1vYQYOuq%2FxVohwS0UhDnGQq%2BHLTgD4CoRY"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 89dbebdaabb03700-YYZ

GET
H2 200 dflip.min.css
d25billingual.rtoero.ca/wp-content/plugins/3d-flipbook-dflip-lite/assets/css/ 60 KB
15 KB 194ms
179ms Stylesheet
text/css 104.26.15.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d25billingual.rtoero.ca/wp-content/plugins/3d-flipbook-dflip-lite/assets/css/dflip.min.css?ver=2.2.32
Requested by: Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2b510b2021edf1ddc27f7cec931c74484eb5d63444256eff14b449bd8c2d8de

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 06 May 2024 17:40:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66391609-f0a9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gH8KiGcwhJFa2w9fRs9KVhaTHzxGUCkJtLOm%2FW0cohYxVBL2NnnECle5XOj%2FbywzmmN3FLAFtWN6jB5Kl6AuCYqbSew4wxstngtkOj%2F26IRZLhM7aql%2BUHWuL8INKsmjsxG7NtFO6HDK"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 89dbebdaabb13700-YYZ

GET
H2 200 search-forms.css
d25billingual.rtoero.ca/wp-content/plugins/searchwp/assets/css/frontend/ 5 KB
2 KB 116ms
102ms Stylesheet
text/css 104.26.15.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d25billingual.rtoero.ca/wp-content/plugins/searchwp/assets/css/frontend/search-forms.css?ver=4.3.15
Requested by: Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 480cbbdaf9ea4afde46d8c47c35a98172d4bdc57232c38fd6c44a514ae1c1a87

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 06 May 2024 17:38:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6639157b-13a4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IlIuAlIeTYn4jOzHAXtehLtFpHvRHAhatq2UPx1nrut88wF0LNpVA3k1LKTY9JnwpKMo0YWNW7ChiwJ9g6SIywsHfY%2FOWPB4HvefpmbSyn6%2Bzp6gos5OYr%2BtPxUtM6dgBFopLfOZetfN"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 89dbebdaabb23700-YYZ

GET
H2 200 wordpresscrm.css
d25billingual.rtoero.ca/wp-content/plugins/integration-dynamics/resources/front/css/ 11 KB
2 KB 151ms
137ms Stylesheet
text/css 104.26.15.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d25billingual.rtoero.ca/wp-content/plugins/integration-dynamics/resources/front/css/wordpresscrm.css?ver=6.5.4
Requested by: Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6989aa5543de096fb2db049c280ee6b448667315857636f0471503e6e97d2ea3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 21 May 2024 15:19:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"664cbb84-2c0d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZRA1oX%2BZY5X1GpufQhWtygDYRroNbw1a%2FAuQjUPImeoxkLgWkZ5Qaj%2FGa41TKhjqlELwWFgwKXR5nNV%2FrlEVxdiEDvyb40jvNjP2QrkhfWaNlA7HlHBYKuZnC7zWeHjkbMy%2BB4mwlvXr"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 89dbebdaabb33700-YYZ

GET
H2 200 wordpresscrm-jqueryui-css.css
d25billingual.rtoero.ca/wp-content/plugins/integration-dynamics/resources/front/css/ 34 KB
8 KB 140ms
126ms Stylesheet
text/css 104.26.15.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d25billingual.rtoero.ca/wp-content/plugins/integration-dynamics/resources/front/css/wordpresscrm-jqueryui-css.css?ver=6.5.4
Requested by: Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fdb4d90ee78daf1881e2baca52379daa75205d310000ea56dce45fb86978d78

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 21 May 2024 15:19:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"664cbb84-89a1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U7HGla1c1hcbP8qyddwD%2BBPm2h6NLLMzX6wWF1g1ax03P94RCgSr8OnwlZ5xq4kr%2BdrhzIf%2Fg3dmI3WN60KE%2F%2BxGT8NAvqQzcBi7f6Dlk2wqe9iBbCYy0ZmDaMrLAKZV7DwKzAikDcCy"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 89dbebdaabb53700-YYZ

GET
H2 200 jquery.datetimepicker.css
d25billingual.rtoero.ca/wp-content/plugins/integration-dynamics/resources/front/css/ 15 KB
4 KB 153ms
139ms Stylesheet
text/css 104.26.15.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d25billingual.rtoero.ca/wp-content/plugins/integration-dynamics/resources/front/css/jquery.datetimepicker.css?ver=6.5.4
Requested by: Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2802d8d37ffa6a5d14f7c91dd8a1aac78203165c8620a550f2177593c701f431

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 21 May 2024 15:19:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"664cbb84-3a71"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wF4T4cTSkvXob%2BABSP11%2BQh4gqog0fojGCrwYp%2Bw0h0IfGXufQdBPWGMMBRzlWVo3P6VCVMtxfdfpHrR8jAdhvX9QaTkNhymuiF6FftY%2F%2Fuvhv5Sl%2B09KfbKmCiIMGULyE%2FBnp8fknK8"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 89dbebdaabb63700-YYZ

GET
H2 200 jquery.min.js Show response
d25billingual.rtoero.ca/wp-includes/js/jquery/ 86 KB
31 KB 194ms
181ms Script
application/javascript 104.26.15.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d25billingual.rtoero.ca/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 16 Nov 2023 14:56:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65562d87-15601"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pAYlZFJOnFJNWUqgt88tKFBQLODdOQLbA9jq%2FTDs7%2B5qOpHxLIJQscbeVy4Og7NUqF3rqpfVIKGWRe2WuxK2uo%2FhArHbOeZQ23Jk1W%2FUPZvBPNDCdtFR4V1YQ1N6XJhpNSS04Xvrm87O"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 89dbebdadbc43700-YYZ

GET
H2 200 jquery-migrate.min.js Show response
d25billingual.rtoero.ca/wp-includes/js/jquery/ 13 KB
5 KB 144ms
131ms Script
application/javascript 104.26.15.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d25billingual.rtoero.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 10 Aug 2023 17:11:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64d51a50-3509"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zphrQ3ldMqUSVhW98tm44HRlf6pnyC%2FD9upmsrttpV6zL0uXAP2A1wTIXRZLwcpXgNQ6GgqyvXiYQ8t9LnwLUzblpasPXXATytvHAGaDTUYjbkBNwPmf9gkV4VeT0NXM%2FTNX6MpbQ6EY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 89dbebdadbc63700-YYZ

GET
H2 200 districtcustom.js Show response
d25billingual.rtoero.ca/wp-content/themes/RTO%20District/assets/js/ 12 KB
4 KB 191ms
180ms Script
application/javascript 104.26.15.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d25billingual.rtoero.ca/wp-content/themes/RTO%20District/assets/js/districtcustom.js?ver=66861295ee87a
Requested by: Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1101099d69098eb053f987bc68bab89e895c23211a73173b09ed686242debb25

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 24 Jun 2024 20:29:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6679d735-3012"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A%2BF8OwR9o0dA0qbT5P3cCaxcZgwnjqFhVJ6cn3iceff53wQJc1Dzhzq2Jn94%2B6KyS4EBatZuztk3ZUAmR8jG1Z5gOmA7v0faNo%2B6tvC9IHUURizER%2FKGz5Op5Geb0Xgh90hrvGMviyzt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 89dbebdadbc73700-YYZ

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 307 KB
102 KB 565ms
74ms Script
application/javascript 142.251.163.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DLEEDL08SQ

Requested by

Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

e41f460e17f67441b3f2da88c79d81f1b691bf4d8a9638b614d85c2006ff71ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104111
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 04 Jul 2024 03:10:17 GMT

GET
H2 200 custom-108.css
rtoero.ca/wp-content/themes/RTO/assets/css/ 83 KB
18 KB 193ms
85ms Stylesheet
text/css 172.67.74.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtoero.ca/wp-content/themes/RTO/assets/css/custom-108.css?v=6686129602910
Requested by: Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09d6fb50c5410b1bff004a05f5013cd884074e805c2b9a335b47eaf39cbc1708

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 03 Jul 2024 16:27:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66857bf3-14b94"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A%2F4OhacX4VBvyY3TunxNiJhKOugeyjuFnjvV4VTSmvPIlKHihQUiJ4AWYsEE58A893MHz0GSQJKYmnxHGqcrEjKmeE21UErYzXO%2FqpsrneIdYa2Xs2vLQ%2Fee3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 89dbebdb484eac52-YYZ

GET
H2 200 district-theme-style.css
d25billingual.rtoero.ca/wp-content/themes/RTO%20District/assets/css/ 667 B
676 B 199ms
188ms Stylesheet
text/css 104.26.15.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d25billingual.rtoero.ca/wp-content/themes/RTO%20District/assets/css/district-theme-style.css?v=668612960293c
Requested by: Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8bd34d79ec8f244f8366e1e6b7bfe84af00dfb812cf976561fcb5e7c399a56c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 22 Apr 2021 19:37:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6081d07d-29b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0WZHBqZV%2FYaK4dU%2BbgO6C8KGx8V344fQ7nWdlJvzp4iKx0JA2Zgo47nFfx30VCgV0N52Q6JNCeF1nM4aB3vbvw8LJXap%2FlmRsI%2F7lq9glAWz%2B%2BKHXEKxEAwq4bVjjJcY0Hc80YVqQDic"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 89dbebdadbc33700-YYZ

GET
H2 200 email-decode.min.js Show response
d25billingual.rtoero.ca/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 63ms
52ms Script
application/javascript 104.26.15.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://d25billingual.rtoero.ca/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 28 Jun 2024 11:26:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"667e9dca-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2Eow%2BTd%2FoCRAPXIcgv8hgJMf76ZXNgfv44sTphXm4qcDNJkMTNT0C1kzjqRikkAJdJ5s9JuFaLZIwd%2BOZHcm08tSAe1RFiqBPIe%2BnZDJIVW6uYqnvtSdms9wjLa9pq8oJJI5DfadpLPZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 89dbebdadbc83700-YYZ
expires: Sat, 06 Jul 2024 03:10:16 GMT

GET
H2 200 jquery-2.2.4.min.js Show response
code.jquery.com/ 84 KB
29 KB 177ms
25ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.4.min.js
Requested by: Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Origin: https://d25billingual.rtoero.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:16 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 5918772
x-cache: HIT, HIT
content-length: 29811
x-served-by: cache-lga21935-LGA, cache-yyz4572-YYZ
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1720062617.890807,VS0,VE0
etag: W/"28feccc0-14e4a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 44, 49196

GET
H3 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ 21 KB
7 KB 64ms
34ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js

Requested by

Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Origin: https://d25billingual.rtoero.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1167133
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6646
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-520c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iWCrliAsw3jlSs1QDZe7w%2FNnXyu5mvxZwkUOUNmkAK990ZKBRAHKQRbCoBgIDhfI4k5pI7uqAERBkio8x63eqhXhlxuzqcVG5pTRqZYoo65nkgTDy4k26Fnt5S1xeNi1mJVxRSo5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89dbebdadc0fac7c-YYZ
expires: Tue, 24 Jun 2025 03:10:16 GMT

GET
H3 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 57 KB
17 KB 154ms
123ms Script
application/javascript 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js

Requested by

Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Origin: https://d25billingual.rtoero.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 1067
strict-transport-security: max-age=31536000; includeSubDomains; preload
cdn-cachedat: 03/18/2024 12:03:07
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"e1d98d47689e00f8ecbc5d9f61bdb42e"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 3572b6be56c794a35d92b38a28ee7834
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 89dbebdb3d0039f8-YYZ
cdn-requestpullsuccess: True

GET
H3 200 wow.min.js Show response
cdnjs.cloudflare.com/ajax/libs/wow/1.1.2/ 8 KB
3 KB 63ms
36ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/wow/1.1.2/wow.min.js

Requested by

Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfa1739ee346d63a3d3cfdff8c18cbe8fdedbcb32d4b0895028c193ce828e7a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1147153
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2346
last-modified: Mon, 04 May 2020 16:17:55 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04033-1ff6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F9Nt6s0tmZLK1ugfpU7fyd0vb2fdZ23JkzDusGdx8ZmqONALAYSO9dRlQJITNXrbqI119EwD5TMD6dSMNuldNk3COzUc5uJzzVjEDVqfFQDAk7J3MYqXkk30yVDLTR6BcaeRNFIs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89dbebdacf0d39ff-YYZ
expires: Tue, 24 Jun 2025 03:10:16 GMT

GET
H2 200 index.js Show response
d25billingual.rtoero.ca/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
4 KB 131ms
124ms Script
application/javascript 104.26.15.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d25billingual.rtoero.ca/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.9.5
Requested by: Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 23 May 2024 13:50:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"664f49ab-2cf9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Oj2Ud6FJ%2FI8NpyYWAzbW5W%2BtGBKMqgxHDey96U29f%2BlOXZaZDBCId6zuCZs4r%2BcW2IWEn6%2BUNKb6WVEti5fEFyZH8nbPlZ7jAcTweonLOa2vqY%2BePdHPiCkaRyL9dc0P0DRByMY4Ha22"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 89dbebdadbca3700-YYZ

GET
H2 200 index.js Show response
d25billingual.rtoero.ca/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 145ms
138ms Script
application/javascript 104.26.15.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d25billingual.rtoero.ca/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.9.5
Requested by: Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d702e5ed1e573918d912775ac1e88987fc177aa51efe1253a08f71ab54f96516

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 23 May 2024 13:50:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"664f49ab-32fe"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U%2B%2FT9ieJNUc98ZM5%2FbWSoXEmveNbfCtBQkup605Yf3XsGGaMZfC32TgCX29ZAEXZSVAuo%2FFBQxGKAcdg8tT4eQM8C5lBLRro6qHzqJcxGphLlfFF3u4exxcoB7pUeN17ZglKTm2Njp40"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 89dbebdadbcb3700-YYZ

GET
H2 200 custom.js Show response
rtoero.ca/wp-content/themes/RTO/assets/js/ 59 KB
11 KB 189ms
87ms Script
application/javascript 172.67.74.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtoero.ca/wp-content/themes/RTO/assets/js/custom.js?ver=66861295ee847
Requested by: Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a23ea4347ef584030ec7d4724b725de0ea7f4ce02f54a9d590dfc67ce5491583

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 24 Jun 2024 15:35:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66799231-ec9d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YT2DQPqzmok680P%2FO%2FyE3iG0kXHawm0k4SAjjx%2BziJALp%2BRoNs9osGMIi78AWWCh4GmhNY45%2BQFY3Zw99eiEglCFgn3msKaXnm0fGYIdM7MvMGcT84uWHAoBdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 89dbebdb4851ac52-YYZ

GET
H2 200 dflip.min.js Show response
d25billingual.rtoero.ca/wp-content/plugins/3d-flipbook-dflip-lite/assets/js/ 247 KB
63 KB 153ms
147ms Script
application/javascript 104.26.15.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d25billingual.rtoero.ca/wp-content/plugins/3d-flipbook-dflip-lite/assets/js/dflip.min.js?ver=2.2.32
Requested by: Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f044f24015dcdecb74ef693e5c19fc157bb86984d1fe2a2b96fcb3ec11ed99fd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 06 May 2024 17:40:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66391609-3dbf0"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZNDjfp1GzZYFRb%2FGNut5w6M6j0nYuVsLqmsRneRRmUfzn2%2B1QBtLbDGWLFIHivcD9Raljpz%2BHkSSORMuMFwhGcNfPasI%2BxwZe1dRz1roE3swO1tIzmyxTMC5uFEjXrK%2BTLUwRvbj22qy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 89dbebdadbcd3700-YYZ

GET
H2 200 new-tab.js Show response
d25billingual.rtoero.ca/wp-content/plugins/page-links-to/dist/ 34 KB
13 KB 128ms
122ms Script
application/javascript 104.26.15.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d25billingual.rtoero.ca/wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.3.7
Requested by: Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dceecf8eaa03968e40b767206be8a36a13d7444557fced227454ae4f100e5c9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 06 May 2024 17:36:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66391515-8687"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bJRmwWmgdwu7lXrLZNLGp2pHXHZuNBbJq3Tggcv8HLAskBiU7J3EEZszPG0S%2BtjzFI6d6FGeXzClDZZg4D4a0G4aW0Dscdau3%2BIVMxQfU2Z%2BnY4lxUI%2FJ%2Fr29dyCHR6%2FC0HSrSBZJcj6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 89dbebdadbd03700-YYZ

GET
H2 200 smush-lazy-load.min.js Show response
d25billingual.rtoero.ca/wp-content/plugins/wp-smushit/app/assets/js/ 8 KB
4 KB 180ms
175ms Script
application/javascript 104.26.15.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d25billingual.rtoero.ca/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.16.4
Requested by: Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bdcc9e3e427ad3a787ec7efe46d8c305e880eb44402c0000ff52f17ef6b0cdb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 14 Jun 2024 12:34:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"666c38be-2018"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7a6FmE5koZkdbshrD9YSAIIxZ5vtW68IASjl1SmYzUzBBPAlDpe9x%2By7nny58bC3OwywKm8qIJ4cniYQoIU86u%2Fle9bLb0YsJXeCYcMJVh84osuL30Ps26xG04ETXXbfup2UV1z3GmcL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 89dbebdadbd13700-YYZ

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 161ms
65ms Script
text/javascript 64.233.180.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?ver=6.5.4

Requested by

Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.180.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

on-in-f105.1e100.net

Software

GSE /

Resource Hash

cfce45fef72ed85dc66c57fd1fa7262f9686b08188832fbfce26a7a467d455b0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 04 Jul 2024 03:10:16 GMT

GET
H2 200 html5lightbox.js Show response
rtoero.ca/wp-content/themes/RTO/assets/js/ 80 KB
18 KB 137ms
37ms Script
application/javascript 172.67.74.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtoero.ca/wp-content/themes/RTO/assets/js/html5lightbox.js?ver=6.5.4
Requested by: Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c204ba839d4cb440c77f121fce6110770f0c5d08c5cc4420a3cf1078faebe640

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 05 Jun 2020 10:34:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1694895
etag: W/"5eda1fd1-1404d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EqlGpUiSiw0gXSIcP2PUKu8iE%2FhjyPCfocqmiVENxaCOaLbd7Kwev4%2BAuNnekW160s8WPPamKuOY0ZEFKJY%2B1zCvp3ktik5oWtFY9kEVy5o33taLx5Ay2DfG%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 89dbebdb4852ac52-YYZ

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1012 B 581ms
89ms Stylesheet
text/css 172.217.197.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:300,600,700

Requested by

Host: rtoero.ca
URL: https://rtoero.ca/wp-content/themes/RTO/assets/css/app.css?v=66861295e9c11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.197.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f95.1e100.net

Software

ESF /

Resource Hash

501c72763ba3127659e688d4b61b018f78e15e1d4e0464b817282f55fb6cde7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 04 Jul 2024 03:10:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 04 Jul 2024 03:10:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Jul 2024 03:10:17 GMT

GET
H2 200 css
fonts.googleapis.com/ 22 KB
2 KB 584ms
91ms Stylesheet
text/css 172.217.197.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,700,700i

Requested by

Host: rtoero.ca
URL: https://rtoero.ca/wp-content/themes/RTO/assets/css/app.css?v=66861295e9c11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.197.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f95.1e100.net

Software

ESF /

Resource Hash

132f33bb9f7796d6229fbd927409cd4192a59cb8eb8ce4866ba4597675a084ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 04 Jul 2024 03:10:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 04 Jul 2024 03:10:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Jul 2024 03:10:17 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 503ms
41ms Stylesheet
text/css 23.204.152.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=gfe3jxu&ht=tk&f=25629.25630.25631.25632.25633.25634.25635.25636.25637.25638&a=10285557&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/gfe3jxu.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.152.170 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-204-152-170.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://use.typekit.net/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:17 GMT
last-modified: Sun, 10 Mar 2024 12:44:13 GMT
server: nginx
etag: "65edab1d-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 hotjar-490284.js Show response
static.hotjar.com/c/ 9 KB
4 KB 292ms
115ms Script
application/javascript 108.138.106.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-490284.js?sv=6

Requested by

Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-49.jfk50.r.cloudfront.net

Software

Resource Hash

61dbd508f2b1d162d5f95db0bcec347a173b9a5d179199ef9c44078c984cf724

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 04 Jul 2024 03:10:17 GMT
via: 1.1 8ef35b07fe667674a2922c9d83a75c52.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
etag: W/2b214a3dce4a9e1905295aa5598e4f36
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: ta1ISjR8ZQW6NbztfMiX0NCE3kJJD7ORr6hWhev79mhF9JI_ZQ66nQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 405 KB
121 KB 74ms
73ms Script
application/javascript 142.251.163.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WHD7XLP

Requested by

Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

0eef39532855b5ec9aad97e441d1d99a32455da319ba49c359c74baf8ad07044

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 124092
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 04 Jul 2024 03:10:17 GMT

GET
H2 200 app.css
d25billingual.rtoero.ca/wp-content/themes/RTO%20District/assets/css/ 272 KB
43 KB 148ms
147ms Stylesheet
text/css 104.26.15.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d25billingual.rtoero.ca/wp-content/themes/RTO%20District/assets/css/app.css
Requested by: Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/wp-content/themes/RTO%20District/style.css?ver=6.5.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e662a9d167c0cd245f881345165ebc864daf64dc6d2411b8eb05d18c35bafd2b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/wp-content/themes/RTO%20District/style.css?ver=6.5.4
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 22 Apr 2021 17:56:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6081b8e7-44038"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BSGXj2eEhBSglRLFPTEd75%2B00ldjEZwlI6eMtWiB5wOjoRgqTd6YwXztxOswJwJbI2gVI6II%2F30JLBSMNQZt%2FTjQoN2lnAfUr%2FL9b8m%2BhhIZedbUPYKlavSvIR3IDFpyPVSXeUbj%2Fuf4"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 89dbebdfbf203700-YYZ

GET
BLOB 200
OK d266f75e-1f9d-411a-b302-19a9d9b59eec
https://d25billingual.rtoero.ca/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://d25billingual.rtoero.ca/d266f75e-1f9d-411a-b302-19a9d9b59eec
Requested by: Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 twitter-white-logo-svg.svg
rtoero.ca/wp-content/uploads/2023/11/ 386 B
619 B 32ms
31ms Image
image/svg+xml 172.67.74.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtoero.ca/wp-content/uploads/2023/11/twitter-white-logo-svg.svg
Requested by: Host: rtoero.ca
URL: https://rtoero.ca/wp-content/themes/RTO/assets/css/custom-108.css?v=6686129602910
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 833fea356cb7f924aaf4f63927075d868339efc1c9e8f5cb903d7157a07f1c67

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rtoero.ca/wp-content/themes/RTO/assets/css/custom-108.css?v=6686129602910
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 14:55:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4376362
etag: W/"656750f9-182"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U%2Flk3CoT1ECd7e%2Brbhbyjl08anBcE9vl755fWOP6XSkAEMSI1NDcn3gMp8BqNdHn%2FilI2esV6Sm76HJcOenNlz5TFbBl23JcV%2BHdGqnZNrZopRaTa4nrwDlboA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 89dbebe11d50ac52-YYZ

GET
H2 200 l
use.typekit.net/af/625a3c/000000000000000000017724/27/ 20 KB
20 KB 153ms
40ms Font
application/font-woff2 23.204.152.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/625a3c/000000000000000000017724/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/gfe3jxu.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.152.142 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-204-152-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 97fb4708fa522aa19ef6be15dd7002225d4b179a3e5dfa479df01bdda8375a92

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://use.typekit.net/gfe3jxu.css
Origin: https://d25billingual.rtoero.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:17 GMT
server: nginx
etag: "9399c09e1ad3bd361cecbd97b64a840cd74f11fc"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20160

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/ 77 KB
78 KB 243ms
188ms Font
font/woff2 172.67.142.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.142.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Origin: https://d25billingual.rtoero.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:17 GMT
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:45:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5dc01cfcd5336f696cb85da7ce53fa9b"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Su%2B6ktgYRP%2BeISIkoj9Ro%2FCcq9i7R50z11io6JCiNM%2FBST9ipcePpyOgoWcFjwisOLygyMOcZhrPfnASpJ1rmaYouhgByJNpVgvrqsQaUiEFGnvHh%2F57s1wHRA7t%2BSlvbx13ZisL"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 89dbebe1adeeb409-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 79100

GET
H2 200 l
use.typekit.net/af/4e8f1c/00000000000000000001771b/27/ 19 KB
19 KB 157ms
45ms Font
application/font-woff2 23.204.152.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/4e8f1c/00000000000000000001771b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/gfe3jxu.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.152.142 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-204-152-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e8fd1a4ddc838148ddb16b4111f250aaebc12fa595445c04e621874f8e7201ee

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://use.typekit.net/gfe3jxu.css
Origin: https://d25billingual.rtoero.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:17 GMT
server: nginx
etag: "1e4bb09579655e22898b075fa98e078d99f5b015"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19768

GET
H2 200 l
use.typekit.net/af/8efdc5/000000000000000000017722/27/ 16 KB
16 KB 200ms
88ms Font
application/font-woff2 23.204.152.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/8efdc5/000000000000000000017722/27/l?subset_id=2&fvd=n8&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/gfe3jxu.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.152.142 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-204-152-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 417e1b7585956934ed2d1f4d50c7731164cd54416adc57257a86331ab3be25ce

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://use.typekit.net/gfe3jxu.css
Origin: https://d25billingual.rtoero.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:17 GMT
server: nginx
etag: "9cccf08145461bf24c0124752a2c143ec77d49bd"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16068

GET
H2 200 l
use.typekit.net/af/393a58/00000000000000000001771d/27/ 16 KB
16 KB 201ms
89ms Font
application/font-woff2 23.204.152.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/393a58/00000000000000000001771d/27/l?subset_id=2&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/gfe3jxu.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.152.142 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-204-152-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4f8884e3bc0559044b03b7422eec5e334402be53d1aa1dbf679d3e46f12ca64f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://use.typekit.net/gfe3jxu.css
Origin: https://d25billingual.rtoero.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:17 GMT
server: nginx
etag: "04f830d0129f7709d97a6775599b8a6eee244700"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16296

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/ 73 KB
73 KB 134ms
80ms Font
font/woff2 172.67.142.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.142.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eed474a49bdbf745c19e463f070e67977c1ab27835603eb749d9e5c249cf81f8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Origin: https://d25billingual.rtoero.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:17 GMT
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:45:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "eac60e8a656781e13d2a674b4d9051c0"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DqscHs8gCtAuj1%2FjL2FRGmWG9hr2SNTMaLCgzKNvi%2BstytFl95m0d7dpQdu0lO76XAeM%2F8vm9cNz9fl3JxEx%2FR1JuZSW6AxG5bwX9tJoAhrScxl1M1E6hYL8WU8seQhNSIvDRuX2"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 89dbebe1adf2b409-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 74288

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 324ms
220ms Fetch
text/plain 74.125.192.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-DLEEDL08SQ&gtm=45je4730v9172213026za200&_p=1720062617532&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=2131685143.1720062618&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720062617&sct=1&seg=0&dl=https%3A%2F%2Fd25billingual.rtoero.ca%2F&dt=Home%20-%20Stormont%20Dundas%20Glengarry&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=5442&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DLEEDL08SQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.192.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: qn-in-f102.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 03:10:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://d25billingual.rtoero.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 print-icon.png
d25billingual.rtoero.ca/wp-content/themes/RTO%20District/assets/img/ 312 B
634 B 172ms
170ms Image
image/png 104.26.15.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d25billingual.rtoero.ca/wp-content/themes/RTO%20District/assets/img/print-icon.png
Requested by: Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d89f1f0ab7665f9422f2adf9b2f44ad70e0709ba0fa10a952bb08141a598aca4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:18 GMT
cf-cache-status: MISS
last-modified: Fri, 05 Jun 2020 10:34:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5eda1fc8-138"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ze03boVQlQ%2B4EBogHO69lU0rGto4zTbInEOSrpvp5g%2F%2B2%2B762BpygyMyL%2BFFWb3S9aBtYcx1oTR0P82hgXeACKCcsmYNkII0AilcruobJwFG439bnocGmKJ4aOo%2BJALEooceHLrLPSVT"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 89dbebe1c8963700-YYZ
content-length: 312

GET
H2 200 Gala-Invitation-English-1-pdf.jpg
d25billingual.rtoero.ca/wp-content/uploads/sites/64/2024/06/ 103 KB
104 KB 170ms
169ms Image
image/jpeg 104.26.15.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d25billingual.rtoero.ca/wp-content/uploads/sites/64/2024/06/Gala-Invitation-English-1-pdf.jpg
Requested by: Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86a2eb82a80b205fabd137d20f19328c29f429beddb952324a10974331f65eae

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:18 GMT
cf-cache-status: MISS
last-modified: Mon, 17 Jun 2024 12:00:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66702567-19d52"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dnL9ZtF5E4zEmbB3vtzSVfjCHxBrEhkiikverazyT6KPJHUqmeSWfwYqe5N4E8tMMNJBYx2ov8GhBiqT%2BLQA%2F8xDCDCZ6kABjYuktxp54Y86SBQSaq55299gDw11VfACo%2BgXBsJ0L%2Feo"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 89dbebe1c89a3700-YYZ
content-length: 105810

GET
H2 200 Toronto-May.jpg
d25billingual.rtoero.ca/wp-content/uploads/sites/64/2024/06/ 219 KB
219 KB 105ms
104ms Image
image/jpeg 104.26.15.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d25billingual.rtoero.ca/wp-content/uploads/sites/64/2024/06/Toronto-May.jpg
Requested by: Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b10bd265b370033116ab3f44598664a0702f2ec948f8aeeaa9e2562022ebbc20

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:17 GMT
cf-cache-status: MISS
last-modified: Mon, 17 Jun 2024 12:00:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6670256a-36ad3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H1n5mW6TTaDF0w%2FtJuRyNGSEjlobmBzjolnJTP%2FXxXhLJrPnVCf%2FSjuEbUgj0L1KJ8HboSLhk2WaJRckh6Lgs%2FGIbGrsLCUSeeniT3NThILUsNKNPHSnNv8tf%2BsB%2FzG0j4%2BHNtO556oz"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 89dbebe1c89b3700-YYZ
content-length: 223955

GET
H2 200 gardening_summer.jpg
d25billingual.rtoero.ca/wp-content/uploads/sites/64/2022/06/ 162 KB
162 KB 194ms
193ms Image
image/jpeg 104.26.15.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d25billingual.rtoero.ca/wp-content/uploads/sites/64/2022/06/gardening_summer.jpg
Requested by: Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7659634acfce4d69f4c631bccd10ebb5e5224781954f698b7a98867027553bf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:18 GMT
cf-cache-status: MISS
last-modified: Mon, 17 Jun 2024 12:00:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66702542-2875c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AhWHOxqefuAIt%2BJGkCKzDRdPkvh%2B7ThpkuGpJkkU3M13fLSs8q%2BdaZ%2Bq2KH7Mci6gYDSLntG00xOb3twpAH6RMd03HsWnCGeQa5tHCrhsc8X9g3eJLXuRBF%2BRalSpju4f3AkJl1vBt9L"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 89dbebe1c89d3700-YYZ
content-length: 165724

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/ 534 KB
212 KB 158ms
52ms Script
text/javascript 173.194.204.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?ver=6.5.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.204.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f94.1e100.net

Software

sffe /

Resource Hash

0ec782544506a0aea967ea044659c633e1ee735b79e5172cb263797cc5cefe3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Origin: https://d25billingual.rtoero.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 13:59:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 216123
x-xss-protection: 0
last-modified: Sun, 23 Jun 2024 08:01:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 03 Jul 2025 13:59:22 GMT

GET
H2 200 MuseumFBfall1440.jpg
d25billingual.rtoero.ca/wp-content/uploads/2022/10/ 353 KB
353 KB 172ms
172ms Image
image/jpeg 104.26.15.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d25billingual.rtoero.ca/wp-content/uploads/2022/10/MuseumFBfall1440.jpg
Requested by: Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba9d39efd0966d7ab74650114970cdb78787ce4a485a71eae2a8849ce5c55d69

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:18 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Oct 2022 16:42:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63596384-5827b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O97TL30cK172VFyzF0PlUYJEeAKkAHIp4Dka5bXNr%2Fnd5SigKmxyZGJntirBXxRUGrvQnxlP%2F%2BbwzYyWKnAJs4JaOox04%2B2u4hI05he9%2B6umejWXFpYVIUtEK%2BpQvkfY8UBU2IYZw7x6"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 89dbebe1c89e3700-YYZ
content-length: 361083

GET
H2 200 modules.e4b2dc39f985f11fb1e4.js Show response
script.hotjar.com/ 223 KB
56 KB 177ms
44ms Script
application/javascript 18.164.96.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-490284.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.96.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-96-77.jfk50.r.cloudfront.net

Software

Resource Hash

619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 08:11:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 48fa2d8b9525abe889eff7ccc8591f7e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 241151
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56291
last-modified: Mon, 01 Jul 2024 08:10:34 GMT
etag: "ca025d2d8ae4b3dc51e058b782590501"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: NDBuiqj87tS4Q7wpKupza_pxpui_NF4_ZY_AztewiK5jM62TsVresQ==

GET
H2 200 RTO_50x2.svg
d25billingual.rtoero.ca/wp-content/uploads/2024/03/ 29 KB
10 KB 81ms
81ms Image
image/svg+xml 104.26.15.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d25billingual.rtoero.ca/wp-content/uploads/2024/03/RTO_50x2.svg
Requested by: Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e7de54973999a82b0b813bce869ed1610a0d0802a2aacb8a84c6d85528ac1ad

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 07 Mar 2024 16:30:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65e9ebb4-7441"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qg0h6X4NwAvGX8qLp6xJ0mWHSOWdhmCgPF0mxQdUAF%2FHWE4mPv0qNM8OliMf0%2BHkiIb03QZWU0CQ9i1336aUJ4aaNMFcMHXfyDwW4CPCR%2F852PryfDgtLV0CAKUQQXYoAO0kGPZCxuUc"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 89dbebe1e8be3700-YYZ

GET
H2 200 wp-emoji-release.min.js Show response
d25billingual.rtoero.ca/wp-includes/js/ 18 KB
5 KB 146ms
146ms Script
application/javascript 104.26.15.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d25billingual.rtoero.ca/wp-includes/js/wp-emoji-release.min.js?ver=6.5.4
Requested by: Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 10 Apr 2024 14:17:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66169f67-4926"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u5lus%2Fdp%2BnXH9DqHWqV9lapVHmAXmX59m%2FsIrg4fXzplEvPmEiXWMwOIApBjSVc%2BBytL6phAv2lqUtLOAIxleV7nN8Lb37qGOmYvPCnCTOuuJBXO0cs652S6t0h9dz%2FOL1K%2FfEz0kbS9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 89dbebe1e8bf3700-YYZ

GET
H2 200 froogaloop2.min.js Show response
rtoero.ca/wp-content/themes/RTO/assets/js/ 0
285 B 36ms
36ms Script
application/javascript 172.67.74.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtoero.ca/wp-content/themes/RTO/assets/js/froogaloop2.min.js
Requested by: Host: rtoero.ca
URL: https://rtoero.ca/wp-content/themes/RTO/assets/js/html5lightbox.js?ver=6.5.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:17 GMT
cf-cache-status: HIT
last-modified: Fri, 12 Jun 2020 13:19:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10906561
etag: "5ee380e5-0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n1ppOFCSlDcXbD0zvwbLO3X9wJsubb5jKWwoa73Xen%2FH%2FXpTAJ0FyI0mTYvMZcf3f8ZYDYEEuuFCLMw7p9kYKBvC%2BSeFFnW6RN2BG10CfXfCAp4VnQXhDt2x1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 89dbebe1fe35ac52-YYZ
content-length: 0

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 170ms
64ms Script
text/javascript 173.194.205.93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: rtoero.ca
URL: https://rtoero.ca/wp-content/themes/RTO/assets/js/html5lightbox.js?ver=6.5.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.205.93 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qm-in-f93.1e100.net

Software

ESF /

Resource Hash

96e567e55058088bf057ebeb964b202435a2c745a55f49df106fe22f2a9a8e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:18 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 04 Jul 2024 03:10:18 GMT

GET
H2 200 fontello.css
rtoero.ca/wp-content/themes/RTO/assets/js/icons/css/ 41 B
341 B 35ms
34ms Stylesheet
text/css 172.67.74.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtoero.ca/wp-content/themes/RTO/assets/js/icons/css/fontello.css
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.4.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80b872bd243d2453db96ec8d8ddc77072c5bf81a0fb9c9db77e893576b1a37c1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:17 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Jun 2020 10:34:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10906561
etag: "5eda1fd1-29"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9THd2OICPVpz3YqntV79civqcRqFKP7wFfMEURyfJnO8Wg4%2BXhVecutRncb7S%2FS1nTPyn5c3Kfwek%2FBVVYk%2By2B9wMwX80dwS%2FLvZ6%2Br6awPQSDixzHoF0u%2BtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 89dbebe1fe36ac52-YYZ
content-length: 41

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 351 KB
110 KB 156ms
156ms Script
application/javascript 142.251.163.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WLP5TTPWDS&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHD7XLP

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

b06488ce2b2c37321d0fda5665a86de18186179c67beac21e4b26d1d8b1bcced

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 112110
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 04 Jul 2024 03:10:18 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 98ms
51ms Script
text/javascript 74.125.192.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHD7XLP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.192.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qn-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 04 Jul 2024 02:49:22 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1255
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 04 Jul 2024 04:49:22 GMT

GET
H2 200 hotjar-490284.js Show response
static.hotjar.com/c/ 9 KB
4 KB 42ms
41ms Script
application/javascript 108.138.106.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-490284.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHD7XLP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-49.jfk50.r.cloudfront.net

Software

Resource Hash

61dbd508f2b1d162d5f95db0bcec347a173b9a5d179199ef9c44078c984cf724

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 04 Jul 2024 03:10:17 GMT
via: 1.1 8ef35b07fe667674a2922c9d83a75c52.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
etag: W/2b214a3dce4a9e1905295aa5598e4f36
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: HzwiLb0Jiqs3JvSGp9dG5ZqCftz7odywOTpCEqumo2L375VNzQigCg==

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 261 KB
90 KB 133ms
133ms Script
application/javascript 142.251.163.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-923701319&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHD7XLP

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

b249aa6ed3a2931210d2d7033c614cc3eceb50c9619a980fae73398b0273d69d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92615
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 04 Jul 2024 03:10:18 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 38 KB
14 KB 185ms
42ms Script
application/javascript 23.200.3.23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHD7XLP

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.200.3.23 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-200-3-23.deploy.static.akamaitechnologies.com

Software

Resource Hash

942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 Jun 2024 16:47:26 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=40743
accept-ranges: bytes
content-length: 14004

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 261ms
59ms Script
application/javascript 204.79.197.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHD7XLP

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 04 Jul 2024 03:10:17 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 710F695B566540B0B80EE3EFE76A989A Ref B: YTO01EDGE0819 Ref C: 2024-07-04T03:10:18Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 222 KB
59 KB 135ms
42ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 04 Jul 2024 03:10:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58293
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=42, rtx=0, c=12, mss=1316, tbw=2791, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: 7oe+9YFmTDQZ8RoySsRokZdoe7cQJk7D64xrrE06BLiOk+eoiuW7en8PiE1GN+JTJg5exD36Ea3C4Hw4i8Fe0A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 swap.js Show response
cdn.calltrk.com/companies/903065024/be14e491a0367578070a/12/ 32 B
575 B 187ms
53ms Script
text/javascript 18.164.116.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.calltrk.com/companies/903065024/be14e491a0367578070a/12/swap.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHD7XLP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.116.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-116-4.jfk50.r.cloudfront.net

Software

Resource Hash

d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:18 GMT
via: 1.1 7edae070a6a25cc68c970c1111701a20.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: JFK50-P6
x-cache: Miss from cloudfront
content-length: 32
x-xss-protection: 1; mode=block
x-request-id: ed1c20fe-fa97-4b4f-a0aa-73fee069cf22
x-runtime: 0.003954
referrer-policy: strict-origin-when-cross-origin
etag: W/"d18beba8a6db32dd84b24258cf6542ac"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600, public
timing-allow-origin: *
x-amz-cf-id: uyIWg5I3LOjbBuo9ZyYMZ25sb5-IRlhQ7TAloEzWqJCGAro0X8ml2g==

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 12 KB
5 KB 467ms
335ms Script
application/x-javascript 108.139.33.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHD7XLP
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.33.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-33-128.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 18:28:09 GMT
Content-Encoding: gzip
Via: 1.1 c4ce298584668e99f320a46c88c4a04a.cloudfront.net (CloudFront)
Last-Modified: Fri, 07 Jun 2024 09:20:53 GMT
Server: AmazonS3
X-Amz-Cf-Pop: JFK50-P2
Age: 31330
ETag: W/"a7eb6794e868fe870db350518165c868"
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: m67nEpg7JVfWT2yyrTCqC0NUOH0iYTCANA6PkTuCbVEAQkdK_YpJUA==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 205 KB
74 KB 106ms
106ms Script
application/javascript 142.251.163.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-11102789

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHD7XLP

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

abff875b7385e0e5696ec84bd0c97eb4cd45e5d13055c3269c6da42b9b85443f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76184
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 04 Jul 2024 03:10:18 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 353ms
94ms Script
application/javascript 192.184.67.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.184.67.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:18 GMT
content-encoding: gzip
etag: "bvEECQq4Zy6gU9J/qv1O6Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 11 Jul 2024 03:10:18 GMT

GET
H2 200 events.js Show response
tags.srv.stackadapt.com/ 22 KB
8 KB 198ms
44ms Script
text/javascript 75.101.206.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.101.206.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-75-101-206-82.compute-1.amazonaws.com
Software: /
Resource Hash: 8fd863b717aaf4d127aeef3e241897157eddec9d68d9160d58b66db8e3cf6c89

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Thu, 04 Jul 2024 03:10:18 GMT
cache-control: max-age=5
content-encoding: gzip
content-type: text/javascript

GET
H2

200

pixel
pixel.mediaiqdigital.com/
Redirect Chain

https://secure.adnxs.com/px?id=1500973&seg=27062092&redir=https%3A%2F%2Fpixel.mediaiqdigital.com%2Fpixel%3F%26pixel_id%3D1500973%26uid%3D%24%7BUID%7D&t=2
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1500973%26seg%3D27062092%26redir%3Dhttps%253A%252F%252Fpixel.mediaiqdigital.com%252Fpixel%253F%2526pixel_id%253D1500973%2526uid%253D%2524%257BUID%257D%2...
https://pixel.mediaiqdigital.com/pixel?&pixel_id=1500973&uid=8969050809883223490

2 B
82 B

227ms
44ms

Image
application/json

34.232.232.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mediaiqdigital.com/pixel?&pixel_id=1500973&uid=8969050809883223490
Requested by: Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/
Protocol: H2
Server: 34.232.232.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-232-6.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://d25billingual.rtoero.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 04 Jul 2024 03:10:18 GMT
content-length: 2
content-type: application/json; charset=utf-8

Redirect headers

pragma: no-cache
date: Thu, 04 Jul 2024 03:10:18 GMT
an-x-request-uuid: 42225d45-cfba-48d9-b28d-94b0d53e93b3
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://pixel.mediaiqdigital.com/pixel?&pixel_id=1500973&uid=8969050809883223490
x-proxy-origin: 149.88.16.232; 149.88.16.232; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

iui3
s.amazon-adsystem.com/
Redirect Chain

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Daa2d2b86-b867-288a-3ed5-b68b89bc6e9b%26type%3D17%26m%3D7&ex-fch=416613&ex-src=https://rtoero.ca/&ex-hargs=v%3D1.0%3Bc%3D1927224680...
https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Daa2d2b86-b867-288a-3ed5-b68b89bc6e9b%26type%3D17%26m%3D7&ex-fch=416613&ex-src=https://rtoero.ca/&ex-hargs=v%3D1.0%3Bc%3D1927224680...

43 B
855 B

64ms
64ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Daa2d2b86-b867-288a-3ed5-b68b89bc6e9b%26type%3D17%26m%3D7&ex-fch=416613&ex-src=https://rtoero.ca/&ex-hargs=v%3D1.0%3Bc%3D1927224680701%3Bp%3DAA2D2B86-B867-288A-3ED5-B68B89BC6E9B&dcc=t

Requested by

Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://d25billingual.rtoero.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Jul 2024 03:10:18 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: KT5DFW51SRG58ZKM1CYH
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 04 Jul 2024 03:10:18 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: J0J303NGSRDCG5A2Z6C8
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Daa2d2b86-b867-288a-3ed5-b68b89bc6e9b%26type%3D17%26m%3D7&ex-fch=416613&ex-src=https://rtoero.ca/&ex-hargs=v%3D1.0%3Bc%3D1927224680701%3Bp%3DAA2D2B86-B867-288A-3ED5-B68B89BC6E9B&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
226 B 54ms
52ms XHR
text/plain 74.125.192.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2148788&t=pageview&_s=1&dl=https%3A%2F%2Fd25billingual.rtoero.ca%2F&ul=en-ca&de=UTF-8&dt=Home%20-%20Stormont%20Dundas%20Glengarry&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAACAAI~&jid=1198526604&gjid=85992417&cid=2131685143.1720062618&tid=UA-42385331-1&_gid=148208757.1720062618&_slc=1&gtm=45He4730n81WHD7XLPv79917186za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&z=234783092

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.192.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qn-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

d508a6f440c778c851aba085cee2b4e90c80fc0729ac7a7f512d530b4e6496eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 03:10:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://d25billingual.rtoero.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
354 B 208ms
101ms XHR
text/plain 172.217.222.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-42385331-1&cid=2131685143.1720062618&jid=1198526604&gjid=85992417&_gid=148208757.1720062618&_u=YCDAgEABAAAAAGAAI~&z=662548426

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.222.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 04 Jul 2024 03:10:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://d25billingual.rtoero.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 52ms
51ms XHR
text/plain 74.125.192.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2148788&t=pageview&_s=1&dl=https%3A%2F%2Fd25billingual.rtoero.ca%2F&ul=en-ca&de=UTF-8&dt=Home%20-%20Stormont%20Dundas%20Glengarry&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAAEABAAAAAGAAI~&jid=1836902934&gjid=277840761&cid=2131685143.1720062618&tid=UA-42385331-1&_gid=148208757.1720062618&_r=1&gtm=45He4730n81WHD7XLPv79917186za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&z=649619018

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.192.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qn-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 03:10:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://d25billingual.rtoero.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tulips_spring.jpg
d25billingual.rtoero.ca/wp-content/uploads/sites/64/2022/06/ 42 KB
43 KB 101ms
101ms Image
image/jpeg 104.26.15.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d25billingual.rtoero.ca/wp-content/uploads/sites/64/2022/06/tulips_spring.jpg
Requested by: Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bc6a73798e916797d48261bba60743dd14d07e0da9100d892ab2ca4c8b1876b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:18 GMT
cf-cache-status: MISS
last-modified: Mon, 17 Jun 2024 12:00:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66702542-a9d5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YJcNiinizqTGxuOQTmxbQHajvT5lVBH0gxuv%2FnC4dazyQ4ANhOcEmTFYIqQ1Yd8Hvgq84KvA5Dz3Lc9s9BpuNH9uQcia9zz2%2BEljx697Jxzl1yHMlQwk4YDRHtWeoJeL2QZ9rC5QP1hT"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 89dbebe2e9603700-YYZ
content-length: 43477

GET
H2 200 RTOERO-50th-anniversary-emblem-002.png
d25billingual.rtoero.ca/wp-content/uploads/sites/64/2023/11/ 746 KB
747 KB 129ms
129ms Image
image/png 104.26.15.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d25billingual.rtoero.ca/wp-content/uploads/sites/64/2023/11/RTOERO-50th-anniversary-emblem-002.png
Requested by: Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bb4906f9fa5845ebdc727580f55f472afbf68ca01be5e1d7e5595592b885b14

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:18 GMT
cf-cache-status: MISS
last-modified: Mon, 17 Jun 2024 12:00:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66702560-ba85e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tepk%2BLsFhQrTk7e51T1ATa5ywN%2FF6CKPnPbL8Ojt9Rv3Hc2E1Z640DVn3il2%2FnNq%2FBzJ8hqF%2FLytgeQN18lsZeCSQ%2FDzsM9uXTqs7o%2FDxO6DTnMLmUYmca0Arb4W7n0vGuI2FmSlGP7l"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 89dbebe2e9633700-YYZ
content-length: 763998

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/5352eb4f/www-widgetapi.vflset/ 31 KB
10 KB 54ms
53ms Script
text/javascript 173.194.205.93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5352eb4f/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.205.93 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qm-in-f93.1e100.net

Software

sffe /

Resource Hash

d7a4d3c6bbb813b80afb47a45e75320ff14b02e65ad1ca740d62bcbfb646f2ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 09:15:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 150903
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10362
x-xss-protection: 0
last-modified: Tue, 02 Jul 2024 04:25:50 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 02 Jul 2025 09:15:15 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 355 KB
111 KB 80ms
79ms Script
application/javascript 142.251.163.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WLP5TTPWDS&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

d56fd91e726d5b0c14747febdab43d401269ca66e5899347c733edd89cd74008

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 113830
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 04 Jul 2024 03:10:18 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 150ms
102ms XHR
text/plain 172.217.222.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-42385331-1&cid=2131685143.1720062618&jid=1836902934&gjid=277840761&_gid=148208757.1720062618&_u=YCDAAEABAAAAAGAAI~&z=312453855

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.222.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 04 Jul 2024 03:10:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://d25billingual.rtoero.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
761 B 217ms
125ms XHR
application/json 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=1657994&time=1720062618143&url=https%3A%2F%2Fd25billingual.rtoero.ca%2F
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: *
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:18 GMT
content-encoding: gzip
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 4DB0BFC41590415A9539E314CB749CFF Ref B: YTO01EDGE0821 Ref C: 2024-07-04T03:10:18Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-ltx1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYcY0lab2DZUKJ+8iaCeg==
x-fs-uuid: 00061c63495a6f60d950a27ef226827a

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1657994&time=1720062618143&url=https%3A%2F%2Fd25billingual.rtoero.ca%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1657994&time=1720062618143&url=https%3A%2F%2Fd25billingual.rtoero.ca%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1657994%26time%3D1720062618143%26url%3Dhttps%253A%252F%252Fd25billingual.rtoero.c...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1657994&time=1720062618143&url=https%3A%2F%2Fd25billingual.rtoero.ca%2F&cookiesTest=true&liSync=true

0
162 B

118ms
117ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1657994&time=1720062618143&url=https%3A%2F%2Fd25billingual.rtoero.ca%2F&cookiesTest=true&liSync=true
Requested by: Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://d25billingual.rtoero.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 04 Jul 2024 03:10:18 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 79708A7A74804709AFD98F87642BA826 Ref B: YTO01EDGE0819 Ref C: 2024-07-04T03:10:18Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYcY0lht/M/L+Kt7fH6Mg==

Redirect headers

strict-transport-security: max-age=31536000
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
date: Thu, 04 Jul 2024 03:10:18 GMT
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAYcY0lfueu1ouCHr1bMMQ==
pragma: no-cache
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 3D84ED9E68024080A061F49FB11ADA21 Ref B: YTO01EDGE0819 Ref C: 2024-07-04T03:10:18Z
x-frame-options: sameorigin
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1657994&time=1720062618143&url=https%3A%2F%2Fd25billingual.rtoero.ca%2F&cookiesTest=true&liSync=true
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 490284 Show response
vc.hotjar.io/sessions/ 0
231 B 290ms
104ms XHR
text/plain 18.164.96.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/490284?s=0.25&r=0.20872655537900453
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.96.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-96-54.jfk50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Thu, 04 Jul 2024 03:10:18 GMT
cache-control: no-store
via: 1.1 82139f26335f87e45d45c08d5208817a.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
x-amz-cf-id: xwXPgc-9adno_uQ80extDqLc3ylGLBhgG32TkltHc3MH7fzjuUIYeg==
x-cache: Miss from cloudfront

POST
H2 200 / Show response
content.hotjar.io/ 56 B
171 B 1121ms
826ms XHR
application/json 52.208.243.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?site_id=490284&gzip=1
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.208.243.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-243-88.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d825a15f338d918c1b178e89b21a222a813defc6a4ecbbcd1c49c8511179d9a7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 04 Jul 2024 03:10:19 GMT
content-length: 56
access-control-max-age: 86400
content-type: application/json

GET
H2 200 President-scaled.jpg
d25billingual.rtoero.ca/wp-content/uploads/sites/64/2024/04/ 826 KB
828 KB 112ms
112ms Image
image/jpeg 104.26.15.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d25billingual.rtoero.ca/wp-content/uploads/sites/64/2024/04/President-scaled.jpg
Requested by: Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 654bf216263c1dcdf740018811a474102d4854a4c7d0b2b47756998afcc8983c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:18 GMT
cf-cache-status: MISS
last-modified: Mon, 17 Jun 2024 12:00:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66702565-ce9ed"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qfaSPpoUwrQY%2F%2B7a87Uk1%2BkqNJ3YYcf9kmi0oqQIZCLdFkAMIezXfqq9VTv4aFDUd3t3XIjCvAzcU8Tkv7JVBlOc2ELY6WnHtg1odeAVNaLPXj4motcM84%2BcsHM5Rv%2Bt9XPT3qwSokRe"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 89dbebe46a8a3700-YYZ
content-length: 846317

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 159ms
158ms Image
image/gif 64.233.180.105
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-42385331-1&cid=2131685143.1720062618&jid=1198526604&_u=YCDAgEABAAAAAGAAI~&z=1095417286

Requested by

Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.180.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

on-in-f105.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 03:10:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 513ms
108ms Image
image/gif 173.194.205.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-42385331-1&cid=2131685143.1720062618&jid=1198526604&_u=YCDAgEABAAAAAGAAI~&z=1095417286

Requested by

Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.205.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qm-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 03:10:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 160ms
159ms Image
image/gif 64.233.180.105
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-42385331-1&cid=2131685143.1720062618&jid=1836902934&_u=YCDAAEABAAAAAGAAI~&z=1808361683

Requested by

Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.180.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

on-in-f105.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 03:10:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 826ms
422ms Image
image/gif 173.194.205.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-42385331-1&cid=2131685143.1720062618&jid=1836902934&_u=YCDAAEABAAAAAGAAI~&z=1808361683

Requested by

Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.205.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qm-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 03:10:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/923701319/ 3 KB
1 KB 143ms
58ms Script
text/javascript 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/923701319/?random=1720062618350&cv=11&fst=1720062618350&bg=ffffff&guid=ON&async=1&gtm=45be4730v893038146z879917186za201zb79917186&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fd25billingual.rtoero.ca%2F&hn=www.googleadservices.com&frm=0&tiba=Home%20-%20Stormont%20Dundas%20Glengarry&npa=0&pscdl=noapi&auid=198772131.1720062618&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-923701319&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.157 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f157.1e100.net

Software

cafe /

Resource Hash

ee192486c075b66b41231680693b7c0e75508fd97ada8f0a095e6de4dcb74ee7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 03:10:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1439
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1514984088802937 Show response
connect.facebook.net/signals/config/ 67 KB
15 KB 102ms
101ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1514984088802937?v=2.9.160&r=stable&domain=d25billingual.rtoero.ca&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

68bb7afa748e1fd6b6bd6d967bfcacf51fe25ca4ad76af1c8db6f57d4ca76215

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 04 Jul 2024 03:10:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=43, rtx=1, c=45, mss=1316, tbw=63796, tp=-1, tpl=-1, uplat=59, ullat=0
pragma: public
x-fb-debug: ePN5D/bHtSQCNhMNFxHkCkz1Phf4vDZNAKCb6tKJThKO1UiAAHmb09xVY/5VykbBgVt6rh0WrtwBlzV9DTdNzA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
0 147ms
73ms Fetch
text/plain 216.239.38.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-WLP5TTPWDS&gtm=45je4730v897145538z879917186za200&_p=1720062617532&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=2131685143.1720062618&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1720062618&sct=1&seg=0&dl=https%3A%2F%2Fd25billingual.rtoero.ca%2F&dt=Home%20-%20Stormont%20Dundas%20Glengarry&en=page_view&_fv=1&_ss=1&tfd=6016&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WLP5TTPWDS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 03:10:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://d25billingual.rtoero.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 53ms
52ms Ping
text/plain 172.217.222.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-WLP5TTPWDS&cid=2131685143.1720062618&gtm=45je4730v897145538z879917186za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WLP5TTPWDS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.222.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: qi-in-f157.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 03:10:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://d25billingual.rtoero.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 721ms
441ms Image
image/gif 173.194.205.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-WLP5TTPWDS&cid=2131685143.1720062618&gtm=45je4730v897145538z879917186za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&z=346503167

Requested by

Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.205.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qm-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 03:10:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sa.css
tags.srv.stackadapt.com/ 65 B
203 B 45ms
44ms Stylesheet
text/css 75.101.206.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.101.206.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-75-101-206-82.compute-1.amazonaws.com
Software: /
Resource Hash: 5668c23b19fbe2c691f76395f9deb39d4a83cc2cfe43a8805f7fc28f36b243e4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Thu, 04 Jul 2024 03:10:18 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 65
content-type: text/css

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ 0
2 KB 816ms
729ms Fetch
image/jpeg 75.101.206.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.101.206.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-75-101-206-82.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Thu, 04 Jul 2024 03:10:18 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
content-type: image/jpeg

GET
H2 200 rules-p--exUY_gbNeTJL.js Show response
rules.quantcount.com/ 1 KB
1 KB 175ms
43ms Script
application/javascript 13.226.34.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p--exUY_gbNeTJL.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.34.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-100.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5ad432c3ed5c375d9dbe3c30e3c6060ff38191e70cbf285b05c112bf66dac47d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 02:54:29 GMT
content-encoding: gzip
via: 1.1 c704491f877b150c768ef14eb188ed46.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
age: 1723
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Fri, 14 Oct 2022 00:11:05 GMT
server: AmazonS3
etag: W/"c5e3eb73be0a111ff8678579df6bcef0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: 8sAK2Mp4o_m1L2hn26MMnR3M8utbLJg02EtFmODBNJH1V5bP206L9g==

GET
H2 204 187132903.js Show response
bat.bing.com/p/action/ 0
118 B 59ms
59ms Script
text/plain 204.79.197.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/187132903.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 04 Jul 2024 03:10:17 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 119D95EDC9344BC5A6DC47C99BA2BA74 Ref B: YTO01EDGE0819 Ref C: 2024-07-04T03:10:18Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
360 B 142ms
142ms Image
text/plain 204.79.197.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=187132903&tm=gtm002&Ver=2&mid=c20626d4-aba7-4a8e-b3d7-f984077489f2&sid=f12e86b039b211efbd046b27077ec0e6&vid=f12e799039b211ef8b4a9fe14d9cf646&vids=1&msclkid=N&gtm_tag_source=1&pi=918639831&lg=en-CA&sw=1600&sh=1200&sc=24&tl=Home%20-%20Stormont%20Dundas%20Glengarry&p=https%3A%2F%2Fd25billingual.rtoero.ca%2F&r=&lt=5486&evt=pageLoad&sv=1&rn=842554

Requested by

Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 04 Jul 2024 03:10:17 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 10CB62ECB9C0451EBB629D133F1FAD17 Ref B: YTO01EDGE0819 Ref C: 2024-07-04T03:10:18Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=COqHscu0jIcDFTTe_QUdG-YBxw;src=11102789;type=invmedia;cat=rtero0;ord=2063301954907;npa=0;auiddc=198772131.1720062618;ps=1;pcor=1407959853;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0...
11102789.fls.doubleclick.net/ Frame AA58
Redirect Chain

https://11102789.fls.doubleclick.net/activityi;src=11102789;type=invmedia;cat=rtero0;ord=2063301954907;npa=0;auiddc=198772131.1720062618;ps=1;pcor=1407959853;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B...
https://11102789.fls.doubleclick.net/activityi;dc_pre=COqHscu0jIcDFTTe_QUdG-YBxw;src=11102789;type=invmedia;cat=rtero0;ord=2063301954907;npa=0;auiddc=198772131.1720062618;ps=1;pcor=1407959853;uaa=x...

0
0

113ms
112ms

Document
text/html

173.194.68.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11102789.fls.doubleclick.net/activityi;dc_pre=COqHscu0jIcDFTTe_QUdG-YBxw;src=11102789;type=invmedia;cat=rtero0;ord=2063301954907;npa=0;auiddc=198772131.1720062618;ps=1;pcor=1407959853;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730za200;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fd25billingual.rtoero.ca%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-11102789

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.68.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f148.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://d25billingual.rtoero.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 389
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 Jul 2024 03:10:19 GMT
expires: Thu, 04 Jul 2024 03:10:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 Jul 2024 03:10:19 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11102789.fls.doubleclick.net/activityi;dc_pre=COqHscu0jIcDFTTe_QUdG-YBxw;src=11102789;type=invmedia;cat=rtero0;ord=2063301954907;npa=0;auiddc=198772131.1720062618;ps=1;pcor=1407959853;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730za200;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fd25billingual.rtoero.ca%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=11102789;type=invmedia;cat=rtero0;ord=2063301954907;npa=0;auiddc=198772131.1720062618;ps=1;pcor=1407959853;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromi...
ad.doubleclick.net/ 0
24 B 475ms
421ms Image
image/png 172.217.222.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=11102789;type=invmedia;cat=rtero0;ord=2063301954907;npa=0;auiddc=198772131.1720062618;ps=1;pcor=1407959853;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730za200;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fd25billingual.rtoero.ca%2F?

Requested by

Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.222.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f149.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 03:10:18 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"9909356900174254612"}],"aggregatable_trigger_data":[{"filters":[{"14":["11495507"]}],"key_piece":"0x6e2dbd46f9bb3f09","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x6fd283e32024abc4","not_filters":{"14":["11495507"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"2255164933412306492","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"9909356900174254612","filters":[{"14":["11495507"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"9909356900174254612","filters":[{"14":["11495507"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"9909356900174254612","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"9909356900174254612","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["11102789"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 139353199887453 Show response
connect.facebook.net/signals/config/ 23 KB
4 KB 86ms
85ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/139353199887453?v=2.9.160&r=stable&domain=d25billingual.rtoero.ca&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C125%2C152%2C182%2C184%2C114%2C136%2C140%2C177%2C120%2C219%2C107%2C183%2C118%2C137%2C161%2C148%2C110%2C220%2C154%2C111%2C127%2C115%2C143

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

e9928ecb166412c41d634c62017a49f11e6735043ad844b73d857974c5d73ed9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 04 Jul 2024 03:10:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=44, rtx=0, c=23, mss=1232, tbw=4314, tp=9, tpl=0, uplat=43, ullat=0
pragma: public
x-fb-debug: rSvCOD1BvpvwCFBGBmmuJaMsKI6Eyyg0q76qf0GS+/qRSqltbvlIY8NeFnGyVLZDMakk0nX5Y2dw94ikkyqA7A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 222ms
41ms Image
text/plain 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1514984088802937&ev=PageView&dl=https%3A%2F%2Fd25billingual.rtoero.ca&rl=&if=false&ts=1720062618562&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4124&fbp=fb.1.1720062618559.847139274371591940&cs_est=true&pm=1&hrl=b6ec47&ler=empty&cdl=API_unavailable&it=1720062618371&coo=false&cs_cc=1&cas=7770675462994500%2C5069599623119067%2C2243856609072842&rqm=GET

Requested by

Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=10, mss=1316, tbw=2800, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 04 Jul 2024 03:10:18 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 652ms
471ms Image
image/png 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1514984088802937&ev=PageView&dl=https%3A%2F%2Fd25billingual.rtoero.ca&rl=&if=false&ts=1720062618562&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4124&fbp=fb.1.1720062618559.847139274371591940&cs_est=true&pm=1&hrl=b6ec47&ler=empty&cdl=API_unavailable&it=1720062618371&coo=false&cs_cc=1&cas=7770675462994500%2C5069599623119067%2C2243856609072842&rqm=FGET

Requested by

Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xe07ce1798a9139aa","source_keys":["1","2"]},{"key_piece":"0x147d3b58799db78f","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Thu, 04 Jul 2024 03:10:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7387612693122000600", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=10, mss=1316, tbw=3150, tp=-1, tpl=-1, uplat=55, ullat=0
pragma: no-cache
x-fb-debug: mnyH0UUX7KEygs4n09+2CXx2KY/YliQALHmY67LTniYvVjndsQn07HDXb/iKsrCrNxYCCSwM5JELeGMJaE2BIg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7387612693122000600"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/923701319/ 42 B
64 B 56ms
55ms Image
image/gif 64.233.180.105
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/923701319/?random=1720062618350&cv=11&fst=1720062000000&bg=ffffff&guid=ON&async=1&gtm=45be4730v893038146z879917186za201zb79917186&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fd25billingual.rtoero.ca%2F&hn=www.googleadservices.com&frm=0&tiba=Home%20-%20Stormont%20Dundas%20Glengarry&npa=0&pscdl=noapi&auid=198772131.1720062618&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooL0v1F2EaHmB9PEesZ8_GZD0-aVMvZ5w&random=2281506916&rmt_tld=0&ipr=y

Requested by

Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.180.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

on-in-f105.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 03:10:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/923701319/ 42 B
64 B 207ms
54ms Image
image/gif 173.194.205.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/923701319/?random=1720062618350&cv=11&fst=1720062000000&bg=ffffff&guid=ON&async=1&gtm=45be4730v893038146z879917186za201zb79917186&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fd25billingual.rtoero.ca%2F&hn=www.googleadservices.com&frm=0&tiba=Home%20-%20Stormont%20Dundas%20Glengarry&npa=0&pscdl=noapi&auid=198772131.1720062618&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooL0v1F2EaHmB9PEesZ8_GZD0-aVMvZ5w&random=2281506916&rmt_tld=1&ipr=y

Requested by

Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.205.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qm-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 03:10:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 127ms
41ms Image
text/plain 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=139353199887453&ev=PageView&dl=https%3A%2F%2Fd25billingual.rtoero.ca&rl=&if=false&ts=1720062618656&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4124&fbp=fb.1.1720062618559.847139274371591940&pm=1&hrl=5423d4&ler=empty&cdl=API_unavailable&it=1720062618371&coo=false&cs_cc=1&cas=3041964809248363&rqm=GET

Requested by

Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=10, mss=1316, tbw=2800, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 04 Jul 2024 03:10:18 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 518ms
472ms Image
image/png 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=139353199887453&ev=PageView&dl=https%3A%2F%2Fd25billingual.rtoero.ca&rl=&if=false&ts=1720062618656&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4124&fbp=fb.1.1720062618559.847139274371591940&pm=1&hrl=5423d4&ler=empty&cdl=API_unavailable&it=1720062618371&coo=false&cs_cc=1&cas=3041964809248363&rqm=FGET

Requested by

Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xa5de6b5d4fd7d43a","source_keys":["1","2"]},{"key_piece":"0xbd83d0b875ef7e7f","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Thu, 04 Jul 2024 03:10:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7387612693369620773", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=10, mss=1316, tbw=6860, tp=-1, tpl=-1, uplat=79, ullat=0
pragma: no-cache
x-fb-debug: SZm/l0meqkp/RSrSXI2wzUiNNChnQ9XATMmLfowt3XHK4fRG9FcGi2teF9DXrZ800tCDqVlvN/ggCYxcb1182Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7387612693369620773"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pixel;r=1024920829;labels=_fp.event.PageView;rf=0;a=p--exUY_gbNeTJL;url=https%3A%2F%2Fd25billingual.rtoero.ca%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa...
pixel.quantserve.com/ 35 B
517 B 107ms
86ms Image
image/gif 192.184.67.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1024920829;labels=_fp.event.PageView;rf=0;a=p--exUY_gbNeTJL;url=https%3A%2F%2Fd25billingual.rtoero.ca%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1050825978-1720062618484;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=rtoero.ca;dst=1;et=1720062618662;tzo=420;ogl=locale.en_US%2Ctype.website%2Ctitle.Home%20-%20Stormont%20Dundas%20Glengarry%2Curl.https%3A%2F%2Fd25billingual%252Ertoero%252Eca%2F%2Csite_name.Stormont%20Dundas%20Glengarry;ses=c9504feb-f9e5-4973-9fea-62ea8e27e6a2;mdl=

Requested by

Host: d25billingual.rtoero.ca
URL: https://d25billingual.rtoero.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.184.67.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 03:10:18 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[{"label":["YSA7yGTOzwNEmvjBdNjlSQ=="],"pcode":["p--exUY_gbNeTJL"]}],"trigger_data":"1"}]}
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
200 B 125ms
125ms XHR
text/plain 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: *
Referer: https://d25billingual.rtoero.ca/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:18 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 185383F7B1D642EC9128ADAA0C158C32 Ref B: YTO01EDGE0819 Ref C: 2024-07-04T03:10:18Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
access-control-allow-origin: https://d25billingual.rtoero.ca
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYcY0ljnINJEn18K9QeWg==

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ 94 B
292 B 184ms
184ms XHR
text/plain 75.101.206.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=GQEnSfcok9tX-OK-YAT8XA&is_js=true&landing_url=https%3A%2F%2Fd25billingual.rtoero.ca%2F&t=Home%20-%20Stormont%20Dundas%20Glengarry&tip=PzJG6bohGNzGYCTUixZrrmhvYt_vLG_IAFhdSL5FFr0&host=https%3A%2F%2Fd25billingual.rtoero.ca&l_src=&l_src_d=&u_src=&u_src_d=&shop=false&sa-user-id-v3=s%253AAQAKIIkyHE_5c0iTya8a50UYQ4IT0fTGeLjb0liUsTTn2ZY6EHwYBCCapZi0BjABOgRpr-VwQgTegPl-.9cjVYoMEAs4W%252FmFvcjFnUG0Y7JG46DY42dc7lbh%252FPOM&sa-user-id-v2=s%253Ao59mVMWYWUdqSFzwMfhELpVYEOg.DbcMnnadMGCoMxdxJ6y2NGifJcHISsYB57yjjdx4p7k&sa-user-id=s%253A0-a39f6654-c598-5947-6a48-5cf031f8442e.2qc8QU%252FyE7zRZTu3%252B0S6HZtDhN8%252F5ubqGyPtDFfpWsc
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.101.206.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-75-101-206-82.compute-1.amazonaws.com
Software: /
Resource Hash: 078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://d25billingual.rtoero.ca
date: Thu, 04 Jul 2024 03:10:19 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 94
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8

GET
H2

200

/
match.adsrvr.org/track/upb/ Frame BE45
Redirect Chain

https://insight.adsrvr.org/track/up?adv=tquy0jn&ref=https%3A%2F%2Fd25billingual.rtoero.ca%2F&upid=0tup8h9&upv=1.1.0
https://match.adsrvr.org/track/upb/?adv=tquy0jn&ref=https%3A%2F%2Fd25billingual.rtoero.ca%2F&upid=0tup8h9&upv=1.1.0

0
0

53ms
47ms

Document
text/html

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/upb/?adv=tquy0jn&ref=https%3A%2F%2Fd25billingual.rtoero.ca%2F&upid=0tup8h9&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://d25billingual.rtoero.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html
date: Thu, 04 Jul 2024 03:10:20 GMT
server: Kestrel
vary: Accept-Encoding

Redirect headers

content-length: 281
date: Thu, 04 Jul 2024 03:10:20 GMT
location: https://match.adsrvr.org/track/upb/?adv=tquy0jn&ref=https%3A%2F%2Fd25billingual.rtoero.ca%2F&upid=0tup8h9&upv=1.1.0
server: Kestrel

GET
H2 200 favicon.jpg
rtoero.ca/wp-content/themes/RTO/assets/img/ 930 B
1 KB 34ms
33ms Other
image/jpeg 172.67.74.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtoero.ca/wp-content/themes/RTO/assets/img/favicon.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb2d4203e65c3ca0bc59c6e7f2b979a2a3476d3be28640903a33701c81717f27

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d25billingual.rtoero.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:10:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10919914
content-length: 930
cf-bgj: h2pri
last-modified: Fri, 05 Jun 2020 21:02:29 GMT
server: cloudflare
etag: "5edab2e5-3a2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z8bq5OhdW72zPk8pdBcFk1rIo3%2BmWWxVnHhijNpv7%2BagTipPsVp6Q9LA9747snDjyZwtYRf%2BcS%2FS4vE150f%2BEm2W7uYMR3%2BxKQoUhzru%2F9MIO%2Bwa9aLd2jxmaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 89dbebf04a5bac52-YYZ

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

49 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rtoero.ca/	1970-01-21 07:23:42	Name: _ga_DLEEDL08SQ Value: GS1.1.1720062617.1.0.1720062617.0.0.0
.rtoero.ca/	1970-01-20 23:57:18	Name: _gcl_au Value: 1.1.198772131.1720062618
.rtoero.ca/	1970-01-20 21:49:09	Name: _gid Value: GA1.2.148208757.1720062618
.rtoero.ca/	1970-01-20 21:47:42	Name: _dc_gtm_UA-42385331-1 Value: 1
.rtoero.ca/	1970-01-20 21:47:42	Name: _gat_UA-42385331-1 Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: OhCiDYUZwlg
.youtube.com/	1970-01-21 02:06:54	Name: VISITOR_INFO1_LIVE Value: PN6lrr-pRqo
.youtube.com/	1970-01-21 02:06:54	Name: VISITOR_PRIVACY_METADATA Value: CgJDQRIEGgAgZw%3D%3D
tags.srv.stackadapt.com/	1970-01-21 06:33:18	Name: sa-user-id Value: s%3A0-a39f6654-c598-5947-6a48-5cf031f8442e.2qc8QU%2FyE7zRZTu3%2B0S6HZtDhN8%2F5ubqGyPtDFfpWsc
.srv.stackadapt.com/	1970-01-21 06:33:18	Name: sa-user-id Value: s%3A0-a39f6654-c598-5947-6a48-5cf031f8442e.2qc8QU%2FyE7zRZTu3%2B0S6HZtDhN8%2F5ubqGyPtDFfpWsc
tags.srv.stackadapt.com/	1970-01-21 06:33:18	Name: sa-user-id-v2 Value: s%3Ao59mVMWYWUdqSFzwMfhELpVYEOg.DbcMnnadMGCoMxdxJ6y2NGifJcHISsYB57yjjdx4p7k
.srv.stackadapt.com/	1970-01-21 06:33:18	Name: sa-user-id-v2 Value: s%3Ao59mVMWYWUdqSFzwMfhELpVYEOg.DbcMnnadMGCoMxdxJ6y2NGifJcHISsYB57yjjdx4p7k
tags.srv.stackadapt.com/	1970-01-21 06:33:18	Name: sa-user-id-v3 Value: s%3AAQAKIIkyHE_5c0iTya8a50UYQ4IT0fTGeLjb0liUsTTn2ZY6EHwYBCCapZi0BjABOgRpr-VwQgTegPl-.9cjVYoMEAs4W%2FmFvcjFnUG0Y7JG46DY42dc7lbh%2FPOM
.srv.stackadapt.com/	1970-01-21 06:33:18	Name: sa-user-id-v3 Value: s%3AAQAKIIkyHE_5c0iTya8a50UYQ4IT0fTGeLjb0liUsTTn2ZY6EHwYBCCapZi0BjABOgRpr-VwQgTegPl-.9cjVYoMEAs4W%2FmFvcjFnUG0Y7JG46DY42dc7lbh%2FPOM
.rtoero.ca/	1970-01-21 06:33:18	Name: _hjSessionUser_490284 Value: eyJpZCI6IjBhNjMwNDQxLWI2MDYtNTUzYi1iZjE3LTc3MmE5OWIzNWNiYiIsImNyZWF0ZWQiOjE3MjAwNjI2MTgyNDcsImV4aXN0aW5nIjp0cnVlfQ==
.rtoero.ca/	1970-01-20 21:47:44	Name: _hjSession_490284 Value: eyJpZCI6IjFiMzAyNjFjLTA5NGQtNGE5ZC1hMWU3LTgyMmY2ZTU5NmJmYiIsImMiOjE3MjAwNjI2MTgyNDgsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
.adnxs.com/	1970-01-20 23:57:18	Name: XANDR_PANID Value: BDif_zPcrxqxLQKN3jDbNv6u_22oI49YKUvfL24ixY-5Od4L8FyOHft84EXP44MlYcbBXDarbBN48Vkj3Qnx9gfM0TI4DTZOEaaipBt8GhE.
.adnxs.com/	1970-01-21 07:23:42	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 23:57:18	Name: uuid2 Value: 8969050809883223490
.amazon-adsystem.com/	1970-01-21 04:17:57	Name: ad-id Value: A4eFD-_WDUFZogkaCtUUiYY
.amazon-adsystem.com/	1970-01-21 07:23:42	Name: ad-privacy Value: 0
.linkedin.com/	1970-01-20 23:57:18	Name: li_sugr Value: 05731fe1-2e18-4352-9894-377ec87788da
.linkedin.com/	1970-01-21 06:33:18	Name: bcookie Value: "v=2&e401213b-6bf6-4b72-8a9e-3276d33c5b6f"
.linkedin.com/	1970-01-20 21:49:09	Name: lidc Value: "b=OGST04:s=O:r=O:a=O:p=O:g=3238:u=1:x=1:i=1720062618:t=1720149018:v=2:sig=AQElpDotAN0Kaw05S8QcBc08dpOr6RW-"
.rtoero.ca/	1970-01-21 07:23:42	Name: _ga_WLP5TTPWDS Value: GS1.1.1720062618.1.0.1720062618.60.0.0
.rtoero.ca/	1970-01-21 07:23:42	Name: _ga Value: GA1.1.2131685143.1720062618
.adnxs.com/	1970-01-20 23:57:18	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2GVLj>sh'!]tbP6j2F-XstGt!@Dg.$pW+x
d25billingual.rtoero.ca/	1970-01-21 06:33:18	Name: sa-user-id Value: s%253A0-a39f6654-c598-5947-6a48-5cf031f8442e.2qc8QU%252FyE7zRZTu3%252B0S6HZtDhN8%252F5ubqGyPtDFfpWsc
d25billingual.rtoero.ca/	1970-01-21 06:33:18	Name: sa-user-id-v2 Value: s%253Ao59mVMWYWUdqSFzwMfhELpVYEOg.DbcMnnadMGCoMxdxJ6y2NGifJcHISsYB57yjjdx4p7k
d25billingual.rtoero.ca/	1970-01-21 06:33:18	Name: sa-user-id-v3 Value: s%253AAQAKIIkyHE_5c0iTya8a50UYQ4IT0fTGeLjb0liUsTTn2ZY6EHwYBCCapZi0BjABOgRpr-VwQgTegPl-.9cjVYoMEAs4W%252FmFvcjFnUG0Y7JG46DY42dc7lbh%252FPOM
.rtoero.ca/	1970-01-20 21:49:09	Name: _uetsid Value: f12e86b039b211efbd046b27077ec0e6
.rtoero.ca/	1970-01-21 07:09:18	Name: _uetvid Value: f12e799039b211ef8b4a9fe14d9cf646
.linkedin.com/	1970-01-20 22:30:54	Name: UserMatchHistory Value: AQIC5bkzg6OS6gAAAZB7uKt9OWY4Uu7EcKzmQFFIqkKQ0SWGY7D2rdJ6fm7wYZ46j8RFTxko-17D9A
.linkedin.com/	1970-01-20 22:30:54	Name: AnalyticsSyncHistory Value: AQKDJJqXCe98LQAAAZB7uKt92YRbngrhQ77da7vM-lrxJAb0rkIss8GwfOAeA3fPYdu0f9AG0wILpd6lkTAS6g
.rtoero.ca/	1970-01-20 23:57:18	Name: _fbp Value: fb.1.1720062618559.847139274371591940
.bing.com/	1970-01-21 07:09:18	Name: MUID Value: 1AE145B1A4D46C322E005103A5FE6D3C
.bat.bing.com/	1970-01-20 21:57:47	Name: MR Value: 0
.www.linkedin.com/	1970-01-21 06:33:18	Name: bscookie Value: "v=1&2024070403101814966dd1-cbca-4ad2-861a-4522614f3775AQHMlzK-yD2Q4HL8vj23l8PdngulU6Ri"
.quantserve.com/	1970-01-21 07:17:57	Name: mc Value: 6686129a-cd270-eaa82-dfb7e
.rtoero.ca/	1970-01-21 07:12:11	Name: __qca Value: P0-1050825978-1720062618484
.doubleclick.net/	1970-01-20 22:30:54	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 07:23:42	Name: IDE Value: AHWqTUm11uwSYiGPeOA9WPUN80bF1xnJKqwpBQOy9MOe3Ktdu39KBTMjqXkP93pn
.doubleclick.net/	1970-01-21 02:06:54	Name: receive-cookie-deprecation Value: 1
.adsrvr.org/	1970-01-21 06:33:18	Name: TDID Value: eeaf8f4c-f706-4c02-860e-b1837ccabb53
.rubiconproject.com/	1970-01-21 06:33:18	Name: audit_p Value: 1\|7ZkwwNl38Kw4X5Qm39jqIditEfOnIeJtkJlWkPX7X6rsf3zahXrs4TD/6CFKJNaUEWFB/Vy+sr+M1KxoLazIt9i2Wk5FrGos0XY24Ec+XLsHB6Fzdxnb1RSlrOP/j12LsPz3/TNjbaCzGPdRJu3922US8ROzvYrcRZgcto6CYGlbOz6AjJtUa8ZnH3r7x5VAdeodiyl5GGjkt77VmXBK7kiCfUmSYXqD+ohH/uuQN8oOr/S07bYDcYQkZmofZQkSVSwKu1RXSJT0/fhu8/pkBO4VeIulq+4M1TRwmTZWV3Xc6UO785F0Pw==
.rubiconproject.com/	1970-01-21 06:33:18	Name: khaos Value: LY6OVGCL-W-JILR
.rubiconproject.com/	1970-01-21 06:33:18	Name: khaos_p Value: LY6OVGCL-W-JILR
.rubiconproject.com/	1970-01-21 06:33:18	Name: audit Value: 1\|7ZkwwNl38Kw4X5Qm39jqIditEfOnIeJtkJlWkPX7X6rsf3zahXrs4TD/6CFKJNaUEWFB/Vy+sr+M1KxoLazIt9i2Wk5FrGos0XY24Ec+XLsHB6Fzdxnb1RSlrOP/j12LsPz3/TNjbaCzGPdRJu3922US8ROzvYrcRZgcto6CYGlbOz6AjJtUa8ZnH3r7x5VAdeodiyl5GGjkt77VmXBK7kiCfUmSYXqD+ohH/uuQN8oOr/S07bYDcYQkZmofZQkSVSwKu1RXSJT0/fhu8/pkBO4VeIulq+4M1TRwmTZWV3Xc6UO785F0Pw==
.adsrvr.org/	1970-01-21 06:33:18	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsI-NvB7Jv4jT0QBRIWCgdydWJpY29uEgsI_PnB7Jv4jT0QBRIXCghhcHBuZXh1cxILCPiawuyb-I09EAUYBSABKAMyCwiAuMSZsviNPRAFQg8iDQgBEgkKBXRpZXIyEAFaB3RxdXkwam5gAQ..

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11102789.fls.doubleclick.net
ad.doubleclick.net
analytics.google.com
bat.bing.com
cdn.calltrk.com
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
content.hotjar.io
d25billingual.rtoero.ca
fonts.googleapis.com
googleads.g.doubleclick.net
insight.adsrvr.org
js.adsrvr.org
match.adsrvr.org
p.typekit.net
pixel.mediaiqdigital.com
pixel.quantserve.com
px.ads.linkedin.com
rtoero.ca
rules.quantcount.com
s.amazon-adsystem.com
script.hotjar.com
secure.adnxs.com
secure.quantserve.com
snap.licdn.com
stackpath.bootstrapcdn.com
static.hotjar.com
stats.g.doubleclick.net
tags.srv.stackadapt.com
use.fontawesome.com
use.typekit.net
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.youtube.com
104.17.25.14
104.18.11.207
104.26.15.178
108.138.106.49
108.139.33.128
13.107.42.14
13.226.34.100
142.251.16.157
142.251.163.97
151.101.2.137
172.217.197.95
172.217.222.149
172.217.222.157
172.67.142.245
172.67.74.183
173.194.204.94
173.194.205.93
173.194.205.94
173.194.68.148
18.164.116.4
18.164.96.54
18.164.96.77
192.184.67.40
204.79.197.237
209.54.182.161
216.239.38.181
23.200.3.23
23.204.152.142
23.204.152.170
3.33.220.150
31.13.66.19
31.13.66.35
34.232.232.6
52.208.243.88
64.233.180.105
68.67.160.186
74.125.192.102
75.101.206.82
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
09d6fb50c5410b1bff004a05f5013cd884074e805c2b9a335b47eaf39cbc1708
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0ec782544506a0aea967ea044659c633e1ee735b79e5172cb263797cc5cefe3a
0eef39532855b5ec9aad97e441d1d99a32455da319ba49c359c74baf8ad07044
1101099d69098eb053f987bc68bab89e895c23211a73173b09ed686242debb25
132f33bb9f7796d6229fbd927409cd4192a59cb8eb8ce4866ba4597675a084ef
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2802d8d37ffa6a5d14f7c91dd8a1aac78203165c8620a550f2177593c701f431
3c753bea4a64487a3d0e2e1ee365fceae00dc0f4d3ab2bda3e63f6ad85479753
417e1b7585956934ed2d1f4d50c7731164cd54416adc57257a86331ab3be25ce
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62
480cbbdaf9ea4afde46d8c47c35a98172d4bdc57232c38fd6c44a514ae1c1a87
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4e7de54973999a82b0b813bce869ed1610a0d0802a2aacb8a84c6d85528ac1ad
4f8884e3bc0559044b03b7422eec5e334402be53d1aa1dbf679d3e46f12ca64f
501c72763ba3127659e688d4b61b018f78e15e1d4e0464b817282f55fb6cde7d
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5668c23b19fbe2c691f76395f9deb39d4a83cc2cfe43a8805f7fc28f36b243e4
58c855e7eb9b917e71e6b733e73c542c25bacb986f3ba7df2be1570200312135
5ad432c3ed5c375d9dbe3c30e3c6060ff38191e70cbf285b05c112bf66dac47d
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5bdcc9e3e427ad3a787ec7efe46d8c305e880eb44402c0000ff52f17ef6b0cdb
619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0
61dbd508f2b1d162d5f95db0bcec347a173b9a5d179199ef9c44078c984cf724
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
654bf216263c1dcdf740018811a474102d4854a4c7d0b2b47756998afcc8983c
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
68bb7afa748e1fd6b6bd6d967bfcacf51fe25ca4ad76af1c8db6f57d4ca76215
6989aa5543de096fb2db049c280ee6b448667315857636f0471503e6e97d2ea3
6dceecf8eaa03968e40b767206be8a36a13d7444557fced227454ae4f100e5c9
6ece4ebac8445ed7227d243d0242943edaad4b16e2e4644379cfc4af1d2a3cab
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
80b872bd243d2453db96ec8d8ddc77072c5bf81a0fb9c9db77e893576b1a37c1
8150a6e66442996f64560b128d0effe532ed5eabdf0a8c6176c8c4e8ed502e6f
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
833fea356cb7f924aaf4f63927075d868339efc1c9e8f5cb903d7157a07f1c67
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
86a2eb82a80b205fabd137d20f19328c29f429beddb952324a10974331f65eae
8bb4906f9fa5845ebdc727580f55f472afbf68ca01be5e1d7e5595592b885b14
8bc6a73798e916797d48261bba60743dd14d07e0da9100d892ab2ca4c8b1876b
8fd863b717aaf4d127aeef3e241897157eddec9d68d9160d58b66db8e3cf6c89
942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52
96e567e55058088bf057ebeb964b202435a2c745a55f49df106fe22f2a9a8e11
97fb4708fa522aa19ef6be15dd7002225d4b179a3e5dfa479df01bdda8375a92
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
9fdb4d90ee78daf1881e2baca52379daa75205d310000ea56dce45fb86978d78
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a23ea4347ef584030ec7d4724b725de0ea7f4ce02f54a9d590dfc67ce5491583
a2b510b2021edf1ddc27f7cec931c74484eb5d63444256eff14b449bd8c2d8de
a8bd34d79ec8f244f8366e1e6b7bfe84af00dfb812cf976561fcb5e7c399a56c
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abff875b7385e0e5696ec84bd0c97eb4cd45e5d13055c3269c6da42b9b85443f
b06488ce2b2c37321d0fda5665a86de18186179c67beac21e4b26d1d8b1bcced
b10bd265b370033116ab3f44598664a0702f2ec948f8aeeaa9e2562022ebbc20
b249aa6ed3a2931210d2d7033c614cc3eceb50c9619a980fae73398b0273d69d
b7659634acfce4d69f4c631bccd10ebb5e5224781954f698b7a98867027553bf
ba9d39efd0966d7ab74650114970cdb78787ce4a485a71eae2a8849ce5c55d69
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c204ba839d4cb440c77f121fce6110770f0c5d08c5cc4420a3cf1078faebe640
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
cfa1739ee346d63a3d3cfdff8c18cbe8fdedbcb32d4b0895028c193ce828e7a5
cfce45fef72ed85dc66c57fd1fa7262f9686b08188832fbfce26a7a467d455b0
d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b
d37c2f7175951a1168acbdd1ac69141f80f218de229582c83c94b00b22d325be
d508a6f440c778c851aba085cee2b4e90c80fc0729ac7a7f512d530b4e6496eb
d56fd91e726d5b0c14747febdab43d401269ca66e5899347c733edd89cd74008
d702e5ed1e573918d912775ac1e88987fc177aa51efe1253a08f71ab54f96516
d7a4d3c6bbb813b80afb47a45e75320ff14b02e65ad1ca740d62bcbfb646f2ad
d825a15f338d918c1b178e89b21a222a813defc6a4ecbbcd1c49c8511179d9a7
d89f1f0ab7665f9422f2adf9b2f44ad70e0709ba0fa10a952bb08141a598aca4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41f460e17f67441b3f2da88c79d81f1b691bf4d8a9638b614d85c2006ff71ff
e662a9d167c0cd245f881345165ebc864daf64dc6d2411b8eb05d18c35bafd2b
e8fd1a4ddc838148ddb16b4111f250aaebc12fa595445c04e621874f8e7201ee
e9928ecb166412c41d634c62017a49f11e6735043ad844b73d857974c5d73ed9
ee192486c075b66b41231680693b7c0e75508fd97ada8f0a095e6de4dcb74ee7
eed474a49bdbf745c19e463f070e67977c1ab27835603eb749d9e5c249cf81f8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f044f24015dcdecb74ef693e5c19fc157bb86984d1fe2a2b96fcb3ec11ed99fd
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903
f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5
fb2d4203e65c3ca0bc59c6e7f2b979a2a3476d3be28640903a33701c81717f27

d25billingual.rtoero.ca Open in urlscan Pro 104.26.15.178 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

117 Requests

97 %HTTPS

0 %IPv6

29 Domains

41 Subdomains

38 IPs

3 Countries

4178 kBTransfer

7840 kBSize

49 Cookies

11 Outgoing links

Redirected requests

117 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

d25billingual.rtoero.ca Open in urlscan Pro
104.26.15.178 Public Scan

Screenshot
Live screenshot

Full Image

117
Requests

97 %
HTTPS

0 %
IPv6

29
Domains

41
Subdomains

38
IPs

3
Countries

4178 kB
Transfer

7840 kB
Size

49
Cookies

117 HTTP transactions
1 data transactions