Submitted URL: http://lenord-cotier.com/
Effective URL: https://lenord-cotier.com/
Submission: On June 13 via manual from CA — Scanned from CA

Summary

This website contacted 54 IPs in 7 countries across 54 domains to perform 131 HTTP transactions. The main IP is 4.205.49.19, located in Toronto, Canada and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is lenord-cotier.com.
TLS certificate: Issued by R3 on May 2nd 2024. Valid for: 3 months.
This is the only time lenord-cotier.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
35 4.205.49.19 8075 (MICROSOFT...)
1 158.160.11.208 200350 (YANDEXCLOUD)
5 151.101.130.132 54113 (FASTLY)
1 52.92.164.112 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 173.44.141.51 62904 (AS62904)
2 44.195.178.9 14618 (AMAZON-AES)
2 2607:f8b0:400... 15169 (GOOGLE)
6 2607:f8b0:400... 15169 (GOOGLE)
3 13.249.44.103 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 35.203.92.254 396982 (GOOGLE-CL...)
7 54.185.54.232 16509 (AMAZON-02)
1 52.36.29.16 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2 18.204.51.48 14618 (AMAZON-AES)
1 2 104.18.36.155 13335 (CLOUDFLAR...)
1 184.31.61.14 16625 (AKAMAI-AS)
4 4 68.67.160.75 29990 (ASN-APPNEX)
10 54.187.192.10 16509 (AMAZON-02)
1 2 54.144.53.235 14618 (AMAZON-AES)
4 5 3.33.220.150 16509 (AMAZON-02)
2 2 34.235.210.13 14618 (AMAZON-AES)
4 4 34.200.65.202 14618 (AMAZON-AES)
2 2 35.227.252.103 396982 (GOOGLE-CL...)
3 3 207.65.32.82 62713 (AS-PUBMATIC)
2 2 2606:ae80:145... 25751 (VALUECLICK)
1 1 104.36.113.107 62713 (AS-PUBMATIC)
1 1 8.28.7.84 62713 (AS-PUBMATIC)
1 1 198.148.27.131 19189 (PULSEPOINT)
4 4 69.194.240.13 26120 (RHYTHMONE)
1 1 2620:112:f008... 26120 (RHYTHMONE)
2 2 2607:f350:3:2... 27630 (AS-XFERNET)
2 2 2600:1f18:612... 14618 (AMAZON-AES)
1 35.71.139.29 16509 (AMAZON-02)
1 3.224.117.100 14618 (AMAZON-AES)
1 1 23.105.14.101 30633 (LEASEWEB-...)
1 2 35.186.194.101 15169 (GOOGLE)
1 18.213.57.91 14618 (AMAZON-AES)
2 3 35.211.178.172 15169 (GOOGLE)
2 2 209.85.232.156 15169 (GOOGLE)
2 2 52.58.228.225 16509 (AMAZON-02)
1 1 23.59.25.156 16625 (AKAMAI-AS)
1 69.173.151.100 26667 (RUBICONPR...)
1 184.31.48.28 16625 (AKAMAI-AS)
1 1 63.251.28.231 26558 (FREEWHEEL)
1 8.2.110.26 46636 (NATCOWEB)
2 2 35.213.17.49 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 18.160.10.20 16509 (AMAZON-02)
1 34.120.63.153 396982 (GOOGLE-CL...)
1 147.28.129.37 54825 (PACKET)
1 3.162.113.135 16509 (AMAZON-02)
4 2607:f8b0:400... 15169 (GOOGLE)
1 104.78.189.198 16625 (AKAMAI-AS)
1 108.138.85.101 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 75.101.246.159 14618 (AMAZON-AES)
1 52.46.143.56 16509 (AMAZON-02)
1 44.194.210.197 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
8 12 141.95.98.65 16276 (OVH)
2 162.19.138.119 16276 (OVH)
1 1 34.111.113.62 396982 (GOOGLE-CL...)
3 3 50.57.31.206 19994 (RACKSPACE)
1 1 8.28.7.81 62713 (AS-PUBMATIC)
1 147.75.198.144 54825 (PACKET)
1 23.48.8.28 16625 (AKAMAI-AS)
131 54
Apex Domain
Subdomains
Transfer
35 lenord-cotier.com
lenord-cotier.com
1 MB
18 springserve.com
sync.springserve.com — Cisco Umbrella Rank: 3437
tv.springserve.com — Cisco Umbrella Rank: 5247
vid-io-pdx.springserve.com — Cisco Umbrella Rank: 8880
11 KB
13 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1095
id5-sync.com — Cisco Umbrella Rank: 569
42 KB
8 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235
stats.g.doubleclick.net — Cisco Umbrella Rank: 132
cm.g.doubleclick.net — Cisco Umbrella Rank: 276
googleads.g.doubleclick.net — Cisco Umbrella Rank: 63
176 KB
8 google.com
www.google.com — Cisco Umbrella Rank: 5
analytics.google.com — Cisco Umbrella Rank: 171
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 726
120 KB
7 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 601
image8.pubmatic.com — Cisco Umbrella Rank: 721
simage2.pubmatic.com — Cisco Umbrella Rank: 896
image4.pubmatic.com — Cisco Umbrella Rank: 1438
image6.pubmatic.com — Cisco Umbrella Rank: 1177
3 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
409 KB
6 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 351
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 733
aax.amazon-adsystem.com — Cisco Umbrella Rank: 494
s.amazon-adsystem.com — Cisco Umbrella Rank: 345
83 KB
6 m32.media
rdc.m32.media — Cisco Umbrella Rank: 159223
fastlygeo.m32.media — Cisco Umbrella Rank: 325206
seg.m32.media — Cisco Umbrella Rank: 397345
105 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 415
2 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 283
4 KB
3 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1425
2 KB
3 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 785
1x1.a-mo.net — Cisco Umbrella Rank: 3699
sync.a-mo.net — Cisco Umbrella Rank: 1859
5 KB
3 media.net
cs.media.net — Cisco Umbrella Rank: 1353
prebid.media.net — Cisco Umbrella Rank: 1231
contextual.media.net — Cisco Umbrella Rank: 758
13 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 390
2 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 523
2 KB
3 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 471
982 B
3 rubiconproject.com
mia-placement-server.rubiconproject.com — Cisco Umbrella Rank: 65544
pixel.rubiconproject.com — Cisco Umbrella Rank: 425
2 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 949
553 B
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1292
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1067
13 KB
2 impact-ad.jp
y.one.impact-ad.jp — Cisco Umbrella Rank: 7530
852 B
2 adscale.de
ih.adscale.de — Cisco Umbrella Rank: 4912
683 B
2 smartclip.net
sync.sxp.smartclip.net — Cisco Umbrella Rank: 8173
718 B
2 tremorhub.com
pbs.publishers.tremorhub.com — Cisco Umbrella Rank: 5933
767 B
2 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1152
1 KB
2 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4687
670 B
2 openx.net
rtb.openx.net — Cisco Umbrella Rank: 623
602 B
2 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 4014
667 B
2 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1740
598 B
2 casalemedia.com
ssum.casalemedia.com — Cisco Umbrella Rank: 1526
922 B
2 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1707
275 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 68
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
178 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77
7 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 136
195 KB
1 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 515
724 B
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 99
6 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1328
17 KB
1 admanmedia.com
sync.admanmedia.com — Cisco Umbrella Rank: 4420
60 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 659
916 B
1 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1550
359 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 551
39 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 840
283 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 632
36 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 446
141 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1287
518 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 1052
435 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 647
1 KB
1 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 2107
323 B
1 google.ca
www.google.ca — Cisco Umbrella Rank: 9006
63 B
1 paradizeconstruction.com
scada.paradizeconstruction.com — Cisco Umbrella Rank: 747563
12 KB
1 amazonaws.com
s3.us-west-2.amazonaws.com
37 KB
1 moderncssframeworks.com
moderncssframeworks.com
1 KB
0 richaudience.com Failed
sync.richaudience.com — Cisco Umbrella Rank: 1810 Failed
131 54
Domain Requested by
35 lenord-cotier.com lenord-cotier.com
12 id5-sync.com 8 redirects cdn.id5-sync.com
rdc.m32.media
10 vid-io-pdx.springserve.com lenord-cotier.com
7 sync.springserve.com s3.us-west-2.amazonaws.com
lenord-cotier.com
6 fonts.gstatic.com fonts.googleapis.com
lenord-cotier.com
5 match.adsrvr.org 4 redirects lenord-cotier.com
4 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
4 ib.adnxs.com 4 redirects
4 rdc.m32.media lenord-cotier.com
rdc.m32.media
3 uipglob.semasio.net 3 redirects
3 x.bidswitch.net 2 redirects lenord-cotier.com
3 sync.1rx.io 3 redirects
3 image8.pubmatic.com 3 redirects
3 ups.analytics.yahoo.com 3 redirects
3 c.amazon-adsystem.com rdc.m32.media
c.amazon-adsystem.com
3 www.google.com lenord-cotier.com
www.gstatic.com
2 lb.eu-1-id5-sync.com cdn.id5-sync.com
rdc.m32.media
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 y.one.impact-ad.jp 2 redirects
2 ih.adscale.de 2 redirects
2 cm.g.doubleclick.net 2 redirects
2 sync.sxp.smartclip.net 1 redirects lenord-cotier.com
2 pbs.publishers.tremorhub.com 2 redirects
2 sync.go.sonobi.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 rtb.openx.net 2 redirects
2 cs.emxdgt.com 2 redirects
2 sync.bfmio.com 1 redirects lenord-cotier.com
2 ssum.casalemedia.com 1 redirects tv.springserve.com
2 rtb.gumgum.com 1 redirects tv.springserve.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 securepubads.g.doubleclick.net rdc.m32.media
securepubads.g.doubleclick.net
2 www.googletagmanager.com lenord-cotier.com
www.googletagmanager.com
2 mia-placement-server.rubiconproject.com s3.us-west-2.amazonaws.com
2 fonts.googleapis.com lenord-cotier.com
2 pagead2.googlesyndication.com lenord-cotier.com
pagead2.googlesyndication.com
1 contextual.media.net rdc.m32.media
1 sync.a-mo.net rdc.m32.media
1 image6.pubmatic.com 1 redirects
1 pixel.tapad.com 1 redirects
1 lh3.googleusercontent.com lenord-cotier.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 s.amazon-adsystem.com c.amazon-adsystem.com
1 1x1.a-mo.net lenord-cotier.com
1 cdn.id5-sync.com lenord-cotier.com
1 tags.crwdcntrl.net lenord-cotier.com
1 secure.cdn.fastclick.net lenord-cotier.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 prebid.a-mo.net rdc.m32.media
1 prebid.media.net rdc.m32.media
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 sync.admanmedia.com lenord-cotier.com
1 ads.stickyadstv.com 1 redirects
1 cs.media.net lenord-cotier.com
1 pixel.rubiconproject.com lenord-cotier.com
1 sync.teads.tv 1 redirects
1 match.sharethrough.com lenord-cotier.com
1 ssbsync.smartadserver.com 1 redirects
1 ads.yieldmo.com lenord-cotier.com
1 eb2.3lift.com lenord-cotier.com
1 sync.targeting.unrulymedia.com 1 redirects
1 ad.turn.com 1 redirects
1 bh.contextweb.com 1 redirects
1 image4.pubmatic.com 1 redirects
1 simage2.pubmatic.com 1 redirects
1 pixel.advertising.com 1 redirects
1 ads.pubmatic.com tv.springserve.com
1 www.google.ca lenord-cotier.com
1 analytics.google.com www.googletagmanager.com
1 tv.springserve.com s3.us-west-2.amazonaws.com
1 seg.m32.media rdc.m32.media
1 www.gstatic.com www.google.com
1 fastlygeo.m32.media rdc.m32.media
1 scada.paradizeconstruction.com moderncssframeworks.com
1 s3.us-west-2.amazonaws.com lenord-cotier.com
1 moderncssframeworks.com lenord-cotier.com
0 sync.richaudience.com Failed lenord-cotier.com
131 78
Subject Issuer Validity Valid
www.lecharlevoisien.com
R3
2024-05-02 -
2024-07-31
3 months crt.sh
moderncssframeworks.com
R3
2024-06-04 -
2024-09-02
3 months crt.sh
*.m32.media
Sectigo RSA Domain Validation Secure Server CA
2023-11-20 -
2024-11-22
a year crt.sh
*.s3-us-west-2.amazonaws.com
Amazon RSA 2048 M01
2024-05-15 -
2025-05-13
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-05-21 -
2024-08-13
3 months crt.sh
*.google.com
GTS CA 1C3
2024-05-21 -
2024-08-13
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2024-05-21 -
2024-08-13
3 months crt.sh
*.paradizeconstruction.com
ZeroSSL ECC Domain Secure Site CA
2024-05-28 -
2024-08-26
3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2024-03-04 -
2025-04-03
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2024-05-21 -
2024-08-13
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-05-21 -
2024-08-13
3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-12-30 -
2024-12-04
a year crt.sh
*.springserve.com
Amazon RSA 2048 M01
2023-08-02 -
2024-08-30
a year crt.sh
*.google.ca
GTS CA 1C3
2024-05-21 -
2024-08-13
3 months crt.sh
dev.eks.va.adexchange.gumgum.com
Amazon RSA 2048 M02
2023-11-17 -
2024-12-15
a year crt.sh
casalemedia.com
E1
2024-04-19 -
2024-07-18
3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1
2023-11-26 -
2024-11-26
a year crt.sh
*.3lift.com
Amazon RSA 2048 M02
2024-03-13 -
2025-04-10
a year crt.sh
*.yieldmo.com
Amazon RSA 2048 M01
2023-08-14 -
2024-09-12
a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M03
2024-05-14 -
2025-06-12
a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1
2023-12-21 -
2024-12-21
a year crt.sh
*.admanmedia.com
Sectigo RSA Domain Validation Secure Server CA
2024-05-15 -
2025-05-15
a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02
2024-01-21 -
2025-02-19
a year crt.sh
prebid.media.net
WR3
2024-06-13 -
2024-09-11
3 months crt.sh
*.a-mo.net
R3
2024-05-05 -
2024-08-03
3 months crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M03
2024-03-29 -
2025-04-28
a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1
2023-10-03 -
2024-10-03
a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01
2023-10-08 -
2024-11-05
a year crt.sh
id5-sync.com
E1
2024-06-04 -
2024-09-02
3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01
2024-04-24 -
2025-04-17
a year crt.sh
*.googleusercontent.com
GTS CA 1C3
2024-05-21 -
2024-08-13
3 months crt.sh
*.id5-sync.com
R3
2024-05-01 -
2024-07-30
3 months crt.sh
*.eu-1-id5-sync.com
R3
2024-05-01 -
2024-07-30
3 months crt.sh

This page contains 11 frames:

Primary Page: https://lenord-cotier.com/
Frame ID: 0E27AB096D6F9041DB70E884987C5C23
Requests: 125 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/14048?gdpr=0&gdpr_consent=-1&us_privacy=&r=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3D
Frame ID: 70B44587AC1F8821C914602B15FE3481
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3D&gdpr=0&gdpr_consent=-1&s=191709&us_privacy=&C=1
Frame ID: 8B2801108D4166BAFF159857DF9C5BD2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=-1&us_privacy=&predirect=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000010%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3D
Frame ID: 860C4294431D49EE3D83DDC990F53A0B
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcb60UaAAAAAD3wd8P6VllY_OTpLxMQgcrNp7BV&co=aHR0cHM6Ly9sZW5vcmQtY290aWVyLmNvbTo0NDM.&hl=en&v=TqxSU0dsOd2Q9IbI7CpFnJLD&size=invisible&cb=aq1na5e3siwk
Frame ID: 182FBDDB497DB160EEF2759F86D049D2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240610/r20110914/zrt_lookup_fy2021.html
Frame ID: EC8B816AEC364D3E059DDB7B7975E1E7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3320479470174190&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1718304591&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Flenord-cotier.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=30_23~27_4~29_10&aiixl=30_6~27_3~29_5&aslmct=0.7&asamct=0.7&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNTUiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNTUiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjU1Il1dLDBd&dt=1718304593713&bpp=4&bdt=1679&idt=1637&shv=r20240610&mjsv=m202406100101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=7516798122179&frm=20&pv=2&ga_vid=994324702.1718304595&ga_sid=1718304595&ga_hid=812906016&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44795921%2C95331688%2C95332924%2C95334511%2C95334528%2C95334571%2C95334819%2C95334053%2C31078663%2C31078668%2C31078670&oid=2&pvsid=333305305478923&tmod=2137749120&uas=0&nvt=1&fsapi=1&fc=1920&brdim=150%2C150%2C150%2C150%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=1681
Frame ID: 5209E17CB7C73597227C6E8949BE6AD8
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=TqxSU0dsOd2Q9IbI7CpFnJLD&k=6Lcb60UaAAAAAD3wd8P6VllY_OTpLxMQgcrNp7BV
Frame ID: 5940CE1663C54CD4CBB64163D83691A1
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe_n-adMediaV1_n-MediaNet_n-Beeswax_smrt_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_3lift_n-Outbrain
Frame ID: 360E5966018CBFAD206CC0ECFB27D5C8
Requests: 1 HTTP requests in this frame

Frame: https://sync.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---&_e=CuUBShFsZW5vcmQtY290aWVyLmNvbVILYWFzLWE1MTE3MGZaCHBiYTEuMy40ahFsZW5vcmQtY290aWVyLmNvbfoBBjguMzguMOgCAYgD1_6sswaoAwPqAyQzM2FkMjJiNi01N2VmLTQ1MWEtYjY1Ni04MzQ1YWMxMjQ3Y2aiBBpodHRwczovL2xlbm9yZC1jb3RpZXIuY29tL6oEA0RDSLIFA1VTROoFB2Rlc2t0b3D6BQRkYzEzqgcDd2ViygcRbGVub3JkLWNvdGllci5jb23gBwGCCBFsZW5vcmQtY290aWVyLmNvbQ
Frame ID: B6CABEA807F0FE32A28A5E3AEFAC9D3F
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUSMB28G&prvid=2034%2C2033%2C2031%2C2030%2C590%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2012%2C2055%2C172%2C3020%2C251%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 7BE206C86755513656864FB633166A17
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Accueil - Le Nord-Côtier

Page URL History Show full URLs

  1. http://lenord-cotier.com/ HTTP 307
    https://lenord-cotier.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /prebid\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

131
Requests

83 %
HTTPS

27 %
IPv6

54
Domains

78
Subdomains

54
IPs

7
Countries

2756 kB
Transfer

6770 kB
Size

254
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://lenord-cotier.com/ HTTP 307
    https://lenord-cotier.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70
  • https://ssum.casalemedia.com/usermatch?s=191709&gdpr=0&gdpr_consent=-1&us_privacy=&cb=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3D&gdpr=0&gdpr_consent=-1&s=191709&us_privacy=&C=1
Request Chain 72
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000001%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fvid-io-pdx.springserve.com%252Fusersync%253Faid%253D1000001%2526gdpr%253D0%2526gdpr_consent%253D-1%2526us_privacy%253D%2526uuid%253D%2524UID HTTP 302
  • https://vid-io-pdx.springserve.com/usersync?aid=1000001&gdpr=0&gdpr_consent=-1&us_privacy=&uuid=2544973523831875102
Request Chain 73
  • https://sync.bfmio.com/syncb?pid=111&gdpr=0&gdpr_consent=-1&us_privacy= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://sync.bfmio.com/sync?pid=106&uid=1f8b4c71-962e-4fb6-a4be-45a8fcddd9ef
Request Chain 74
  • https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=-1&us_privacy=&redirect=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000003%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3D%24UID HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000003%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3D%24EMXUID&b64_redirect=aHR0cHM6Ly92aWQtaW8tcGR4LnNwcmluZ3NlcnZlLmNvbS91c2Vyc3luYz9haWQ9MTAwMDAwMyZnZHByPTAmZ2Rwcl9jb25zZW50PS0xJnVzX3ByaXZhY3k9JnV1aWQ9JEVNWFVJRA== HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=2544973523831875102&redirect=https://vid-io-pdx.springserve.com/usersync?aid=1000003&gdpr=0&gdpr_consent=-1&us_privacy=&uuid=$EMXUID&b64_redirect=aHR0cHM6Ly92aWQtaW8tcGR4LnNwcmluZ3NlcnZlLmNvbS91c2Vyc3luYz9haWQ9MTAwMDAwMyZnZHByPTAmZ2Rwcl9jb25zZW50PS0xJnVzX3ByaXZhY3k9JnV1aWQ9JEVNWFVJRA== HTTP 302
  • https://vid-io-pdx.springserve.com/usersync?aid=1000003&gdpr=0&gdpr_consent=-1&us_privacy=&uuid=2544973523831875102brt51141718304595895482a2
Request Chain 75
  • https://pixel.advertising.com/ups/58185/sync?&gdpr=0&gdpr_consent=-1&us_privacy=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58185/sync?&gdpr=0&gdpr_consent=-1&us_privacy=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58185/sync?&gdpr=0&gdpr_consent=-1&us_privacy=&redir=true&verify=true HTTP 302
  • https://sync.springserve.com/usersync?aid=759&uuid=y-UukJ6M5E2uHwHHwfIIVdbtoOHQ6xwjqR~A&us_privacy=
Request Chain 76
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=-1&us_privacy=&r=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000008%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=-1&r=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000008%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3D%24%7BUID%7D&us_privacy=&ox_sc=1 HTTP 302
  • https://vid-io-pdx.springserve.com/usersync?aid=1000008&gdpr=0&gdpr_consent=-1&us_privacy=&uuid=3904b34d-2fc3-4073-af13-2c5bb8c8e2b8
Request Chain 77
  • https://image8.pubmatic.com/AdServer/ImgSync?p=157310&gdpr=0&gdpr_consent=-1&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D157310%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.springserve.com%252Fusersync%253Faid%253D1000010%2526uuid%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=157310&gdpr=0&gdpr_consent=-1&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D157310%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.springserve.com%252Fusersync%253Faid%253D1000010%2526uuid%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT&rdf=1 HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=1A4FAD44-CD12-4BA8-9EFB-108C2E299192&gdpr=0&gdpr_consent=-1 HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=5f10c2372f3a1538&is_secure=true&networkId=17100&version=1&nuid=1A4FAD44-CD12-4BA8-9EFB-108C2E299192&gdpr=0&gdpr_consent=-1 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AQAGIGhMkHviCwJkgXisAQEBAQEBAQCRE-5nAwEBAJET7mcD&expiration=1718390997&nuid=1A4FAD44-CD12-4BA8-9EFB-108C2E299192&is_secure=true&gdpr_consent=-1&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=-1&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&gdpr_consent=-1&p=157310&pmc=1&pr=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000010%26uuid%3D1A4FAD44-CD12-4BA8-9EFB-108C2E299192%26gdpr%3D0%26gdpr_consent%3D-1&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://sync.springserve.com/usersync?aid=1000010&uuid=1A4FAD44-CD12-4BA8-9EFB-108C2E299192&gdpr=0&gdpr_consent=-1
Request Chain 78
  • https://bh.contextweb.com/rtset?gdpr=0&gdpr_consent=-1&us_privacy=&pid=561910&ev=1&rurl=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000011%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3D%25%25VGUID%25%25 HTTP 302
  • https://vid-io-pdx.springserve.com/usersync?aid=1000011&gdpr=0&gdpr_consent=-1&us_privacy=&uuid=2WEvjOxplkAi&ev=1&us_privacy=&gdpr_consent=-1&pid=561910&gdpr=0
Request Chain 79
  • https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=-1&us_privacy=&redir=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000012%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000012%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3D%5BRX_UUID%5D&cb=1718304593796 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=8987653793 HTTP 302
  • https://sync.1rx.io/usersync/turn/3497762494991108172?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-759e35cd-ee03-4e95-915a-f373cd035f64-005?redir=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000012%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3DRX-759e35cd-ee03-4e95-915a-f373cd035f64-005 HTTP 302
  • https://vid-io-pdx.springserve.com/usersync?aid=1000012&gdpr=0&gdpr_consent=-1&us_privacy=&uuid=RX-759e35cd-ee03-4e95-915a-f373cd035f64-005
Request Chain 80
  • https://sync.go.sonobi.com/us.gif?gdpr=0&gdpr_consent=-1&us_privacy=&loc=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000013%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3D%5BUID%5D HTTP 302
  • https://vid-io-pdx.springserve.com/usersync?aid=1000013&gdpr=0&gdpr_consent=-1&us_privacy=&uuid=d02b392a-564a-405c-bd46-5029683c14e1
Request Chain 81
  • https://pbs.publishers.tremorhub.com/pubsync?gdpr=0&gdpr_consent=-1&us_privacy=&redir=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000015%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3D%5Btvid%5D HTTP 302
  • https://pbs.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=-1&us_privacy=&redir=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000015%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3D%5Btvid%5D HTTP 302
  • https://vid-io-pdx.springserve.com/usersync?aid=1000015&gdpr=0&gdpr_consent=-1&us_privacy=&uuid=7c3b00deb8364bc387d4ca3e83df5333
Request Chain 84
  • https://ssbsync.smartadserver.com/api/sync?callerId=52&gdpr=0&gdpr_consent=-1&us_privacy=&redirectUri=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000018%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://sync.springserve.com/usersync?aid=1000018&gdpr=0&gdpr_consent=&uuid=1342926387320261047
Request Chain 85
  • https://ups.analytics.yahoo.com/ups/58800/sync?redir=true&gpp=&gpp_sid=&gdpr=0&gdpr_consent=-1 HTTP 302
  • https://sync.springserve.com/usersync?aid=1000019&uuid=y-vvdxDlpE2uJy0YQtma0cM19kvmh5gsyU~A&gdpr_in_effect=0
Request Chain 86
  • https://sync.sxp.smartclip.net/sync?type=red&dsp=116&gdpr_consent=-1 HTTP 302
  • https://sync.sxp.smartclip.net/sync?type=red&dsp=116&gdpr_consent=-1&ang_testid=1
Request Chain 88
  • https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=0&gdpr_consent=-1&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid&gdpr=0&gdpr_consent=-1&us_privacy= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=themediagrid&bsw_param=d182348a-3cd5-4794-9031-91df88493f67&google_hm=ZDE4MjM0OGEtM2NkNS00Nzk0LTkwMzEtOTFkZjg4NDkzZjY3&gdpr_consent=-1&gdpr=0 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEC_xAUSMQKTURCntLPNbeuk&google_cver=1&ssp=themediagrid&bsw_param=d182348a-3cd5-4794-9031-91df88493f67&gdpr_consent=-1&gdpr=0
Request Chain 89
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=-1&tpid=22144&cburl=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000023%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3D__STROEER_USER_ID__ HTTP 302
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=-1&tpid=22144&cburl=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000023%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3D__STROEER_USER_ID__&nut&uu=7fa42041dd2d4777a5ba48bc277a10a7 HTTP 302
  • https://vid-io-pdx.springserve.com/usersync?aid=1000023&gdpr=0&gdpr_consent=-1&us_privacy=&uuid=7fa42041dd2d4777a5ba48bc277a10a7
Request Chain 90
  • https://sync.teads.tv/um?gdpr=0&gdpr_consent=-1&ssb_provider_id=1&uid&fb=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000024%26us_privacy%3D%26uuid%3D%5BVID%5D HTTP 302
  • https://vid-io-pdx.springserve.com/usersync?aid=1000024&us_privacy=&uuid=887f2fd6-f07f-474a-bd74-6445e2efaf41&gdpr=0&gdpr_consent=-1
Request Chain 93
  • https://sync.richaudience.com/74889303289e27f327ad0c6de7be7264/?consentString=-1&r=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000027%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3D%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/74889303289e27f327ad0c6de7be7264/?consentString=-1&r=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000027%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3D%5BPDID%5D&rd=1
Request Chain 94
  • https://ads.stickyadstv.com/user-matching?id=3691&_fw_gdpr=0&_fw_gdpr_consent=-1&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000028%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26uuid%3D%7Bviewerid%7D HTTP 302
  • https://sync.springserve.com/usersync?aid=1000028&uuid=eeb985ffa07b60c4e7abdf24ff64da7&gdpr=0&-1=&us_privacy=&gpp={gpp_string}&gpp_sid={gpp_sid}&gpp_sid=&gpp=&us_privacy=&_fw_gdpr=0&_fw_gdpr_consent=-1&redir=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000028%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26uuid%3D%7Bviewerid%7D
Request Chain 96
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=0kkyw3l&ttd_tpi=1&gdpr=0&gdpr_consent=-1&us_privacy= HTTP 302
  • https://sync.springserve.com/usersync?aid=1000030&ttd_puid=&uuid=1f8b4c71-962e-4fb6-a4be-45a8fcddd9ef&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 97
  • https://y.one.impact-ad.jp/hbs_cs?redirectUri=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000031%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3D%24UID HTTP 302
  • https://y.one.impact-ad.jp/ul_cb/hbs_cs?redirectUri=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000031%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3D%24UID HTTP 302
  • https://vid-io-pdx.springserve.com/usersync?aid=1000031&gdpr=0&gdpr_consent=-1&us_privacy=&uuid=a23e6cc6-b1a8-4146-ba89-099f7e4a45bc
Request Chain 128
  • https://id5-sync.com/i/853/8.gif?o=api&id5id=ID5*-eC1weiit0ElSTbOuELFXgfTu4pWwCzUpwdG5Dnh1oanSyuIUxe1PUCg-UYkIoRP&gdpr_consent=undefined&gdpr=false HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F853%2F441%2F7%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/853/441/7/2.gif?puid=u_92140885-5782-4a2c-9be8-59e1168388ea&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F853%2F108%2F6%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/853/108/6/3.gif?puid=5c3fe212-d7d4-4221-905a-6a63a6ed991c&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F853%2F112%2F5%2F4.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F853%2F112%2F5%2F4.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/853/112/5/4.gif?puid=C70F2A38818B0D3B&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=1f8b4c71-962e-4fb6-a4be-45a8fcddd9ef&ttl=%%TTL%% HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F853%2F434%2F3%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/853/434/3/6.gif?puid=d02b392a-564a-405c-bd46-5029683c14e1&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F853%2F429%2F2%2F7.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/853/429/2/7.gif?puid=1A4FAD44-CD12-4BA8-9EFB-108C2E299192&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/853/2/1/8.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/853/2/1/8.gif?puid=2544973523831875102&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=QzcwRjJBMzg4MThCMEQzQg%3D%3D&gdpr=0&gdpr_consent=&id5=ID5-8c7dKSE15OTKtGt5wUf7xlA5L5dDrnFmhMRB-GJUIw HTTP 302
  • https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEKavGaV3rvH4mNctOTnjT1Y&sInitiator=internal&google_cver=1&gdpr=0&gdpr_consent=&id5=ID5-8c7dKSE15OTKtGt5wUf7xlA5L5dDrnFmhMRB-GJUIw&google_cver=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=x2e7tq8

131 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
lenord-cotier.com/
Redirect Chain
  • http://lenord-cotier.com/
  • https://lenord-cotier.com/
125 KB
125 KB
Document
General
Full URL
https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.205.49.19 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
6c7175821421cfa72e0d154d2f099190a7098c018df4e786428de85f7adde394

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 13 Jun 2024 18:49:51 GMT
etag
"354651f5090b61756f4f59cfb288736e"
last-modified
Thu, 13 Jun 2024 18:49:51 GMT
link
<https://lenord-cotier.com/wp-json/>; rel="https://api.w.org/", <https://lenord-cotier.com/wp-json/wp/v2/pages/45485>; rel="alternate"; type="application/json", <https://lenord-cotier.com/>; rel=shortlink
referrer-policy
no-referrer-when-downgrade
server
Apache

Redirect headers

Location
https://lenord-cotier.com/
Non-Authoritative-Reason
HttpsUpgrades
lazyload.min.js
lenord-cotier.com/wp-content/plugins/w3-total-cache/pub/js/
6 KB
2 KB
Script
General
Full URL
https://lenord-cotier.com/wp-content/plugins/w3-total-cache/pub/js/lazyload.min.js
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.205.49.19 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:52 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 12 Jun 2024 19:01:21 GMT
server
Apache
etag
"1883-61ab6021b307d-gzip"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=0, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
2356
ads.js
lenord-cotier.com/wp-content/themes/editions-nordiques/assets/javascripts/libs/
22 B
70 B
Script
General
Full URL
https://lenord-cotier.com/wp-content/themes/editions-nordiques/assets/javascripts/libs/ads.js
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.205.49.19 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
be2277c99594557635d0993ac606fdc4994494e43408bc1be5c6ac9bfabc5dac

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:52 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 12 Jun 2024 19:01:22 GMT
server
Apache
etag
"16-61ab602213b5b"
content-type
text/javascript
cache-control
private, max-age=0, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
22
style.min.css
lenord-cotier.com/wp-includes/css/dist/block-library/
111 KB
15 KB
Stylesheet
General
Full URL
https://lenord-cotier.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.4
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.205.49.19 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:52 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 12 Jun 2024 19:01:22 GMT
server
Apache
etag
"1bae5-61ab60223101b-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
private, max-age=0, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
14991
index.css
lenord-cotier.com/wp-content/plugins/accordion-blocks/build/
1 KB
684 B
Stylesheet
General
Full URL
https://lenord-cotier.com/wp-content/plugins/accordion-blocks/build/index.css?ver=1.5.0
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.205.49.19 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
42287925d01999d4f4a32a2463947d1e7c0ebb8978c06ed7e818682ef161b0cd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:52 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 12 Jun 2024 19:01:21 GMT
server
Apache
etag
"47e-61ab6020df1e1-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
private, max-age=0, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
514
global.css
lenord-cotier.com/wp-content/themes/editions-nordiques/assets/stylesheets/
465 KB
57 KB
Stylesheet
General
Full URL
https://lenord-cotier.com/wp-content/themes/editions-nordiques/assets/stylesheets/global.css?ver=1.0
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.205.49.19 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
42ad4aa7a67f232c22513445c30c0449de36b450ad8768b4180a7b23aa39d33b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:52 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 12 Jun 2024 19:01:22 GMT
server
Apache
etag
"745ff-61ab602214afb-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
private, max-age=0, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
58669
mailin-front.css
lenord-cotier.com/wp-content/plugins/mailin/css/
3 KB
804 B
Stylesheet
General
Full URL
https://lenord-cotier.com/wp-content/plugins/mailin/css/mailin-front.css?ver=6.5.4
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.205.49.19 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
3c288f0c3cb0999bbd6a9f6486f6b13064ead24052234ac35f8b053b9db9ae96

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:52 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 12 Jun 2024 19:01:21 GMT
server
Apache
etag
"a79-61ab602131260-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
private, max-age=0, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
749
jquery.min.js
lenord-cotier.com/wp-includes/js/jquery/
86 KB
30 KB
Script
General
Full URL
https://lenord-cotier.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.205.49.19 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:52 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 12 Jun 2024 19:01:22 GMT
server
Apache
etag
"15601-61ab602261d5a-gzip"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=0, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
30368
jquery-migrate.min.js
lenord-cotier.com/wp-includes/js/jquery/
13 KB
5 KB
Script
General
Full URL
https://lenord-cotier.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.205.49.19 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:52 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 12 Jun 2024 19:01:22 GMT
server
Apache
etag
"3509-61ab602260dba-gzip"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=0, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
4872
JwIUSNhs6D0fpeYXcuUonwg1oGTdg5Sj8p-JC5R3b1B
moderncssframeworks.com/
244 B
1 KB
Script
General
Full URL
https://moderncssframeworks.com/JwIUSNhs6D0fpeYXcuUonwg1oGTdg5Sj8p-JC5R3b1B
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.160.11.208 Moscow, Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
nginx /
Resource Hash
789d560be25de17f684efd46f81cefe7189085104952e64132187fc3bfdd6187

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 13 Jun 2024 18:49:52 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
244
Expires
Thu, 13 Jun 2024 18:49:52 GMT
app-compiled.min.js
lenord-cotier.com/wp-content/themes/editions-nordiques/assets/javascripts/
1 MB
226 KB
Script
General
Full URL
https://lenord-cotier.com/wp-content/themes/editions-nordiques/assets/javascripts/app-compiled.min.js?ver=6.5.4
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.205.49.19 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
c5c6943d67bf169c51f76c4e7862ac7e8422492f01357a7954f71ccd4237a1ef

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:52 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 12 Jun 2024 19:01:22 GMT
server
Apache
etag
"104961-61ab602212bbb-gzip"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=0, must-revalidate, proxy-revalidate
accept-ranges
bytes
mailin-front.js
lenord-cotier.com/wp-content/plugins/mailin/js/
14 KB
3 KB
Script
General
Full URL
https://lenord-cotier.com/wp-content/plugins/mailin/js/mailin-front.js?ver=1718218881
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.205.49.19 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
8d8b5d43a745a2fc2f1aff8f93a3c98f83ac8d3e0cfb731a8403d8e95ea5fc3b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:52 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 12 Jun 2024 19:01:21 GMT
server
Apache
etag
"388a-61ab602136080-gzip"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=0, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
3227
madops.min.js
rdc.m32.media/
67 KB
19 KB
Script
General
Full URL
https://rdc.m32.media/madops.min.js
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
51408d35d766eb023c741d01bdddec4a73559968cc47996f7c16a150b7ddf36f
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:52 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
4308572
x-guploader-uploadid
ABPtcPqd08LoAveAHJX1ljYNS-OVUaHx47yKhaDHsKArq75g3P_EkMqkNtWUZ2GgzpRXZej2uQ
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
18713
x-served-by
cache-yul1970047-YUL, cache-yyz4561-YYZ
last-modified
Wed, 24 Apr 2024 22:00:20 GMT
server
UploadServer
x-timer
S1718304592.345746,VS0,VE0
etag
"3a5c9034af288497094b678a7c3b284b"
vary
Accept-Encoding
x-goog-generation
1713996020810077
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=YohUwA==, md5=OlyQNK8ohJcJS2eKfDsoSw==
access-control-expose-headers
Content-Type
cache-control
public,max-age=600
x-goog-stored-content-length
68156
x-amz-checksum-crc32c
YohUwA==
accept-ranges
bytes
x-cache-hits
4, 32680
m32pixel.min.js
rdc.m32.media/
21 KB
7 KB
Script
General
Full URL
https://rdc.m32.media/m32pixel.min.js
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
22de6e4042c182513a5612e20d9c7f41c6ef8b7829912a4eab0895dd3dea05a6
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:52 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
6185999
x-guploader-uploadid
ABPtcPqHgVFNP-6vAd9eZSaURD8cIk8UPNL8ide7wKuqnJzVnzWWob2a1t6_F1qHbBcWX6g0vWtpTvCrWQ
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
6546
x-served-by
cache-yul1970036-YUL, cache-yyz4561-YYZ
last-modified
Wed, 03 Apr 2024 04:29:51 GMT
server
UploadServer
x-timer
S1718304593.898764,VS0,VE0
etag
"7856c307df29103401712780527c73b7"
vary
Accept-Encoding
x-goog-generation
1712118591447468
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=7Sb3Xw==, md5=eFbDB98pEDQBcSeAUnxztw==
access-control-expose-headers
Content-Type
cache-control
public,max-age=600
x-goog-stored-content-length
21764
x-amz-checksum-crc32c
7Sb3Xw==
accept-ranges
bytes
x-cache-hits
4, 10607
pub.js
s3.us-west-2.amazonaws.com/application-mia-player-prod.rubiconproject.com/
36 KB
37 KB
Script
General
Full URL
https://s3.us-west-2.amazonaws.com/application-mia-player-prod.rubiconproject.com/pub.js
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.92.164.112 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
90f05640dcfc7157a1b0077623bdf985d5bc3469a1dc418099abace29d30b101

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 13 Jun 2024 18:49:53 GMT
Last-Modified
Thu, 13 Jun 2024 15:04:10 GMT
Server
AmazonS3
x-amz-request-id
CY7SHX77W7FYNJ95
ETag
"3270d1d1c65aaded1b26ba29edbe261b"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
37095
x-amz-id-2
HUKNwdVe15b7fgnhEFy/R7cqodBAVhraRcNa39CLc6+Y9ayrzkxLmAv5xjY4bpw3GCrFYHpemkY=
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
156 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3320479470174190
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c02::9a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5027e99e253b0da04a0e9deb8cc7ed2a73d7a7e3ff89aa7a317c1fb2cc81e3bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Origin
https://lenord-cotier.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52019
x-xss-protection
0
server
cafe
etag
4288264684313873781
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Thu, 13 Jun 2024 18:49:53 GMT
04d.svg
lenord-cotier.com/wp-content/themes/editions-nordiques/assets/images/meteo/
979 B
1 KB
Image
General
Full URL
https://lenord-cotier.com/wp-content/themes/editions-nordiques/assets/images/meteo/04d.svg
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.205.49.19 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
8f79253fa42faa8dc7e0d97c0d6e31b5bca300e3b855ccdd60eb2da3abf0f6b4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:52 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 12 Jun 2024 19:01:22 GMT
server
Apache
etag
"3d3-61ab60220fcdb"
content-type
image/svg+xml
cache-control
private, max-age=0, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
979
2e21fe0b6d537996d47c3d4b16d0e3cc.css
lenord-cotier.com/wp-content/cache/totalpoll/css/
42 KB
4 KB
Stylesheet
General
Full URL
https://lenord-cotier.com/wp-content/cache/totalpoll/css/2e21fe0b6d537996d47c3d4b16d0e3cc.css
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.205.49.19 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
57640181b53f103db1bbf129603fcaf34419ee1cd838c7928f6b37e122bade70

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:52 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 12 Jun 2024 14:37:54 GMT
server
Apache
etag
"a6db-61ab253e25a3b-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
private, max-age=0, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
4070
api.js
www.google.com/recaptcha/
1 KB
979 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadSibCallbackInvisible&render=explicit
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0b::69 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
82897a2306cf760ab7e21570dc3ceea2da2e81359f03c7b2f854c506ca2bdcee
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 13 Jun 2024 18:49:53 GMT
accordion-blocks.min.js
lenord-cotier.com/wp-content/plugins/accordion-blocks/js/
3 KB
1 KB
Script
General
Full URL
https://lenord-cotier.com/wp-content/plugins/accordion-blocks/js/accordion-blocks.min.js?ver=1.5.0
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.205.49.19 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
a204849a0777563cc401d76d1a8e1ab5c5a6c554d391c0b24493985b4a4f42af

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:52 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 12 Jun 2024 19:01:21 GMT
server
Apache
etag
"a2c-61ab6020df1e1-gzip"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=0, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
974
css2
fonts.googleapis.com/
6 KB
971 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700&display=swap
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/wp-content/themes/editions-nordiques/assets/stylesheets/global.css?ver=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0c::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
54b7ee481077867c510ff554072ce06c5f3fc53bf30cc10ec1800dee2dd1a1c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/wp-content/themes/editions-nordiques/assets/stylesheets/global.css?ver=1.0
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 13 Jun 2024 18:49:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 13 Jun 2024 18:19:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 13 Jun 2024 18:49:52 GMT
89510fc5-eadc-4cda-9f5f-25a2465ef5c0
https://lenord-cotier.com/
1 KB
0
Other
General
Full URL
blob:https://lenord-cotier.com/89510fc5-eadc-4cda-9f5f-25a2465ef5c0
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
1185
Content-Type
text/javascript
D6+nK3SNxEJrjZ0ZOJeLCX2NnQlr2MhMesDDWmrNw0Rly4VW
scada.paradizeconstruction.com/
31 KB
12 KB
Script
General
Full URL
https://scada.paradizeconstruction.com/D6+nK3SNxEJrjZ0ZOJeLCX2NnQlr2MhMesDDWmrNw0Rly4VW
Requested by
Host: moderncssframeworks.com
URL: https://moderncssframeworks.com/JwIUSNhs6D0fpeYXcuUonwg1oGTdg5Sj8p-JC5R3b1B
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
173.44.141.51 , United States, ASN62904 (AS62904, US),
Reverse DNS
Software
nginx /
Resource Hash
8add27b147458549b30706540595d46e8ad6f518296020e0d0bdb947553b6230

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:50:02 GMT
content-encoding
gzip
server
nginx
content-length
11734
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
custom.json
rdc.m32.media/adops/custom_files/lenord-cotier.com/
2 KB
1 KB
XHR
General
Full URL
https://rdc.m32.media/adops/custom_files/lenord-cotier.com/custom.json
Requested by
Host: rdc.m32.media
URL: https://rdc.m32.media/madops.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
5742365a5410582f1d6bbca2952ca7e934130bfe2a7d3a7ba9352498fbce6ba2
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:53 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
35003
x-guploader-uploadid
ABPtcPquRzlT4EgrkM1HP8BvT5E2xSE78LFmL4fmZaoZ-HRinRDO4P6DDUoR-2qZJ1pDuJpSlg
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
751
x-served-by
cache-yul1970041-YUL, cache-yyz4520-YYZ
last-modified
Thu, 13 Jun 2024 09:04:42 GMT
server
UploadServer
x-timer
S1718304593.378931,VS0,VE0
etag
"a4f2fd5aeda070aa5650d5875f7cbe7e"
vary
Accept-Encoding
x-goog-hash
crc32c=gXqBuQ==, md5=pPL9Wu2gcKpWUNWHX3y+fg==
x-goog-generation
1718269482368707
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=600
x-goog-stored-content-length
2130
x-amz-checksum-crc32c
gXqBuQ==
accept-ranges
bytes
x-cache-hits
7, 8
placements
mia-placement-server.rubiconproject.com/
1 KB
1 KB
Fetch
General
Full URL
https://mia-placement-server.rubiconproject.com/placements?location=https%3A%2F%2Flenord-cotier.com%2F&publisherId=66188&size=xl
Requested by
Host: s3.us-west-2.amazonaws.com
URL: https://s3.us-west-2.amazonaws.com/application-mia-player-prod.rubiconproject.com/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.195.178.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-195-178-9.compute-1.amazonaws.com
Software
/
Resource Hash
ca8e15ef1ec901920e39b68440ce53ea9238c3930af8cc5137a1369ad90ef657

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Thu, 13 Jun 2024 18:49:53 GMT
content-length
1109
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
gtm.js
www.googletagmanager.com/
225 KB
80 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KMRC7XQ
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0d::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
303156e898f8883e72a6c2dd8c2aeb58f012e7e47aa68c97f0d4f9fd540a580d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81399
x-xss-protection
0
last-modified
Thu, 13 Jun 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 13 Jun 2024 18:49:54 GMT
truncated
/
67 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b0fc5afac89cfd2144bf6e589710e95b7789f3b588ad12af867602c63a8138c5

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
42ca62932a5f778e87ce5f839be42676f96cd97bb1f282ffaa3583086a9a4691

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
26ae64ca22c48cea2cff096ccb5fb79e5255aaff58e2449ba48794fdc0e089ab

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
64 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
wp-emoji-release.min.js
lenord-cotier.com/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://lenord-cotier.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.4
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.205.49.19 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:54 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 12 Jun 2024 19:01:22 GMT
server
Apache
etag
"4926-61ab60226c939-gzip"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=0, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
5062
chevron-down.svg
lenord-cotier.com/wp-content/themes/editions-nordiques/assets/images/icons/
390 B
464 B
Image
General
Full URL
https://lenord-cotier.com/wp-content/themes/editions-nordiques/assets/images/icons/chevron-down.svg
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/wp-content/themes/editions-nordiques/assets/stylesheets/global.css?ver=1.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.205.49.19 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
983595bf01d6e31d9bc927f79d38cbf34404ff0d66b9835f5c1ec178f08a90d1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/wp-content/themes/editions-nordiques/assets/stylesheets/global.css?ver=1.0
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:53 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 12 Jun 2024 19:01:22 GMT
server
Apache
etag
"186-61ab60220ed3b"
content-type
image/svg+xml
cache-control
private, max-age=0, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
390
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://lenord-cotier.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 07:31:31 GMT
x-content-type-options
nosniff
age
40702
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 07:31:31 GMT
lenordcotier-line.svg
lenord-cotier.com/wp-content/themes/editions-nordiques/assets/images/
3 KB
3 KB
Image
General
Full URL
https://lenord-cotier.com/wp-content/themes/editions-nordiques/assets/images/lenordcotier-line.svg
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/wp-content/themes/editions-nordiques/assets/stylesheets/global.css?ver=1.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.205.49.19 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
471071296dc23a1f43cb166268c1f79e1303fc6218827c88ee01a950a4c28c8c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/wp-content/themes/editions-nordiques/assets/stylesheets/global.css?ver=1.0
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:54 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 12 Jun 2024 19:01:22 GMT
server
Apache
etag
"cd9-61ab60220fcdb"
content-type
image/svg+xml
cache-control
private, max-age=0, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
3289
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://lenord-cotier.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 14:20:05 GMT
x-content-type-options
nosniff
age
534588
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Jun 2025 14:20:05 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://lenord-cotier.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 06:26:13 GMT
x-content-type-options
nosniff
age
563020
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:01:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Jun 2025 06:26:13 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://lenord-cotier.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 08:09:06 GMT
x-content-type-options
nosniff
age
556847
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Jun 2025 08:09:06 GMT
black-bear-50293_1280_7776744_3018823-600x300.jpg
lenord-cotier.com/wp-content/uploads/sites/3/2024/06/
60 KB
60 KB
Image
General
Full URL
https://lenord-cotier.com/wp-content/uploads/sites/3/2024/06/black-bear-50293_1280_7776744_3018823-600x300.jpg
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.205.49.19 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
a8c8cbc89343bb5a0eb85d4df31376c0e1c145e6fc2bbb4c2803b2998fd6f83c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:54 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 12 Jun 2024 19:27:37 GMT
server
Apache
etag
"ef2f-61ab65fff4341"
content-type
image/jpeg
cache-control
private, max-age=0, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
61231
ae436f0eac466625316536v_00069589-600x300.jpg
lenord-cotier.com/wp-content/uploads/sites/3/2024/06/
55 KB
56 KB
Image
General
Full URL
https://lenord-cotier.com/wp-content/uploads/sites/3/2024/06/ae436f0eac466625316536v_00069589-600x300.jpg
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.205.49.19 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
83cdc416df99a47ebb46022d9813b552e8e4cd3a21a41ea08eaba8097d0911c8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:54 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 Jun 2024 19:22:48 GMT
server
Apache
etag
"ddbc-61a15600e1807"
content-type
image/jpeg
cache-control
private, max-age=0, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
56764
1000001423-scaled-e1718041369216-600x300.jpg
lenord-cotier.com/wp-content/uploads/sites/3/2024/06/
42 KB
42 KB
Image
General
Full URL
https://lenord-cotier.com/wp-content/uploads/sites/3/2024/06/1000001423-scaled-e1718041369216-600x300.jpg
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.205.49.19 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
b4da3631b3a48c11241417d827a9635adf3d8cdf9d62dfaab3437a07ef13e693

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:54 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 10 Jun 2024 17:42:49 GMT
server
Apache
etag
"a72a-61a8cad854647"
content-type
image/jpeg
cache-control
private, max-age=0, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
42794
IMG_7021-600x300.jpeg
lenord-cotier.com/wp-content/uploads/sites/3/2024/06/
30 KB
30 KB
Image
General
Full URL
https://lenord-cotier.com/wp-content/uploads/sites/3/2024/06/IMG_7021-600x300.jpeg
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.205.49.19 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
511a81c3a1cfa23608fb06208ffdbd92a224ba8fa60400edeca0bc7371bedcec

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:54 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 06 Jun 2024 15:29:10 GMT
server
Apache
etag
"7900-61a3a582fd292"
content-type
image/jpeg
cache-control
private, max-age=0, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
30976
IMG_9395-600x300.jpg
lenord-cotier.com/wp-content/uploads/sites/3/2024/06/
47 KB
47 KB
Image
General
Full URL
https://lenord-cotier.com/wp-content/uploads/sites/3/2024/06/IMG_9395-600x300.jpg
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.205.49.19 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
16041ffa759b3a9fbbb7a4310e72e73a84172e6a56de5633197584d8033bbc03

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:54 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 06 Jun 2024 14:15:42 GMT
server
Apache
etag
"bc3a-61a395170bddf"
content-type
image/jpeg
cache-control
private, max-age=0, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
48186
CNNC_2024-06-12_001-300x384.jpg
lenord-cotier.com/wp-content/uploads/sites/3/2024/06/
38 KB
38 KB
Image
General
Full URL
https://lenord-cotier.com/wp-content/uploads/sites/3/2024/06/CNNC_2024-06-12_001-300x384.jpg
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.205.49.19 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
d8a8a17af30919ec736a38b267622a72cb5ee20bc822306cb260987a38fe0395

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:53 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 11 Jun 2024 11:10:06 GMT
server
Apache
etag
"9898-61a9b4ee93a7f"
content-type
image/jpeg
cache-control
private, max-age=0, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
39064
Front_CNND_2024-04-26_001-300x384.jpg
lenord-cotier.com/wp-content/uploads/sites/3/2024/05/
33 KB
33 KB
Image
General
Full URL
https://lenord-cotier.com/wp-content/uploads/sites/3/2024/05/Front_CNND_2024-04-26_001-300x384.jpg
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.205.49.19 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
a311bb4a21c33bca5691af5d9899652a77ef0395ec5e4fda845e53b8acf262c5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:54 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 08 May 2024 17:44:31 GMT
server
Apache
etag
"8334-617f4dad7f7f8"
content-type
image/jpeg
cache-control
private, max-age=0, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
33588
logo-le-nord-cotier-black-1.png
lenord-cotier.com/wp-content/uploads/sites/3/2021/03/
13 KB
13 KB
Image
General
Full URL
https://lenord-cotier.com/wp-content/uploads/sites/3/2021/03/logo-le-nord-cotier-black-1.png
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.205.49.19 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
ae57ec6b843f1667814332a84882f6c71c3827d6d0923798d8a298e5950f47eb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:54 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 17 Mar 2021 10:57:54 GMT
server
Apache
etag
"3477-5bdb95ae15f2b"
content-type
image/png
cache-control
private, max-age=0, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
13431
cf0380cd-0f65-4ab6-be46-f6f8607c7ce7-542x337.jpg
lenord-cotier.com/wp-content/uploads/sites/3/2024/05/
11 KB
11 KB
Image
General
Full URL
https://lenord-cotier.com/wp-content/uploads/sites/3/2024/05/cf0380cd-0f65-4ab6-be46-f6f8607c7ce7-542x337.jpg
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.205.49.19 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
749d16c37d633d79942dd17cc5f12a85bbde96e96236fa752ecf1b6a6a1d928b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:53 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 30 May 2024 17:31:06 GMT
server
Apache
etag
"2c37-619af3b628afa"
content-type
image/jpeg
cache-control
private, max-age=0, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
11319
president-UPA-ds-tracteur_1083948-600x300.jpg
lenord-cotier.com/wp-content/uploads/sites/3/2024/06/
37 KB
37 KB
Image
General
Full URL
https://lenord-cotier.com/wp-content/uploads/sites/3/2024/06/president-UPA-ds-tracteur_1083948-600x300.jpg
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.205.49.19 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
ea9d528f63c997b7c7d102addc51ca469ddb8bec540afdf23348a484e61a894e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:54 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 13 Jun 2024 18:00:18 GMT
server
Apache
etag
"92f4-61ac9459af287"
content-type
image/jpeg
cache-control
private, max-age=0, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
37620
Phare-Pointe-des-Monts-scaled_4073159_9616906-600x300.jpg
lenord-cotier.com/wp-content/uploads/sites/3/2024/06/
50 KB
50 KB
Image
General
Full URL
https://lenord-cotier.com/wp-content/uploads/sites/3/2024/06/Phare-Pointe-des-Monts-scaled_4073159_9616906-600x300.jpg
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.205.49.19 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
d561b478c7d864b518385b2419144f18a8f3f513df4f149a0b7d69620fe7e59e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:54 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 13 Jun 2024 17:51:54 GMT
server
Apache
etag
"c8bb-61ac92787c360"
content-type
image/jpeg
cache-control
private, max-age=0, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
51387
IMG_4620-600x300.jpeg
lenord-cotier.com/wp-content/uploads/sites/3/2024/06/
48 KB
48 KB
Image
General
Full URL
https://lenord-cotier.com/wp-content/uploads/sites/3/2024/06/IMG_4620-600x300.jpeg
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.205.49.19 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
19d97bdb18869b2e8ab601397c4956d050c01f4ed4ebda106af968ca72926aa4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:54 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 13 Jun 2024 17:26:15 GMT
server
Apache
etag
"be08-61ac8cbcc71dc"
content-type
image/jpeg
cache-control
private, max-age=0, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
48648
b0740eef-3a94-4bfa-a5b7-a0dc7f0e7657-600x300.jpg
lenord-cotier.com/wp-content/uploads/sites/3/2024/06/
46 KB
46 KB
Image
General
Full URL
https://lenord-cotier.com/wp-content/uploads/sites/3/2024/06/b0740eef-3a94-4bfa-a5b7-a0dc7f0e7657-600x300.jpg
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.205.49.19 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
76dd928897686b6786a65b58ccb41a8a820eeb9bbef422f0ad9250658cef5219

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:54 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 13 Jun 2024 14:48:51 GMT
server
Apache
etag
"b6d3-61ac698e8be24"
content-type
image/jpeg
cache-control
private, max-age=0, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
46803
Yves-Montigny-13-juin-2024-scaled-e1718292900275_1278456_5027467_1081946-542x337.jpg
lenord-cotier.com/wp-content/uploads/sites/3/2024/06/
40 KB
40 KB
Image
General
Full URL
https://lenord-cotier.com/wp-content/uploads/sites/3/2024/06/Yves-Montigny-13-juin-2024-scaled-e1718292900275_1278456_5027467_1081946-542x337.jpg
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.205.49.19 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
eb8e31285a980ae166a4d0f0c0b7fc0069085b8c173fd0fa3138fea54d8cceb1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:54 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 13 Jun 2024 17:19:40 GMT
server
Apache
etag
"9f6a-61ac8b44ab5fa"
content-type
image/jpeg
cache-control
private, max-age=0, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
40810
Manon-Asselin-CA-600x300.png
lenord-cotier.com/wp-content/uploads/sites/3/2024/06/
193 KB
193 KB
Image
General
Full URL
https://lenord-cotier.com/wp-content/uploads/sites/3/2024/06/Manon-Asselin-CA-600x300.png
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.205.49.19 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
ae82a41fa19db11b4a24fb6ff6c315dd37431edac4d86d7769639fe82853902e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:54 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 13 Jun 2024 15:53:34 GMT
server
Apache
etag
"30322-61ac780612edd"
content-type
image/png
cache-control
private, max-age=0, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
197410
iStock-654614708-600x300.jpg
lenord-cotier.com/wp-content/uploads/sites/3/2024/06/
18 KB
18 KB
Image
General
Full URL
https://lenord-cotier.com/wp-content/uploads/sites/3/2024/06/iStock-654614708-600x300.jpg
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.205.49.19 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
71b4562ab29eb52a1b2a605ecc48411e206cd60883e52ff0899c5357c85ac54d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:54 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 13 Jun 2024 15:41:15 GMT
server
Apache
etag
"474b-61ac75450f251"
content-type
image/jpeg
cache-control
private, max-age=0, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
18251
web-CISSS-1-600x300.jpg
lenord-cotier.com/wp-content/uploads/sites/3/2022/05/
44 KB
44 KB
Image
General
Full URL
https://lenord-cotier.com/wp-content/uploads/sites/3/2022/05/web-CISSS-1-600x300.jpg
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.205.49.19 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
b65c89c7379d1aab1be434f80d1c7fcbf14042ffbde196876e1871664a0d09d9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:54 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 03 May 2022 14:44:13 GMT
server
Apache
etag
"ae3d-5de1c8adc437f"
content-type
image/jpeg
cache-control
private, max-age=0, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
44605
defi_osentreprendre_boreatech-600x300.jpg
lenord-cotier.com/wp-content/uploads/sites/3/2024/06/
30 KB
30 KB
Image
General
Full URL
https://lenord-cotier.com/wp-content/uploads/sites/3/2024/06/defi_osentreprendre_boreatech-600x300.jpg
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.205.49.19 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
26642a41a8b6dd3d0f8d72143cce355c0bc9dcceaaca625ab69f7643e0c50b13

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:54 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 13 Jun 2024 14:57:25 GMT
server
Apache
etag
"78d6-61ac6b789990b"
content-type
image/jpeg
cache-control
private, max-age=0, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
30934
apstag.js
c.amazon-adsystem.com/aax2/
308 KB
76 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: rdc.m32.media
URL: https://rdc.m32.media/madops.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.44.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-44-103.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89417b7e7e602e0e469946d8971f4a48d69e6511d2755b5933d95260f9771529

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:13 GMT
content-encoding
gzip
via
1.1 e685e9e08c2e4b105f4d86b35da50628.cloudfront.net (CloudFront), 1.1 841dfa6074cf4b3b0718988f088a4ac2.cloudfront.net (CloudFront)
last-modified
Tue, 11 Jun 2024 21:55:25 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, IAD89-C1
age
42
x-amz-server-side-encryption
AES256
etag
W/"e80b397feb40163ad02c947203471e29"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
R0-Rw1-o-nORxF8UZlW5DV2Z0xD9baa-K3mldaRJxCiZFZcE4U78Mg==
prebid.js
rdc.m32.media/prebid/lenord-cotier.com/
227 KB
78 KB
Script
General
Full URL
https://rdc.m32.media/prebid/lenord-cotier.com/prebid.js
Requested by
Host: rdc.m32.media
URL: https://rdc.m32.media/m32pixel.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
346a1e0e4089960b884001d9c4ee3eb3bafdd044628c0b0c33848cb1ee9d7949
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:54 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
757134
x-guploader-uploadid
ABPtcPpCN7N66KWCxc9117xK40utnoyCGNaqdaCVHdNYanmaG1RqUU_ELVlmZ0hvag3qQv7o6kw
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
79031
x-served-by
cache-yul1970024-YUL, cache-yyz4561-YYZ
last-modified
Sat, 13 Apr 2024 00:12:38 GMT
server
UploadServer
x-timer
S1718304594.431518,VS0,VE1
etag
"05a02b7ec0a76936a0e4b14383c47494"
vary
Accept-Encoding
x-goog-generation
1712967158066120
content-type
text/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=EzYNBQ==, md5=BaArfsCnaTag5LFDg8R0lA==
access-control-expose-headers
Content-Type
cache-control
public,max-age=600
x-goog-stored-content-length
232241
x-amz-checksum-crc32c
EzYNBQ==
accept-ranges
bytes
x-cache-hits
1530, 0
gpt.js
securepubads.g.doubleclick.net/tag/js/
100 KB
31 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: rdc.m32.media
URL: https://rdc.m32.media/m32pixel.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c00::9c Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7afd993d5be8b77d9cc4ae40a93e72a2942de0856a2f37ee8c1d2210c9f056a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31743
x-xss-protection
0
server
cafe
etag
774 / 19887 / m202406100101 / config-hash: 7565594039163660619
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 13 Jun 2024 18:49:54 GMT
/
fastlygeo.m32.media/
178 B
281 B
XHR
General
Full URL
https://fastlygeo.m32.media/
Requested by
Host: rdc.m32.media
URL: https://rdc.m32.media/m32pixel.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
29f9bc38ee5fbe47d4d2fef73f6574319b182e4e4711385aabdd06146fbc5e58

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-yyz4520-YYZ
date
Thu, 13 Jun 2024 18:49:53 GMT
via
1.1 varnish
server
Varnish
x-timer
S1718304594.582177,VS0,VE0
x-cache
HIT
content-type
application/json
access-control-allow-origin
*
accept-ranges
bytes
content-length
178
retry-after
0
x-cache-hits
0
recaptcha__en.js
www.gstatic.com/recaptcha/releases/TqxSU0dsOd2Q9IbI7CpFnJLD/
514 KB
204 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/TqxSU0dsOd2Q9IbI7CpFnJLD/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadSibCallbackInvisible&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3be69375a428a615caa7c5307c15298a41a4f272c77ff19051a462462d1af5a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Origin
https://lenord-cotier.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 23:58:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
240691
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
208584
x-xss-protection
0
last-modified
Mon, 10 Jun 2024 16:44:59 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 10 Jun 2025 23:58:23 GMT
page_view
seg.m32.media/
0
259 B
XHR
General
Full URL
https://seg.m32.media/page_view
Requested by
Host: rdc.m32.media
URL: https://rdc.m32.media/m32pixel.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.203.92.254 Montreal, Canada, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
254.92.203.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Thu, 13 Jun 2024 18:49:54 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Length
0
Content-Type
application/json
jsonp
sync.springserve.com/usersync/
61 B
479 B
Fetch
General
Full URL
https://sync.springserve.com/usersync/jsonp?callback=callback
Requested by
Host: s3.us-west-2.amazonaws.com
URL: https://s3.us-west-2.amazonaws.com/application-mia-player-prod.rubiconproject.com/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.185.54.232 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-185-54-232.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8dce961b243318a11cbc86d3b0fbc4d68b5e62ccf229edf2717207cf43d8873c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://lenord-cotier.com
date
Thu, 13 Jun 2024 18:49:54 GMT
access-control-allow-credentials
true
server
nginx
content-length
61
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406100101/
425 KB
144 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406100101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3320479470174190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c02::9a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d4f388b1fac0c0c2742adf838b98448145f4f18bb9db911fef03469d7c96b59f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
147187
x-xss-protection
0
server
cafe
etag
17710544032519163963
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 Jun 2024 18:49:54 GMT
ssusersync
tv.springserve.com/
7 KB
7 KB
Script
General
Full URL
https://tv.springserve.com/ssusersync?gdpr=-1&gdpr_consent=-1&us_privacy=
Requested by
Host: s3.us-west-2.amazonaws.com
URL: https://s3.us-west-2.amazonaws.com/application-mia-player-prod.rubiconproject.com/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.36.29.16 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-29-16.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b3f8d07acfab65afb2b1cfc48540e5c2c22c29571af60cd8b88ebe498c093dfb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Thu, 13 Jun 2024 18:49:54 GMT
access-control-allow-credentials
true
server
nginx
content-length
7330
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
js
www.googletagmanager.com/gtag/
288 KB
98 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-22CZVH91JE&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMRC7XQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0d::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
def7acc32bc07768a0b6417305e076e3bee80bdb1574c7360f85e064501d2cd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100031
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 13 Jun 2024 18:49:54 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMRC7XQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0b::8b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 13 Jun 2024 17:54:01 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3354
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 13 Jun 2024 19:54:01 GMT
collect
analytics.google.com/g/
0
256 B
Ping
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-22CZVH91JE&gtm=45je46c0v887002165z8839259857za200zb839259857&_p=1718304593032&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=994324702.1718304595&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718304594&sct=1&seg=0&dl=https%3A%2F%2Flenord-cotier.com%2F&dt=Accueil%20-%20Le%20Nord-C%C3%B4tier&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3492&_z=sendBeacon
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-22CZVH91JE&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0d::8b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 13 Jun 2024 18:49:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://lenord-cotier.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
48 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-22CZVH91JE&cid=994324702.1718304595&gtm=45je46c0v887002165z8839259857za200zb839259857&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-22CZVH91JE&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0e::9b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 13 Jun 2024 18:49:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://lenord-cotier.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/
42 B
63 B
Image
General
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-22CZVH91JE&cid=994324702.1718304595&gtm=45je46c0v887002165z8839259857za200zb839259857&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&z=555438971
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c04::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 13 Jun 2024 18:49:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.44.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-44-103.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding
gzip
via
1.1 50f5f6b4e0025748bb74dce1db44c750.cloudfront.net (CloudFront)
date
Thu, 13 Jun 2024 10:31:37 GMT
x-amz-cf-pop
IAD89-C1
age
29899
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
iJ3aY-Fnp45fMfrrOWzP6b5l1FvTndqvLq6eJKOopf6KWz3toAZHQQ==
14048
rtb.gumgum.com/usync/ Frame 70B4
0
0
Document
General
Full URL
https://rtb.gumgum.com/usync/14048?gdpr=0&gdpr_consent=-1&us_privacy=&r=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3D
Requested by
Host: tv.springserve.com
URL: https://tv.springserve.com/ssusersync?gdpr=-1&gdpr_consent=-1&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.204.51.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-51-48.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://lenord-cotier.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-length
0
date
Thu, 13 Jun 2024 18:49:55 GMT
etag
"0d41d8cd98f00b204e9800998ecf8427e"
server
nginx
timing-allow-origin
*
usermatch
ssum.casalemedia.com/ Frame 8B28
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=191709&gdpr=0&gdpr_consent=-1&us_privacy=&cb=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy...
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3D&gdpr=0&gdpr_consent=-1&s=19170...
0
0
Document
General
Full URL
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3D&gdpr=0&gdpr_consent=-1&s=191709&us_privacy=&C=1
Requested by
Host: tv.springserve.com
URL: https://tv.springserve.com/ssusersync?gdpr=-1&gdpr_consent=-1&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://lenord-cotier.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8934436a0f97ac00-YYZ
content-encoding
br
content-type
text/html
date
Thu, 13 Jun 2024 18:49:55 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CX8wGvkZ1x%2FxCdqDHswUDQ74AVVC2D92bn%2FbmYMC%2FYaFGAfchKE8iiWScKo7rHwMEEqwZi%2BhDq1IsyK7ENxReoLFXuVvLfibJSjXkVyOmKmztpu%2F7dU7q1O%2BT7ZwDeXl2gCQGzSs"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
893443691e8bac00-YYZ
content-length
0
date
Thu, 13 Jun 2024 18:49:55 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3D&gdpr=0&gdpr_consent=-1&s=191709&us_privacy=&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OK4oK%2F3Dk9upJv9hBRKtofozYa647H0n7a6lgYN9PY9x4gdFu8VbuWvBcyMUUJKkhp9SbIrY9IgUO8AbltIUQyfeUos9OABAgjUMfi6w7AeCm%2FFhsQHgQwPhW5I%2F%2FmHVeoR3niBi"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 860C
0
0
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=-1&us_privacy=&predirect=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000010%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3D
Requested by
Host: tv.springserve.com
URL: https://tv.springserve.com/ssusersync?gdpr=-1&gdpr_consent=-1&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.61.14 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-61-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://lenord-cotier.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
max-age=71931
content-encoding
gzip
content-length
5492
content-type
text/html
date
Thu, 13 Jun 2024 18:49:55 GMT
expires
Fri, 14 Jun 2024 14:48:46 GMT
last-modified
Wed, 05 Jun 2024 06:37:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
vid-io-pdx.springserve.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000001%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fvid-io-pdx.springserve.com%252Fusersync%253Faid%253D1000001%2526gdpr%253D0%2526gdpr_consent%253D-1%2526us_privacy%253D%2526uuid%253D%2524UID
  • https://vid-io-pdx.springserve.com/usersync?aid=1000001&gdpr=0&gdpr_consent=-1&us_privacy=&uuid=2544973523831875102
43 B
207 B
Image
General
Full URL
https://vid-io-pdx.springserve.com/usersync?aid=1000001&gdpr=0&gdpr_consent=-1&us_privacy=&uuid=2544973523831875102
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Server
54.187.192.10 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-187-192-10.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://lenord-cotier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 13 Jun 2024 18:49:56 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 13 Jun 2024 18:49:55 GMT
an-x-request-uuid
9823bc20-a53b-432e-b3c2-33910bb4abb9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://vid-io-pdx.springserve.com/usersync?aid=1000001&gdpr=0&gdpr_consent=-1&us_privacy=&uuid=2544973523831875102
x-proxy-origin
199.48.243.13; 199.48.243.13; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
sync.bfmio.com/
Redirect Chain
  • https://sync.bfmio.com/syncb?pid=111&gdpr=0&gdpr_consent=-1&us_privacy=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://sync.bfmio.com/sync?pid=106&uid=1f8b4c71-962e-4fb6-a4be-45a8fcddd9ef
0
421 B
Image
General
Full URL
https://sync.bfmio.com/sync?pid=106&uid=1f8b4c71-962e-4fb6-a4be-45a8fcddd9ef
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
HTTP/1.1
Server
54.144.53.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-53-235.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://lenord-cotier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 13 Jun 2024 18:49:55 GMT

Redirect headers

location
https://sync.bfmio.com/sync?pid=106&uid=1f8b4c71-962e-4fb6-a4be-45a8fcddd9ef
date
Thu, 13 Jun 2024 18:49:56 GMT
server
Kestrel
content-length
183
usersync
vid-io-pdx.springserve.com/
Redirect Chain
  • https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=-1&us_privacy=&redirect=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000003%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3D%24UID
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000003%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26u...
  • https://cs.emxdgt.com/umcheck?apnxid=2544973523831875102&redirect=https://vid-io-pdx.springserve.com/usersync?aid=1000003&gdpr=0&gdpr_consent=-1&us_privacy=&uuid=$EMXUID&b64_redirect=aHR0cHM6Ly92aW...
  • https://vid-io-pdx.springserve.com/usersync?aid=1000003&gdpr=0&gdpr_consent=-1&us_privacy=&uuid=2544973523831875102brt51141718304595895482a2
43 B
206 B
Image
General
Full URL
https://vid-io-pdx.springserve.com/usersync?aid=1000003&gdpr=0&gdpr_consent=-1&us_privacy=&uuid=2544973523831875102brt51141718304595895482a2
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Server
54.187.192.10 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-187-192-10.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://lenord-cotier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 13 Jun 2024 18:49:56 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

location
https://vid-io-pdx.springserve.com/usersync?aid=1000003&gdpr=0&gdpr_consent=-1&us_privacy=&uuid=2544973523831875102brt51141718304595895482a2
date
Thu, 13 Jun 2024 18:49:55 GMT
content-length
0
content-type
text/html
usersync
sync.springserve.com/
Redirect Chain
  • https://pixel.advertising.com/ups/58185/sync?&gdpr=0&gdpr_consent=-1&us_privacy=&redir=true
  • https://ups.analytics.yahoo.com/ups/58185/sync?&gdpr=0&gdpr_consent=-1&us_privacy=&redir=true
  • https://ups.analytics.yahoo.com/ups/58185/sync?&gdpr=0&gdpr_consent=-1&us_privacy=&redir=true&verify=true
  • https://sync.springserve.com/usersync?aid=759&uuid=y-UukJ6M5E2uHwHHwfIIVdbtoOHQ6xwjqR~A&us_privacy=
43 B
206 B
Image
General
Full URL
https://sync.springserve.com/usersync?aid=759&uuid=y-UukJ6M5E2uHwHHwfIIVdbtoOHQ6xwjqR~A&us_privacy=
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Server
54.185.54.232 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-185-54-232.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://lenord-cotier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 13 Jun 2024 18:49:56 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

location
https://sync.springserve.com/usersync?aid=759&uuid=y-UukJ6M5E2uHwHHwfIIVdbtoOHQ6xwjqR~A&us_privacy=
date
Thu, 13 Jun 2024 18:49:56 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.121
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usersync
vid-io-pdx.springserve.com/
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=-1&us_privacy=&r=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000008%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3D%2...
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=-1&r=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000008%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3D%24%7BUID%7D&u...
  • https://vid-io-pdx.springserve.com/usersync?aid=1000008&gdpr=0&gdpr_consent=-1&us_privacy=&uuid=3904b34d-2fc3-4073-af13-2c5bb8c8e2b8
43 B
206 B
Image
General
Full URL
https://vid-io-pdx.springserve.com/usersync?aid=1000008&gdpr=0&gdpr_consent=-1&us_privacy=&uuid=3904b34d-2fc3-4073-af13-2c5bb8c8e2b8
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Server
54.187.192.10 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-187-192-10.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://lenord-cotier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 13 Jun 2024 18:49:56 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 13 Jun 2024 18:49:56 GMT
via
1.1 google
vary
Origin
x-forwarded-for
199.48.243.13
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://vid-io-pdx.springserve.com/usersync?aid=1000008&gdpr=0&gdpr_consent=-1&us_privacy=&uuid=3904b34d-2fc3-4073-af13-2c5bb8c8e2b8
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
sync.springserve.com/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=157310&gdpr=0&gdpr_consent=-1&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D157310%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT%26pmc%3...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=157310&gdpr=0&gdpr_consent=-1&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D157310%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT%26pmc%3...
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=1A4FAD44-CD12-4BA8-9EFB-108C2E299192&gdpr=0&gdpr_consent=-1
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=5f10c2372f3a1538&is_secure=true&networkId=17100&version=1&nuid=1A4FAD44-CD12-4BA8-9EFB-108C2E299192&gdpr=0&gdpr_consent=-1
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AQAGIGhMkHviCwJkgXisAQEBAQEBAQCRE-5nAwEBAJET7mcD&expiration=1718390997&nuid=1A4FAD44-CD12-4B...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=-1&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&gdpr_consent=-1&p=157310&pmc=1&pr=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000010%26uuid%3D1A4FAD44-CD12-4BA8-9EFB-108C2E299192%26gdpr...
  • https://sync.springserve.com/usersync?aid=1000010&uuid=1A4FAD44-CD12-4BA8-9EFB-108C2E299192&gdpr=0&gdpr_consent=-1
43 B
206 B
Image
General
Full URL
https://sync.springserve.com/usersync?aid=1000010&uuid=1A4FAD44-CD12-4BA8-9EFB-108C2E299192&gdpr=0&gdpr_consent=-1
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Server
54.185.54.232 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-185-54-232.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://lenord-cotier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 13 Jun 2024 18:49:58 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

location
https://sync.springserve.com/usersync?aid=1000010&uuid=1A4FAD44-CD12-4BA8-9EFB-108C2E299192&gdpr=0&gdpr_consent=-1
date
Thu, 13 Jun 2024 18:49:58 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usersync
vid-io-pdx.springserve.com/
Redirect Chain
  • https://bh.contextweb.com/rtset?gdpr=0&gdpr_consent=-1&us_privacy=&pid=561910&ev=1&rurl=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000011%26gdpr%3D0%26gdpr_consent%3D-1%26us_priva...
  • https://vid-io-pdx.springserve.com/usersync?aid=1000011&gdpr=0&gdpr_consent=-1&us_privacy=&uuid=2WEvjOxplkAi&ev=1&us_privacy=&gdpr_consent=-1&pid=561910&gdpr=0
43 B
206 B
Image
General
Full URL
https://vid-io-pdx.springserve.com/usersync?aid=1000011&gdpr=0&gdpr_consent=-1&us_privacy=&uuid=2WEvjOxplkAi&ev=1&us_privacy=&gdpr_consent=-1&pid=561910&gdpr=0
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Server
54.187.192.10 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-187-192-10.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://lenord-cotier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 13 Jun 2024 18:49:56 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://vid-io-pdx.springserve.com/usersync?aid=1000011&gdpr=0&gdpr_consent=-1&us_privacy=&uuid=2WEvjOxplkAi&ev=1&us_privacy=&gdpr_consent=-1&pid=561910&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6f9d7df7d-qb64n
expires
-1
usersync
vid-io-pdx.springserve.com/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=-1&us_privacy=&redir=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000012%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uui...
  • https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000012%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3D%5BRX_UUID%5D&cb=17183045...
  • https://ad.turn.com/r/cs?pid=45&rndcb=8987653793
  • https://sync.1rx.io/usersync/turn/3497762494991108172?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-759e35cd-ee03-4e95-915a-f373cd035f64-005?redir=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000012%26gdpr%3D0%26gdpr_consent%3D-1%26u...
  • https://vid-io-pdx.springserve.com/usersync?aid=1000012&gdpr=0&gdpr_consent=-1&us_privacy=&uuid=RX-759e35cd-ee03-4e95-915a-f373cd035f64-005
43 B
206 B
Image
General
Full URL
https://vid-io-pdx.springserve.com/usersync?aid=1000012&gdpr=0&gdpr_consent=-1&us_privacy=&uuid=RX-759e35cd-ee03-4e95-915a-f373cd035f64-005
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Server
54.187.192.10 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-187-192-10.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://lenord-cotier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 13 Jun 2024 18:49:58 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

location
https://vid-io-pdx.springserve.com/usersync?aid=1000012&gdpr=0&gdpr_consent=-1&us_privacy=&uuid=RX-759e35cd-ee03-4e95-915a-f373cd035f64-005
date
Thu, 13 Jun 2024 18:49:55 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX759e35cdee034e95915af373cd035f64005
content-type
text/html
usersync
vid-io-pdx.springserve.com/
Redirect Chain
  • https://sync.go.sonobi.com/us.gif?gdpr=0&gdpr_consent=-1&us_privacy=&loc=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000013%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3D...
  • https://vid-io-pdx.springserve.com/usersync?aid=1000013&gdpr=0&gdpr_consent=-1&us_privacy=&uuid=d02b392a-564a-405c-bd46-5029683c14e1
43 B
206 B
Image
General
Full URL
https://vid-io-pdx.springserve.com/usersync?aid=1000013&gdpr=0&gdpr_consent=-1&us_privacy=&uuid=d02b392a-564a-405c-bd46-5029683c14e1
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Server
54.187.192.10 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-187-192-10.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://lenord-cotier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 13 Jun 2024 18:49:57 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 13 Jun 2024 18:49:56 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-171
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://vid-io-pdx.springserve.com/usersync?aid=1000013&gdpr=0&gdpr_consent=-1&us_privacy=&uuid=d02b392a-564a-405c-bd46-5029683c14e1
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
usersync
vid-io-pdx.springserve.com/
Redirect Chain
  • https://pbs.publishers.tremorhub.com/pubsync?gdpr=0&gdpr_consent=-1&us_privacy=&redir=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000015%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy...
  • https://pbs.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=-1&us_privacy=&redir=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000015%26gdpr%3D0%26gdpr_consent%3D-1%26us_...
  • https://vid-io-pdx.springserve.com/usersync?aid=1000015&gdpr=0&gdpr_consent=-1&us_privacy=&uuid=7c3b00deb8364bc387d4ca3e83df5333
43 B
206 B
Image
General
Full URL
https://vid-io-pdx.springserve.com/usersync?aid=1000015&gdpr=0&gdpr_consent=-1&us_privacy=&uuid=7c3b00deb8364bc387d4ca3e83df5333
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Server
54.187.192.10 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-187-192-10.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://lenord-cotier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 13 Jun 2024 18:49:57 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

location
https://vid-io-pdx.springserve.com/usersync?aid=1000015&gdpr=0&gdpr_consent=-1&us_privacy=&uuid=7c3b00deb8364bc387d4ca3e83df5333
date
Thu, 13 Jun 2024 18:49:57 GMT
server
nginx
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
getuid
eb2.3lift.com/
37 B
141 B
Image
General
Full URL
https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=-1&us_privacy=&redir=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000016%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3D%24UID
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
pbsync
ads.yieldmo.com/
0
36 B
Image
General
Full URL
https://ads.yieldmo.com/pbsync?gdpr=0&gdpr_consent=-1&us_privacy=&redirectUri=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000017%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3D%24UID
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.117.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-117-100.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:56 GMT
usersync
sync.springserve.com/
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=52&gdpr=0&gdpr_consent=-1&us_privacy=&redirectUri=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000018%26gdpr%3D0%26gdpr_consent%3...
  • https://sync.springserve.com/usersync?aid=1000018&gdpr=0&gdpr_consent=&uuid=1342926387320261047
43 B
206 B
Image
General
Full URL
https://sync.springserve.com/usersync?aid=1000018&gdpr=0&gdpr_consent=&uuid=1342926387320261047
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Server
54.185.54.232 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-185-54-232.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://lenord-cotier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 13 Jun 2024 18:49:57 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

location
https://sync.springserve.com/usersync?aid=1000018&gdpr=0&gdpr_consent=&uuid=1342926387320261047
date
Thu, 13 Jun 2024 18:49:56 GMT
content-length
0
usersync
sync.springserve.com/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58800/sync?redir=true&gpp=&gpp_sid=&gdpr=0&gdpr_consent=-1
  • https://sync.springserve.com/usersync?aid=1000019&uuid=y-vvdxDlpE2uJy0YQtma0cM19kvmh5gsyU~A&gdpr_in_effect=0
43 B
206 B
Image
General
Full URL
https://sync.springserve.com/usersync?aid=1000019&uuid=y-vvdxDlpE2uJy0YQtma0cM19kvmh5gsyU~A&gdpr_in_effect=0
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Server
54.185.54.232 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-185-54-232.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://lenord-cotier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 13 Jun 2024 18:49:57 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

location
https://sync.springserve.com/usersync?aid=1000019&uuid=y-vvdxDlpE2uJy0YQtma0cM19kvmh5gsyU~A&gdpr_in_effect=0
date
Thu, 13 Jun 2024 18:49:57 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.121
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
sync.sxp.smartclip.net/
Redirect Chain
  • https://sync.sxp.smartclip.net/sync?type=red&dsp=116&gdpr_consent=-1
  • https://sync.sxp.smartclip.net/sync?type=red&dsp=116&gdpr_consent=-1&ang_testid=1
42 B
321 B
Image
General
Full URL
https://sync.sxp.smartclip.net/sync?type=red&dsp=116&gdpr_consent=-1&ang_testid=1
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Server
35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.194.186.35.bc.googleusercontent.com
Software
openresty/1.21.4.3 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://lenord-cotier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 13 Jun 2024 18:49:57 GMT
via
1.1 google
server
openresty/1.21.4.3
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Thu, 13 Jun 2024 18:49:57 GMT
via
1.1 google
server
openresty/1.21.4.3
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.sxp.smartclip.net/sync?type=red&dsp=116&gdpr_consent=-1&ang_testid=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
v1
match.sharethrough.com/universal/
0
39 B
Image
General
Full URL
https://match.sharethrough.com/universal/v1?supply_id=BGApXMcE
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.57.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-57-91.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:57 GMT
content-length
0
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=0&gdpr_consent=-1&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid&gdpr=0&gdpr_consent=-1&us_privacy=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=themediagrid&bsw_param=d182348a-3cd5-4794-9031-91df88493f67&google_hm=ZDE4MjM0OGEtM2NkNS00Nzk0LTkwMzEtOTFkZjg4NDk...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEC_xAUSMQKTURCntLPNbeuk&google_cver=1&ssp=themediagrid&bsw_param=d182348a-3cd5-4794-9031-91df88493f67&gdpr_consent=-1&gdpr=0
43 B
235 B
Image
General
Full URL
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEC_xAUSMQKTURCntLPNbeuk&google_cver=1&ssp=themediagrid&bsw_param=d182348a-3cd5-4794-9031-91df88493f67&gdpr_consent=-1&gdpr=0
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://lenord-cotier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 13 Jun 2024 18:49:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 13 Jun 2024 18:49:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEC_xAUSMQKTURCntLPNbeuk&google_cver=1&ssp=themediagrid&bsw_param=d182348a-3cd5-4794-9031-91df88493f67&gdpr_consent=-1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
396
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
vid-io-pdx.springserve.com/
Redirect Chain
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=-1&tpid=22144&cburl=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000023%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3D__STROEE...
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=-1&tpid=22144&cburl=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000023%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3D__STROEE...
  • https://vid-io-pdx.springserve.com/usersync?aid=1000023&gdpr=0&gdpr_consent=-1&us_privacy=&uuid=7fa42041dd2d4777a5ba48bc277a10a7
43 B
206 B
Image
General
Full URL
https://vid-io-pdx.springserve.com/usersync?aid=1000023&gdpr=0&gdpr_consent=-1&us_privacy=&uuid=7fa42041dd2d4777a5ba48bc277a10a7
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Server
54.187.192.10 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-187-192-10.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://lenord-cotier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 13 Jun 2024 18:49:58 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

location
https://vid-io-pdx.springserve.com/usersync?aid=1000023&gdpr=0&gdpr_consent=-1&us_privacy=&uuid=7fa42041dd2d4777a5ba48bc277a10a7
date
Thu, 13 Jun 2024 18:49:58 GMT
content-length
0
usersync
vid-io-pdx.springserve.com/
Redirect Chain
  • https://sync.teads.tv/um?gdpr=0&gdpr_consent=-1&ssb_provider_id=1&uid&fb=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000024%26us_privacy%3D%26uuid%3D%5BVID%5D
  • https://vid-io-pdx.springserve.com/usersync?aid=1000024&us_privacy=&uuid=887f2fd6-f07f-474a-bd74-6445e2efaf41&gdpr=0&gdpr_consent=-1
43 B
206 B
Image
General
Full URL
https://vid-io-pdx.springserve.com/usersync?aid=1000024&us_privacy=&uuid=887f2fd6-f07f-474a-bd74-6445e2efaf41&gdpr=0&gdpr_consent=-1
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Server
54.187.192.10 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-187-192-10.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://lenord-cotier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 13 Jun 2024 18:49:58 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 13 Jun 2024 18:49:58 GMT
server
pekko-http/1.0.1
content-type
text/html; charset=UTF-8
location
https://vid-io-pdx.springserve.com/usersync?aid=1000024&us_privacy=&uuid=887f2fd6-f07f-474a-bd74-6445e2efaf41&gdpr=0&gdpr_consent=-1
cache-control
max-age=0, no-cache, no-store
content-length
205
expires
Thu, 13 Jun 2024 18:49:58 GMT
token
pixel.rubiconproject.com/
0
688 B
Image
General
Full URL
https://pixel.rubiconproject.com/token?pid=52948&gdpr=0&gdpr_consent=-1&us_privacy=&rk=pdx
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cksync
cs.media.net/
56 B
620 B
Image
General
Full URL
https://cs.media.net/cksync?cs=60&type=ss&gdpr=0&gdpr_consent=-1&us_privacy=&redirect=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000026%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3D%3Cvsid%3E
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.31.48.28 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-48-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5eeb0081366c82d6237c6e16e9af56188182db7669e6916a9018bbf8d16b5b7a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Thu, 13 Jun 2024 18:49:58 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
56
x-mnet-hl2
E
Expires
Thu, 13 Jun 2024 18:49:58 GMT
/
sync.richaudience.com/74889303289e27f327ad0c6de7be7264/
Redirect Chain
  • https://sync.richaudience.com/74889303289e27f327ad0c6de7be7264/?consentString=-1&r=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000027%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D...
  • https://sync.richaudience.com/74889303289e27f327ad0c6de7be7264/?consentString=-1&r=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000027%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D...
0
0

usersync
sync.springserve.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3691&_fw_gdpr=0&_fw_gdpr_consent=-1&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000028%26gdpr%3D0%26gdp...
  • https://sync.springserve.com/usersync?aid=1000028&uuid=eeb985ffa07b60c4e7abdf24ff64da7&gdpr=0&-1=&us_privacy=&gpp={gpp_string}&gpp_sid={gpp_sid}&gpp_sid=&gpp=&us_privacy=&_fw_gdpr=0&_fw_gdpr_consen...
43 B
206 B
Image
General
Full URL
https://sync.springserve.com/usersync?aid=1000028&uuid=eeb985ffa07b60c4e7abdf24ff64da7&gdpr=0&-1=&us_privacy=&gpp={gpp_string}&gpp_sid={gpp_sid}&gpp_sid=&gpp=&us_privacy=&_fw_gdpr=0&_fw_gdpr_consent=-1&redir=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000028%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26uuid%3D%7Bviewerid%7D
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Server
54.185.54.232 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-185-54-232.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://lenord-cotier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 13 Jun 2024 18:49:59 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 13 Jun 2024 18:49:59 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://sync.springserve.com/usersync?aid=1000028&uuid=eeb985ffa07b60c4e7abdf24ff64da7&gdpr=0&-1=&us_privacy=&gpp={gpp_string}&gpp_sid={gpp_sid}&gpp_sid=&gpp=&us_privacy=&_fw_gdpr=0&_fw_gdpr_consent=-1&redir=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000028%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26uuid%3D%7Bviewerid%7D
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1718304599210098-1213
pbs.gif
sync.admanmedia.com/
60 B
60 B
Image
General
Full URL
https://sync.admanmedia.com/pbs.gif?gdpr=0&gdpr_consent=-1&us_privacy=&redir=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000029%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3D%5BUID%5D
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.26 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a63dfafeb1e16958219c7a35e30625e86b3c11db90f0990fb68fa7181e7de73b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 13 Jun 2024 18:50:08 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Length
60
Content-Type
text/plain
usersync
sync.springserve.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=0kkyw3l&ttd_tpi=1&gdpr=0&gdpr_consent=-1&us_privacy=
  • https://sync.springserve.com/usersync?aid=1000030&ttd_puid=&uuid=1f8b4c71-962e-4fb6-a4be-45a8fcddd9ef&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
43 B
206 B
Image
General
Full URL
https://sync.springserve.com/usersync?aid=1000030&ttd_puid=&uuid=1f8b4c71-962e-4fb6-a4be-45a8fcddd9ef&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Server
54.185.54.232 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-185-54-232.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://lenord-cotier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 13 Jun 2024 18:49:58 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

location
https://sync.springserve.com/usersync?aid=1000030&ttd_puid=&uuid=1f8b4c71-962e-4fb6-a4be-45a8fcddd9ef&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Thu, 13 Jun 2024 18:49:58 GMT
server
Kestrel
content-length
325
usersync
vid-io-pdx.springserve.com/
Redirect Chain
  • https://y.one.impact-ad.jp/hbs_cs?redirectUri=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000031%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3D%24UID
  • https://y.one.impact-ad.jp/ul_cb/hbs_cs?redirectUri=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000031%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3D%24UID
  • https://vid-io-pdx.springserve.com/usersync?aid=1000031&gdpr=0&gdpr_consent=-1&us_privacy=&uuid=a23e6cc6-b1a8-4146-ba89-099f7e4a45bc
43 B
205 B
Image
General
Full URL
https://vid-io-pdx.springserve.com/usersync?aid=1000031&gdpr=0&gdpr_consent=-1&us_privacy=&uuid=a23e6cc6-b1a8-4146-ba89-099f7e4a45bc
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Server
54.187.192.10 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-187-192-10.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://lenord-cotier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 13 Jun 2024 18:50:00 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

location
https://vid-io-pdx.springserve.com/usersync?aid=1000031&gdpr=0&gdpr_consent=-1&us_privacy=&uuid=a23e6cc6-b1a8-4146-ba89-099f7e4a45bc
date
Thu, 13 Jun 2024 18:49:59 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406100101/
463 KB
144 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406100101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c00::9c Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a61500a342875a17afc10c79e9c1596ae0e18182bf57f34390b4a68dad5ce1cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:31:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
80314
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
147345
x-xss-protection
0
server
cafe
etag
14651848665127099269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 12 Jun 2025 20:31:24 GMT
anchor
www.google.com/recaptcha/api2/ Frame 182F
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcb60UaAAAAAD3wd8P6VllY_OTpLxMQgcrNp7BV&co=aHR0cHM6Ly9sZW5vcmQtY290aWVyLmNvbTo0NDM.&hl=en&v=TqxSU0dsOd2Q9IbI7CpFnJLD&size=invisible&cb=aq1na5e3siwk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TqxSU0dsOd2Q9IbI7CpFnJLD/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0b::63 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Bj5mVuQzyQ3gW31im4pBlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://lenord-cotier.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Bj5mVuQzyQ3gW31im4pBlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jun 2024 18:49:55 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
collect
www.google-analytics.com/j/
4 B
211 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=812906016&t=pageview&_s=1&dl=https%3A%2F%2Flenord-cotier.com%2F&ul=en-ca&de=UTF-8&dt=Accueil%20-%20Le%20Nord-C%C3%B4tier&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1363783009&gjid=1070877117&cid=994324702.1718304595&tid=UA-93300103-1&_gid=1502021117.1718304595&_r=1&_slc=1&gtm=45He46c0n81KMRC7XQv839259857za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&z=1120135100
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0b::8b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Jun 2024 18:49:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://lenord-cotier.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
348 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-93300103-1&cid=994324702.1718304595&jid=1363783009&gjid=1070877117&_gid=1502021117.1718304595&_u=YADAAEAAAAAAACAAI~&z=355124215
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0e::9b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 13 Jun 2024 18:49:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://lenord-cotier.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240610/r20110914/ Frame EC8B
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240610/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c01::9d Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://lenord-cotier.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
81027
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4164
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 12 Jun 2024 20:19:28 GMT
etag
9187630395144177108
expires
Wed, 26 Jun 2024 20:19:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5209
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3320479470174190&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1718304591&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Flenord-cotier.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=30_23~27_4~29_10&aiixl=30_6~27_3~29_5&aslmct=0.7&asamct=0.7&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNTUiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNTUiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjU1Il1dLDBd&dt=1718304593713&bpp=4&bdt=1679&idt=1637&shv=r20240610&mjsv=m202406100101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=7516798122179&frm=20&pv=2&ga_vid=994324702.1718304595&ga_sid=1718304595&ga_hid=812906016&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44795921%2C95331688%2C95332924%2C95334511%2C95334528%2C95334571%2C95334819%2C95334053%2C31078663%2C31078668%2C31078670&oid=2&pvsid=333305305478923&tmod=2137749120&uas=0&nvt=1&fsapi=1&fc=1920&brdim=150%2C150%2C150%2C150%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=1681
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c01::9d Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://lenord-cotier.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jun 2024 18:49:55 GMT
expires
Thu, 13 Jun 2024 18:49:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
excluded_by_insertion
mia-placement-server.rubiconproject.com/tracking/66188/513/
0
0
Fetch
General
Full URL
https://mia-placement-server.rubiconproject.com/tracking/66188/513/excluded_by_insertion
Requested by
Host: s3.us-west-2.amazonaws.com
URL: https://s3.us-west-2.amazonaws.com/application-mia-player-prod.rubiconproject.com/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.195.178.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-195-178-9.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Thu, 13 Jun 2024 18:49:55 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
bframe
www.google.com/recaptcha/api2/ Frame 5940
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=TqxSU0dsOd2Q9IbI7CpFnJLD&k=6Lcb60UaAAAAAD3wd8P6VllY_OTpLxMQgcrNp7BV
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TqxSU0dsOd2Q9IbI7CpFnJLD/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0b::63 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_HLBaXPd3ffeniEo33F1aA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://lenord-cotier.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-_HLBaXPd3ffeniEo33F1aA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jun 2024 18:49:57 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
5958391e-88ea-48ec-8c15-5013f0cdbc6d
config.aps.amazon-adsystem.com/configs/
563 B
830 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/5958391e-88ea-48ec-8c15-5013f0cdbc6d
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-20.iad12.r.cloudfront.net
Software
CloudFront /
Resource Hash
fef327524aebdfffae2bd88eca821c6eeb29216fdcdbf31306a8294739c2a4c5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:22:41 GMT
via
1.1 6b29c936420d116b13807604a0e67044.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD12-P3
age
1638
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
563
x-amz-cf-id
aFzLZYw73dsYrws9T27TG-ekByoXH-eH6Umym6zNL2k4ay4qPfJMpg==
config
c.amazon-adsystem.com/cdn/prod/
2 KB
2 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Flenord-cotier.com&pubid=5958391e-88ea-48ec-8c15-5013f0cdbc6d
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.44.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-44-103.iad89.r.cloudfront.net
Software
Server /
Resource Hash
9f44c4df2eebe9758122fa4cb137ca50e254b01962f699281dd2bf0a8db42f55

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 13:34:00 GMT
via
1.1 841dfa6074cf4b3b0718988f088a4ac2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD89-C1
age
18959
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://lenord-cotier.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1690
x-amz-cf-id
2JemnYTz2cMlqb3UKEf5TdkUxbf4hdFKB4gepMoSEcy63_DzTBHlyw==
prebid
prebid.media.net/rtb/
29 KB
12 KB
Fetch
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUSMB28G
Requested by
Host: rdc.m32.media
URL: https://rdc.m32.media/prebid/lenord-cotier.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
56d3f0e86c68a146ad343aa99c1af70b20eb45febdd01424f845ab85beaf6636

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Jun 2024 18:49:59 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://lenord-cotier.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
276
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 13 Jun 2024 18:49:59 GMT
c
prebid.a-mo.net/a/
8 KB
5 KB
Fetch
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: rdc.m32.media
URL: https://rdc.m32.media/prebid/lenord-cotier.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
cab5fa9ef62240ff049867673c9d4a12ee03527ff0318eb1745e40e3a23cbbcb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 13 Jun 2024 18:49:58 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://lenord-cotier.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
253
content-length
4159
bid
aax.amazon-adsystem.com/e/dtb/
224 B
562 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Flenord-cotier.com%2F&pid=rNkdjRJapYkud&cb=0&ws=1600x1200&v=24.610.1703&t=2000&slots=%5B%7B%22sd%22%3A%22ad-336546600844-0%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22editionsnordiques_nordcotier%2Fbillboard%2Faccueil%22%7D%2C%7B%22sd%22%3A%22ad-336546600844-1%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22editionsnordiques_nordcotier%2Fcatfish%2Faccueil%22%7D%2C%7B%22sd%22%3A%22ad-336546600844-2%22%2C%22s%22%3A%5B%22728x90%22%2C%22300x250%22%5D%2C%22sn%22%3A%22editionsnordiques_nordcotier%2F3formatsaccueilcontenu%2Fdefault%22%7D%2C%7B%22sd%22%3A%22ad-336546600844-3%22%2C%22s%22%3A%5B%22728x90%22%2C%22300x250%22%5D%2C%22sn%22%3A%22editionsnordiques_nordcotier%2F3formatsaccueilcontenu%2Fdefault%22%7D%2C%7B%22sd%22%3A%22ad-336546600844-4%22%2C%22s%22%3A%5B%22728x90%22%2C%22300x250%22%5D%2C%22sn%22%3A%22editionsnordiques_nordcotier%2Fbloc3formatshaut%2Faccueil%22%7D%2C%7B%22sd%22%3A%22ad-336546600844-5%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22editionsnordiques_nordcotier%2Fnouvellespopulaires%2Faccueil%22%7D%2C%7B%22sd%22%3A%22ad-336546600844-6%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22editionsnordiques_nordcotier%2Fadecouvrir%2Faccueil%22%7D%2C%7B%22sd%22%3A%22ad-336546600844-7%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22editionsnordiques_nordcotier%2Filot1%2Faccueil%22%7D%2C%7B%22sd%22%3A%22ad-336546600844-8%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22editionsnordiques_nordcotier%2Filot2%2Faccueil%22%7D%2C%7B%22sd%22%3A%22ad-336546600844-9%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22editionsnordiques_nordcotier%2Filot3%2Faccueil%22%7D%2C%7B%22sd%22%3A%22ad-336546600844-10%22%2C%22s%22%3A%5B%22728x90%22%2C%22300x250%22%5D%2C%22sn%22%3A%22editionsnordiques_nordcotier%2Fbloc3formatsbasdepage%2Faccueil%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22Win32%22%7D%2C%22browsers%22%3A%5B%7B%22brand%22%3A%22Google+Chrome%22%2C%22version%22%3A%5B%22126%22%5D%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%5B%228%22%5D%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%5B%22126%22%5D%7D%5D%7D%7D%7D&schain=1.0%2C1%21m32connect.com%2C1135%2C1%2C%2C%2C%21aps.amazon.com%2C5958391e-88ea-48ec-8c15-5013f0cdbc6d%2C1%2C%2C%2C&sm=18d88759-6bf4-46d6-b400-fda716c96273&pubid=5958391e-88ea-48ec-8c15-5013f0cdbc6d&gdprl=%7B%22status%22%3A%22no-cmp%22%2C%22cmpTimeout%22%3A500%7D&_c=1
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.113.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-113-135.iad61.r.cloudfront.net
Software
Server /
Resource Hash
4ad739e610ca5084342720e95cdf1ce819827f0ed3d8be5881823b8bdf9b2b9d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:49:58 GMT
via
1.1 3a60765023a93f6346539d2ca40f0b12.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD61-P2
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://lenord-cotier.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
224
x-amz-cf-id
H_PFPrwVHePQoIKXJUSyuU_Eja3AVqy5UKdbqofAQsLT4CWz-I7aTg==
21658289790
fundingchoicesmessages.google.com/i/
193 KB
65 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/21658289790?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::71 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5d86f98c50259b61d719c02e7f3444a831d3244c2091b1dd8eae60b3b4235cc3
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-3MG8KPQkNBJaXXVUSAwYsg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:50:00 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-3MG8KPQkNBJaXXVUSAwYsg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzj8tDikmJw1ZBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiJP-nWctAOL2zxdYpwLxkoiLrAcSL7IKcXPc-LdmM5vAjRfT6pQ0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDMwMDfUMzOMLDABskzR3"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/
54 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.78.189.198 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-78-189-198.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:50:00 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Thu, 13 Jun 2024 19:05:00 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/
39 KB
12 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-101.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff15ac47504bb557006756aaba7dc0eadcf935f9633390f379405085d9f85de8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 18:50:10 GMT
content-encoding
gzip
via
1.1 0cba74644cedf83bb6fb7dc90d8b0980.cloudfront.net (CloudFront)
last-modified
Wed, 14 Feb 2024 17:39:34 GMT
server
AmazonS3
x-amz-cf-pop
IAD12-P2
age
86391
etag
W/"0f107a0e7753aa69cd07ded21852408c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
ltKHujYfWEmfPAk1aGor01fJr8MO_xcjccexPyA16kUInSac1pJacA==
id5-api.js
cdn.id5-sync.com/api/1.0/
93 KB
28 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26e14e8f2ccd855240a903708f250499c1696fb13a5f76d9e7851af290922b4f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:50:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
SZVF50QKG6B250YY
age
12
x-amz-server-side-encryption
AES256
x-amz-id-2
AAeto3pU/F2MJqezuS5qaDEzQnlzTbe5BpMLT9N/xMAoT4EUh2GYxRQvLgtIX3bAdYR5XkBC8DSNQbhEDNu6sB1hzBb2RbCL143NUpxprFM=
last-modified
Thu, 13 Jun 2024 12:35:05 GMT
server
cloudflare
etag
W/"37efcc7cc1c5ef52a27433bfc0e65e5e"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
893443879be136c9-YYZ
expires
Thu, 13 Jun 2024 19:50:00 GMT
g_pbst
1x1.a-mo.net/hbx/
0
89 B
Image
General
Full URL
https://1x1.a-mo.net/hbx/g_pbst?A=amx&w=300&h=250&bid=2547fab23a1ad13&c1=banner&np=0.1332&aud=182e5c9bbaa04e&a=ad-336546600844-4&c2=hb_pb%3D0.20%26hb_adid%3D2547fab23a1ad13%26hb_bidder%3Damx%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250&cn3=648&ts=1718304599764&eid=27af2fa601f0b02
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.246.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-246-159.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:50:00 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
iu3
s.amazon-adsystem.com/ Frame 360E
0
0
Document
General
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe_n-adMediaV1_n-MediaNet_n-Beeswax_smrt_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_3lift_n-Outbrain
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://lenord-cotier.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
394
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 13 Jun 2024 18:49:59 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
YWRVZTC7CV7GAVJZ3PW2
map
bcp.crwdcntrl.net/6/
235 B
694 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.210.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-210-197.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
3c7be84afd8ce914365e3df1325af7fa0b4ad27db4258096fe753bf8708e8fda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 13 Jun 2024 18:50:00 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://lenord-cotier.com
cache-control
no-cache
x-server
10.40.61.117
access-control-allow-credentials
true
content-length
235
expires
0
AGSKWxWnudwV2SSOqIoJ7ZrT-vSUAaT4UDMb8pt_OlFF24yebbKixsR15c1wNN-lZKTdArr__EpTVurZCpBucM4-4bcwf1vTo6H0fz0JFr_UR9T0-NB4t56gdBncy3g8vIxA1WuT6aN1bw==
fundingchoicesmessages.google.com/f/
324 KB
54 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWnudwV2SSOqIoJ7ZrT-vSUAaT4UDMb8pt_OlFF24yebbKixsR15c1wNN-lZKTdArr__EpTVurZCpBucM4-4bcwf1vTo6H0fz0JFr_UR9T0-NB4t56gdBncy3g8vIxA1WuT6aN1bw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE4MzA0NjAwLDQ3MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9sZW5vcmQtY290aWVyLmNvbS8iLG51bGwsW1s4LCJrYnZLZUljcUx5VSJdLFs5LCJlbi1VUyJdLFsxOSwiMSJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.kbvKeIcqLyU.es5.O/am=AAM/d=1/rs=AJlcJMwkruSg97USt0TlcVJGQMU-p5Nu1A/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::71 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
567b3fe76c2d60b4e7bcf948915be944133cf761c890952e0f6ed577800d8a70
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-cE7RTGDYnka1QACRzYMJeg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:50:00 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-cE7RTGDYnka1QACRzYMJeg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj8tDikmLw0pBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiJP-nWctAOL2zxdYpwLxkoiLrAcSL7IK8XDc-LdmM5tAw7NDa5iUNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAzMDA31DMzjCwwAlM80fw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/
109 KB
6 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.kbvKeIcqLyU.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxIgNoct2Kckrrn_aOXBHAw357U9g/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0c::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
70cd563322458bcd8eb0c45ffe72323df7c74b281cdbd01cc8b15de133b576a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 13 Jun 2024 18:50:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 13 Jun 2024 18:50:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 13 Jun 2024 18:50:00 GMT
LpN0ZmvYjJNlYTJOACUiMeBTEHLsRoGZ58mEEQFy8Zw13roQfxa4nRKlTp0nJ6biTtGyz7j4xWzidKeKvZB_U_W2qoQ1IP_J4epuafeFNH_cNk5OG00=h60
lh3.googleusercontent.com/
6 KB
6 KB
Image
General
Full URL
https://lh3.googleusercontent.com/LpN0ZmvYjJNlYTJOACUiMeBTEHLsRoGZ58mEEQFy8Zw13roQfxa4nRKlTp0nJ6biTtGyz7j4xWzidKeKvZB_U_W2qoQ1IP_J4epuafeFNH_cNk5OG00=h60
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
3933548a3b3aefc328966d35e1d98c08b37ad1941472eafad027fd9188029258
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:50:01 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6204
x-xss-protection
0
expires
Fri, 14 Jun 2024 18:50:01 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Origin
https://lenord-cotier.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 09:07:34 GMT
x-content-type-options
nosniff
age
553346
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Jun 2025 09:07:34 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/
125 KB
126 KB
Font
General
Full URL
https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Origin
https://lenord-cotier.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 05:05:53 GMT
x-content-type-options
nosniff
age
567847
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Mon, 08 Apr 2024 19:04:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Jun 2025 05:05:53 GMT
AGSKWxVoACr14pDpGbCoxEyFfkvjVKjEIDFA0JZGxIjTJxOG9_exh2PaS2AeGXd4HpPapEivBCHcWmA9ZZmOuoS7CKS8K3X_9X16sQiTXMOPAcVIhWkD-sI_X7BVdDwfiQc3-M9ySlCJTg==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVoACr14pDpGbCoxEyFfkvjVKjEIDFA0JZGxIjTJxOG9_exh2PaS2AeGXd4HpPapEivBCHcWmA9ZZmOuoS7CKS8K3X_9X16sQiTXMOPAcVIhWkD-sI_X7BVdDwfiQc3-M9ySlCJTg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.kbvKeIcqLyU.es5.O/am=AAM/d=1/rs=AJlcJMwkruSg97USt0TlcVJGQMU-p5Nu1A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0f::71 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-rJ2HNPYpEM0kTxL4Ljj6Ig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 13 Jun 2024 18:50:01 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-rJ2HNPYpEM0kTxL4Ljj6Ig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII0pBicEqfwRoCxEsiLrIeSbzIKsTDcfPfms1sAjMON85jVHJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmBmaGhnoG5vEFBgA0nyZ6"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://lenord-cotier.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVoACr14pDpGbCoxEyFfkvjVKjEIDFA0JZGxIjTJxOG9_exh2PaS2AeGXd4HpPapEivBCHcWmA9ZZmOuoS7CKS8K3X_9X16sQiTXMOPAcVIhWkD-sI_X7BVdDwfiQc3-M9ySlCJTg==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVoACr14pDpGbCoxEyFfkvjVKjEIDFA0JZGxIjTJxOG9_exh2PaS2AeGXd4HpPapEivBCHcWmA9ZZmOuoS7CKS8K3X_9X16sQiTXMOPAcVIhWkD-sI_X7BVdDwfiQc3-M9ySlCJTg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.kbvKeIcqLyU.es5.O/am=AAM/d=1/rs=AJlcJMwkruSg97USt0TlcVJGQMU-p5Nu1A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0f::71 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8Pme2Bp7PQ4jp3hGoJA18g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 13 Jun 2024 18:50:01 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8Pme2Bp7PQ4jp3hGoJA18g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw1JBicEqfwRoCxEsiLrIeSbzIKsTDcfPfms1sAie-T5nHqOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDMwMDfUMzOMLDABTeibo"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://lenord-cotier.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
bounce
id5-sync.com/
29 B
455 B
Fetch
General
Full URL
https://id5-sync.com/bounce
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:50:02 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://lenord-cotier.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/
33 B
277 B
Fetch
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
88e4cc119811b33cf66716bffd2f2c2c398e257014bdd2a7edba7cf1e0c04920
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://lenord-cotier.com
date
Thu, 13 Jun 2024 18:50:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
v3
id5-sync.com/gm/
648 B
1 KB
XHR
General
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
9451ceb6ff5c2274985b0d01d3b094b05816a8bbf10f8cc8db373bc1d9fdfb35
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 13 Jun 2024 18:50:02 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://lenord-cotier.com
content-type
application/json
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://id5-sync.com/i/853/8.gif?o=api&id5id=ID5*-eC1weiit0ElSTbOuELFXgfTu4pWwCzUpwdG5Dnh1oanSyuIUxe1PUCg-UYkIoRP&gdpr_consent=undefined&gdpr=false
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F853%2F441%2F7%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/853/441/7/2.gif?puid=u_92140885-5782-4a2c-9be8-59e1168388ea&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F853%2F108%2F6%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/853/108/6/3.gif?puid=5c3fe212-d7d4-4221-905a-6a63a6ed991c&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F853%2F112%2F5%2F4.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F853%2F112%2F5%2F4.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/853/112/5/4.gif?puid=C70F2A38818B0D3B&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=1f8b4c71-962e-4fb6-a4be-45a8fcddd9ef&ttl=%%TTL%%
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F853%2F434%2F3%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/853/434/3/6.gif?puid=d02b392a-564a-405c-bd46-5029683c14e1&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F853%2F429%2F2%2F7.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/853/429/2/7.gif?puid=1A4FAD44-CD12-4BA8-9EFB-108C2E299192&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/853/2/1/8.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/853/2/1/8.gif?puid=2544973523831875102&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=QzcwRjJBMzg4MThCMEQzQg%3D%3D&gdpr=0&gdpr_consent=&id5=ID5-8c7dKSE15OTKtGt5wUf7xlA5L5dDrnFmhMRB-GJUIw
  • https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEKavGaV3rvH4mNctOTnjT1Y&sInitiator=internal&google_cver=1&gdpr=0&gdpr_consent=&id5=ID5-8c7dKSE15OTKtGt5wUf7xlA5L5dDrnFmhMRB-GJUIw&...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=x2e7tq8
70 B
456 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=x2e7tq8
Requested by
Host: lenord-cotier.com
URL: https://lenord-cotier.com/
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://lenord-cotier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 13 Jun 2024 18:50:07 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 13 Jun 2024 18:50:07 GMT
Frontend-ID
12
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=x2e7tq8
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
prebid
id5-sync.com/api/config/
167 B
450 B
Fetch
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: rdc.m32.media
URL: https://rdc.m32.media/prebid/lenord-cotier.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
3811558e28e05d13ff76b22436d51c4fa6706d8945a6f2d2926b72dfa34b059a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://lenord-cotier.com
date
Thu, 13 Jun 2024 18:50:02 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
isyn
sync.a-mo.net/ Frame B6CA
0
0
Document
General
Full URL
https://sync.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---&_e=CuUBShFsZW5vcmQtY290aWVyLmNvbVILYWFzLWE1MTE3MGZaCHBiYTEuMy40ahFsZW5vcmQtY290aWVyLmNvbfoBBjguMzguMOgCAYgD1_6sswaoAwPqAyQzM2FkMjJiNi01N2VmLTQ1MWEtYjY1Ni04MzQ1YWMxMjQ3Y2aiBBpodHRwczovL2xlbm9yZC1jb3RpZXIuY29tL6oEA0RDSLIFA1VTROoFB2Rlc2t0b3D6BQRkYzEzqgcDd2ViygcRbGVub3JkLWNvdGllci5jb23gBwGCCBFsZW5vcmQtY290aWVyLmNvbQ
Requested by
Host: rdc.m32.media
URL: https://rdc.m32.media/prebid/lenord-cotier.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.198.144 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://lenord-cotier.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
653
content-type
text/html; charset=utf-8
date
Thu, 13 Jun 2024 18:50:02 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
1
checksync.php
contextual.media.net/ Frame 7BE2
0
0
Document
General
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUSMB28G&prvid=2034%2C2033%2C2031%2C2030%2C590%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2012%2C2055%2C172%2C3020%2C251%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: rdc.m32.media
URL: https://rdc.m32.media/prebid/lenord-cotier.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.8.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-8-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://lenord-cotier.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=172800
content-encoding
gzip
content-length
11853
content-type
text/html; charset=UTF-8
date
Thu, 13 Jun 2024 18:50:03 GMT
expires
Sat, 15 Jun 2024 18:50:03 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
v1
lb.eu-1-id5-sync.com/lb/
33 B
276 B
Fetch
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: rdc.m32.media
URL: https://rdc.m32.media/prebid/lenord-cotier.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
6d82dcfc3c94a02be2a4e834f093d64431c2fa4b9cd62d498de0b5dd0e8d974f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://lenord-cotier.com
date
Thu, 13 Jun 2024 18:50:02 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
853.json
id5-sync.com/g/v2/
580 B
997 B
Fetch
General
Full URL
https://id5-sync.com/g/v2/853.json
Requested by
Host: rdc.m32.media
URL: https://rdc.m32.media/prebid/lenord-cotier.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
3c7dcaf91cdbf840f68d8afbf5f421bb2324d29820855f538495f20f1b50d068
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://lenord-cotier.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 13 Jun 2024 18:50:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://lenord-cotier.com
content-type
application/json
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.richaudience.com
URL
https://sync.richaudience.com/74889303289e27f327ad0c6de7be7264/?consentString=-1&r=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000027%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3D%5BPDID%5D&rd=1

Verdicts & Comments Add Verdict or Comment

248 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 undefined| event object| fence object| sharedStorage boolean| canRunAds object| _wpemojiSettings undefined| $ function| jQuery object| ajax function| Waypoint function| setPostView object| sibErrMsg object| ajax_sib_front_object string| captchaRes undefined| gCaptchaSibWidget function| sibVerifyCallback function| errorCallbackForTurnstileErrors object| googletag object| _m32_pbjs object| owpbjs object| pbjs object| madops object| m32shr boolean| M32DEBUG object| _PREFIX_MAP function| miaLib object| _MiaAds function| initMIA object| dataLayer object| m32pixel string| M32VERSION boolean| __m32segmentsFetched number| __m32_seg_counter object| __m32consent function| onloadSibCallbackInvisible number| w3tc_lazyload object| lazyLoadOptions function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _extends function| _typeof function| LazyLoad object| DOMAIN_REGEX function| domainWithoutSubdomain object| apstag object| miaConfig number| __m32geoStatus object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| __m32geo string| p object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| twemoji object| wp string| springserveUserId object| google_tag_manager string| GoogleAnalyticsObject function| ga object| _m32_pbjsChunk object| _pbjsGlobals object| mnet function| onYouTubeIframeAPIReady object| gaGlobal object| _aps boolean| apstagLOADED string| waypointContextKey number| x object| recaptcha object| closure_lm_819041 object| gaplugins object| gaData function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| ID5EspConfig object| apscustom object| lotame_sync_16576 number| k number| kx number| m number| mx number| j object| PublisherCommonId function| lotameIsCompatible function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_e function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_t object| sync16576_ga object| sync16576_u object| sync16576_pa function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_s function| sync16576_v function| sync16576_x function| sync16576_y function| sync16576_z function| sync16576_ha function| sync16576_ia function| sync16576_A function| sync16576_ja function| sync16576_B function| sync16576_C function| sync16576_w function| sync16576_D function| sync16576_ka function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_la function| sync16576_H function| sync16576_I function| sync16576_J function| sync16576_K function| sync16576_L function| sync16576_M function| sync16576_ma function| sync16576_na function| sync16576_oa function| sync16576_N function| sync16576_O function| sync16576_qa function| sync16576_P function| sync16576_ra function| sync16576_sa function| sync16576_ta function| sync16576_Q function| sync16576_ua function| sync16576_va function| sync16576_wa function| sync16576_xa function| sync16576_R function| sync16576_ya function| sync16576_S function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_za function| sync16576_W function| sync16576_X function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_Da function| sync16576_Aa function| sync16576_1 function| sync16576_Ca function| sync16576_Ba function| sync16576_2 function| sync16576_3 function| sync16576_4 function| sync16576_5 function| sync16576_Fa function| sync16576_Ga function| sync16576_Ia function| sync16576_Ea function| sync16576_7 function| sync16576_Ha function| sync16576_Ka function| sync16576_Ja function| sync16576_8 function| sync16576_6 function| sync16576_9 function| sync16576_La function| sync16576_Ma function| sync16576_Na function| sync16576_Oa function| sync16576_$ function| sync16576_Pa function| sync16576_Qa function| sync16576_Ra function| sync16576_Sa object| __id5_finalization_registry object| ID5 object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ZDgwNDU2OGNkNmJiODk0Y2xvYWRlcl9qcw== string| ZDgwNDU2OGNkNmJiODk0Y2NhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| a0_0x444b function| a0_0x37ab boolean| adViewEnabled

254 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AMFr3ioQxIgBGx09vgxoKS4E_Gp_f4xO8XTirf8o7KpIJCqq3nPSBVDbNzRzpwBfTa7E4mYaE7RoLo8UuSQS4RU
ad-cdn.technoratimedia.com/html Name: tads_tbla_bidi
Value: 1718304602554
.3lift.com/sync Name: sync
Value: CgoIoQEQ_fO9l4EyCgoI5gEQ_fO9l4EyCgoIhwIQ_fO9l4EyCgoItwIQ_fO9l4EyCgkIOhD9872XgTIKCQgbEP3zvZeBMgoKCIwCEP3zvZeBMgoKCKwCEP3zvZeBMgoKCK0CEP3zvZeBMgoJCF8Q_fO9l4Ey
lenord-cotier.com/ Name: m32_pubgeo
Value: JTdCJTIyaXAlMjIlM0ElMjIxOTkuNDguMjQzLjEzJTIyJTJDJTIyY291bnRyeV9jb2RlJTIyJTNBJTIyQ0ElMjIlMkMlMjJjb3VudHJ5X25hbWUlMjIlM0ElMjJjYW5hZGElMjIlMkMlMjJyZWdpb25fY29kZSUyMiUzQSUyMk9OJTIyJTJDJTIyY2l0eSUyMiUzQSUyMnRvcm9udG8lMjIlMkMlMjJsYXRpdHVkZSUyMiUzQTQzLjY2JTJDJTIybG9uZ2l0dWRlJTIyJTNBLTc5LjM2JTJDJTIybWV0cm8lMjIlM0ExMjQ1MzUlMkMlMjJwb3N0YWxfY29kZSUyMiUzQSUyMm01YSUyMDBhMSUyMiU3RA==
lenord-cotier.com/ Name: m32_sStorage
Value: 26e3f803-27a1-ecd9-3293-b21ca3c5a97b
.springserve.com/ Name: ssid
Value: 1854d2bd-a638-4be1-acef-a7e1a857a3c4
.springserve.com/ Name: sst
Value: 1718304594165
.lenord-cotier.com/ Name: _ga_22CZVH91JE
Value: GS1.1.1718304594.1.0.1718304594.60.0.0
.lenord-cotier.com/ Name: _ga
Value: GA1.2.994324702.1718304595
.lenord-cotier.com/ Name: _gid
Value: GA1.2.1502021117.1718304595
.lenord-cotier.com/ Name: _gat_UA-93300103-1
Value: 1
.casalemedia.com/ Name: CMID
Value: Zms-U0t3uVIAAGOuAGeebAAA
.casalemedia.com/ Name: CMPS
Value: 101
.casalemedia.com/ Name: CMPRO
Value: 101
.adnxs.com/ Name: XANDR_PANID
Value: jHVSzvJsEtUiLbo3WsQSTvsAHqLnW4JaqL9MS4x6K2lcKzZVL0aibtyjKAQvfJt-JfrcZIGoc8PjOSE40EHN_cM3DShWl_SrBEVnTS3JS8s.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 2544973523831875102
.advertising.com/ Name: A3
Value: d=AQABBFM_a2YCEI3O40_f51kmk_9a_cKGCBAFEgEBAQGQbGZ1ZiXaxyMA_eMAAA&S=AQAAAiGTO-tgaQRy5YxjuyLdSKA
.emxdgt.com/ Name: uid
Value: 51141718304595895482a2
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 1A4FAD44-CD12-4BA8-9EFB-108C2E299192
.yahoo.com/ Name: A3
Value: d=AQABBFM_a2YCEIWXzvVYns_136vTtX8LMzEFEgEBAQGQbGZ1ZiXaxyMA_eMAAA&S=AQAAArywx49doEH4bnaQu_uKeDw
.w55c.net/ Name: wfivefivec
Value: vWAhcvrj1ShPwg5
beacon.lynx.cognitivlabs.com/ Name: UID
Value: bd67afd5-4b43-4aba-b5a5-0ea9aac28a24
.doubleclick.net/ Name: IDE
Value: AHWqTUlu4DCs54a4KpG_IB0HwiLHa6HW80ibpY51ZzcmN4Bd7CtHBXWBjBVdAow8Jsw
.emxdgt.com/ Name: apn_id
Value: 2544973523831875102
.w55c.net/ Name: matchcasale
Value: 5
.amazon-adsystem.com/ Name: ad-id
Value: A5utCw0lQ0oKoIObUKUhLA4
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adsrvr.org/ Name: TDID
Value: 1f8b4c71-962e-4fb6-a4be-45a8fcddd9ef
.quantserve.com/ Name: mc
Value: 666b3f54-402eb-bd306-98462
.openx.net/ Name: i
Value: d37603db-3fdb-4c6d-9e49-24a65db413c8|1718304596
.contextweb.com/ Name: V
Value: 2WEvjOxplkAi
.contextweb.com/ Name: VP
Value: part_2WEvjOxplkAi
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: c5aaf4407e6f7f71
.3lift.com/ Name: tluidp
Value: 336585592539779462751
.3lift.com/ Name: tluid
Value: 336585592539779462751
.simpli.fi/ Name: suid
Value: 31EDC9F36AF645638205171EF4615861
.bfmio.com/ Name: __106_cid
Value: 1f8b4c71-962e-4fb6-a4be-45a8fcddd9ef
.bfmio.com/ Name: __io_cid
Value: 1f8b4c71-962e-4fb6-a4be-45a8fcddd9ef
.deepintent.com/ Name: CDIUSER
Value: di_90cc7b84275043fa8e16a
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%221%22%3A%2220240613%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:31EDC9F36AF645638205171EF4615861&KRTB&23486-uid:31EDC9F36AF645638205171EF4615861&KRTB&23489-uid:31EDC9F36AF645638205171EF4615861&KRTB&23539-uid:31EDC9F36AF645638205171EF4615861
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEHjCSK640ddmy5IGDvmH5Xs&KRTB&23025-CAESEHjCSK640ddmy5IGDvmH5Xs&KRTB&23386-CAESEHjCSK640ddmy5IGDvmH5Xs
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-a1441c6d-c123-4861-b5a8-0f29171b054a&KRTB&22918-a1441c6d-c123-4861-b5a8-0f29171b054a&KRTB&22926-a1441c6d-c123-4861-b5a8-0f29171b054a&KRTB&23031-a1441c6d-c123-4861-b5a8-0f29171b054a
.ipredictive.com/ Name: cu
Value: fe839aca-084e-459f-ab6b-600c1a84f5d8|1718304596957
.go.sonobi.com/ Name: __uis
Value: d02b392a-564a-405c-bd46-5029683c14e1
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-fe839aca-084e-459f-ab6b-600c1a84f5d8&KRTB&23011-fe839aca-084e-459f-ab6b-600c1a84f5d8&KRTB&23355-fe839aca-084e-459f-ab6b-600c1a84f5d8
.tremorhub.com/ Name: tvid
Value: 7c3b00deb8364bc387d4ca3e83df5333
.smartadserver.com/ Name: pid
Value: 1342926387320261047
.tremorhub.com/ Name: tvssa
Value: 1718304597410
.turn.com/ Name: uid
Value: 3497762494991108172
.sxp.smartclip.net/ Name: uuid
Value: 07416d5c-553f-6b66-3968-f508c7d7aa60
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-759e35cd-ee03-4e95-915a-f373cd035f64-005%22%7D
.bidswitch.net/ Name: tuuid
Value: d182348a-3cd5-4794-9031-91df88493f67
.bidswitch.net/ Name: c
Value: 1718304597
.bidswitch.net/ Name: tuuid_lu
Value: 1718304597
.sitescout.com/ Name: ssi
Value: 2188a8b6-5b50-4589-a9d8-f5743fccae11#1718304597949
.teads.tv/ Name: tt_viewer
Value: 887f2fd6-f07f-474a-bd74-6445e2efaf41
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTcxODMwNDU5ODA5OH0
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-759e35cd-ee03-4e95-915a-f373cd035f64-005%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AQAGIGhMkHviCwJkgXisAQEBAQEBAQCRE-5nAwEBAJET7mcD&KRTB&22715-AQAGIGhMkHviCwJkgXisAQEBAQEBAQCRE-5nAwEBAJET7mcD&KRTB&23519-AQAGIGhMkHviCwJkgXisAQEBAQEBAQCRE-5nAwEBAJET7mcD
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-2188a8b6-5b50-4589-a9d8-f5743fccae11-666b3f55-5553&KRTB&23418-2188a8b6-5b50-4589-a9d8-f5743fccae11-666b3f55-5553
.adscale.de/ Name: uu
Value: 7fa42041dd2d4777a5ba48bc277a10a7
.rubiconproject.com/ Name: khaos
Value: LXDM6XI5-16-7S4C
.media.net/ Name: visitor-id
Value: 3613061987393315000V10
.adscale.de/ Name: cct
Value: 1718304598509
.mxptint.net/ Name: mxpim
Value: R35CAB_11710BEBC_423CCACE.1.0000000000000000666B3F56
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R35CAB_11710BEBC_423CCACE&KRTB&23092-R35CAB_11710BEBC_423CCACE
.w55c.net/ Name: matchpubmatic
Value: 5
.lenord-cotier.com/ Name: _sharedID
Value: 5f6db392-31a5-472a-a5f1-40cccd11894d
.lenord-cotier.com/ Name: _sharedID_cst
Value: zix7LPQsHA%3D%3D
.quantserve.com/ Name: d
Value: ENQBEgGKLPijC_vLEA
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:vWAhcvrj1ShPwg5&KRTB&23421-uid:vWAhcvrj1ShPwg5
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 19420-uhfbEL9H2EahFd1A6UPAEOgS3UShGNVGuhN9Ne4B&KRTB&22979-uhfbEL9H2EahFd1A6UPAEOgS3UShGNVGuhN9Ne4B&KRTB&23462-uhfbEL9H2EahFd1A6UPAEOgS3UShGNVGuhN9Ne4B
.ads.stickyadstv.com/ Name: UID
Value: eeb985ffa07b60c4e7abdf24ff64da7
.ads.stickyadstv.com/ Name: uid-bp-41478
Value: 1
.kargo.com/ Name: ktcid
Value: 8f1e4c1c-854e-0ac3-569e-54a2ffa9a99d
.adgrx.com/ Name: ADGRX_UID
Value: bc122a96-29b5-11ef-9b11-6b748123b1c4
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-ea50fc8f-a4bd-5d44-4349-0ca17e5c7d12.ZI9yz97lz3drC%2FTfQnbGVCClSEMC%2FT2Lit8Q2SzCfuA
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-ea50fc8f-a4bd-5d44-4349-0ca17e5c7d12.ZI9yz97lz3drC%2FTfQnbGVCClSEMC%2FT2Lit8Q2SzCfuA
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A6lD8j6S9XURDSQyhflx9Escw8w0.maPDmgaa62EKfFzh%2FRwlsh9XUkpoyGjYMAzbH4ee314
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A6lD8j6S9XURDSQyhflx9Escw8w0.maPDmgaa62EKfFzh%2FRwlsh9XUkpoyGjYMAzbH4ee314
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKILfQv8ZqZoEB0zqAhzBTflCnSoWoxiqkyb7Oy2gBguqYEAMYAyDX_qyzBjABOgTwTC9rQgR4IOGp.XJbvzW4iuv63zEzvX0KbZs0tcNV4hx1i76Gvls3mtzI
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKILfQv8ZqZoEB0zqAhzBTflCnSoWoxiqkyb7Oy2gBguqYEAMYAyDX_qyzBjABOgTwTC9rQgR4IOGp.XJbvzW4iuv63zEzvX0KbZs0tcNV4hx1i76Gvls3mtzI
.thrtle.com/ Name: mc
Value: eyJpZCI6ImQ5NmFmZWFjLTRmMjgtNGZhYi1hNzA5LTM5OTgxODhmYjVlMyIsImwiOjE3MTgzMDQ1OTkzODUsInQiOjF9
.bidr.io/ Name: bito
Value: AAC6Rk7M1n8AABS_PQftrg
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3497762494991108172&KRTB&23150-3497762494991108172&KRTB&23527-3497762494991108172
.impact-ad.jp/ Name: tuuid
Value: a23e6cc6-b1a8-4146-ba89-099f7e4a45bc
.impact-ad.jp/ Name: c
Value: 1718304599
.impact-ad.jp/ Name: tuuid_lu
Value: 1718304599
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-6lD8j6S9XURDSQyhflx9Escw8w0&KRTB&23334-6lD8j6S9XURDSQyhflx9Escw8w0&KRTB&23417-6lD8j6S9XURDSQyhflx9Escw8w0&KRTB&23426-6lD8j6S9XURDSQyhflx9Escw8w0
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrQ0NzEwNTExMDCxtDA1szQwMxXiM9T1cgopCrAsMswqMKoCACoFYaolAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrQ0NzEwNTExMDCxtDA1szQwMxXiM9T1cgopCrAsMswqMKoCACoFYaolAAAA
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-bc122a96-29b5-11ef-9b11-6b748123b1c4&KRTB&23275-bc122a96-29b5-11ef-9b11-6b748123b1c4
.prebid.a-mo.net/ Name: __amc
Value: 1_1718304599_1718304599
.a-mo.net/ Name: amuid2
Value: a0b4abe7-7b85-4e94-8af3-a0da6d92f8c9
.prebid.a-mo.net/ Name: sd_amuid2
Value: a0b4abe7-7b85-4e94-8af3-a0da6d92f8c9
prebid.media.net/ Name: receive-cookie-deprecation
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-1974054400498569065
.sportradarserving.com/ Name: zuuid
Value: 2e569578-be40-4d6a-8f40-e86c6f0310e8
.sportradarserving.com/ Name: c
Value: 1718304599
.sportradarserving.com/ Name: zuuid_lu
Value: 1718304599
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1718304599
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-d182348a-3cd5-4794-9031-91df88493f67
.adform.net/ Name: C
Value: 1
.creativecdn.com/ Name: g
Value: kGqL91C49Kw4lvx04KB8_1718304600277
.creativecdn.com/ Name: ts
Value: 1718304600
.adform.net/ Name: uid
Value: 8759756741206553225
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-8759756741206553225&KRTB&23263-8759756741206553225&KRTB&23481-8759756741206553225
.mediago.io/ Name: __mguid_
Value: d091f83276f035e52ymwzi00lxdm6z6f
.sharethrough.com/ Name: stx_user_id
Value: 05b9ec01-3248-4155-8fa7-62279bc2bbcd
.zemanta.com/ Name: zuid
Value: LTLeSS50MPIW4CAgjsBq
.s3xified.com/ Name: admRtbUidCkey34334Ssp245
Value: b361a9f23885f6a8952a60719830999f
.smaato.net/ Name: SCM
Value: c0bea633c3
.smaato.net/ Name: SCMaps
Value: c0bea633c3
.pubmatic.com/ Name: KRTBCOOKIE_632
Value: 23041-UTWvsz0E64DiIZ6SYbHuW0CGDPB2vgnJAp4-552rQgY&KRTB&23047-UTWvsz0E64DiIZ6SYbHuW0CGDPB2vgnJAp4-552rQgY&KRTB&23234-UTWvsz0E64DiIZ6SYbHuW0CGDPB2vgnJAp4-552rQgY&KRTB&23361-UTWvsz0E64DiIZ6SYbHuW0CGDPB2vgnJAp4-552rQgY
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: a5d54fad620698c917aa80d40f38235c
.lenord-cotier.com/ Name: _cc_id
Value: a5d54fad620698c917aa80d40f38235c
.lenord-cotier.com/ Name: panoramaId_expiry
Value: 1718909400732
.lenord-cotier.com/ Name: panoramaId
Value: 470ed5a7b37d37719714451553cb185ca02c23fdf65504d09b52d8b0ef5ef893
.lenord-cotier.com/ Name: panoramaIdType
Value: panoDevice
.csync.loopme.me/ Name: viewer_token
Value: 27b773cc-d473-429d-a1cc-3b7f4eeeee00
.adsby.bidtheatre.com/ Name: __kuid
Value: 0f5b3246-7eb0-4b33-bdb9-a21f44cfa26f.487518601
.technoratimedia.com/ Name: tads_ipv6
Value: 2001:4958:1420:152::13
.technoratimedia.com/ Name: tads_uidp_37
Value: 063b45d7-bb75-382f-9ee7-cb8a4e442690
.technoratimedia.com/ Name: tads_uidp_64
Value: t4g8RYTNzDmXCRh8YYb9OWB8KbKyhQVB
.technoratimedia.com/ Name: tads_uid
Value: 7FDB51ED28B24E5EA1F11837558EBD9D
.technoratimedia.com/ Name: tads_uid_cd
Value: 20240613104126+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.s3xified.com/ Name: rtbDspUserSyncIDs231123sd3r32
Value: {"1642":"7FDB51ED28B24E5EA1F11837558EBD9D"}
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.technoratimedia.com/ Name: tads_uidp_80
Value: y-nAtdjsFE2uH1fHefR3ndb2FMcuVXBWNx~A
.technoratimedia.com/ Name: tads_uidp_82
Value: Zms-U0t3uVIAAGOuAGeebAAA&101
.linkedin.com/ Name: lidc
Value: "b=TGST01:s=T:r=T:a=T:p=T:g=3361:u=1:x=1:i=1718304602:t=1718391002:v=2:sig=AQH7AP3d-gC4fmgZV0ZL8dJC1_qtJTP7"
.linkedin.com/ Name: li_sugr
Value: b46c1762-fec8-4289-a3e3-9c0a90f97abf
.linkedin.com/ Name: bcookie
Value: "v=2&8c850cac-06f9-48fd-8389-e6e1a8ffd8d5"
.technoratimedia.com/ Name: tads_uidp_50
Value: 3db6733c-f10b-4ba9-ae5f-f22e0d731ed3
.onetag-sys.com/ Name: OTP
Value: qZYHoYanKhpW0w64n8AxKFjxP3MAFUwScQ4zIMc9kXI
.technoratimedia.com/ Name: tads_uidp_7
Value: 7b48d1e1-2fc5-4b74-9d56-fe2ecdd3689b
.33across.com/ Name: 33x_ps
Value: u%3D212648951907094%3As1%3D1718304602929%3Ats%3D1718304602929
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAC6Rk7M1n8AABS_PQftrg
.360yield.com/ Name: tuuid
Value: d83c017b-305b-4984-89b7-665c9bdc1f65
.360yield.com/ Name: tuuid_lu
Value: 1718304602
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-bd67afd5-4b43-4aba-b5a5-0ea9aac28a24&KRTB&23340-bd67afd5-4b43-4aba-b5a5-0ea9aac28a24&KRTB&23498-bd67afd5-4b43-4aba-b5a5-0ea9aac28a24
.technoratimedia.com/ Name: tads_uidp_88
Value: 336585592539779462751
beacon.lynx.cognitivlabs.com/ Name: ss
Value: nzeYUE7R2RWWnPhn0Qemn88iY8A6CFjdjPiaGyZQpCeO28FlV%2FsIk2tRKJot21PuQoc6HUFMD3n7T005j7sj%2FA%3D%3D
.aralego.com/ Name: sspid
Value: 063b45d7-bb75-382f-9ee7-cb8a4e442690
.lijit.com/ Name: ljt_reader
Value: I0iKAQZH5KjNhtyxSeWYz39M
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtobmhhbGBiamlpamG8igXGNzMwNjQyBwCwuHkgIAAAAA
.tapad.com/ Name: TapAd_TS
Value: 1718304603129
.tapad.com/ Name: TapAd_DID
Value: 5c3fe212-d7d4-4221-905a-6a63a6ed991c
.resetdigital.co/ Name: ckbk
Value: 000001470F30F18A
.creative-serving.com/ Name: tuuid
Value: 850dfddf-8444-46f5-9a78-8b492830fcc8
.creative-serving.com/ Name: c
Value: 1718304603
.creative-serving.com/ Name: tuuid_lu
Value: 1718304603
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-OPTOUT&KRTB&17107-OPTOUT
.gumgum.com/ Name: vst
Value: u_92140885-5782-4a2c-9be8-59e1168388ea
.lijit.com/ Name: _ljtrtb_80
Value: LXDM6XI5-16-7S4C
.rlcdn.com/ Name: pxrc
Value: CNv+rLMGEgUI6AcQABIFCOhHEAA=
.rlcdn.com/ Name: rlas3
Value: 6U2Zf/x6ZnrRocOOsIDuSFCDjGtwqLHm32l8GI0xbho=
.primis.tech/ Name: csuuid
Value: 666b3f5b3d665
.mathtag.com/ Name: uuid
Value: 68a0666b-3f5b-4000-a47d-61430d570c7a
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:6500666b-3f5b-4200-8820-e081d7218260
.w55c.net/ Name: matchmedianet
Value: 5
.pubmatic.com/ Name: SyncRTB3
Value: 1718668800%3A216%7C1719532800%3A268_35%7C1723420800%3A69%7C1720828800%3A224%7C1718841600%3A38_223_15_2%7C1719100800%3A63%7C1719446400%3A233_71_214_234_267_56_243_54_22_8_220_238_3_55_176_99_96_264_81_249_240_178_21_5_231_166_104_266_48_46_250_13_7_165
.tynt.com/ Name: uid
Value: uNE6HWZrP1vfxCwlaN+sCg==
.technoratimedia.com/ Name: tads_uidp_79
Value: d7388287-bb3f-4bf8-a7ae-c69fb8ea6657
.tribalfusion.com/ Name: ANON_ID
Value: aXntuJOZb3VgUEjUAujyptfIJa9NBbIT326XJMtXCjqSDniZaZbr8Zbb1K4cAZdwZbZc3D6j5tIJDexUZaXDopW9CT5qTXgg
.pubmatic.com/ Name: KRTBCOOKIE_1199
Value: 23168-000001470F30F18A&KRTB&23175-000001470F30F18A
.mfadsrvr.com/ Name: c
Value: 1718304603
.mfadsrvr.com/ Name: tuuid_lu
Value: 1718304603
.admanmedia.com/ Name: admtr
Value: 58ad00a1-0b04-4c47-8653-d25a2192757c
.admanmedia.com/ Name: ac_r
Value: CS253
.technoratimedia.com/ Name: tads_uidp_48
Value: d182348a-3cd5-4794-9031-91df88493f67
.media.net/ Name: data-xu
Value: vWAhcvrj1ShPwg5~~8
.media.net/ Name: data-sy
Value: 7FDB51ED28B24E5EA1F11837558EBD9D~~3
.media.net/ Name: data-o
Value: c8f6551d-3d5c-497a-a7d0-92208b7cb2e9~~8
.media.net/ Name: data-c
Value: f43762ae-0de0-44f9-9fdc-21f68cfc3e70~~1
.media.net/ Name: data-c-ts
Value: 1718304603
.media.net/ Name: data-r1
Value: OPTOUT~~8
.media.net/ Name: data-ze
Value: LTLeSS50MPIW4CAgjsBq~~1
.mfadsrvr.com/ Name: tuuid
Value: 20cb2568-bb81-4f63-bc94-5e86a8012ee9
.mfadsrvr.com/ Name: ssh
Value: !medianet=1718304603
.technoratimedia.com/ Name: tads_uidp_49
Value: AQAGIGhMkHvi1wJkkPLQAQEBAQEBAQCRE-58fQEBAJET7nx9
.dotomi.com/ Name: DotomiTest
Value: 77e80371aa7e1471
.media.net/ Name: data-mf
Value: 20cb2568-bb81-4f63-bc94-5e86a8012ee9~~1
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1rx1|86L.0.1|7dN.0.AAC6Rk7M1n8AABS_PQftrg
.contextweb.com/ Name: pb_rtb_ev_part
Value: 3-1rx1|86L.0.1|7dN.0.AAC6Rk7M1n8AABS_PQftrg
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22797f54a72d%22%2C%22f%22%3A1%2C%22ts%22%3A1718304603894%7D%2C%7B%22p%22%3A%224ef5c9a86a%22%2C%22f%22%3A1%2C%22ts%22%3A1718304603894%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1718304603894%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1718304603894%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1718304603894%7D%2C%7B%22p%22%3A%22008c314e8f%22%2C%22f%22%3A1%2C%22ts%22%3A1718304603894%7D%5D
.media.net/ Name: data-g
Value: CAESEOIgfWfxhPYHDzti7PRxCV8~~8
.media.net/ Name: data-bs
Value: d182348a-3cd5-4794-9031-91df88493f67~~1
.technoratimedia.com/ Name: tads_uidp_62
Value: 3613048227393376000V10
.media.net/ Name: data-rk
Value: 1974054400498569065~~8
.pippio.com/ Name: didts
Value: 1718304603
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CAA=
.pippio.com/ Name: did
Value: gTIkzNMTTSOFnuqM
.technoratimedia.com/ Name: tads_uidp_77
Value: qZYHoYanKhpW0w64n8AxKFjxP3MAFUwScQ4zIMc9kXI
.media.net/ Name: data-so
Value: d02b392a-564a-405c-bd46-5029683c14e1~~8
io.narrative.io/ Name: io.narrative.guid.v2
Value: bee98890-29b5-11ef-86c8-02f494ad6d1f
.media.net/ Name: data-ttd
Value: 1f8b4c71-962e-4fb6-a4be-45a8fcddd9ef~~1
.technoratimedia.com/ Name: tads_uidp_44
Value: LXDM6XI5-16-7S4C
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQ
Value: Yt1Xp9t8Pz
.media.net/ Name: data-exp
Value: setstatuscode~~1
.id5-sync.com/ Name: id5
Value: eec65218-e73c-7c39-a727-3fe53f245bed#1718304602127#4
.adx.opera.com/ Name: UID
Value: OPU2a771488a4e74d328ef61f9235118704
.technoratimedia.com/ Name: tads_uidp_61
Value: 212648951907094
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: IQPData
Value: 3341873933#1718304604231#0#1718304604231
.intentiq.com/ Name: intentIQCDate
Value: 1718304604232
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZVRmJiMFF0
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: si
Value: Q7715910041001959939P
.owneriq.net/ Name: pmc
Value: 1
.ctnsnet.com/ Name: cid_52f5ab3dba244c7aab1a74a8a4224c43
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPUe9affbdef2db4d7c99f1172e1a03cc25&KRTB&23485-OPUe9affbdef2db4d7c99f1172e1a03cc25&KRTB&23524-OPUe9affbdef2db4d7c99f1172e1a03cc25&KRTB&23575-OPUe9affbdef2db4d7c99f1172e1a03cc25
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!3978
.smartadserver.com/ Name: csync
Value: 127:AAC6Rk7M1n8AABS_PQftrg
.a-mx.com/ Name: amdt_t
Value: p::1718304604490
.a-mx.com/ Name: amuid2
Value: a0b4abe7-7b85-4e94-8af3-a0da6d92f8c9
.ymmobi.com/ Name: ym_user_cookie
Value: ym_user_e9e0d32a-22b1-44f8-bb45-c24ac340febc
.semasio.net/ Name: SEUNCY
Value: C70F2A38818B0D3B
.technoratimedia.com/ Name: tads_uidp_73
Value: AAC6Rk7M1n8AABS_PQftrg
.media.net/ Name: data-r
Value: LXDM6XI5-16-7S4C~~1
.rubiconproject.com/ Name: audit
Value: 1|KfpP3v4wmVJ8FfiJfpyUhYJbiZ4F3ZEyV4UZiVpcCs4bswuS8eRBIEgQNz5Odq9r+uK1g2fF8SJBK03vAHceEB7hZXd5NmS35jPYX1GOk3NbOz6AjJtUazAwRXEt/C60ua5UjcErC9Dl7bD5tYBGzWQ2FDqq35dMBvXcDn7yb87WMKxofMJYSQ==
.rtb.mx/ Name: amdt_t
Value: p::1718304605051
.rtb.mx/ Name: amuid2
Value: a0b4abe7-7b85-4e94-8af3-a0da6d92f8c9
.pubmatic.com/ Name: SPugT
Value: 1718304605
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 23554-bKE8mp6cDXSgLzPnXT9rZg&KRTB&23557-bKE8mp6cDXSgLzPnXT9rZg&KRTB&23586-bKE8mp6cDXSgLzPnXT9rZg
.pubmatic.com/ Name: PugT
Value: 1718304604
.go.sonobi.com/ Name: HAPLB8G
Value: s85171|Zms/Y
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 16
.pubmatic.com/ Name: DPSync3
Value: 1718841600%3A265_252_253%7C1719273600%3A257%7C1719446400%3A226_219_262_201_258_228_261_245_263_256_235_236_260_259%7C1718323200%3A248_255
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1718326205988
.agkn.com/ Name: ab
Value: 0001%3AkDgQcPx2GVB8GfFdRxVw%2Fr7PqbRww%2F77
.onaudience.com/ Name: cookie
Value: bc635c8213d81cf5
.onaudience.com/ Name: done_redirects252
Value: 1
.audrte.com/ Name: arcki2
Value: f7ipXLQyN1ESyaqVqgoqD3-bQ!20220908!1718304606771!ip#199.48.243.13
.audrte.com/ Name: arcki2_pubmatic
Value: 1A4FAD44-CD12-4BA8-9EFB-108C2E299192!20220908!1718304606771
.analytics.yahoo.com/ Name: IDSYNC
Value: "18w9~2iz6:18z8~2iz6:19dc~2iz6:18yi~2iz6:18za~2iz6:190u~2iz6:199z~2iz6"
.onaudience.com/ Name: done_redirects282
Value: 1
.audrte.com/ Name: arcki2_ddp2
Value: f7ipXLQyN1ESyaqVqgoqD3-bQ!20220908!1718304607085
.id5-sync.com/ Name: 3pi
Value: 112#1718304604784#-1917620956#C70F2A38818B0D3B|434#1718304605879#-134297908|2#1718304607154#417389487#2544973523831875102|1221#1718304607154#1438753999|264#1718304605108#135684339#1f8b4c71-962e-4fb6-a4be-45a8fcddd9ef|441#1718304603392#174130589#u_92140885-5782-4a2c-9be8-59e1168388ea|108#1718304604042#-922445932|429#1718304606524#760402517#1A4FAD44-CD12-4BA8-9EFB-108C2E299192
.audrte.com/ Name: arcki2_adform
Value: 8759756741206553225!20220908!1718304607361
.adsrvr.org/ Name: TDCPM
Value: CAESGwoMc2hhcmV0aHJvdWdoEgsIlu_4lfX4hT0QBRIWCgdydWJpY29uEgsIwvW7ovX4hT0QBRIWCgdzdng5dDUwEgsI4uOWqvX4hT0QBRIUCgV0YXBhZBILCPb73bj1-IU9EAUYBTgBQgQiAggB
.richaudience.com/ Name: pdid
Value: 884f15dc-c759-4dba-b1d9-1zz1718304582
.bluekai.com/ Name: bku
Value: wXT99aXdStqr5KGw
.bluekai.com/ Name: bkpa
Value: KJy9cyeQd02pSUHknpD0BpA8wtkAwVHiBeOZRZPARtWTRZ1NjMRe9JkjYqG=
.richaudience.com/ Name: raibs
Value: 1

2 Console Messages

Source Level URL
Text
network error URL: https://match.sharethrough.com/universal/v1?supply_id=BGApXMcE
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://sync.admanmedia.com/pbs.gif?gdpr=0&gdpr_consent=-1&us_privacy=&redir=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000029%26gdpr%3D0%26gdpr_consent%3D-1%26us_privacy%3D%26uuid%3D%5BUID%5D
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1x1.a-mo.net
aax.amazon-adsystem.com
ad.turn.com
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
analytics.google.com
bcp.crwdcntrl.net
bh.contextweb.com
c.amazon-adsystem.com
cdn.id5-sync.com
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
contextual.media.net
cs.emxdgt.com
cs.media.net
eb2.3lift.com
fastlygeo.m32.media
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
ib.adnxs.com
id5-sync.com
ih.adscale.de
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
lb.eu-1-id5-sync.com
lenord-cotier.com
lh3.googleusercontent.com
match.adsrvr.org
match.sharethrough.com
mia-placement-server.rubiconproject.com
moderncssframeworks.com
pagead2.googlesyndication.com
pbs.publishers.tremorhub.com
pixel.advertising.com
pixel.rubiconproject.com
pixel.tapad.com
prebid.a-mo.net
prebid.media.net
pubmatic-match.dotomi.com
rdc.m32.media
rtb.gumgum.com
rtb.openx.net
s.amazon-adsystem.com
s3.us-west-2.amazonaws.com
scada.paradizeconstruction.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
seg.m32.media
simage2.pubmatic.com
ssbsync.smartadserver.com
ssum.casalemedia.com
stats.g.doubleclick.net
sync.1rx.io
sync.a-mo.net
sync.admanmedia.com
sync.bfmio.com
sync.go.sonobi.com
sync.richaudience.com
sync.springserve.com
sync.sxp.smartclip.net
sync.targeting.unrulymedia.com
sync.teads.tv
tags.crwdcntrl.net
tv.springserve.com
uipglob.semasio.net
ups.analytics.yahoo.com
vid-io-pdx.springserve.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
y.one.impact-ad.jp
sync.richaudience.com
104.18.36.155
104.36.113.107
104.78.189.198
108.138.85.101
13.249.44.103
141.95.98.65
147.28.129.37
147.75.198.144
151.101.130.132
158.160.11.208
162.19.138.119
173.44.141.51
18.160.10.20
18.204.51.48
18.213.57.91
184.31.48.28
184.31.61.14
198.148.27.131
207.65.32.82
209.85.232.156
23.105.14.101
23.48.8.28
23.59.25.156
2600:1f18:612b:4232:2f80:ec66:68ec:d673
2606:4700:10::6816:3456
2606:ae80:1451:22::760
2607:f350:3:2569:0:10:0:d
2607:f8b0:400d:c00::84
2607:f8b0:400d:c00::9c
2607:f8b0:400d:c01::9d
2607:f8b0:400d:c02::9a
2607:f8b0:400d:c04::5e
2607:f8b0:400d:c0b::5e
2607:f8b0:400d:c0b::63
2607:f8b0:400d:c0b::69
2607:f8b0:400d:c0b::8b
2607:f8b0:400d:c0c::5f
2607:f8b0:400d:c0d::61
2607:f8b0:400d:c0d::8b
2607:f8b0:400d:c0e::9b
2607:f8b0:400d:c0f::5e
2607:f8b0:400d:c0f::71
2620:112:f008:200::101
3.162.113.135
3.224.117.100
3.33.220.150
34.111.113.62
34.120.63.153
34.200.65.202
34.235.210.13
35.186.194.101
35.203.92.254
35.211.178.172
35.213.17.49
35.227.252.103
35.71.139.29
4.205.49.19
44.194.210.197
44.195.178.9
50.57.31.206
52.36.29.16
52.46.143.56
52.58.228.225
52.92.164.112
54.144.53.235
54.185.54.232
54.187.192.10
63.251.28.231
68.67.160.75
69.173.151.100
69.194.240.13
75.101.246.159
8.2.110.26
8.28.7.81
8.28.7.84
01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
16041ffa759b3a9fbbb7a4310e72e73a84172e6a56de5633197584d8033bbc03
19d97bdb18869b2e8ab601397c4956d050c01f4ed4ebda106af968ca72926aa4
1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367
22de6e4042c182513a5612e20d9c7f41c6ef8b7829912a4eab0895dd3dea05a6
26642a41a8b6dd3d0f8d72143cce355c0bc9dcceaaca625ab69f7643e0c50b13
26ae64ca22c48cea2cff096ccb5fb79e5255aaff58e2449ba48794fdc0e089ab
26e14e8f2ccd855240a903708f250499c1696fb13a5f76d9e7851af290922b4f
29f9bc38ee5fbe47d4d2fef73f6574319b182e4e4711385aabdd06146fbc5e58
303156e898f8883e72a6c2dd8c2aeb58f012e7e47aa68c97f0d4f9fd540a580d
346a1e0e4089960b884001d9c4ee3eb3bafdd044628c0b0c33848cb1ee9d7949
3811558e28e05d13ff76b22436d51c4fa6706d8945a6f2d2926b72dfa34b059a
3933548a3b3aefc328966d35e1d98c08b37ad1941472eafad027fd9188029258
3be69375a428a615caa7c5307c15298a41a4f272c77ff19051a462462d1af5a3
3c288f0c3cb0999bbd6a9f6486f6b13064ead24052234ac35f8b053b9db9ae96
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3c7be84afd8ce914365e3df1325af7fa0b4ad27db4258096fe753bf8708e8fda
3c7dcaf91cdbf840f68d8afbf5f421bb2324d29820855f538495f20f1b50d068
42287925d01999d4f4a32a2463947d1e7c0ebb8978c06ed7e818682ef161b0cd
42ad4aa7a67f232c22513445c30c0449de36b450ad8768b4180a7b23aa39d33b
42ca62932a5f778e87ce5f839be42676f96cd97bb1f282ffaa3583086a9a4691
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
471071296dc23a1f43cb166268c1f79e1303fc6218827c88ee01a950a4c28c8c
4ad739e610ca5084342720e95cdf1ce819827f0ed3d8be5881823b8bdf9b2b9d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5027e99e253b0da04a0e9deb8cc7ed2a73d7a7e3ff89aa7a317c1fb2cc81e3bb
511a81c3a1cfa23608fb06208ffdbd92a224ba8fa60400edeca0bc7371bedcec
51408d35d766eb023c741d01bdddec4a73559968cc47996f7c16a150b7ddf36f
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54b7ee481077867c510ff554072ce06c5f3fc53bf30cc10ec1800dee2dd1a1c7
567b3fe76c2d60b4e7bcf948915be944133cf761c890952e0f6ed577800d8a70
56d3f0e86c68a146ad343aa99c1af70b20eb45febdd01424f845ab85beaf6636
5742365a5410582f1d6bbca2952ca7e934130bfe2a7d3a7ba9352498fbce6ba2
57640181b53f103db1bbf129603fcaf34419ee1cd838c7928f6b37e122bade70
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5d86f98c50259b61d719c02e7f3444a831d3244c2091b1dd8eae60b3b4235cc3
5eeb0081366c82d6237c6e16e9af56188182db7669e6916a9018bbf8d16b5b7a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c7175821421cfa72e0d154d2f099190a7098c018df4e786428de85f7adde394
6d82dcfc3c94a02be2a4e834f093d64431c2fa4b9cd62d498de0b5dd0e8d974f
70cd563322458bcd8eb0c45ffe72323df7c74b281cdbd01cc8b15de133b576a3
71b4562ab29eb52a1b2a605ecc48411e206cd60883e52ff0899c5357c85ac54d
749d16c37d633d79942dd17cc5f12a85bbde96e96236fa752ecf1b6a6a1d928b
76dd928897686b6786a65b58ccb41a8a820eeb9bbef422f0ad9250658cef5219
789d560be25de17f684efd46f81cefe7189085104952e64132187fc3bfdd6187
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
82897a2306cf760ab7e21570dc3ceea2da2e81359f03c7b2f854c506ca2bdcee
83cdc416df99a47ebb46022d9813b552e8e4cd3a21a41ea08eaba8097d0911c8
88e4cc119811b33cf66716bffd2f2c2c398e257014bdd2a7edba7cf1e0c04920
89417b7e7e602e0e469946d8971f4a48d69e6511d2755b5933d95260f9771529
8add27b147458549b30706540595d46e8ad6f518296020e0d0bdb947553b6230
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d8b5d43a745a2fc2f1aff8f93a3c98f83ac8d3e0cfb731a8403d8e95ea5fc3b
8dce961b243318a11cbc86d3b0fbc4d68b5e62ccf229edf2717207cf43d8873c
8f79253fa42faa8dc7e0d97c0d6e31b5bca300e3b855ccdd60eb2da3abf0f6b4
90f05640dcfc7157a1b0077623bdf985d5bc3469a1dc418099abace29d30b101
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9451ceb6ff5c2274985b0d01d3b094b05816a8bbf10f8cc8db373bc1d9fdfb35
983595bf01d6e31d9bc927f79d38cbf34404ff0d66b9835f5c1ec178f08a90d1
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
9f44c4df2eebe9758122fa4cb137ca50e254b01962f699281dd2bf0a8db42f55
a204849a0777563cc401d76d1a8e1ab5c5a6c554d391c0b24493985b4a4f42af
a311bb4a21c33bca5691af5d9899652a77ef0395ec5e4fda845e53b8acf262c5
a61500a342875a17afc10c79e9c1596ae0e18182bf57f34390b4a68dad5ce1cd
a63dfafeb1e16958219c7a35e30625e86b3c11db90f0990fb68fa7181e7de73b
a8c8cbc89343bb5a0eb85d4df31376c0e1c145e6fc2bbb4c2803b2998fd6f83c
aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5
ae57ec6b843f1667814332a84882f6c71c3827d6d0923798d8a298e5950f47eb
ae82a41fa19db11b4a24fb6ff6c315dd37431edac4d86d7769639fe82853902e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0fc5afac89cfd2144bf6e589710e95b7789f3b588ad12af867602c63a8138c5
b3f8d07acfab65afb2b1cfc48540e5c2c22c29571af60cd8b88ebe498c093dfb
b4da3631b3a48c11241417d827a9635adf3d8cdf9d62dfaab3437a07ef13e693
b65c89c7379d1aab1be434f80d1c7fcbf14042ffbde196876e1871664a0d09d9
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be2277c99594557635d0993ac606fdc4994494e43408bc1be5c6ac9bfabc5dac
c5c6943d67bf169c51f76c4e7862ac7e8422492f01357a7954f71ccd4237a1ef
ca8e15ef1ec901920e39b68440ce53ea9238c3930af8cc5137a1369ad90ef657
cab5fa9ef62240ff049867673c9d4a12ee03527ff0318eb1745e40e3a23cbbcb
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d4f388b1fac0c0c2742adf838b98448145f4f18bb9db911fef03469d7c96b59f
d561b478c7d864b518385b2419144f18a8f3f513df4f149a0b7d69620fe7e59e
d8a8a17af30919ec736a38b267622a72cb5ee20bc822306cb260987a38fe0395
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
def7acc32bc07768a0b6417305e076e3bee80bdb1574c7360f85e064501d2cd7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7afd993d5be8b77d9cc4ae40a93e72a2942de0856a2f37ee8c1d2210c9f056a
ea9d528f63c997b7c7d102addc51ca469ddb8bec540afdf23348a484e61a894e
eb8e31285a980ae166a4d0f0c0b7fc0069085b8c173fd0fa3138fea54d8cceb1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
fef327524aebdfffae2bd88eca821c6eeb29216fdcdbf31306a8294739c2a4c5
ff15ac47504bb557006756aaba7dc0eadcf935f9633390f379405085d9f85de8