urlscan.io logo urlscan.io
SecurityTrails logo

o.canada.com Open in urlscan Pro
34.111.249.109  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://canada.com/
Effective URL: https://o.canada.com/
Submission Tags: falconsandbox
Submission: On August 28 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 96 IPs in 11 countries across 61 domains to perform 301 HTTP transactions. The main IP is 34.111.249.109, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is o.canada.com.
TLS certificate: Issued by GTS CA 1D4 on August 8th 2023. Valid for: 3 months.
This is the only time o.canada.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 34.111.67.160 396982 (GOOGLE-CL...)
2 34.111.249.109 396982 (GOOGLE-CL...)
20 34.149.157.221 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
3 13.224.192.181 16509 (AMAZON-02)
2 23.56.202.187 16625 (AKAMAI-AS)
1 13.225.78.97 16509 (AMAZON-02)
1 2606:4700:e6:... 13335 (CLOUDFLAR...)
1 18.66.112.103 16509 (AMAZON-02)
21 34.117.54.29 396982 (GOOGLE-CL...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 184.30.211.26 16625 (AKAMAI-AS)
6 23.21.99.188 14618 (AMAZON-AES)
1 108.138.9.235 16509 (AMAZON-02)
1 35.241.9.51 15169 (GOOGLE)
2 6 185.89.210.180 29990 (ASN-APPNEX)
2 2602:803:c003... 26667 (RUBICONPR...)
1 35.227.252.103 15169 (GOOGLE)
12 18.197.249.97 16509 (AMAZON-02)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 216.52.2.30 32475 (SINGLEHOP...)
1 104.18.39.155 13335 (CLOUDFLAR...)
11 34.107.254.252 396982 (GOOGLE-CL...)
1 104.19.149.54 13335 (CLOUDFLAR...)
2 75.2.40.13 16509 (AMAZON-02)
10 12 142.250.184.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
16 20 2600:9000:225... 16509 (AMAZON-02)
24 2a04:4e42:400... 54113 (FASTLY)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 18.185.12.185 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
5 2600:9000:223... 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
1 5 13.32.121.72 16509 (AMAZON-02)
1 2a04:4e42:400... 54113 (FASTLY)
4 2a04:4e42:600... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
3 2600:1f18:44f... 14618 (AMAZON-AES)
1 152.199.22.243 15133 (EDGECAST)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 52.222.214.32 16509 (AMAZON-02)
1 18.66.100.58 16509 (AMAZON-02)
3 2a04:4e42:200... 54113 (FASTLY)
4 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 18.66.112.89 16509 (AMAZON-02)
1 143.204.215.76 16509 (AMAZON-02)
1 54.155.18.159 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:249... 16509 (AMAZON-02)
5 162.55.144.218 24940 (HETZNER-AS)
2 2a03:2880:f17... 32934 (FACEBOOK)
4 2600:9000:21f... 16509 (AMAZON-02)
1 195.201.159.24 24940 (HETZNER-AS)
2 2a02:2638:d::2 44788 (ASN-CRITE...)
13 2600:1f13:800... 16509 (AMAZON-02)
1 3.223.236.9 14618 (AMAZON-AES)
1 2 2a02:2638:d::d 44788 (ASN-CRITE...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 178.250.7.13 44788 (ASN-CRITE...)
2 23.32.184.192 16625 (AKAMAI-AS)
1 104.18.38.76 13335 (CLOUDFLAR...)
1 23.54.112.188 16625 (AKAMAI-AS)
1 34.98.64.218 396982 (GOOGLE-CL...)
2 23.218.210.30 16625 (AKAMAI-AS)
2 35.157.166.140 16509 (AMAZON-02)
1 2 198.47.127.19 62713 (AS-PUBMATIC)
2 7 185.80.39.216 27381 (CASALE-MEDIA)
3 35.71.131.137 16509 (AMAZON-02)
3 5 52.46.130.91 16509 (AMAZON-02)
7 9 69.173.144.139 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
3 5 54.239.33.159 16509 (AMAZON-02)
1 2 2a05:d018:d29... 16509 (AMAZON-02)
1 1 178.250.1.9 44788 (ASN-CRITE...)
5 198.47.127.205 3257 (GTT-BACKB...)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 52.213.174.162 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
3 4 54.147.123.103 14618 (AMAZON-AES)
3 3 37.157.4.28 198622 (ADFORM)
1 35.204.74.118 396982 (GOOGLE-CL...)
1 3.71.149.231 16509 (AMAZON-02)
1 98.98.134.243 21859 (ZEN-ECN)
2 2 151.101.2.49 54113 (FASTLY)
1 52.28.2.204 16509 (AMAZON-02)
1 172.64.149.180 13335 (CLOUDFLAR...)
1 198.47.127.20 ()
301 96
2    34.111.67.160 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 160.67.111.34.bc.googleusercontent.com
canada.com
2    34.111.249.109 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 109.249.111.34.bc.googleusercontent.com
o.canada.com
20    34.149.157.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.157.149.34.bc.googleusercontent.com
smartcdn.gprod.postmedia.digital
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    13.224.192.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-192-181.fra2.r.cloudfront.net
c.amazon-adsystem.com
2    23.56.202.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com
micro.rubiconproject.com
ads.rubiconproject.com
1    13.225.78.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-97.fra2.r.cloudfront.net
cdn.adsafeprotected.com
1    2606:4700:e6::ac40:c70b (United States)

ASN13335 (CLOUDFLARENET, US)
www.npttech.com
1    18.66.112.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-103.fra56.r.cloudfront.net
ak.sail-horizon.com
21    34.117.54.29 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 29.54.117.34.bc.googleusercontent.com
fem.gprod.postmedia.digital
dcs-static.gprod.postmedia.digital
3    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2606:4700::6812:4eb (United States)

ASN13335 (CLOUDFLARENET, US)
auth.lrcontent.com
1    2606:4700:4400::ac40:9256 (United States)

ASN13335 (CLOUDFLARENET, US)
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
2    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    184.30.211.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-211-26.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
6    23.21.99.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-99-188.compute-1.amazonaws.com
pixel.adsafeprotected.com
1    108.138.9.235 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-9-235.fra56.r.cloudfront.net
aax.amazon-adsystem.com
1    35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co
6    185.89.210.180 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
2    2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
12    18.197.249.97 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-249-97.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
1    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    216.52.2.30 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    104.18.39.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
11    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
googlesync.permutive.com
1    104.19.149.54 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
2    75.2.40.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com
api.sail-personalize.com
12    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
cm.g.doubleclick.net
1    2a00:1450:4001:82a::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
20    2600:9000:225e:6c00:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.jwplayer.com
24    2a04:4e42:400::626 (United States)

ASN54113 (FASTLY, US)
assets-jpcust.jwpsrv.com
ssl.p.jwpcdn.com
prd.jwpltx.com
6    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
37fd233be47a9ff8da56fd1d6f53de47.safeframe.googlesyndication.com
4    18.185.12.185 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
postmedia.hub.loginradius.com
7    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    2600:9000:223c:2800:8:2ae1:d740:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.viafoura.net
7    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    13.32.121.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-72.fra60.r.cloudfront.net
sb.scorecardresearch.com
1    2a04:4e42:400::645 (United States)

ASN54113 (FASTLY, US)
jssdkcdns.mparticle.com
4    2a04:4e42:600::645 (United States)

ASN54113 (FASTLY, US)
identity.mparticle.com
2    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2600:1f18:44f0:4847:76a1:b6b5:aeaf:fb4e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
api.viafoura.co
1    152.199.22.243 (United States)

ASN15133 (EDGECAST, US)
entitlements.jwplayer.com
2    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
3    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2606:4700:3033::ac43:9fa2 (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.mrf.io
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    52.222.214.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-32.fra56.r.cloudfront.net
get.s-onetag.com
1    18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-100-58.fra56.r.cloudfront.net
cdn.parsely.com
3    2a04:4e42:200::645 (United States)

ASN54113 (FASTLY, US)
jssdks.mparticle.com
4    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
2    2a00:1450:400c:c03::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
www.gstatic.com
2    18.66.112.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-89.fra56.r.cloudfront.net
onetag-geo.s-onetag.com
1    143.204.215.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-76.fra53.r.cloudfront.net
signal-beacon.s-onetag.com
1    54.155.18.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
p1.parsely.com
1    2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2600:9000:2491:7400:2:cecb:23c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
videos-cloudfront-usp.jwpsrv.com
5    162.55.144.218 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: haproxy04.cl03.het.mrf.io
events.newsroom.bi
2    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    2600:9000:21f3:f800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    195.201.159.24 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: haproxy02.cl03.het.mrf.io
compassdata.mrf.io
2    2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
13    2600:1f13:800:7781:5453:801b:1cfb:a1f6 (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
1    3.223.236.9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-236-9.compute-1.amazonaws.com
i.viafoura.co
2    2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    2606:4700::6812:5eb (United States)

ASN13335 (CLOUDFLARENET, US)
config.lrcontent.com
1    178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
1    23.54.112.188 (Glattbrugg, Switzerland)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-112-188.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
postmedia-d.openx.net
2    23.218.210.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-210-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    35.157.166.140 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-166-140.eu-central-1.compute.amazonaws.com
prebid-a.rubiconproject.com
2    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
7    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
3    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
5    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
9    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
5    54.239.33.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    2a05:d018:d29:3605:f821:c088:dfda:b5f7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
5    198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
simage2.pubmatic.com
image2.pubmatic.com
1    2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    52.213.174.162 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-174-162.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
4    54.147.123.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-123-103.compute-1.amazonaws.com
a.audrte.com
3    37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
1    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
1    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
PTR: ddos.com
pixel-sync.sitescout.com
2    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    52.28.2.204 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-2-204.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
1    198.47.127.20 (None, )

ASN- ()
simage4.pubmatic.com
Apex Domain
Subdomains		 Transfer
41 postmedia.digital
smartcdn.gprod.postmedia.digital — Cisco Umbrella Rank: 95921
fem.gprod.postmedia.digital — Cisco Umbrella Rank: 145731
dcs-static.gprod.postmedia.digital — Cisco Umbrella Rank: 126226
643 KB
24 adsafeprotected.com
cdn.adsafeprotected.com — Cisco Umbrella Rank: 3993
pixel.adsafeprotected.com — Cisco Umbrella Rank: 764
static.adsafeprotected.com — Cisco Umbrella Rank: 632
dt.adsafeprotected.com — Cisco Umbrella Rank: 586
213 KB
21 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 3081
entitlements.jwplayer.com — Cisco Umbrella Rank: 4031
64 KB
21 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 210
cm.g.doubleclick.net — Cisco Umbrella Rank: 242
stats.g.doubleclick.net — Cisco Umbrella Rank: 93
183 KB
18 jwpsrv.com
assets-jpcust.jwpsrv.com — Cisco Umbrella Rank: 4155
videos-cloudfront-usp.jwpsrv.com — Cisco Umbrella Rank: 5887
497 KB
17 rubiconproject.com
micro.rubiconproject.com — Cisco Umbrella Rank: 3408
ads.rubiconproject.com — Cisco Umbrella Rank: 2303
fastlane.rubiconproject.com — Cisco Umbrella Rank: 545
eus.rubiconproject.com — Cisco Umbrella Rank: 588
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3144
pixel.rubiconproject.com — Cisco Umbrella Rank: 364
token.rubiconproject.com — Cisco Umbrella Rank: 617
275 KB
14 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
37fd233be47a9ff8da56fd1d6f53de47.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 155
390 KB
14 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 344
aax.amazon-adsystem.com — Cisco Umbrella Rank: 430
s.amazon-adsystem.com — Cisco Umbrella Rank: 320
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1071
72 KB
12 permutive.com
api.permutive.com — Cisco Umbrella Rank: 2226
cdn.permutive.com — Cisco Umbrella Rank: 2981
googlesync.permutive.com — Cisco Umbrella Rank: 9319
40 KB
12 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1115
2 KB
11 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 557
ads.pubmatic.com — Cisco Umbrella Rank: 547
image6.pubmatic.com — Cisco Umbrella Rank: 769
simage2.pubmatic.com — Cisco Umbrella Rank: 797
image2.pubmatic.com — Cisco Umbrella Rank: 875
simage4.pubmatic.com
26 KB
8 mparticle.com
jssdkcdns.mparticle.com — Cisco Umbrella Rank: 6270
identity.mparticle.com — Cisco Umbrella Rank: 3130
jssdks.mparticle.com — Cisco Umbrella Rank: 5476
60 KB
8 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 609
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 484
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 594
7 KB
7 jwpcdn.com
ssl.p.jwpcdn.com — Cisco Umbrella Rank: 3160
287 KB
7 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
477 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 3101
1 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 245
acdn.adnxs.com — Cisco Umbrella Rank: 587
secure.adnxs.com — Cisco Umbrella Rank: 465
21 KB
6 gstatic.com
fonts.gstatic.com
www.gstatic.com
77 KB
5 newsroom.bi
events.newsroom.bi — Cisco Umbrella Rank: 8385
2 KB
5 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 164
4 KB
5 viafoura.net
cdn.viafoura.net — Cisco Umbrella Rank: 11864
210 KB
5 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 784
gum.criteo.com — Cisco Umbrella Rank: 435
mug.criteo.com — Cisco Umbrella Rank: 2707
dis.criteo.com — Cisco Umbrella Rank: 626
8 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2664
3 KB
4 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 4510
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 5871
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 6061
20 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
region1.google-analytics.com — Cisco Umbrella Rank: 2412
21 KB
4 viafoura.co
api.viafoura.co — Cisco Umbrella Rank: 12107
i.viafoura.co — Cisco Umbrella Rank: 11965
4 KB
4 loginradius.com
postmedia.hub.loginradius.com — Cisco Umbrella Rank: 154744
1 KB
4 lrcontent.com
auth.lrcontent.com — Cisco Umbrella Rank: 60994
config.lrcontent.com — Cisco Umbrella Rank: 20985
97 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 45
storage.googleapis.com — Cisco Umbrella Rank: 409
imasdk.googleapis.com — Cisco Umbrella Rank: 510
524 KB
4 canada.com
canada.com — Cisco Umbrella Rank: 582543
o.canada.com
112 KB
3 adform.net
dmp.adform.net — Cisco Umbrella Rank: 3398
c1.adform.net — Cisco Umbrella Rank: 597
2 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24109
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 26137
898 B
3 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 458
ups.analytics.yahoo.com — Cisco Umbrella Rank: 325
1 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 360
793 B
3 mrf.io
sdk.mrf.io — Cisco Umbrella Rank: 10307
compassdata.mrf.io — Cisco Umbrella Rank: 53068
46 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 713
644 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 696
cdn.indexww.com — Cisco Umbrella Rank: 1662
2 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 621
60 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
254 B
2 google.de
www.google.de — Cisco Umbrella Rank: 6490
515 B
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 3151
p1.parsely.com — Cisco Umbrella Rank: 2390
26 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 165
91 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 222
114 KB
2 sail-personalize.com
api.sail-personalize.com — Cisco Umbrella Rank: 3425
498 B
2 openx.net
rtb.openx.net — Cisco Umbrella Rank: 782
postmedia-d.openx.net — Cisco Umbrella Rank: 212293
431 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 334
3 KB
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 352
146 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 722
187 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 800
612 B
1 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 803
266 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 798
588 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 357
648 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 328
17 KB
1 jwpltx.com
prd.jwpltx.com — Cisco Umbrella Rank: 3498
50 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 690
399 B
1 prmutv.co
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co — Cisco Umbrella Rank: 196311
388 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1235
17 KB
1 permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app — Cisco Umbrella Rank: 156212
134 KB
1 sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 3518
33 KB
1 npttech.com
www.npttech.com — Cisco Umbrella Rank: 7748
3 KB
0 33across.com Failed
lexicon.33across.com Failed
301 61
Domain Requested by
20 cdn.jwplayer.com 16 redirects dcs-static.gprod.postmedia.digital
cdn.jwplayer.com
ssl.p.jwpcdn.com
20 smartcdn.gprod.postmedia.digital o.canada.com
17 dcs-static.gprod.postmedia.digital o.canada.com
dcs-static.gprod.postmedia.digital
16 assets-jpcust.jwpsrv.com
13 dt.adsafeprotected.com
12 cm.g.doubleclick.net 10 redirects
12 btlr.sharethrough.com micro.rubiconproject.com
10 api.permutive.com 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
7 ssl.p.jwpcdn.com cdn.jwplayer.com
7 www.googletagmanager.com fem.gprod.postmedia.digital
jssdkcdns.mparticle.com
www.googletagmanager.com
www.google-analytics.com
7 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
7 securepubads.g.doubleclick.net o.canada.com
securepubads.g.doubleclick.net
www.googletagservices.com
6 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
imasdk.googleapis.com
www.googletagservices.com
6 pixel.adsafeprotected.com cdn.adsafeprotected.com
o.canada.com
5 aax-eu.amazon-adsystem.com 3 redirects ads.pubmatic.com
5 pixel.rubiconproject.com 3 redirects
5 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
5 events.newsroom.bi sdk.mrf.io
5 sb.scorecardresearch.com 1 redirects fem.gprod.postmedia.digital
5 cdn.viafoura.net fem.gprod.postmedia.digital
cdn.viafoura.net
5 ib.adnxs.com 1 redirects 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
micro.rubiconproject.com
acdn.adnxs.com
4 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
4 a.audrte.com 3 redirects ads.pubmatic.com
4 token.rubiconproject.com 4 redirects
4 static.adsafeprotected.com pixel.adsafeprotected.com
o.canada.com
4 identity.mparticle.com jssdkcdns.mparticle.com
4 www.google.com tpc.googlesyndication.com
securepubads.g.doubleclick.net
4 postmedia.hub.loginradius.com fem.gprod.postmedia.digital
auth.lrcontent.com
4 fem.gprod.postmedia.digital o.canada.com
fem.gprod.postmedia.digital
3 image2.pubmatic.com ads.pubmatic.com
3 match.adsrvr.org ads.pubmatic.com
ssum-sec.casalemedia.com
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 www.gstatic.com cdn.jwplayer.com
www.gstatic.com
3 region1.analytics.google.com www.googletagmanager.com
3 jssdks.mparticle.com jssdkcdns.mparticle.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 api.viafoura.co cdn.viafoura.net
3 fonts.gstatic.com fonts.googleapis.com
3 c.amazon-adsystem.com o.canada.com
c.amazon-adsystem.com
2 sync-tm.everesttech.net 2 redirects
2 c1.adform.net 2 redirects
2 cr.frontend.weborama.fr 2 redirects
2 simage2.pubmatic.com ads.pubmatic.com
2 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
2 image6.pubmatic.com 1 redirects ads.pubmatic.com
2 prebid-a.rubiconproject.com micro.rubiconproject.com
2 eus.rubiconproject.com micro.rubiconproject.com
eus.rubiconproject.com
2 ads.pubmatic.com micro.rubiconproject.com
ads.pubmatic.com
2 config.lrcontent.com auth.lrcontent.com
2 gum.criteo.com 1 redirects static.criteo.net
2 static.criteo.net micro.rubiconproject.com
static.criteo.net
2 www.facebook.com
2 videos-cloudfront-usp.jwpsrv.com ssl.p.jwpcdn.com
2 onetag-geo.s-onetag.com get.s-onetag.com
signal-beacon.s-onetag.com
2 www.google.de
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net o.canada.com
connect.facebook.net
2 sdk.mrf.io o.canada.com
sdk.mrf.io
2 imasdk.googleapis.com cdn.jwplayer.com
imasdk.googleapis.com
2 www.googletagservices.com securepubads.g.doubleclick.net
2 api.sail-personalize.com ak.sail-horizon.com
2 fastlane.rubiconproject.com micro.rubiconproject.com
2 cdn.jsdelivr.net micro.rubiconproject.com
securepubads.g.doubleclick.net
2 auth.lrcontent.com o.canada.com
cdn.viafoura.net
2 o.canada.com dcs-static.gprod.postmedia.digital
2 canada.com 2 redirects
1 simage4.pubmatic.com ads.pubmatic.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 x.bidswitch.net ssum-sec.casalemedia.com
1 secure.adnxs.com 1 redirects
1 pixel-sync.sitescout.com ssum-sec.casalemedia.com
1 ups.analytics.yahoo.com ads.pubmatic.com
1 um.simpli.fi ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 cms.quantserve.com 1 redirects
1 dis.criteo.com 1 redirects
1 px.ads.linkedin.com
1 postmedia-d.openx.net micro.rubiconproject.com
1 acdn.adnxs.com micro.rubiconproject.com
1 js-sec.indexww.com micro.rubiconproject.com
1 mug.criteo.com
1 i.viafoura.co cdn.viafoura.net
1 compassdata.mrf.io sdk.mrf.io
1 region1.google-analytics.com www.googletagmanager.com
1 s0.2mdn.net imasdk.googleapis.com
1 p1.parsely.com
1 signal-beacon.s-onetag.com get.s-onetag.com
1 prd.jwpltx.com
1 cdn.parsely.com www.googletagmanager.com
1 get.s-onetag.com www.googletagmanager.com
1 entitlements.jwplayer.com cdn.jwplayer.com
1 jssdkcdns.mparticle.com fem.gprod.postmedia.digital
1 37fd233be47a9ff8da56fd1d6f53de47.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 storage.googleapis.com dcs-static.gprod.postmedia.digital
1 googlesync.permutive.com
1 cdn.permutive.com 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1 htlb.casalemedia.com micro.rubiconproject.com
1 ap.lijit.com micro.rubiconproject.com
1 hbopenbid.pubmatic.com micro.rubiconproject.com
1 bidder.criteo.com micro.rubiconproject.com
1 rtb.openx.net micro.rubiconproject.com
1 23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 secure.cdn.fastclick.net o.canada.com
1 ads.rubiconproject.com micro.rubiconproject.com
1 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app fem.gprod.postmedia.digital
1 ak.sail-horizon.com o.canada.com
1 www.npttech.com o.canada.com
1 cdn.adsafeprotected.com o.canada.com
1 micro.rubiconproject.com o.canada.com
1 fonts.googleapis.com o.canada.com
0 lexicon.33across.com Failed micro.rubiconproject.com
301 114
Subject Issuer Validity Valid
canada.com
GTS CA 1D4		 2023-08-08 -
2023-11-06		 3 months crt.sh
gprod.postmedia.digital
GTS CA 1D4		 2023-07-07 -
2023-10-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-22 -
2024-06-19		 a year crt.sh
npttech.com
GTS CA 1P5		 2023-07-04 -
2023-10-02		 3 months crt.sh
ak.sail-horizon.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-01-16		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-29 -
2024-04-28		 a year crt.sh
permutive.app
Cloudflare Inc ECC CA-3		 2023-07-09 -
2023-10-07		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-02 -
2023-12-02		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M01		 2023-03-29 -
2024-04-27		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.prmutv.co
R3		 2023-06-06 -
2023-09-04		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
api.permutive.com
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-25		 a year crt.sh
api.sail-personalize.com
Amazon RSA 2048 M01		 2023-04-25 -
2024-05-23		 a year crt.sh
storage.googleapis.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
jwplayer.com
Amazon RSA 2048 M02		 2023-03-01 -
2023-12-25		 10 months crt.sh
*.loginradius.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-29 -
2023-12-15		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
viafoura.com
Amazon RSA 2048 M02		 2023-08-08 -
2024-09-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
jssdkcdns.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2023-05-02 -
2024-06-02		 a year crt.sh
identity.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2023-05-08 -
2024-06-08		 a year crt.sh
*.jwplayer.com
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-26 -
2023-12-28		 a year crt.sh
entitlements.jwplayer.com
GeoTrust TLS RSA CA G1		 2023-04-11 -
2024-05-11		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-06-06 -
2023-09-04		 3 months crt.sh
*.s-onetag.com
Amazon RSA 2048 M01		 2023-02-23 -
2024-01-02		 10 months crt.sh
*.parsely.com
Amazon RSA 2048 M02		 2023-05-06 -
2024-06-03		 a year crt.sh
jssdks.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2022-09-15 -
2023-10-17		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
jwpsrv.com
Amazon RSA 2048 M02		 2023-03-20 -
2024-04-16		 a year crt.sh
ssl03.cert.cl03.k8s.mrf.io
R3		 2023-07-13 -
2023-10-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
ssl02.cert.cl03.k8s.mrf.io
R3		 2023-07-18 -
2023-10-16		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-09 -
2024-06-06		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh

This page contains 24 frames:

Primary Page: https://o.canada.com/
Frame ID: E39A1DD0693B9FD78B77E5BC0D396D2F
Requests: 223 HTTP requests in this frame

Frame: https://fem.gprod.postmedia.digital/v86.1/xd.html
Frame ID: 2D04A968E9F0ED87F0411C284CEDCE7B
Requests: 2 HTTP requests in this frame

Frame: https://37fd233be47a9ff8da56fd1d6f53de47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A1C89D4BB7EB107BFCB6EE2AC2717EDE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F33CD6354B05600B55A754BBD5600A7D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FB6D96A4D8BC41D2849D0E7E19085D6B
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=928934&campId=970x250&pubId=4811995650&chanId=68750341&placementId=6320677576&pubCreative=138435360861&pubOrder=3214318285&cb=191625056&custom=index&custom2=2&adsafe_par&impId=c823dd0a-4539-11ee-8842-02bf0c6c3701
Frame ID: 2BE72D545194AB8619E0D607DD648504
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvPcMTeUlkrPPATgPiRDmdJcVc7MZMY8JZnPCnRTjddzExsDujJ_I1idcQi14vIDUmcc7jO6cOz6n5bqMF6IfklvieX235vvEEXyAhld_ZIGZ8C_vg0s8jZ_Vbai5WcQmpFQXL3rD9pLaBaHeD7GyOKcFv_cooHJynCBPkDtt5voEZQ1caV-N06GN3Nki2UbJHlo2DAbKB9S6h2HcL0a31S54DAdIiCnDDDWpvKXNdbo2ePKBh7vJhUgwqcRkTa9LQv3-VhMbLdAgXHsNqZ4PLc85sr-XXc1nH3dVBgWOQ5HcbO-4Dx194TtKlCnC7Wug&sai=AMfl-YSy8bXZWuytfw1KxBg1d3J69n5nl655aU4dKb3G00chkqF984XrRJrxbhkoCgFfQBmuRJQqaH0zNQoIzCarlgV8PYq1hJgNUPTjGe2lPC82jTwVV-X-yAJDw39xXQ&sig=Cg0ArKJSzDcSMddCuz2wEAE&uach_m=[UACH]&adurl=
Frame ID: CB3F73127E62F5BFAAF86544F812182C
Requests: 7 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=928934&campId=970x250&pubId=4811995650&chanId=68750341&placementId=6320689129&pubCreative=138435367035&pubOrder=3214528277&cb=1380331086&custom=index&custom2=1&adsafe_par&impId=c823dd09-4539-11ee-8842-02bf0c6c3701
Frame ID: 4858D91D9EE31BD8973AEF86D6B8C646
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuhYRhRjUi0wvrE5gbEihNUK1hwn44DCvxIlOXKIOtkv9CRPa73JOR4uFMM-MMG2MAU6vtwD1zr2xD5_r1xer1jFSRpxjVqV2VpY3D2YsfUb5yfmQrXRhlmsbxFA6WUZ-fNxJiG5DjNAzV38DmqAieBvGrmFEJhLosH1W6762J98N-pTV5Fhd86IcXv8OQ3KNza_IuIBuaVrOKZacklFRPf8j0eGr0xb-PhwIWr4EYaPlNs33ODBFcPNzrX-527XoXmttelivaJLN0wScgbNy9DliP_ua6SDiyAdKRc4TBEcHBuIt-49n1Spw04Bs3QDA&sai=AMfl-YS_ufgo249Fk7cS1ObwoQ49fO_8BgkSTAV_kqqXF8OPno_9s7pY2ks93BYNPyL26LKNhos2KpxCJnK2v12nzLjDzqggrgzvIJkHUBVwDFENOte9vq9gmbsG8QZoJg&sig=Cg0ArKJSzKAF60puqvMlEAE&uach_m=[UACH]&adurl=
Frame ID: DC700FC6F94831227CEB71BE1ACF5C6C
Requests: 8 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.586.0_en_ca.html
Frame ID: 8700186FD3B71295E24E5E23587D0771
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E36BB520F60A384661743FC5CAEA8AED
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 2F8B3485A5E533939E0E6B944CD05420
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=o.canada.com
Frame ID: 469448E3CB8EF5F07A8439E86EEC6637
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 6375437FE26BFE2608A9B59AEADAA947
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 9C010468DDAACD6F713A796DC16E24A3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Frame ID: A7327C0B84D9433CF374D48A79924DFF
Requests: 14 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: AEC942445E9440B42AC628515369ADBB
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F5C127658DAD1025307749F9ECC58975
Requests: 3 HTTP requests in this frame

Frame: https://postmedia-d.openx.net/w/1.0/pd
Frame ID: EFA92C30AA1F6E6A7CC0D73AFBBC0EDE
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 89252047F1621D73B85D238D6FBE7378
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: B8DC62639E63121E3D48A24FF05C8A2F
Requests: 10 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 24C973AD279D33CCC89CB1419697ED13
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=BDDD0284-7D77-4D75-AA35-5AFC29B060FD&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 25424E1EE356BB675B7EDE6BA43A004D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=HXvSRk4uhRIGeNVGT32aEh5_jh0GfNVBGn_4V1N5
Frame ID: FD4384F16D0B394127E3A2C85C2F9707
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Canada.Com | Homepage | Canada.ComCanada.comUser

Page URL History Show full URLs

  1. http://canada.com/ HTTP 301
    https://canada.com/ HTTP 301
    https://o.canada.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

301
Requests

86 %
HTTPS

41 %
IPv6

61
Domains

114
Subdomains

96
IPs

11
Countries

4868 kB
Transfer

15017 kB
Size

71
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://canada.com/ HTTP 301
    https://canada.com/ HTTP 301
    https://o.canada.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 97
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=aff38324-df81-48fe-b6a3-9bb64e2ff7ed HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=aff38324-df81-48fe-b6a3-9bb64e2ff7ed&google_tc= HTTP 302
  • https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEOYwZRhIco9Rcm7eEB1mBvo&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=aff38324-df81-48fe-b6a3-9bb64e2ff7ed&google_cver=1
Request Chain 100
  • https://cdn.jwplayer.com/v2/media/in8brjDO/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/mLwT04rz-320.jpg
Request Chain 101
  • https://cdn.jwplayer.com/v2/media/1JFFCmvi/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/P2NvOM3m-320.jpg
Request Chain 102
  • https://cdn.jwplayer.com/v2/media/2YqFirQc/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/VGBsDEPA-320.jpg
Request Chain 103
  • https://cdn.jwplayer.com/v2/media/2ZgQ4wr5/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/015w1m6j-320.jpg
Request Chain 104
  • https://cdn.jwplayer.com/v2/media/WD70zvUe/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/fc0b63cd-320.jpg
Request Chain 105
  • https://cdn.jwplayer.com/v2/media/dgy0a0tE/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/eydridje-320.jpg
Request Chain 106
  • https://cdn.jwplayer.com/v2/media/D7PSvtFz/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/zvHgWLRh-320.jpg
Request Chain 107
  • https://cdn.jwplayer.com/v2/media/IHo156nV/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/040qeR7K-320.jpg
Request Chain 108
  • https://cdn.jwplayer.com/v2/media/sAysz8jT/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/ekjuh73x-320.jpg
Request Chain 109
  • https://cdn.jwplayer.com/v2/media/T3OySyMt/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/ppnD35KB-320.jpg
Request Chain 166
  • https://sb.scorecardresearch.com/c2/10276888/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 168
  • https://cdn.jwplayer.com/tracks/U2R67rvs.srt HTTP 301
  • https://assets-jpcust.jwpsrv.com/tracks/U2R67rvs.srt
Request Chain 170
  • https://cdn.jwplayer.com/strips/T3OySyMt-120.vtt HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/T3OySyMt-120.vtt
Request Chain 174
  • https://cdn.jwplayer.com/v2/media/T3OySyMt/poster.jpg?width=720 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/ppnD35KB-720.jpg
Request Chain 175
  • https://cdn.jwplayer.com/v2/media/T3OySyMt/poster.jpg?width=640 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/ppnD35KB-640.jpg
Request Chain 202
  • https://cdn.jwplayer.com/strips/T3OySyMt-120.jpg HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/T3OySyMt-120.jpg
Request Chain 237
  • https://cdn.jwplayer.com/v2/media/in8brjDO/poster.jpg?width=120 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/mLwT04rz-120.jpg
Request Chain 244
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=canada.com&sn=ChromeSyncframe&so=0&topUrl=o.canada.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=QwOAXHw2cEF1bVhDUmMybWs5Z25GWitUaHNhQ1VyRndSU0tPUmp1YzlFYW5zZlp2YVNXazF6ejJ5d0JUYWVmbU5nRFFNR2xnUjcvQXJhUnJJb3IxOFE4djd2S0xoOVZEU0dLejFiRVlUenhPMUJkcUNqc2lSOGpGZy9pUitzajlvR0VlelVFSzN1VlZjSkx2cHk0MFV4T0xRNEtNUkZKOFNkOHNRWWtNMmR3UkcrZWpPZTFicFFBVkRZWUtXSGcvOEV3eDhYd3FWcDMvczFNVWZHYTJyTVpLaXh6cm5PbmpsT3g1eWFUM0dPMFZZZ3FRWGtDZy9EQ051bnVISk1va1loU0oyalVrc1B0VnJxYzN6MjlkMG1JRC9wUT09fA&cppv=2
Request Chain 267
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 268
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 270
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=NEBZBMacTBuXImkDDD-KEg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=NEBZBMacTBuXImkDDD-KEg
Request Chain 271
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFKZAEBwVprQuRpTfQAd4pI&google_cver=1
Request Chain 272
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExVNTUzVzktQS0xODk= HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDpOmbq3kh9j9QpZe5Iw8dk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExVNTUzVzktQS0xODk=&google_push=
Request Chain 273
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLU553W9-A-189
Request Chain 274
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=TySnvccyQrOo_BqglIiQvw&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=TySnvccyQrOo_BqglIiQvw
Request Chain 275
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTk5OGM4ZDI2MjRmZGI3NjIxMjFmMzg3ODFjM2UzNmQ5NDZjNzQ5MQ
Request Chain 276
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/T-BBXqejsQbpM8qamYnF_Q?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-OISk2JVE2oKrJzk76KO3J_xdwzZkDanK3PC.3w--~A
Request Chain 277
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 278
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=BDDD0284-7D77-4D75-AA35-5AFC29B060FD&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=BDDD0284-7D77-4D75-AA35-5AFC29B060FD&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 279
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=HXvSRk4uhRIGeNVGT32aEh5_jh0GfNVBGn_4V1N5
Request Chain 280
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vd0ChH13TXWqNVr8KbBg_Q%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 282
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2167500763 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=BDDD0284-7D77-4D75-AA35-5AFC29B060FD
Request Chain 283
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=BDDD0284-7D77-4D75-AA35-5AFC29B060FD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MDgyNkJ2TG83eEdTcTZYVzRIZGpud3otdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=7062279365327152691&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 284
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkRERDAyODQtN0Q3Ny00RDc1LUFBMzUtNUFGQzI5QjA2MEZE&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 285
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEACBV5IOEnQf9Dn9xpbqi_s&google_cver=1
Request Chain 288
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7062279365327152691
Request Chain 293
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZOvqJr5nyMvyqeamOLOHJwAACJMAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFUKfyoODClRpYVixW_ZhdI&google_cver=1
Request Chain 294
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZOvqJr5nyMvyqeamOLOHJwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOn4NH0qA47Sa_i-j4VUamg&google_cver=1
Request Chain 295
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZOvqJr5nyMvyqeamOLOHJwAACJMAAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZOvqJr5nyMvyqeamOLOHJwAACJMAAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 297
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZOvqJgAL4ltHsABY HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZOvqJgAL4ltHsABY&_test=ZOvqJgAL4ltHsABY
Request Chain 298
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4376308914535916993

301 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
o.canada.com/
Redirect Chain
  • http://canada.com/
  • https://canada.com/
  • https://o.canada.com/
681 KB
110 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.249.109 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
109.249.111.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
4a621960be2e525d7f2ea31c774b8294f18e2cd4cc9abc2ae61ce6d73213c92f
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=180
content-encoding
gzip
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
content-type
text/html; charset=utf-8
date
Mon, 28 Aug 2023 00:28:15 GMT
expires
Mon, 28 Aug 2023 00:32:39 GMT
last-modified
Mon, 28 Aug 2023 00:27:45 GMT
permissions-policy
autoplay=(*), camera=(*), display-capture=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), microphone=(*), payment=(*)
referrer-policy
strict-origin-when-cross-origin
server
istio-envoy
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-dcs-cache-page
HIT
x-envoy-decorator-operation
pmd-nginx-proxy.nginx-proxy.svc.cluster.local:80/*
x-envoy-upstream-service-time
5
x-frame-options
SAMEORIGIN
x-pmd-backend
pmd-nginx-proxy-58cfb9ff56-jp2sm
x-pmd-cache
HIT

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 28 Aug 2023 00:28:15 GMT
location
https://o.canada.com/
IMG_2249-1.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/08/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/08/IMG_2249-1.jpg?quality=90&strip=all&w=466&type=webp&sig=5OOsIwq1PM6GcfQYlTJHXQ
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
1e49483abab8d63805dbed859f1689bf1cea49a4778b7a7a93bd53ee31b9a7c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sun, 27 Aug 2023 22:02:41 GMT
via
1.1 google
server
nginx/1.18.0
age
8735
etag
"b7637d1945367da1c4c1be908ed8d7ec7709129c"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-555wh
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66804
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2f6e4e4c4ae60b11b7d296ce54b227212ba7f492ec670d99bcf2bb87dd9e5dd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 28 Aug 2023 00:28:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 00:28:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 28 Aug 2023 00:28:15 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
08cd07907e956d147860431fdbcd4b941f8969ea29b53960ee623b57f9097937
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28853
x-xss-protection
0
server
cafe
etag
812 / 19597 / m202308220101 / config-hash: 7028521147000579048
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 00:28:15 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		248 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9e08da8f03bfc136e84f23144e1d9c6837ebed60f4c61b6c8cafc8215f77585

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 23:55:46 GMT
content-encoding
gzip
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront), 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
last-modified
Thu, 24 Aug 2023 18:15:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA2-C1
age
1950
x-amz-server-side-encryption
AES256
etag
W/"bfd42dc650471371e7b049251fcaca58"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
iD4oOVIp3QYDGq17vA4A0NgXQ-Ec8FLskJ5QTi2ry92zYTAmas85aA==
14648.js
micro.rubiconproject.com/prebid/dynamic/ 		2 MB
246 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://micro.rubiconproject.com/prebid/dynamic/14648.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed6c7ece81d6ef492104612259c7200d48e25630afd7feb8616ddc822d56f190

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:15 GMT
content-encoding
gzip
server
Apache
vary
accept-encoding, referer
edge-cache-tag
prod-prebid-14648_postmedia_pbjs.js
content-type
text/javascript
cache-control
public, must-revalidate, max-age=14400
content-length
251264
expires
Mon, 28 Aug 2023 18:01:39 GMT
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Fri, 25 Aug 2023 05:57:40 GMT
Content-Encoding
gzip
Via
1.1 32e3b86ae254a231182567c0124af892.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C2
Age
239436
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=604800
Connection
keep-alive
X-Amz-Cf-Id
67VgGVjMAXR2N8WhgXVzmPUab4fxhAiTuNu91yVdOA-xS9V22YcGDQ==
advertising.js
www.npttech.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:16 GMT
x-amz-version-id
AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
NPJT1Y44W04R0P6B
age
481
alt-svc
h3=":443"; ma=86400
x-amz-id-2
SzCbMg/JCOr3rWK+H9QVoqieScwBbTcvBdSh1QbRM5KK/L9Xu7s2bUtTmAHZMefu5egj+g7iA20=
last-modified
Tue, 18 Oct 2022 13:20:01 GMT
server
cloudflare
etag
W/"df0e1827cd8f289a645f38d8fecaf6e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4bT9XJCDr9VE3QAYWY2dvrSTuidzo9EKEC%2BW5Q431s%2F3BeZ0OiLSd7ylk0UKHetRrADzYU4miG81HY43VVozCxQ%2BNYTcvIRNPwDP%2F2Pa5p%2BnDmtw1D97lCKlisHg%2BwKuvrtJKPtVmgT1RjiE%2Bo4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
cf-ray
7fd86ee83a8430cc-FRA
spm.v1.min.js
ak.sail-horizon.com/spm/ 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-103.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c67d47496a8af1f4c99a350ababf131661cf111a02460c5e9f6d9539db481c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:20:38 GMT
content-encoding
gzip
via
1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified
Wed, 28 Jun 2023 16:11:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
459
x-amz-server-side-encryption
AES256
etag
W/"6f6b3838a24066fc24338c58c675bb27"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600; must-revalidate
x-amz-cf-id
ZFHHiQ4kye8BGpBeZj0W-HSQRfqvkvUVD3j9-6uoEIhrtH82R-8i_Q==
fem.js
fem.gprod.postmedia.digital/v86.1/ 		349 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v86.1/fem.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
61f3d837f4b48a92950f7f825ce2dccfd39a05627a034a942b00278c99cd74a6

Request headers

Referer
Origin
https://o.canada.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:08:45 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1692373772
age
548371
x-guploader-uploadid
ADPycdveiN3EE3k25w-bou6qtxFRlEvzN2TiiN34nc6RlmNBcXHyTVt1OlDmM_Da6SHYg-WvmrCMooDSPlec8XyNGqDG96Ue0k3R
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100695
last-modified
Fri, 18 Aug 2023 15:50:36 GMT
server
UploadServer
etag
W/"892f0a1d552d29d28fcb6b02f6aaaf0a"
vary
Accept-Encoding
x-goog-generation
1692373836354122
x-goog-hash
crc32c=i8U/ug==, md5=iS8KHVUtKdKPy2sC9qqvCg==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
357721
accept-ranges
none
content-type
application/javascript
Taylor-Quebec_278974458.filepart-scaled.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/Taylor-Quebec_278974458.filepart-scaled.jpg?quality=90&strip=all&w=150&type=webp&sig=xE9_Eq_SUKgF9JCr2x6ErA
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
742df88a3a7f6c09453d09b276dbc12458d1fd1a72715bb5310096fcb1d4e33a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Sun, 27 Aug 2023 14:49:30 GMT
via
1.1 google
server
nginx/1.18.0
age
34726
etag
"e18d3207c02e72a4178dc657be97c6ca96a7418d"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-mqzt7
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7476
COLETTE-scaled.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/07/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/07/COLETTE-scaled.jpg?quality=90&strip=all&w=150&type=webp&sig=DDpXIvw5JIox1wa7TeoXFw
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
3ba148b56c1e21c7f25a7b8fa923f18a272b200d9bfca943f242bd0205261cc7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sun, 27 Aug 2023 22:02:41 GMT
via
1.1 google
server
nginx/1.18.0
age
8735
etag
"8258f9affc0831afc94b9038169c27b28cece4f9"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-p45xz
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9278
0819-trav-taylor-England_278910439-scaled.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/0819-trav-taylor-England_278910439-scaled.jpg?quality=90&strip=all&w=150&type=webp&sig=-ZdEYLXvTN2kaIjH1YgLZQ
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
bda79d4caf64902833a3ffcf58c19e0628cddf57bee9ea11ac9ce74141cdcf32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Sun, 27 Aug 2023 22:02:41 GMT
via
1.1 google
server
nginx/1.18.0
age
8735
etag
"24e0063eda0e2a04a0797d98e4400d3bed40fb29"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-jfkrw
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8992
flair-2023-08-22.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/08/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/08/flair-2023-08-22.jpg?quality=90&strip=all&w=150&type=webp&sig=kVrO1pwRWWDOiHPLH8addg
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
2e0a25181e03e795fcd966a053a03210c7d735e1f438af2ea5111fd1d4609390

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sun, 27 Aug 2023 22:02:41 GMT
via
1.1 google
server
nginx/1.18.0
age
8735
etag
"a262f42ed54262917ffe62680d544cf4108c28fa"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-qz5bg
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8858
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://o.canada.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 04:06:52 GMT
x-content-type-options
nosniff
age
246084
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 24 Aug 2024 04:06:52 GMT
icon-generic-play.svg
dcs-static.gprod.postmedia.digital/14.2.3/websites/images/common-icon/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/14.2.3/websites/images/common-icon/icon-generic-play.svg
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2f28c008f0ce667d697ccc95a07377e8562c0c28dd910f864724a265f75671e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:10:35 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1692375133
age
548261
x-guploader-uploadid
ADPycdtlwWAZ6rMATBs3mXPbzAxvnGTBh8Q4sG5h34EO9ssdDw-Mb-k5BwkOYIg7L7rgnImt2bOg4Clb24Rd4FsYsiqhOQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
501
last-modified
Mon, 21 Aug 2023 15:53:12 GMT
server
UploadServer
etag
W/"34ef0f992f9fa3f5a172353b887ba82c"
vary
Accept-Encoding
x-goog-generation
1692633192637887
x-goog-hash
crc32c=+OS2xg==, md5=NO8PmS+fo/WhcjU7iHuoLA==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
1091
accept-ranges
none
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://o.canada.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 17:41:40 GMT
x-content-type-options
nosniff
age
456396
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15660
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:42:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Aug 2024 17:41:40 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://o.canada.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 13:37:19 GMT
x-content-type-options
nosniff
age
125457
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 13:37:19 GMT
truncated
/ 		256 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3fde76cacc186420d0405496f66f9cd00a7c14a38a9ffa4b626a09affe83cc2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
icon-fire.svg
dcs-static.gprod.postmedia.digital/14.2.3/websites/images/common-icon/ 		835 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/14.2.3/websites/images/common-icon/icon-fire.svg
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a345a18e5d3f6c07451cb14dd480bfad123f03663912b581265d617d4725fe9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:01:45 GMT
x-goog-meta-goog-reserved-file-mtime
1692375133
age
548791
x-guploader-uploadid
ADPycdtyxNuyOXO4hBNAwjKL_54gEuH9iIvgLcgE6IzPuYGbMDJM8Ppdi1aOIqnj3gV_3Pb8nUrnRkGvTZrgMIAAMFOnvg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
835
last-modified
Mon, 21 Aug 2023 15:53:12 GMT
server
UploadServer
etag
"9c6e99306a671d196d8945273b28bfe8"
x-goog-generation
1692633192575061
x-goog-hash
crc32c=0k5Zig==, md5=nG6ZMGpnHRltiUUnOyi/6A==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
835
accept-ranges
bytes
truncated
/ 		2 B
2 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
text/plain;charset=US-ASCII
truncated
/ 		2 B
2 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
text/plain;charset=US-ASCII
truncated
/ 		2 B
2 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
text/plain;charset=US-ASCII
newsletter-envelope.svg
dcs-static.gprod.postmedia.digital/14.2.3/websites/images/newsletters/logo/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/14.2.3/websites/images/newsletters/logo/newsletter-envelope.svg
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e592c023e395d520e95efed9c15d14c77d5c101e3ce6b5d71413384508b55d59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 21:52:20 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1692375134
age
9356
x-guploader-uploadid
ADPycdsXtEAUCo4ku3fKbBUTGNnRh9BkjDFGms9fU_ynf1upGca2Gjp7DDioGDBf47teS88Sv-fCLaDiESELtvGMI6oGmWNKdqu-
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
785
last-modified
Mon, 21 Aug 2023 15:53:18 GMT
server
UploadServer
etag
W/"dceb7ee8eaaaa05d55c1e22d2c5eab79"
vary
Accept-Encoding
x-goog-generation
1692633198227568
x-goog-hash
crc32c=58jl1w==, md5=3Ot+6OqqoF1VweItLF6reQ==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
2424
accept-ranges
none
LoginRadiusV2.js
auth.lrcontent.com/v2/js/ 		204 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.lrcontent.com/v2/js/LoginRadiusV2.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b724128d513fe8a2abe466b9eea06f1c4ec5899f4cf302a4d1963f463caa347
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:16 GMT
strict-transport-security
max-age= 63072000; includeSubdomains; preload
via
1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
gzip
age
1026
x-amz-cf-pop
FRA53-C1
cf-polished
origSize=1300481
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cf-bgj
minify
last-modified
Tue, 22 Aug 2023 07:10:53 GMT
server
cloudflare
etag
W/"3ba0ce20d834b755eccbe57cb0bd74f1"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
7fd86ee90f5b381b-FRA
x-amz-cf-id
70lcI7WMc45HGHr-T2cN9PxkwLlbBjG8JnJh5ya6Y19nvt-cFVCMhw==
expires
Mon, 28 Aug 2023 04:28:16 GMT
shared.4f9fe8179825.js
dcs-static.gprod.postmedia.digital/14.2.3/CACHE/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.2.3/CACHE/js/shared.4f9fe8179825.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
481c79997942dbcee31940dca9e49cdce8d3c9c621e681de8d655da726b99f09

Request headers

Referer
https://o.canada.com/
Origin
https://o.canada.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:01:00 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1692375132
age
548836
x-guploader-uploadid
ADPycdttCfGqToiwGC1Ap-IE2pNCpFeis4UUPNDFdP7EExrHZ7xyLeFaVE-TZlJvUqmKoZ0ldgVNZCpfYpDeyDO1TDMzeA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7543
last-modified
Mon, 21 Aug 2023 15:52:51 GMT
server
UploadServer
etag
W/"941319dc06b51b606a601c341f49856f"
vary
Accept-Encoding
x-goog-generation
1692633171416443
x-goog-hash
crc32c=ZYYy4A==, md5=lBMZ3Aa1G2BqYBw0H0mFbw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
20803
accept-ranges
none
content-type
application/javascript
main.654de8cc07dd.js
dcs-static.gprod.postmedia.digital/14.2.3/CACHE/js/ 		91 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.2.3/CACHE/js/main.654de8cc07dd.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
654de8cc07ddd5d9ba26a5ce2c732788204fef23265d43908c88927bf55fbd2d

Request headers

Referer
https://o.canada.com/
Origin
https://o.canada.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:01:00 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1692375132
age
548836
x-guploader-uploadid
ADPycdsbDAmUI6e9eFZf7L5QU2alZj1yK8fzyPT9QyC5f_unPd6V8RY4sHZSz7TED0S6byKzlb95frQsnfxY_dO9sWYX0Q
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31786
last-modified
Mon, 21 Aug 2023 15:52:51 GMT
server
UploadServer
etag
W/"514e046a6204e8d39932dc8bcd9b3292"
vary
Accept-Encoding
x-goog-generation
1692633171539137
x-goog-hash
crc32c=8uVjRg==, md5=UU4EamIE6NOZMtyLzZsykg==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
93657
accept-ranges
none
content-type
application/javascript
23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/ 		469 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v86.1/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d921dc8a1f94be3bdd51539f9c173060059f36f7d3b20a52874ac79f6b95ef20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:16 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
23dc09d6-b664-425a-a76e-0eed6a6cc102
age
0
x-guploader-uploadid
ADPycdtklq_mzrF7sXI_uktELRnBy6gR5T8sXgE6-Gm9ztKuDhIC-cRksKKpSbdSNEwJzECs2L06g-xL83bqXJU32zoWvg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
last-modified
Thu, 24 Aug 2023 19:33:16 GMT
server
cloudflare
etag
W/"af6193d90af9ce46ce332de32867b363"
vary
Accept-Encoding
x-goog-generation
1692905596010452
content-type
application/javascript
x-goog-hash
crc32c=fynhSw==, md5=r2GT2Qr5zkbOMy3jKGezYw==
cache-control
public, max-age=900
x-goog-stored-content-length
139029
timing-allow-origin
*
cf-ray
7fd86ee9f9cb3648-FRA
expires
Mon, 28 Aug 2023 00:43:16 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/ 		403 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8165d8e2771d30c1a2baf2e6ebb58ce49c3b9dc575676b6f1aa7afeb2e5efe86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 11:37:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
46251
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129871
x-xss-protection
0
server
cafe
etag
10423821264569162327
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 26 Aug 2024 11:37:25 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		353 B
706 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3528&u=https%3A%2F%2Fo.canada.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
Server /
Resource Hash
d00b4c8953cdf25f549728ad667759e6f7650b5bf6146ecd3ec7c087bd3265b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:20:12 GMT
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
age
483
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://o.canada.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
353
x-amz-cf-id
vXLWdwClZoHhUjI5-Yadf1IZar8t8XMVwC1E8tQT6p1goxfqAoTubQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id
rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding
gzip
via
1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
date
Sun, 27 Aug 2023 03:06:45 GMT
x-amz-cf-pop
FRA2-C1
age
76892
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 24 Jun 2023 09:19:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
X5t9d7ZAEfcZ2WW7ko2YeSHPo38FAlKP9Aeqyl0GhzjimkPpgNaSKA==
14648-pbjs-floors.json
ads.rubiconproject.com/floors/ 		64 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/floors/14648-pbjs-floors.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
761c1399a0b17b478dd4d3b7c1710fab0e7c0c8f998bed8a394b300df0532a97

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 28 Aug 2023 00:28:16 GMT
content-encoding
gzip
last-modified
Sun, 27 Aug 2023 23:40:44 GMT
server
Apache
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1500
access-control-allow-credentials
true
accept-ranges
bytes
content-length
5562
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230828
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
386ba8ededf5020b87f503588fb602cdbdb341a9e9c8578d2545ee32e43449e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 28 Aug 2023 00:28:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
30448
x-jsd-version
1.0.1795
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-jnb7027-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"63d-k1LnK3vqM6NF+KsCK5qa+/uZVa0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WoKUIu0koaMGZbOPAhqIxT1WCxNrRJ%2FNNyXhku28GwPASGpGHq48dtM1mH2JPE7OeU2iUjvzrpKuuEB5QF%2FQIvhz5a4TJF4GvQlDAHRvSE6bSdDW7SGdaUtLZ67dpIkPlF3uRJzGs3GzKk%2Fwp4M%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7fd86eeaaf8091e4-FRA
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:16 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Mon, 28 Aug 2023 00:43:16 GMT
xd.html
fem.gprod.postmedia.digital/v86.1/ Frame 2D04 		165 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v86.1/xd.html
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v86.1/fem.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9153b2b7ef893e42642147755ff6ea0929bfc78c1ef15235fcdd504899e36c72

Request headers

Referer
https://o.canada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
548373
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=31622400
content-length
165
content-type
text/html
date
Mon, 21 Aug 2023 16:08:43 GMT
etag
"0ef4b719e7353f5636f33f82994428ee"
last-modified
Fri, 18 Aug 2023 15:50:37 GMT
server
UploadServer
x-cache-hit
hit
x-goog-generation
1692373837412122
x-goog-hash
crc32c=52XdFA== md5=DvS3Gec1P1Y28z+CmUQo7g==
x-goog-meta-goog-reserved-file-mtime
1692373772
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
165
x-guploader-uploadid
ADPycdtPPCrzzKagkGXJ8aM1nb7KDoL-cOwM42EpFyVldzESJIHpguBGX7c09Akbt2Z4rPES2nwZ9tdmRpee9u68za8m1g
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
22357
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TQxOwnpjWmpNVrn6CRF5L3FR%2F3e5nMlBzxzPUPcVymiBPSTu83g5gLA7VM%2FqKU8oxV64UQt478In9UyZK%2FOBjMxIFEXFYCaT37sVpCrbrbKN6QaK7Ty0dkIZXYxacoDglaSserluM0NeeKVjB84%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7fd86eeb5f88363b-FRA
pub
pixel.adsafeprotected.com/services/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=928934&slot=%7Bid:ad-1,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-2,ss:%5B6.6,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-native-1,ss:%5B5.5%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-3,ss:%5B7.7,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-native-2,ss:%5B5.5%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-4,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-native-3,ss:%5B5.5%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-5,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-native-4,ss:%5B5.5%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-6,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-native-5,ss:%5B5.5%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-7,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-native-6,ss:%5B5.5%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-8,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-native-7,ss:%5B5.5%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-9,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-native-8,ss:%5B5.5%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-10,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-native-9,ss:%5B5.5%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-11,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-native-10,ss:%5B5.5%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-12,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=f68871ca-6391-b379-7673-e908cee920b8&url=https%253A%252F%252Fo.canada.com%252F
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.99.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-99-188.compute-1.amazonaws.com
Software
nginx /
Resource Hash
7a85f9643932d18198e07eb9e6492e435ee7d670e04579c53ced6ceb9be8e292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:16 GMT
server
nginx
x-server-name
app21.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://o.canada.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
bid
aax.amazon-adsystem.com/e/dtb/ 		64 B
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3528&u=https%3A%2F%2Fo.canada.com%2F&pid=4FNoIoiZjUzH8&cb=0&ws=1600x1200&v=23.821.1806&t=2000&slots=%5B%7B%22sd%22%3A%22ad-1%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-2%22%2C%22s%22%3A%5B%226x6%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-1%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-3%22%2C%22s%22%3A%5B%227x7%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-2%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-4%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-3%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-5%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-4%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-6%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-5%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-7%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-6%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-8%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-7%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-9%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-8%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-10%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-9%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-11%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-10%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-12%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.9.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-9-235.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:16 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
KMEX63GCX5MEHJYQ8GSX
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
406Nodut2VhWLEzCO0KeCHeeDcA6I0eb-zipSJddCftWp3ejqB7h2w==
Olsen-BVI_278307992.filepart-scaled.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/Olsen-BVI_278307992.filepart-scaled.jpg?quality=90&strip=all&w=344&type=webp&sig=-aCsGERztdQc9l1TwNhSig
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
fa0a07b7a6dfe5697a98aa8bf6eb24c292c39930113d405922f4923984d40ed4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Sun, 27 Aug 2023 22:02:42 GMT
via
1.1 google
server
nginx/1.18.0
age
8734
etag
"7ede2e0397465cbcfc2833852bd632953a4df1cc"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-jfkrw
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29372
Mallen-Milan-Como-3-scaled.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/Mallen-Milan-Como-3-scaled.jpg?quality=90&strip=all&w=344&type=webp&sig=OUvfUmnC6CcKACqukUskZA
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
6c99fab08a44054245da15841452c59189f0a4e1af90201aa6b297b0b1de62e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Sun, 27 Aug 2023 22:02:42 GMT
via
1.1 google
server
nginx/1.18.0
age
8734
etag
"e2d798c1b5f10d16ae6dd09554f5cf4e979c7355"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-qz5bg
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24254
PEI-story_278482031-scaled.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/PEI-story_278482031-scaled.jpg?quality=90&strip=all&w=344&type=webp&sig=qlqwIBJoABgfbiTs411xMA
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
919fa76fb3097aa7d523eafe00c99b0239e2464ee662f6c070aa22f710f3071f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Sun, 27 Aug 2023 22:02:42 GMT
via
1.1 google
server
nginx/1.18.0
age
8734
etag
"3cb3fb75392a1d80a4ce11b11403b3729480be7d"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-555wh
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31374
viking-lighthouse.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/viking-lighthouse.jpg?quality=90&strip=all&w=344&type=webp&sig=H8FVRdGCIsP_xf_zRDs-ew
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
10910cf8b30d9606ad8a61c9641993e27a48f336efad06966d7dfcf8baa184c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Sun, 27 Aug 2023 22:02:42 GMT
via
1.1 google
server
nginx/1.18.0
age
8734
etag
"d7ad838c5b0b84fd4df987c6d62a901e223b2b63"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-zs2wt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25350
MacNaull-Scotland_278205894.filepart.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/07/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/07/MacNaull-Scotland_278205894.filepart.jpg?quality=90&strip=all&w=344&type=webp&sig=l3wcI1Lc7h4HFFOP1tFzmg
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
74901fba41a616a70d845392a0b9f106bcffce1de4f0957a9f4ed6cc65444a70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Sun, 27 Aug 2023 22:02:42 GMT
via
1.1 google
server
nginx/1.18.0
age
8734
etag
"867588382dcbdb9686cda658c0e33259160ce309"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-qz5bg
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38610
ontario-provincial-police-alerts.jpg
smartcdn.gprod.postmedia.digital/ottawacitizen/wp-content/uploads/2023/02/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/ottawacitizen/wp-content/uploads/2023/02/ontario-provincial-police-alerts.jpg?quality=90&strip=all&w=344&type=webp&sig=OHbZCXTCGi0a5nJBDG0_BA
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
04b9cb5ed4d889d84f6a5223bc4ec932d53f3d32c9534a3d89cb732861f1b198

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-pmd-smartcdn-requester
ottawacitizen
date
Mon, 28 Aug 2023 00:28:16 GMT
via
1.1 google
server
nginx/1.18.0
etag
"aa5997bad838ecb15078cd5650b2ec498980c1df"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-vlpfx
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13560
0819-trav-taylor-England_278910439-scaled.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/0819-trav-taylor-England_278910439-scaled.jpg?quality=90&strip=all&w=344&type=webp&sig=RUCi1RYX8kRnJxEJJMFhLA
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
eb39b652e5e9d7434f396cddc25eb3a444281af88f43d6be3f96f26e196d7771

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Mon, 28 Aug 2023 00:27:50 GMT
via
1.1 google
server
nginx/1.18.0
age
27
etag
"1eeedf0aa3c138120d8ac99b52b9c6d85074af34"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-vlpfx
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41588
ws20230828kk23-wp.jpg
smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2023/08/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2023/08/ws20230828kk23-wp.jpg?quality=90&strip=all&w=344&type=webp&sig=SDhm6tWzlrJZHu_jIo8k0w
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
261b28ac104a26d0af0a3338ba54cc1ae1bb79df343c5e2ea98ffa695aa13964

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-pmd-smartcdn-requester
winnipegsun
date
Mon, 28 Aug 2023 00:13:09 GMT
via
1.1 google
server
nginx/1.18.0
age
907
etag
"76dc3ada55d0c9d72ca33f9f0de97ce6a5f09b89"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-mqzt7
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14846
GettyImages-1327107348-1.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/GettyImages-1327107348-1.jpg?quality=90&strip=all&w=344&type=webp&sig=1qfE-6cvD6Qr5J-TJ1n8ng
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
c2fd0807a620ec304e3bc451f1a8fc0e106b0449a40d4b45e89493c5b5be26c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Sun, 27 Aug 2023 16:43:29 GMT
via
1.1 google
server
nginx/1.18.0
age
27887
etag
"582a674b5871a716053eb83683be054ffe3aaa44"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-zwws7
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12906
florida-shooting-2023-08-27.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/08/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/08/florida-shooting-2023-08-27.jpg?quality=90&strip=all&w=344&type=webp&sig=mFY2McvSzkD5O-jLpCauKA
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
eea87d0c42dca92493e0808440fd590380766ebd7299aa5a5b30707dfc9ff2e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 28 Aug 2023 00:13:09 GMT
via
1.1 google
server
nginx/1.18.0
age
907
etag
"69bc946762c732cf43e0720971282a0f1fe5a4f8"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-h4ffd
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27750
GettyImages-1194844072-e1692906678806.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/08/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/08/GettyImages-1194844072-e1692906678806.jpg?quality=90&strip=all&w=344&type=webp&sig=WkXD-CrbUiddfrPbkARCuA
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
ea8d63997f0981eb88a7fc3a1ef67c6256588a33b49bdfc3abfe57ac8c87ad37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sun, 27 Aug 2023 17:03:39 GMT
via
1.1 google
server
nginx/1.18.0
age
26677
etag
"6224de14da0fea7cc6850be01fea79ee50e0a700"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-kjspz
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23778
Screen-Shot-2023-08-18-at-10.07.45-AM-e1692908286100.png
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/08/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/08/Screen-Shot-2023-08-18-at-10.07.45-AM-e1692908286100.png?quality=90&strip=all&w=344&type=webp&sig=8Lvmg7BIj-qVVRyuF5nLKw
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
288b9a4684c881cf9fe41d6b74c23f2db03660e82abe8c1a37de21c43eeefbf2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sun, 27 Aug 2023 17:25:49 GMT
via
1.1 google
server
nginx/1.18.0
age
25347
etag
"b67f1235be3f630120bdaaa54e9634c91b9993c1"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-555wh
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27440
GettyImages-1399332735-scaled-e1692884090151.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/08/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/08/GettyImages-1399332735-scaled-e1692884090151.jpg?quality=90&strip=all&w=344&type=webp&sig=l6FBTJCHEwqn_IArtrO3hQ
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
bf241b4786e6e6123c0f4c02b632d0d37e13f2af9357980bbe175235b13e234b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sun, 27 Aug 2023 13:13:03 GMT
via
1.1 google
server
nginx/1.18.0
age
40513
etag
"350d2e0532d42efabe36dd212200f2ad36e87b2f"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-vlpfx
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9758
Lohnes-col_279047110.filepart-scaled.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/Lohnes-col_279047110.filepart-scaled.jpg?quality=90&strip=all&w=344&type=webp&sig=G7w8M_qy9a1TlFSGeBURew
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
e0a2b797e099b99228a405532701f02d29f54fc4c4da1b7d3a43100e10af7a71

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Sat, 26 Aug 2023 13:36:31 GMT
via
1.1 google
server
nginx/1.18.0
age
125505
etag
"bcbc0f569f5547c6db25e818a60ae40bd188d88c"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-jfkrw
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8338
spain-soccer-e1692642205192.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/spain-soccer-e1692642205192.jpg?quality=90&strip=all&w=344&type=webp&sig=VfOsb2CIPGuVhUbkcoeLNw
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
6bdfb926e9f1c888d3433c31ee430569f9a910ae326a588993f3f444c62954d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Fri, 25 Aug 2023 13:25:17 GMT
via
1.1 google
server
nginx/1.18.0
age
212579
etag
"34bae51b55f5046a3a83527771ed915165f52276"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-vwv95
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22336
1d3e77d39b2a32b091a13.js
dcs-static.gprod.postmedia.digital/14.2.3/websites/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.2.3/websites/js/1d3e77d39b2a32b091a13.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.2.3/CACHE/js/shared.4f9fe8179825.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
502b0f55241e21c08f0f1a7186d9c3a6432ce1b098181d0dc78fdeac1660f14b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 15:59:39 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1692375133
age
548917
x-guploader-uploadid
ADPycdsFOI2YB-Rld0Bk2U3PAvnx2TSYCumnczU-Cs8byxc6__eQl1uY7g8DNf2s7UznmIo42Ga6d7P5_WQfM4KHI9l8kA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3681
last-modified
Mon, 21 Aug 2023 15:53:20 GMT
server
UploadServer
etag
W/"070f7de3c194e62009caf0f5b6e5882b"
vary
Accept-Encoding
x-goog-generation
1692633200583709
x-goog-hash
crc32c=PIiu6Q==, md5=Bw9948GU5iAJyvD1tuWIKw==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
11571
accept-ranges
none
8ae633f3387ab3d9f89616.js
dcs-static.gprod.postmedia.digital/14.2.3/websites/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.2.3/websites/js/8ae633f3387ab3d9f89616.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.2.3/CACHE/js/shared.4f9fe8179825.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6029effcb1fb7327b832ce827a84f8ebe8c7a2154cb43f4186e5ea2bd6f9f49f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 15:59:39 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1692375132
age
548917
x-guploader-uploadid
ADPycdsWmQWdHvAYETCPJfynFIqbGzptP0a75gCmlP5G3W2fMKObgPRKS31n2Y1oOJ-UT0ICSioRsDp7iJWsIbuTsTkx3A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4424
last-modified
Mon, 21 Aug 2023 15:53:22 GMT
server
UploadServer
etag
W/"8c886839348e84eeb16a0f142757b307"
vary
Accept-Encoding
x-goog-generation
1692633202135939
x-goog-hash
crc32c=Jbp6BQ==, md5=jIhoOTSOhO6xag8UJ1ezBw==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
13988
accept-ranges
none
7380f428297495c9787e0.js
dcs-static.gprod.postmedia.digital/14.2.3/websites/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.2.3/websites/js/7380f428297495c9787e0.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.2.3/CACHE/js/shared.4f9fe8179825.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8d3d191d44b6a042adb3ac86d403f8eaa0f7d28056ce74fb3ec3bc65aff5178f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 15:59:39 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1692375132
age
548917
x-guploader-uploadid
ADPycdta4Ou39GOdQw-WHhHh-770uKJqyiiUaqryQeoYYWLwP-mOCLxBfM7BPzG_rRum5NlnTCiXjSNdBWyHBBAqfmU96A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2823
last-modified
Mon, 21 Aug 2023 15:53:21 GMT
server
UploadServer
etag
W/"16a345a6eb36c4391df09d45582d99e7"
vary
Accept-Encoding
x-goog-generation
1692633201977532
x-goog-hash
crc32c=eCv7Ug==, md5=FqNFpus2xDkd8J1FWC2Z5w==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
6981
accept-ranges
none
5fb1976773a81cc59beb2.js
dcs-static.gprod.postmedia.digital/14.2.3/websites/js/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.2.3/websites/js/5fb1976773a81cc59beb2.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.2.3/CACHE/js/shared.4f9fe8179825.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e9da190b5c284cad20ffdeb57a7a49fa0295eed41f669f7c4ae163822f5993ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 15:59:39 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1692375132
age
548917
x-guploader-uploadid
ADPycdsI82xqpC3e3CToenHhNf2oMK8d8hdQAIGZPA_TLdRFtpWNBfN5xvh392CCGdCXu73OXok8stJ4Mvcl-M3XtAhLKw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10781
last-modified
Mon, 21 Aug 2023 15:53:21 GMT
server
UploadServer
etag
W/"1f06a890d7e0027a7ad9212b68480a76"
vary
Accept-Encoding
x-goog-generation
1692633201840954
x-goog-hash
crc32c=BO324A==, md5=HwaokNfgAnp62SEraEgKdg==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
35166
accept-ranges
none
8ec12e4bc2b983601bbd5.js
dcs-static.gprod.postmedia.digital/14.2.3/websites/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.2.3/websites/js/8ec12e4bc2b983601bbd5.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.2.3/CACHE/js/shared.4f9fe8179825.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7020ef6ad6c7b239d8e02fd328298a8faacc4552d305520baa990ed13ca6c157

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:09:02 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1692375133
age
548354
x-guploader-uploadid
ADPycdtfl1coHSk8T_IJcUlWW3Eoy-T3P7F-eXiwEFVqFQM7_Ge2ajo4W4T-zN_ir8kw8v2yz1Cml0oHZkffu8q5sAjBGw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3065
last-modified
Mon, 21 Aug 2023 15:53:22 GMT
server
UploadServer
etag
W/"cb7189085b1ddf831b03452e62a54614"
vary
Accept-Encoding
x-goog-generation
1692633202154678
x-goog-hash
crc32c=zyiMyg==, md5=y3GJCFsd34MbA0UuYqVGFA==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
8946
accept-ranges
none
bbb758441b05902e5fe547.js
dcs-static.gprod.postmedia.digital/14.2.3/websites/js/ 		224 B
253 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.2.3/websites/js/bbb758441b05902e5fe547.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.2.3/CACHE/js/shared.4f9fe8179825.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1d776ce917561decdc8d2200cbb2834d5b04c641e8d434c78a366d8d24b24fa2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:09:02 GMT
x-goog-meta-goog-reserved-file-mtime
1692375132
age
548354
x-guploader-uploadid
ADPycdu2a4g59P6PSecHXnyN0z6F2qNMkOaeUiJgs80dGQnMpfIwIqybmzS-1EaUDGvQfKVrmf99zf9l_kuY5ILC-9Li7A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
224
last-modified
Mon, 21 Aug 2023 15:53:22 GMT
server
UploadServer
etag
"e5daf8b909f6b99a1ce54762dfa24167"
x-goog-generation
1692633202601731
x-goog-hash
crc32c=Q4ECfQ==, md5=5dr4uQn2uZoc5Udi36JBZw==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
224
accept-ranges
bytes
48ddaafdb7872686feb227.js
dcs-static.gprod.postmedia.digital/14.2.3/websites/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.2.3/websites/js/48ddaafdb7872686feb227.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.2.3/CACHE/js/shared.4f9fe8179825.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e50644da55ca1b330faf6d2c182211d3177f6f7683f616e76093e4014ef922c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:09:02 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1692375132
age
548354
x-guploader-uploadid
ADPycduukLUXmV9pFa6ePtLLjvcfMEx6OCfW-p49LZFTK38MBPiHMuzHy8v3z6c-2pTogD3RgRB6jJ8KeESY8k3Ct2ycBw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3640
last-modified
Mon, 21 Aug 2023 15:53:21 GMT
server
UploadServer
etag
W/"a6adcf72df29e8486737d738580a2d81"
vary
Accept-Encoding
x-goog-generation
1692633201548324
x-goog-hash
crc32c=7ZkKOA==, md5=pq3Pct8p6EhnN9c4WAotgQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
11357
accept-ranges
none
89c990664a3c5e637fda35.js
dcs-static.gprod.postmedia.digital/14.2.3/websites/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.2.3/websites/js/89c990664a3c5e637fda35.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.2.3/CACHE/js/shared.4f9fe8179825.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
057195b80c1594769bccb5bbb495f6b011b0fa6b0a39f12194248ef9dc15420a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 15:59:39 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1692375133
age
548917
x-guploader-uploadid
ADPycdsUWTnme5Fk0vvLyFUcvlBmeOAPH6LMj6L-Tz0clZBe49p5kWvmwDkddbY3TF-rX411V4FkJiZIMp3vZwWaEPFpbg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1071
last-modified
Mon, 21 Aug 2023 15:53:22 GMT
server
UploadServer
etag
W/"d02f8c5e62b55a0b33441e24cf495155"
vary
Accept-Encoding
x-goog-generation
1692633202108018
x-goog-hash
crc32c=/bKBxw==, md5=0C+MXmK1WgszRB4kz0lRVQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
2461
accept-ranges
none
f9cec2b97df62355381f37.js
dcs-static.gprod.postmedia.digital/14.2.3/websites/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.2.3/websites/js/f9cec2b97df62355381f37.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.2.3/CACHE/js/shared.4f9fe8179825.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
df6616dc0689e17d4e1031808380fe1fbf8c924231da0708837d0a46bfb0527a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:09:02 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1692375133
age
548354
x-guploader-uploadid
ADPycdulLiZE1l9W8yZN1n1ZB5GN5JRShyxS1QTSyIz5S4JObNWZpbdMrbOUZjvnaroB0YGewNvA1mMb1yuScgXiFGFxmw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2914
last-modified
Mon, 21 Aug 2023 15:53:22 GMT
server
UploadServer
etag
W/"f3b5ffd2a9ff10f8fec56bd2c6f9ec1d"
vary
Accept-Encoding
x-goog-generation
1692633202873520
x-goog-hash
crc32c=gukmdQ==, md5=87X/0qn/EPj+xWvSxvnsHQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
9812
accept-ranges
none
xd.js
fem.gprod.postmedia.digital/v86.1/ Frame 2D04 		51 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v86.1/xd.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v86.1/xd.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f559f34f0551022110227bd1722031db81bc461827d3589a157947e8a4450045

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fem.gprod.postmedia.digital/v86.1/xd.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:08:44 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1692373772
age
548372
x-guploader-uploadid
ADPycdvxQEfDXggn8ocwj-RctR_SdpFCYEvAc4rKKFTrUznvpiDsYULTTJ7wWXQDfiDiM1do0ijfWmjyrhIizrRlqX2JvA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17094
last-modified
Fri, 18 Aug 2023 15:50:37 GMT
server
UploadServer
etag
W/"b327a85c4dfdf1c6d91af3f6b50cec1c"
vary
Accept-Encoding
x-goog-generation
1692373837479309
x-goog-hash
crc32c=CDUQeQ==, md5=syeoXE398cbZGvP2tQzsHA==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
51876
accept-ranges
none
db937de5f271191df6744.js
dcs-static.gprod.postmedia.digital/14.2.3/websites/js/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.2.3/websites/js/db937de5f271191df6744.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.2.3/CACHE/js/shared.4f9fe8179825.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
07af69012c290d3655c6c0e638f4ac4e504d55363dff7eb7a1319615336c9fd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 15:59:39 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1692375133
age
548917
x-guploader-uploadid
ADPycdtE4D7ip33DOG1TI__q_XhYA0elg8xqS8QpMLUm4FZCr-E69ksyJW3QDTJVfSUhWW-JmR4mQGsU75Qs_9onO4IJxQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4393
last-modified
Mon, 21 Aug 2023 15:53:22 GMT
server
UploadServer
etag
W/"3bfbd59f97296aaf58442bbdf53f71d3"
vary
Accept-Encoding
x-goog-generation
1692633202725127
x-goog-hash
crc32c=TWNiDw==, md5=O/vVn5cpaq9YRCu99T9x0w==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
15526
accept-ranges
none
4e8720b61d861864435e36.js
dcs-static.gprod.postmedia.digital/14.2.3/websites/js/ 		224 B
264 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.2.3/websites/js/4e8720b61d861864435e36.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.2.3/CACHE/js/shared.4f9fe8179825.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
da9b18821986663ec3e5f926699020bfcd9ca73aec75fbed9006866022808e8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 15:59:39 GMT
x-goog-meta-goog-reserved-file-mtime
1692375132
age
548917
x-guploader-uploadid
ADPycdvjp2OKNBlIfdIAHTHMs-TOv7EXeYPnvAkbixEAlOocLd21Hnk-gvn_i_JT3WkhciPaxljkOYFh99e92wNeJ0gLDg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
224
last-modified
Mon, 21 Aug 2023 15:53:21 GMT
server
UploadServer
etag
"087008fa497bb67bcdf1a4c150537516"
x-goog-generation
1692633201686188
x-goog-hash
crc32c=UBw1Fg==, md5=CHAI+kl7tnvN8aTBUFN1Fg==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
224
accept-ranges
bytes
a3ec7ed2dfcc00ca264c23.js
dcs-static.gprod.postmedia.digital/14.2.3/websites/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.2.3/websites/js/a3ec7ed2dfcc00ca264c23.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.2.3/CACHE/js/shared.4f9fe8179825.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ce559c0f43ec2a0dc664159bd06a2ac3bd3e5fdde0958a7db9418a80b1c4cf09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 15:59:39 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1692375132
age
548917
x-guploader-uploadid
ADPycdvEfsJSWpqMvs78gOTXj-eJal-_6rZsuZEAfzsYWDK6jwKRzzRdLzkfJWCeO8KYGOQiytz9UbEgFRErVFtPnHxAOg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2088
last-modified
Mon, 21 Aug 2023 15:53:22 GMT
server
UploadServer
etag
W/"a382b48ee1cf980223c8003d301c2f39"
vary
Accept-Encoding
x-goog-generation
1692633202357304
x-goog-hash
crc32c=TYe94Q==, md5=o4K0juHPmAIjyAA9MBwvOQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
6047
accept-ranges
none
pxid
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/ 		46 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/pxid?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
0bda12ec46f9b68e7d87808dbf65ee8b1860ce9087d37edbe34cd96d423f89da

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 28 Aug 2023 00:28:16 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64
getuidj
ib.adnxs.com/ 		11 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:16 GMT
an-x-request-uuid
b4564299-57d9-4ba8-9fb5-6d67c8e2f5e8
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://o.canada.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.100; 80.255.7.100; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
3aef890f-1998-4acc-a30d-0281d1e0bedf
https://o.canada.com/ 		181 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://o.canada.com/3aef890f-1998-4acc-a30d-0281d1e0bedf
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35d949ba6290f5fead3462ae0321e2dcf8277c5a3c27ae99be1405004f0e1f15

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length
185507
Content-Type
7bedb473-c36e-446d-a8a8-a542c4361d8f
https://o.canada.com/ 		181 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://o.canada.com/7bedb473-c36e-446d-a8a8-a542c4361d8f
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35d949ba6290f5fead3462ae0321e2dcf8277c5a3c27ae99be1405004f0e1f15

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length
185507
Content-Type
fastlane.json
fastlane.rubiconproject.com/a/api/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14648&site_id=359816&zone_id=2596708&size_id=15&alt_size_ids=2%2C55%2C57&eid_pubcid.org=509dbc43-b621-4548-829d-75f88e76d468%5E1&rf=https%3A%2F%2Fo.canada.com%2F&tg_i.domain=o.canada.com&tg_i.page=https%3A%2F%2Fo.canada.com%2F&tg_i.aupname=%2F3081%2Fccn.com%2Findex&tg_i.pbadslot=%2F3081%2Fccn.com%2Findex%23ad-1%3B%2F3081%2Fccn.com%2Findex%23ad-2%3B%2F3081%2Fccn.com%2Findex%23ad-3%3B%2F3081%2Fccn.com%2Findex%23ad-4%3B%2F3081%2Fccn.com%2Findex%23ad-5%3B%2F3081%2Fccn.com%2Findex%23ad-6%3B%2F3081%2Fccn.com%2Findex%23ad-7%3B%2F3081%2Fccn.com%2Findex%23ad-8%3B%2F3081%2Fccn.com%2Findex%23ad-9%3B%2F3081%2Fccn.com%2Findex%23ad-10&tk_flint=dmpbjs_v7.54.0&x_source.tid=23706b43-d3d3-49f1-b0a1-88cedb3cda2d%3B4a138057-b5ae-4e29-ac72-fe79ad26e34d%3Bfd445642-fd58-45bd-958e-f1a7f93c0f37%3Bf0625c67-c879-4fdb-9f9d-a2d96e251da5%3B4216f99c-ec88-403c-9b99-614585e9e59b%3B71bf5fee-ef03-4fde-85fd-c44307f413c4%3B31030bc5-09d5-4ec1-8cc9-4e81c447ef64%3Bca3daf34-3333-45c3-8fac-08a57ed531a3%3Bc01c54c7-69e5-4d29-99ae-dba866b90461%3B7b9dc870-fd2e-4682-9676-b98a4f544dd7&l_pb_bid_id=24063a521be41%3B3402a8e4d69c0b%3B42e6aec5c478e%3B5c865214c4ae8e%3B6e024e00c56bc5%3B7b4a7f539cc40c%3B8aa4b29fd902d4%3B93b4ca64b40eba%3B10afe03e7dcff28%3B117fdd4bd6e3333&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=23706b43-d3d3-49f1-b0a1-88cedb3cda2d%3B4a138057-b5ae-4e29-ac72-fe79ad26e34d%3Bfd445642-fd58-45bd-958e-f1a7f93c0f37%3Bf0625c67-c879-4fdb-9f9d-a2d96e251da5%3B4216f99c-ec88-403c-9b99-614585e9e59b%3B71bf5fee-ef03-4fde-85fd-c44307f413c4%3B31030bc5-09d5-4ec1-8cc9-4e81c447ef64%3Bca3daf34-3333-45c3-8fac-08a57ed531a3%3Bc01c54c7-69e5-4d29-99ae-dba866b90461%3B7b9dc870-fd2e-4682-9676-b98a4f544dd7&rp_maxbids=1&p_gpid=%2F3081%2Fccn.com%2Findex%23ad-1%3B%2F3081%2Fccn.com%2Findex%23ad-2%3B%2F3081%2Fccn.com%2Findex%23ad-3%3B%2F3081%2Fccn.com%2Findex%23ad-4%3B%2F3081%2Fccn.com%2Findex%23ad-5%3B%2F3081%2Fccn.com%2Findex%23ad-6%3B%2F3081%2Fccn.com%2Findex%23ad-7%3B%2F3081%2Fccn.com%2Findex%23ad-8%3B%2F3081%2Fccn.com%2Findex%23ad-9%3B%2F3081%2Fccn.com%2Findex%23ad-10&slots=10&rand=0.7225955978847216
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c1efaf915b1fa14f952d152a54962056124509628f2fcfebad136265eaf6e41a

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:17 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://o.canada.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		489 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14648&site_id=359816&zone_id=2596708&size_id=15&alt_size_ids=2%2C55%2C57&eid_pubcid.org=509dbc43-b621-4548-829d-75f88e76d468%5E1&rf=https%3A%2F%2Fo.canada.com%2F&tg_i.domain=o.canada.com&tg_i.page=https%3A%2F%2Fo.canada.com%2F&tg_i.aupname=%2F3081%2Fccn.com%2Findex&tg_i.pbadslot=%2F3081%2Fccn.com%2Findex%23ad-11%3B%2F3081%2Fccn.com%2Findex%23ad-12&tk_flint=dmpbjs_v7.54.0&x_source.tid=ebed7c1a-f3b3-47e8-b02b-6b28d0a3152f%3B546f1dc9-399c-4e11-bdc2-09565b96f7a5&l_pb_bid_id=129f383e9e0a466%3B1367b8ff0ebbf42&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=ebed7c1a-f3b3-47e8-b02b-6b28d0a3152f%3B546f1dc9-399c-4e11-bdc2-09565b96f7a5&rp_maxbids=1&p_gpid=%2F3081%2Fccn.com%2Findex%23ad-11%3B%2F3081%2Fccn.com%2Findex%23ad-12&slots=2&rand=0.004578518871037218
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a0e36cc497f920c4f855d24ba3c2728b0e945581a0bad78cee00513af3f4e0de

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://o.canada.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
255 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
8e830cb08aff9d0795b68335b7022bcf93c7aa98236a856b6096f5bc1775f212

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 28 Aug 2023 00:28:16 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
v1
btlr.sharethrough.com/universal/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.249.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-249-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://o.canada.com
date
Mon, 28 Aug 2023 00:28:16 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.249.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-249-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://o.canada.com
date
Mon, 28 Aug 2023 00:28:16 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.249.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-249-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://o.canada.com
date
Mon, 28 Aug 2023 00:28:16 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.249.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-249-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://o.canada.com
date
Mon, 28 Aug 2023 00:28:16 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.249.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-249-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://o.canada.com
date
Mon, 28 Aug 2023 00:28:16 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.249.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-249-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://o.canada.com
date
Mon, 28 Aug 2023 00:28:16 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.249.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-249-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://o.canada.com
date
Mon, 28 Aug 2023 00:28:16 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.249.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-249-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://o.canada.com
date
Mon, 28 Aug 2023 00:28:16 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.249.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-249-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://o.canada.com
date
Mon, 28 Aug 2023 00:28:16 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.249.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-249-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://o.canada.com
date
Mon, 28 Aug 2023 00:28:16 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.249.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-249-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://o.canada.com
date
Mon, 28 Aug 2023 00:28:16 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.249.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-249-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://o.canada.com
date
Mon, 28 Aug 2023 00:28:16 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		1 KB
984 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
836795af46031aa4fbd3459cf3ce97f8467a3d04c6017acf6f6868b553f9bbca
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:16 GMT
content-encoding
gzip
an-x-request-uuid
cd670de9-cf1f-47a9-88af-967912c9ea27
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://o.canada.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.100; 80.255.7.100; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.0&cb=76955216974&lsavail=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://o.canada.com
date
Mon, 28 Aug 2023 00:28:16 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
translator
hbopenbid.pubmatic.com/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://o.canada.com
date
Mon, 28 Aug 2023 00:28:15 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ 		24 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.54.0
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
db1254a2ac60330880b474f931b4b0c539c6447aeda98ef994e437cd82e60156

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 28 Aug 2023 00:28:16 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://o.canada.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=901899
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57172d29692f5a0c1f520490f8c0c494e58839b99861f92f87ebedd2d2ed5f94

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2FQtYyVdHegyYyXRtgJgMOypipm%2BGb%2BWy1Yc68cn%2FtzKKNvMNNaA3C9fzF2qmGA1NUJow68OCu4qRzPyie3%2B05ujrmPPLZo6GlK0%2B5%2FH5bjC5B2prevRb0nms9uu10p9p70ai6xC"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://o.canada.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7fd86eeccff6bb9e-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
geoip
api.permutive.com/v2.0/ 		209 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
9d799961163bc310e9b528b76ced3dd459085488c92a0713ce48f2ee67c4a06b

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 28 Aug 2023 00:28:16 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
144
watson
api.permutive.com/v2.0/ 		317 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/watson?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
fbe2776528321e86eab1c9f37320995207af2ddc97a41f452b022e7a2495c987

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 28 Aug 2023 00:28:16 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
219
23dc09d6-b664-425a-a76e-0eed6a6cc102-models.bin
cdn.permutive.com/models/v2/ 		55 KB
38 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/models/v2/23dc09d6-b664-425a-a76e-0eed6a6cc102-models.bin
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.149.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87a8d750b678e7c560b9ca005e4888e81f5f3d13ad6ca3b47da08d26d1c68e75

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 28 Aug 2023 00:28:16 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
x-goog-meta-oid
23dc09d6-b664-425a-a76e-0eed6a6cc102
age
0
x-guploader-uploadid
ADPycdvXZrMxJQuW8lhmFQ3a71Y8A8TtGDsJVvqTzRribftKshRR9eUL6WmPR0aPL0bNA0NmzHQ4lFc4EVFMLcRFwwGnWA
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
38407
last-modified
Tue, 22 Aug 2023 06:02:00 GMT
server
cloudflare
etag
"7431783e3a3b55cf9844e96289f21607"
vary
Accept-Encoding
x-goog-generation
1692684120638471
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=QQRS9g==, md5=dDF4Pjo7Vc+YROliifIWBw==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
38407
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7fd86eed09572d04-FRA
expires
Mon, 28 Aug 2023 00:28:16 GMT
/
o.canada.com/api-root/media/videos/playlists/zNackYHG/player/json/ 		9 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o.canada.com/api-root/media/videos/playlists/zNackYHG/player/json/
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.2.3/websites/js/1d3e77d39b2a32b091a13.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.249.109 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
109.249.111.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
fb6771475ed65ded701f68dccc9066a87c72f3740e3d0d88d9b3f393900d1799
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:16 GMT
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-content-type-options
nosniff
content-encoding
gzip
x-envoy-decorator-operation
pmd-nginx-proxy.nginx-proxy.svc.cluster.local:80/*
via
1.1 google
x-envoy-upstream-service-time
5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
referrer-policy
strict-origin-when-cross-origin
last-modified
Monday, 28-Aug-2023 00:28:16 GMT
server
istio-envoy
x-pmd-backend
pmd-nginx-proxy-58cfb9ff56-sxt8g
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,Accept, Cookie, Origin
content-type
application/json
allow
GET, HEAD, OPTIONS
cache-control
max-age=900,no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
permissions-policy
autoplay=(*), camera=(*), display-capture=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), microphone=(*), payment=(*)
expires
Mon, 28 Aug 2023 00:40:54 GMT
simple
api.sail-personalize.com/v1/personalize/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method
GET
Origin
https://o.canada.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin
https://o.canada.com
access-control-max-age
1800
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Mon, 28 Aug 2023 00:28:17 GMT
simple
api.sail-personalize.com/v1/personalize/ 		288 B
498 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash
bf695af17447664f7cf354621ff2d42c73e977c8821a159d35319c084bc69b7c

Request headers

x-lib-version
v1.0.1
accept-language
de-DE,de;q=0.9
authorization
Bearer b9d3df2fccd108b5eff3c44f573b2cd6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://o.canada.com/
x-referring-url
https://o.canada.com/

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:17 GMT
content-encoding
gzip
allowedorigins
*
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
allowedmethods
GET,OPTIONS
cache-control
no-store
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
197
expires
-1
identify
api.permutive.com/v2.0/ 		50 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
90dd51cc35228a756b8ba4236650f0cbbed7b80e3ac3512a332641ce87afdf71

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 28 Aug 2023 00:28:16 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
segment
api.permutive.com/adv/v2/ 		44 B
108 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
406b6d79687c2601d33b029cf7867ab6cedc6c01ef13d669835b743f967d5d52

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 28 Aug 2023 00:28:16 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44
content-type
application/json
sync
googlesync.permutive.com/v2.0/px/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=aff38324-df81-48fe-b6a3-9bb64e2ff7ed
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=aff38324-df81-48fe-b6a3-9bb64e2ff7ed&google_tc=
  • https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEOYwZRhIco9Rcm7eEB1mBvo&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=aff38324-df81-48fe-b6a3-9bb64e2ff7ed&google_cver=1
35 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEOYwZRhIco9Rcm7eEB1mBvo&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=aff38324-df81-48fe-b6a3-9bb64e2ff7ed&google_cver=1
Protocol
H2
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:17 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
vary
Origin
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEOYwZRhIco9Rcm7eEB1mBvo&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=aff38324-df81-48fe-b6a3-9bb64e2ff7ed&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
404
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
comscore.js
storage.googleapis.com/pmd-dev-northamerica-northeast1-asset-analytics-pub/js/ 		168 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/pmd-dev-northamerica-northeast1-asset-analytics-pub/js/comscore.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.2.3/websites/js/5fb1976773a81cc59beb2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
276b5244682738d09b1f2ea556faf7d6d967c844fa95c762c121a0957ebe4503

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 23:39:48 GMT
age
2908
x-guploader-uploadid
ADPycdtK8s0LbIjYN7WMxXSbDaN4uPYSNWokP4Sqi9Mxgu6LX2VBT-a9V0fWkBywra0aNDdP7arOCYwRmouQhqOIuWxUgw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
171739
last-modified
Tue, 13 Sep 2022 19:04:43 GMT
server
UploadServer
etag
"702fb2c84c6e8b364a6130cb860c7987"
x-goog-generation
1663095883714722
x-goog-hash
crc32c=aQkgGQ==, md5=cC+yyExuizZKYTDLhgx5hw==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
171739
accept-ranges
bytes
expires
Mon, 28 Aug 2023 00:39:48 GMT
pub
pixel.adsafeprotected.com/services/ 		302 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=928934&slot=%7Bid:jw-ad-1,ss:%5B640.480,480.360,480.361%5D,p:undefined,t:video%7D&wr=1600.1200&sr=1600.1200&sessionId=f68871ca-6391-b379-7673-e908cee920b8&url=https%253A%252F%252Fo.canada.com%252F
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.99.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-99-188.compute-1.amazonaws.com
Software
nginx /
Resource Hash
63e0fea118f062e92df3cd4277bf0d8f2c53267f165a77bbc7a5aa221b6b5bdb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:16 GMT
server
nginx
x-server-name
app29.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://o.canada.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
mLwT04rz-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/in8brjDO/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/mLwT04rz-320.jpg
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/mLwT04rz-320.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d35b70fa769af3788e74658794d4b0e408e093af93306b9b5e6b20015a5d17e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:17 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
200
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
13877
x-served-by
cache-iad-kjyo7100124-IAD, cache-fra-eddf8230079-FRA
last-modified
Thu, 17 Aug 2023 14:38:47 GMT
server
nginx
x-timer
S1693182497.212561,VS0,VE99
etag
"559d84f74abf79fc489f691e571ef301"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
13030, 1

Redirect headers

date
Mon, 28 Aug 2023 00:28:17 GMT
via
1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/mLwT04rz-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
CZGOseEufV1x0jWjZtC2Z2x5Vw0EUcGN5TAG2OaIUFxpQjEKi2HCKw==
P2NvOM3m-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/1JFFCmvi/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/P2NvOM3m-320.jpg
25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/P2NvOM3m-320.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ebfb55e932617cd20a2559370d1a345c119a3f4ef90c60defd3abcd88616b090

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:17 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
25794
x-served-by
cache-iad-kjyo7100036-IAD, cache-fra-eddf8230079-FRA
last-modified
Thu, 10 Aug 2023 20:24:02 GMT
server
nginx
x-timer
S1693182497.213185,VS0,VE103
etag
"5aee6540aa77f75f0093ac7edbf55d47"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
22, 1

Redirect headers

date
Mon, 28 Aug 2023 00:28:17 GMT
via
1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/P2NvOM3m-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
XzgrNDB_FJAGQB2Jnjm_ndQVJzYh34D7Ymz-nvjDHgBaIQrvMP5K9g==
VGBsDEPA-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/2YqFirQc/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/VGBsDEPA-320.jpg
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/VGBsDEPA-320.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1dec6b344b0999e29b683cce0271969c15da25173d258514e61d807a7fea7909

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:17 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
16376
x-served-by
cache-iad-kcgs7200101-IAD, cache-fra-eddf8230079-FRA
last-modified
Wed, 09 Aug 2023 20:27:06 GMT
server
nginx
x-timer
S1693182497.212951,VS0,VE98
etag
"d523f277ec993c3936b0197b85966baf"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
35162, 1

Redirect headers

date
Mon, 28 Aug 2023 00:28:17 GMT
via
1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/VGBsDEPA-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
k7kgL8g9ZLcT0Dpx6t_Si8MSe34-RGED4Jm0_SKXxh_LcD8uFkLXYg==
015w1m6j-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/2ZgQ4wr5/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/015w1m6j-320.jpg
23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/015w1m6j-320.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
05721aed8db14a0b8424719528faf137f35471a4c383ddef3f0c4758163b5529

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:17 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
107
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
23600
x-served-by
cache-iad-kiad7000138-IAD, cache-fra-eddf8230079-FRA
last-modified
Tue, 08 Aug 2023 14:17:25 GMT
server
nginx
x-timer
S1693182497.212946,VS0,VE91
etag
"ec74a18c237e238661f7c09ef428a075"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
74, 1

Redirect headers

date
Mon, 28 Aug 2023 00:28:17 GMT
via
1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/015w1m6j-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
GJ1R5zDC79pzFpiXzm9kqKI33S1-Z9Ouui57XZHbKcNyR9jsUJiIoQ==
fc0b63cd-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/WD70zvUe/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/fc0b63cd-320.jpg
18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/fc0b63cd-320.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
432d5b30a7e98ff618e6693c3b9d1fa681b616edccc92c7a52ab6643b1f64738

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:17 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
18532
x-served-by
cache-iad-kiad7000157-IAD, cache-fra-eddf8230079-FRA
last-modified
Mon, 07 Aug 2023 23:17:37 GMT
server
nginx
x-timer
S1693182497.213207,VS0,VE131
etag
"ffd328842f2299886a3fd97a4a2a3b06"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
38927, 1

Redirect headers

date
Mon, 28 Aug 2023 00:28:17 GMT
via
1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/fc0b63cd-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
nhcyfEWUt2Gf2tGlYbbDXLiKnjcESEn7Vw706yakQksVuhh3WIIu0g==
eydridje-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/dgy0a0tE/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/eydridje-320.jpg
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/eydridje-320.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d9970e94ef695ca2e0cdf842ea080f24620bf391f4fd72214dc3226b4fa5639d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:17 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
200
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
15544
x-served-by
cache-iad-kiad7000023-IAD, cache-fra-eddf8230079-FRA
last-modified
Sat, 05 Aug 2023 16:52:45 GMT
server
nginx
x-timer
S1693182497.213180,VS0,VE89
etag
"2e8d02bd8ffa6c32fe7445eb292064c7"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
7193, 1

Redirect headers

date
Mon, 28 Aug 2023 00:28:17 GMT
via
1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/eydridje-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
SO0UNIyWTssdgze5u6Sa7tPzQUEuv57twWPYOy5EcGKyLDjCn-0vRw==
zvHgWLRh-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/D7PSvtFz/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/zvHgWLRh-320.jpg
21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/zvHgWLRh-320.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
109bc526dbd668fd2a2450b0d4841c8dd99f4e0942835634e46c0c2c2ca1845c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:17 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
119
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
21391
x-served-by
cache-iad-kjyo7100174-IAD, cache-fra-eddf8230079-FRA
last-modified
Fri, 04 Aug 2023 16:39:36 GMT
server
nginx
x-timer
S1693182497.213180,VS0,VE1
etag
"f37e67a2f709cadc9fd1c85080fc05b1"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
234, 1

Redirect headers

date
Mon, 28 Aug 2023 00:28:17 GMT
via
1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/zvHgWLRh-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
2I1_3UCCZ97v0IzEVhXYKhccKyAe2DI1jEFqPNdHumpsg4Gjh02aAg==
040qeR7K-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/IHo156nV/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/040qeR7K-320.jpg
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/040qeR7K-320.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b370b0e1e9b7793a856707ed48f6b7ef7257ef61024a3ea517e0a922008a2222

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:17 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
63
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
15394
x-served-by
cache-iad-kcgs7200126-IAD, cache-fra-eddf8230079-FRA
last-modified
Wed, 02 Aug 2023 18:44:11 GMT
server
nginx
x-timer
S1693182497.213366,VS0,VE1
etag
"03e2e042700bccfcac2e08dac45690ff"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
4, 1

Redirect headers

date
Mon, 28 Aug 2023 00:28:17 GMT
via
1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/040qeR7K-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
ZtBa5FqKO13Lwg9GAf81RODreY0EKaZdPC2shpDco0OxWCuK37sYDA==
ekjuh73x-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/sAysz8jT/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/ekjuh73x-320.jpg
3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/ekjuh73x-320.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
85cdf478003e2bed5001d485e07e7510cef548edd05dd68c709b4b1ad65988e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:17 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
199
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
3401
x-served-by
cache-iad-kcgs7200071-IAD, cache-fra-eddf8230079-FRA
last-modified
Thu, 27 Jul 2023 19:47:08 GMT
server
nginx
x-timer
S1693182497.252633,VS0,VE96
etag
"c65dab7904e0fff26261a30564a33ce0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
17997, 1

Redirect headers

date
Mon, 28 Aug 2023 00:28:17 GMT
via
1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/ekjuh73x-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
YBC16_FaOqpnilH7CaGYJX_by-UDnvs8ve8XMZWe7I9LTAK6DW78ug==
ppnD35KB-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/T3OySyMt/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/ppnD35KB-320.jpg
10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/ppnD35KB-320.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
99278409c931eb4c80b228b97af071e211f5ed97d862f66eced8906c71b1976f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:17 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
10664
x-served-by
cache-iad-kjyo7100162-IAD, cache-fra-eddf8230079-FRA
last-modified
Thu, 17 Aug 2023 14:41:43 GMT
server
nginx
x-timer
S1693182497.252614,VS0,VE97
etag
"39ed11d49392b98c9b709fab0fd4cc3e"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
21, 1

Redirect headers

date
Mon, 28 Aug 2023 00:28:17 GMT
via
1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/ppnD35KB-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
0OYYkK3iQdDU3PN5ioR_ud91IfUooaMjZru5Iezs2HsNe0-Fywwk2Q==
IrYAVodh.js
cdn.jwplayer.com/libraries/ 		109 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/libraries/IrYAVodh.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.2.3/websites/js/5fb1976773a81cc59beb2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:6c00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
0aa6175bf9ddd57283e8d589a38a80890c4f232edc4842c71d61663e649b3304

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:17 GMT
content-encoding
gzip
via
1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180
x-robots-tag
noindex, indexifembedded
content-length
41569
x-amz-cf-id
z46c_rWKmylj4wRq_3antJy1N2iD7jpHLVKumZAr6sfKoJ9IFKjFJw==
6684754e93d96dad9937.js
fem.gprod.postmedia.digital/v86.1/chunks/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v86.1/chunks/6684754e93d96dad9937.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v86.1/fem.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d314da1c0fe98b9d700b0ea14785acd14ad4d09e989e39c8b3422c1f91db98ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:08:44 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1692373772
age
548373
x-guploader-uploadid
ADPycdu-ivpByxdg_sRgQheZfaJ5yRMDtgJ2zrqO3EUoKKFQJQgAEkTK1lz5Jj8l4Mib4eZMrsoS7IlsvrLgHVPJsKQecQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1103
last-modified
Fri, 18 Aug 2023 15:50:35 GMT
server
UploadServer
etag
W/"bd3d37a8cf8e04887f4a3ee2dc03dde4"
vary
Accept-Encoding
x-goog-generation
1692373835756901
x-goog-hash
crc32c=E9ySAQ==, md5=vT03qM+OBIh/Sj7i3APd5A==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
3197
accept-ranges
none
ads
securepubads.g.doubleclick.net/gampad/ 		430 KB
25 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=51620581966705&correlator=3617990832926371&output=ldjh&gdfp_req=1&vrg=202308220101&ptt=17&impl=fifs&iu_parts=3081%2Cccn.com%2Cindex&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C6x6%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C7x7%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1693182497114&lmt=1693175265&adxs=200%2C797%2C765%2C797%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200&adys=234%2C1309%2C1850%2C2591%2C3147%2C3916%2C4489%2C4257%2C4798%2C4598%2C5153%2C4939%2C5509%2C5280%2C5821%2C5621%2C6199%2C5962%2C6532%2C6303%2C6844%2C6644&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C20%7C21&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci%7Cj%7Ck%7Cl%7Cm&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fo.canada.com%2F&vis=1&psz=1600x250%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250&msz=1600x-1%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600&ga_vid=1897779236.1693182497&ga_sid=1693182497&ga_hid=732977049&ga_fc=false&a3p=EjsKCnB1YmNpZC5vcmcSJDUwOWRiYzQzLWI2MjEtNDU0OC04MjlkLTc1Zjg4ZTc2ZDQ2OBien6rMozFIAA..&dlt=1693182495788&idt=599&prev_scp=loc%3D1%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dc823dd09-4539-11ee-8842-02bf0c6c3701%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%2C90%7Cloc%3D2%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dc823dd0a-4539-11ee-8842-02bf0c6c3701%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%7Cloc%3D1%26amznbid%3D2%26amznp%3D2%26id%3Dc823dd0b-4539-11ee-8842-02bf0c6c3701%7Cloc%3D3%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dc823dd0c-4539-11ee-8842-02bf0c6c3701%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%7Cloc%3D2%26amznbid%3D2%26amznp%3D2%26id%3Dc823dd0d-4539-11ee-8842-02bf0c6c3701%7Cloc%3D4%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dc823dd0e-4539-11ee-8842-02bf0c6c3701%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%2C50%7Cloc%3D3%26amznbid%3D2%26amznp%3D2%26id%3Dc823dd0f-4539-11ee-8842-02bf0c6c3701%7Cloc%3D5%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dc823dd10-4539-11ee-8842-02bf0c6c3701%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%7Cloc%3D4%26amznbid%3D2%26amznp%3D2%26id%3Dc823dd11-4539-11ee-8842-02bf0c6c3701%7Cloc%3D6%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dc823dd12-4539-11ee-8842-02bf0c6c3701%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.08%26hb_adid%3D178b98d8948f2db8%26hb_bidder%3Drubicon%7Cloc%3D5%26amznbid%3D2%26amznp%3D2%26id%3Dc823dd13-4539-11ee-8842-02bf0c6c3701%7Cloc%3D7%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dc823dd14-4539-11ee-8842-02bf0c6c3701%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%7Cloc%3D6%26amznbid%3D2%26amznp%3D2%26id%3Dc823dd15-4539-11ee-8842-02bf0c6c3701%7Cloc%3D8%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dc823dd16-4539-11ee-8842-02bf0c6c3701%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%7Cloc%3D7%26amznbid%3D2%26amznp%3D2%26id%3Dc823dd17-4539-11ee-8842-02bf0c6c3701%7Cloc%3D9%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dc823dd18-4539-11ee-8842-02bf0c6c3701%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%7Cloc%3D8%26amznbid%3D2%26amznp%3D2%26id%3Dc823dd19-4539-11ee-8842-02bf0c6c3701%7Cloc%3D10%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dc823dd1a-4539-11ee-8842-02bf0c6c3701%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%7Cloc%3D9%26amznbid%3D2%26amznp%3D2%26id%3Dc823dd1b-4539-11ee-8842-02bf0c6c3701%7Cloc%3D11%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dc823dd1c-4539-11ee-8842-02bf0c6c3701%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%7Cloc%3D10%26amznbid%3D2%26amznp%3D2%26id%3Dc823dd1d-4539-11ee-8842-02bf0c6c3701%7Cloc%3D12%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dc823dd1e-4539-11ee-8842-02bf0c6c3701%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40&cust_params=permutive%3D96400%252Cbsjr%252Cbsjf%252Crts%26prmtvvid%3D416d0a7a-463b-4133-909d-70eaf7f96bf2%26prmtvwid%3D23dc09d6-b664-425a-a76e-0eed6a6cc102%26no_pol%3Dtrue%26page%3Dindex%26pr%3Dccn%26sensitive%3Dn%26negative%3Dn%26ck%3Dindex%26imp%3Dindex%26prmtvsdk%3Dweb%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3D&adks=4217552496%2C1341624894%2C931136440%2C3283421726%2C931136447%2C4217552501%2C931136446%2C4217552500%2C931136445%2C4217552503%2C931136444%2C4217552502%2C931136435%2C4217552505%2C931136434%2C4217552504%2C931136433%2C2421343164%2C931136432%2C2421343165%2C3395320742%2C2421343166&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e11a2c6bc712755b1d810599b7bdee67c6e9d247fb4adc6e1bb2d70df4a60838
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25783
x-xss-protection
0
google-lineitem-id
6320689129,6320677576,-2,6320677576,-2,6320677576,-2,6320689129,-2,6320689129,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138435367035,138435360861,-2,138435310154,-2,138435310157,-2,138435367038,-2,138435367041,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://o.canada.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308220101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ff370d654e8a5a3d99b0235c075435341e9ae588dc7ec0dd5733ae553c4b48dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11771
x-xss-protection
0
container.html
37fd233be47a9ff8da56fd1d6f53de47.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A1C8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://37fd233be47a9ff8da56fd1d6f53de47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://o.canada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 28 Aug 2023 00:28:17 GMT
expires
Tue, 27 Aug 2024 00:28:17 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
login
postmedia.hub.loginradius.com/ssologin/ 		38 B
546 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v86.1/fem.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
content-type
application/json

Response headers

Date
Mon, 28 Aug 2023 00:28:17 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://o.canada.com
X-LoginRadius-Server
Primary - IDX - AWS
Access-Control-Allow-Credentials
true
X-Server
ms_idx_primary
Connection
keep-alive
Content-Length
38
login
postmedia.hub.loginradius.com/ssologin/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://o.canada.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin
https://o.canada.com
Connection
keep-alive
Date
Mon, 28 Aug 2023 00:28:17 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-LoginRadius-Server
Primary - IDX - AWS
X-Server
ms_idx_primary
zNackYHG
cdn.jwplayer.com/v2/playlists/ 		55 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/playlists/zNackYHG
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.2.3/websites/js/5fb1976773a81cc59beb2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:6c00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
0381967675976510e2916e43a8b674c08194163e69ead105d6a8c48405993ed2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:17 GMT
content-encoding
gzip
via
1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-robots-tag
noindex, indexifembedded
content-length
7288
x-amz-cf-id
gC1Gwz7JJrWnq5DMbfrMuwMEvCXzVZLBtFmEuoSJwQb1GI7y9_RL7w==
expires
Mon, 28 Aug 2023 00:31:17
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 28 Aug 2023 00:28:17 GMT
events
api.permutive.com/v2.0/batch/ 		101 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
b5eedc85b327186bea4d94cacdbcf9127cbc04630e9d133ac9d2970de55ea1f0

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 28 Aug 2023 00:28:17 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F33C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://o.canada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
48907
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 27 Aug 2023 10:53:10 GMT
expires
Mon, 26 Aug 2024 10:53:10 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame FB6D 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
74b099ec98934eb0f6cda03b3baf5ddbc8754960332b64dafae25a3e4a85190a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HRSFbpQ04OERBzTpx4SbOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://o.canada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
538
content-security-policy
script-src 'report-sample' 'nonce-HRSFbpQ04OERBzTpx4SbOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 28 Aug 2023 00:28:17 GMT
expires
Mon, 28 Aug 2023 00:28:17 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js
pagead2.googlesyndication.com/bg/ Frame F33C 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e48869d45889d8c1370161ac5b499cb02dc73c6bebefb8c487173010aabb78b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 04:49:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
243510
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14710
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 24 Aug 2024 04:49:47 GMT
vf-v2.js
cdn.viafoura.net/ 		836 KB
196 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/vf-v2.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v86.1/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:2800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
76d74e450c768617546ab4a55682ef64bc4a2f5cdf58868a1f55c195a169acba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id
bTRms6JtcBF8kwpD9wD1S3Yr3ngcAHDK
content-encoding
br
via
1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
date
Mon, 28 Aug 2023 00:27:13 GMT
x-amz-cf-pop
FRA56-P2
age
65
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 24 Aug 2023 19:53:04 GMT
server
AmazonS3
etag
W/"d03cc0d13b3aa9025494d681b80faae6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
x-amz-cf-id
Rb2jrJO925HTVbJ3i9e-tZGioEkGLFgkFj78fCMqHUjcoDq9qf-3Ng==
gtm.js
www.googletagmanager.com/ 		185 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WC74WBX&l=dataLayer
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v86.1/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6133e533650d0319730369ab635c8729b6c6d2c5a9ebdefb51569fead1866036
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61285
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 28 Aug 2023 00:28:17 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v86.1/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-72.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 04:08:39 GMT
content-encoding
gzip
via
1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jul 2023 22:21:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
73446
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
RYsyUSk1KQlRvvjhwp8fbZyqn9-9GfT3G9YPwJST5RFl0TZ5Wr8akw==
mparticle.js
jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/ 		223 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v86.1/fem.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
65a4f83b9dd7511519a2def2a190dcff68f637e2ed69c4a3af86d667ae483019

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-served-by
cache-iad-kcgs7200117-IAD, cache-fra-eddf8230103-FRA
date
Mon, 28 Aug 2023 00:28:17 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
server
Kestrel
age
266
x-timer
S1693182498.662496,VS0,VE1
x-origin-name
fastlyshield--shield_ssl_cache_iad_kcgs7200117_IAD
x-cache
HIT, HIT
content-type
application/javascript
vary
Accept, Accept-Encoding
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
60278
x-cache-hits
4, 1
gtm.js
www.googletagmanager.com/ 		190 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v86.1/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b46113355a9907a0e925e7103e7ecde122524b21c5c73fb53fce4f0953f481ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62302
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 28 Aug 2023 00:28:17 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame FB6D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308220101&jk=51620581966705&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame F33C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?eOyxuw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:17 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
identify
identity.mparticle.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-mp-key
Access-Control-Request-Method
POST
Origin
https://o.canada.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
age
2599
date
Mon, 28 Aug 2023 00:28:17 GMT
server
Kestrel
strict-transport-security
max-age=900
via
1.1 varnish
x-cache
HIT
x-cache-hits
214
x-fastly-trace-id
992855870
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-fra-eddf8230077-FRA
x-timer
S1693182498.882931,VS0,VE0
gtm.js
www.googletagmanager.com/ 		182 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5KMC8ND&l=dl_mparticle
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ce9eb7780ddd632942aa03fc1fbb4bfefedb353f9716be8b908562b29cc471a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62037
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 28 Aug 2023 00:28:17 GMT
identify
identity.mparticle.com/v1/ 		176 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f1f02f85e563a36a18ec85ac32dc764aa02c98f382daa3d6d035e572c4fee707
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-99b65fde89a1a145894d2d51d283cc83
Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-fra-eddf8230077-FRA
date
Mon, 28 Aug 2023 00:28:18 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=900
server
Kestrel
x-timer
S1693182498.923710,VS0,VE123
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
x-fastly-trace-id
992856037
accept-ranges
bytes
x-cache-hits
0
gtm.js
www.googletagmanager.com/ 		108 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NHPWKCD&l=gtm_data_layer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
32cda5d2bc8cef352af1c98d81394457feeb031a134fc09694f07e01aef64f7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42999
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 28 Aug 2023 00:28:17 GMT
gtm.js
www.googletagmanager.com/ 		296 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
556d08565e3c3b39fe4b5f5e41bf2fd391f3f208fe060e754407496eec326569
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
90405
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 28 Aug 2023 00:28:17 GMT
googima.js
ssl.p.jwpcdn.com/player/v/8.28.0/ 		73 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.28.0/googima.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6e05f5bd6f9da2d90030b22960571faf14590890c05e3d932604d3ce53e54ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:17 GMT
content-encoding
gzip
via
1.1 varnish
age
22478
x-cache
HIT
content-length
22014
x-served-by
cache-fra-eddf8230079-FRA
last-modified
Mon, 21 Aug 2023 23:58:41 GMT
server
AmazonS3
x-timer
S1693182498.819904,VS0,VE0
etag
"42b3c20cb65670ec5907c539ef5a0739"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, immutable
accept-ranges
bytes
x-cache-hits
2485
jwpsrv.js
ssl.p.jwpcdn.com/player/v/8.28.0/ 		64 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.28.0/jwpsrv.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cce768cee839e01c304a426f0dbce4298f6024d856d1abe69efe450ac35863b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:17 GMT
content-encoding
gzip
via
1.1 varnish
age
497
x-cache
HIT
content-length
19606
x-served-by
cache-fra-eddf8230079-FRA
last-modified
Tue, 15 Aug 2023 16:58:37 GMT
server
AmazonS3
x-timer
S1693182498.819973,VS0,VE0
etag
"3ce929563cdc089513e92ce60145673b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, immutable
accept-ranges
bytes
x-cache-hits
91
jwplayer.core.controls.js
ssl.p.jwpcdn.com/player/v/8.28.0/ 		317 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.28.0/jwplayer.core.controls.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
35c51b78e7d78765670c0125560cc48e91de1969d1e19f82f8290b4719199ee9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:17 GMT
content-encoding
gzip
via
1.1 varnish
age
972888
x-cache
HIT
content-length
85170
x-served-by
cache-fra-eddf8230079-FRA
last-modified
Tue, 15 Aug 2023 16:58:31 GMT
server
AmazonS3
x-timer
S1693182498.820099,VS0,VE0
etag
"c2bc65140aca822130a162769f3cc821"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
74798
zNackYHG
cdn.jwplayer.com/v2/playlists/ 		55 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/playlists/zNackYHG
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:6c00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
0381967675976510e2916e43a8b674c08194163e69ead105d6a8c48405993ed2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:17 GMT
content-encoding
gzip
via
1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-robots-tag
noindex, indexifembedded
content-length
7288
x-amz-cf-id
1UOIXr4cSKJdlx_3bv3jNXpoNAuny3TjEl5Z4_fx0A5zmKSymP4h5w==
expires
Mon, 28 Aug 2023 00:31:17
jload
pixel.adsafeprotected.com/ Frame 2BE7 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=928934&campId=970x250&pubId=4811995650&chanId=68750341&placementId=6320677576&pubCreative=138435360861&pubOrder=3214318285&cb=191625056&custom=index&custom2=2&adsafe_par&impId=c823dd0a-4539-11ee-8842-02bf0c6c3701
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.99.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-99-188.compute-1.amazonaws.com
Software
/
Resource Hash
6896bc86244bda2300ded2f8504173a8b625cac2f589d4cd4e4c457bf4fb4d66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:18 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame CB3F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvPcMTeUlkrPPATgPiRDmdJcVc7MZMY8JZnPCnRTjddzExsDujJ_I1idcQi14vIDUmcc7jO6cOz6n5bqMF6IfklvieX235vvEEXyAhld_ZIGZ8C_vg0s8jZ_Vbai5WcQmpFQXL3rD9pLaBaHeD7GyOKcFv_cooHJynCBPkDtt5voEZQ1caV-N06GN3Nki2UbJHlo2DAbKB9S6h2HcL0a31S54DAdIiCnDDDWpvKXNdbo2ePKBh7vJhUgwqcRkTa9LQv3-VhMbLdAgXHsNqZ4PLc85sr-XXc1nH3dVBgWOQ5HcbO-4Dx194TtKlCnC7Wug&sai=AMfl-YSy8bXZWuytfw1KxBg1d3J69n5nl655aU4dKb3G00chkqF984XrRJrxbhkoCgFfQBmuRJQqaH0zNQoIzCarlgV8PYq1hJgNUPTjGe2lPC82jTwVV-X-yAJDw39xXQ&sig=Cg0ArKJSzDcSMddCuz2wEAE&uach_m=[UACH]&adurl=
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame CB3F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 10:53:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
48907
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Sep 2023 10:53:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CB3F 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692792373905140"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 28 Aug 2023 00:28:17 GMT
3261028149663705050
tpc.googlesyndication.com/simgad/ Frame CB3F 		171 KB
171 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3261028149663705050
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f46c84174d978eb9ea2884f2cfa1438f100d5de1f45c5a32c96b5085491f430e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 20:19:16 GMT
x-content-type-options
nosniff
age
187741
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
175107
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 20:08:01 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 24 Aug 2024 20:19:16 GMT
l
www.google.com/ads/measurement/ Frame CB3F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTQC1v4iH-IZD2ZmtRDsoQlUKllP0ZM-YPT0OSPlFKZbLATX-cb0Vh4etx40GSfeuBsktpZ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers
jload
pixel.adsafeprotected.com/ Frame 4858 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=928934&campId=970x250&pubId=4811995650&chanId=68750341&placementId=6320689129&pubCreative=138435367035&pubOrder=3214528277&cb=1380331086&custom=index&custom2=1&adsafe_par&impId=c823dd09-4539-11ee-8842-02bf0c6c3701
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.99.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-99-188.compute-1.amazonaws.com
Software
/
Resource Hash
7c5c753d767246bc16477a40861cdda78886b625977471fa253a7be7c5082b70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:18 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DC70 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuhYRhRjUi0wvrE5gbEihNUK1hwn44DCvxIlOXKIOtkv9CRPa73JOR4uFMM-MMG2MAU6vtwD1zr2xD5_r1xer1jFSRpxjVqV2VpY3D2YsfUb5yfmQrXRhlmsbxFA6WUZ-fNxJiG5DjNAzV38DmqAieBvGrmFEJhLosH1W6762J98N-pTV5Fhd86IcXv8OQ3KNza_IuIBuaVrOKZacklFRPf8j0eGr0xb-PhwIWr4EYaPlNs33ODBFcPNzrX-527XoXmttelivaJLN0wScgbNy9DliP_ua6SDiyAdKRc4TBEcHBuIt-49n1Spw04Bs3QDA&sai=AMfl-YS_ufgo249Fk7cS1ObwoQ49fO_8BgkSTAV_kqqXF8OPno_9s7pY2ks93BYNPyL26LKNhos2KpxCJnK2v12nzLjDzqggrgzvIJkHUBVwDFENOte9vq9gmbsG8QZoJg&sig=Cg0ArKJSzKAF60puqvMlEAE&uach_m=[UACH]&adurl=
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame DC70 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 10:53:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
48907
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Sep 2023 10:53:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DC70 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692792373905140"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 28 Aug 2023 00:28:18 GMT
4614822790698063659
tpc.googlesyndication.com/simgad/ Frame DC70 		161 KB
162 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4614822790698063659
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eda9060404e3ab6238268acf344618da09532339465f0a9c8ee280c480867a02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 12:10:59 GMT
x-content-type-options
nosniff
age
130638
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165326
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 20:40:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 25 Aug 2024 12:10:59 GMT
l
www.google.com/ads/measurement/ Frame DC70 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT6VoRIEsXA2bqhd0RTGesq77XI9Isg_jyhsEw-IV1_56cQdUvZYNMV031bSCkJddbuKTkg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers
v2
api.viafoura.co/v2/o.canada.com/bootstrap/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/o.canada.com/bootstrap/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4847:76a1:b6b5:aeaf:fb4e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://o.canada.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
access-control-allow-origin
https://o.canada.com
access-control-max-age
1728000
cache-control
max-age=0
date
Mon, 28 Aug 2023 00:28:18 GMT
expires
Mon, 28 Aug 2023 00:28:18 GMT
server
nginx/1.18.0 (Ubuntu)
v2
api.viafoura.co/v2/o.canada.com/bootstrap/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/o.canada.com/bootstrap/v2
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4847:76a1:b6b5:aeaf:fb4e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3ded2629738669603833e6e8a676e61c989ab992c4e91d057b36643d5ac0675f

Request headers

Accept
application/json, text/plain, */*
Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

x-instance-id
i-089c90e7f73ab3622
pragma
no-cache
date
Mon, 28 Aug 2023 00:28:18 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://o.canada.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Mon, 28 Aug 2023 00:28:18 GMT
provider.hlsjs.js
ssl.p.jwpcdn.com/player/v/8.28.0/ 		412 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.28.0/provider.hlsjs.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
141d5bbc284c11dd6a0a3f369ec345c8821515ff3a9476c327ece61ceab8db47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:17 GMT
content-encoding
gzip
via
1.1 varnish
age
972737
x-cache
HIT
content-length
125695
x-served-by
cache-fra-eddf8230079-FRA
last-modified
Tue, 15 Aug 2023 16:58:33 GMT
server
AmazonS3
x-timer
S1693182498.972658,VS0,VE0
etag
"5aedfc5d44b64aeded8e90cfa093644d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
65393
truncated
/ Frame CB3F 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b496c8d2e9273eb02bc75d4bb13b5cca59983655dbb6b3f82827856bc5097dac

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame DC70 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
27184b63e1de9ea2fdf0ddc25c7ab0f9f87510826beec4c9a7f3d2b502e0e3d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/png
state
api.permutive.com/v1.0/ 		0
33 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 28 Aug 2023 00:28:18 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
EP4j6LNJEeu2Q2J+7u8ONQ.json
entitlements.jwplayer.com/ 		69 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://entitlements.jwplayer.com/EP4j6LNJEeu2Q2J+7u8ONQ.json
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.243 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/67A5) /
Resource Hash
5427e10c23520fbca480e8750c7e03dc2858eee594081879ea72a559bbd9fa81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:18 GMT
content-encoding
gzip
last-modified
Sun, 27 Aug 2023 21:47:44 GMT
server
ECAcc (frb/67A5)
age
9634
vary
Accept-Encoding
x-cache
HIT
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=16020
accept-ranges
bytes
content-length
80
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		356 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad527d7ac9e5c62049e2d0186ab8a60a4a6d8527b78711a37be14a8bfc557d44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125502
x-xss-protection
0
expires
Mon, 28 Aug 2023 00:28:18 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 27 Aug 2023 23:49:43 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
2315
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 28 Aug 2023 01:49:43 GMT
marfeel-sdk.js
sdk.mrf.io/statics/ 		124 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9fa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93e4c55dd8ba6cd9b176509faa27de60a11aa36be7c7e78efcab425686ad2257

Request headers

Referer
https://o.canada.com/
Origin
https://o.canada.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-response-time
1ms
date
Mon, 28 Aug 2023 00:28:18 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Sun, 27 Aug 2023 23:29:13 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1800
x-envoy-upstream-service-time
6
accept-ranges
bytes
cf-ray
7fd86ef58f799bce-FRA
alt-svc
h3=":443"; ma=86400
content-length
35215
fbevents.js
connect.facebook.net/en_US/ 		193 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 28 Aug 2023 00:28:18 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
52127
x-xss-protection
0
pragma
public
x-fb-debug
j+CwwENDGPqBQ/XKPoKSTgGcC3DMFQ6GyimiD+0FJfRqpxVUgXn09WpLDt57H1aqu0VgXrWOyfSKnvdQZJx4hQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
tag.min.js
get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-32.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7fdeb1c6fd18e0f486055ae90b9c37c166cd1b455157daa7de08f4271ac696ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id
XfYprRTzfIx5sUT1DKibUZklTDJ88StC
content-encoding
gzip
via
1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
date
Sun, 27 Aug 2023 11:20:43 GMT
last-modified
Thu, 24 Aug 2023 11:20:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
47256
x-amz-server-side-encryption
AES256
etag
W/"10ba0dba424c8954df3533bfd881e874"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
DsYKhVeEdhAAkSbTPL43XvArDI5Ej4pGGlOLfcmYHMaxzyAS0aDWvQ==
js
www.googletagmanager.com/gtag/ 		254 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CBS6P3K53Q&l=gtm_data_layer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6c9cc85445c79dc59b8dae2e5f9a7625860a0a6fb80a9d97979a49d56dc68eb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88217
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 28 Aug 2023 00:28:18 GMT
p.js
cdn.parsely.com/keys/o.canada.com/ 		74 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/o.canada.com/p.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-100-58.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
b48743091fa7f477ba4780fe108d6a622bf01de9e6047d7855a59e04ba87f916

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
public
date
Sun, 27 Aug 2023 08:09:56 GMT
content-encoding
gzip
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
last-modified
Wed, 14 Dec 2022 21:12:47 GMT
server
nginx
x-amz-cf-pop
FRA56-P2
age
58702
etag
W/"639a3c4f-12687"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
B5NbhGg_lGs_Vf3-EV7ZFkn4qd5L6IAS4-t0SxByFRxv-95bigtJUA==
expires
Mon, 28 Aug 2023 08:09:56 GMT
b
sb.scorecardresearch.com/ 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=10276888&ns__t=1693182498047&ns_c=UTF-8&c8=Canada.Com%20%7C%20Homepage%20%7C%20Canada.Com&c7=https%3A%2F%2Fo.canada.com%2F&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-72.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:18 GMT
via
1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
oSzvbD3MSrlkA8qT79pLqncmM69DaY7T55ljzgWZdgJsTD1d1sHWvA==
x-cache
Miss from cloudfront
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/10276888/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
383 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-72.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 04:14:20 GMT
via
1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
last-modified
Mon, 03 Jul 2023 14:48:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
72839
x-amz-server-side-encryption
AES256
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
0
x-amz-cf-id
vU4TyJm3y0GuOMB5PdaNJLWGmpCwhXkP2mRieILnseHCvbRJEIfcug==

Redirect headers

date
Mon, 28 Aug 2023 00:28:18 GMT
via
1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
location
/internal-c2/default/cs.js
content-length
0
x-amz-cf-id
n16w6UFSPsjcxxPShNMmA6Ojbv-kPjY3WZXPVNIW5gEbbhOKqtzPGQ==
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		0
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-ams21037-AMS
date
Mon, 28 Aug 2023 00:28:18 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1693182498.206291,VS0,VE27
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
U2R67rvs.srt
assets-jpcust.jwpsrv.com/tracks/
Redirect Chain
  • https://cdn.jwplayer.com/tracks/U2R67rvs.srt
  • https://assets-jpcust.jwpsrv.com/tracks/U2R67rvs.srt
3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-jpcust.jwpsrv.com/tracks/U2R67rvs.srt
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5bf600028d0e616bc5aa7333bfc266ed4c0f5315cccd12095b5a558e7439ab31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:18 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
752
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
1240
x-served-by
cache-iad-kjyo7100089-IAD, cache-fra-eddf8230056-FRA
last-modified
Wed, 16 Aug 2023 23:29:36 GMT
server
nginx
x-timer
S1693182498.392885,VS0,VE1
etag
"f365f1ce40e4b18e6c5f79ebd5669375"
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
5, 1

Redirect headers

date
Mon, 28 Aug 2023 00:28:18 GMT
via
1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/tracks/U2R67rvs.srt
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
SdLPKKUbiSyeDWeHKErcy-cIgiyX18k57tx71odXZx9dN3DVv3CGqQ==
polyfills.webvtt.js
ssl.p.jwpcdn.com/player/v/8.28.0/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.28.0/polyfills.webvtt.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc97b445d8b28ec15e45c6a9660661471d4caa1299608fc9a85cb204c1efa3f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:18 GMT
content-encoding
gzip
via
1.1 varnish
age
933309
x-cache
HIT
content-length
4510
x-served-by
cache-fra-eddf8230079-FRA
last-modified
Tue, 15 Aug 2023 16:58:32 GMT
server
AmazonS3
x-timer
S1693182498.144560,VS0,VE0
etag
"f4c411a85f61cb714b72b00768cbc9ec"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
11366
T3OySyMt-120.vtt
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/T3OySyMt-120.vtt
  • https://assets-jpcust.jwpsrv.com/strips/T3OySyMt-120.vtt
4 KB
761 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-jpcust.jwpsrv.com/strips/T3OySyMt-120.vtt
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
508357b3085cc382fea571ea9766dfa9f9aa29fe04b55d13018aaedc3215ca9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:18 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
752
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
600
x-served-by
cache-iad-kjyo7100028-IAD, cache-fra-eddf8230056-FRA
last-modified
Wed, 16 Aug 2023 23:25:44 GMT
server
nginx
x-timer
S1693182498.392956,VS0,VE1
etag
"dac9db5f55e6b17874637909c6bc5a6b"
vary
Accept-Encoding
content-type
text/vtt
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
5, 1

Redirect headers

date
Mon, 28 Aug 2023 00:28:18 GMT
via
1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/strips/T3OySyMt-120.vtt
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
ShqPCmSRMepYpzxg1sH6eg6-dzgJGCY5qiCrxMPJaAA7hdGjrkAgVQ==
provider.cast.js
ssl.p.jwpcdn.com/player/v/8.28.0/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.28.0/provider.cast.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6a75a4b1636f11cddf9b137fc062bf449ad465c3f5da99796ef326fe1e7acf2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:18 GMT
content-encoding
gzip
via
1.1 varnish
age
972735
x-cache
HIT
content-length
10035
x-served-by
cache-fra-eddf8230079-FRA
last-modified
Tue, 15 Aug 2023 16:58:33 GMT
server
AmazonS3
x-timer
S1693182498.182926,VS0,VE0
etag
"e7ae4dae938e9ac0cbaddf52b8526732"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
47871
related.js
ssl.p.jwpcdn.com/player/v/8.28.0/ 		103 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.28.0/related.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
228e28741b1e7a00904f9c14ca9602c6678b35c51567f688eb75932aeaa2366e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:18 GMT
content-encoding
gzip
via
1.1 varnish
age
972735
x-cache
HIT
content-length
25121
x-served-by
cache-fra-eddf8230079-FRA
last-modified
Tue, 15 Aug 2023 16:58:35 GMT
server
AmazonS3
x-timer
S1693182498.183280,VS0,VE0
etag
"8dd1b868a0bea62489b1a5fdfaa6d880"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
73187
T3OySyMt.m3u8
cdn.jwplayer.com/manifests/ 		2 KB
774 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/manifests/T3OySyMt.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.28.0/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:6c00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
2ad143c952b87fa8d930da29d4d4603e1b682dcea5d436ba6bd3ffbd44e51237

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:18 GMT
content-encoding
gzip
via
1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
application/vnd.apple.mpegurl; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180
x-robots-tag
noindex, indexifembedded
content-length
424
x-amz-cf-id
A-IcLrzl5sQ0YfXzUlw2GeOcC9r9fzODcvz50C9iA2TrrFXeR4R__Q==
ppnD35KB-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/T3OySyMt/poster.jpg?width=720
  • https://assets-jpcust.jwpsrv.com/thumbnails/ppnD35KB-720.jpg
35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/ppnD35KB-720.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8ea1a85514c72c925aa2762afe631e95a66e05bcd096ecc81476f9d6a03d0ab6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:18 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
283
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
35854
x-served-by
cache-iad-kjyo7100029-IAD, cache-fra-eddf8230079-FRA
last-modified
Thu, 17 Aug 2023 14:41:43 GMT
server
nginx
x-timer
S1693182498.419357,VS0,VE177
etag
"ec33b93edf7a91f17d0e38fcb5e487ae"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
3, 1

Redirect headers

date
Mon, 28 Aug 2023 00:28:18 GMT
via
1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/ppnD35KB-720.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
lV5jYnh1PBWAreGOza9_ih9YII7Eu0-5DQUdgQ3ZbpKrimGapNH40Q==
ppnD35KB-640.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/T3OySyMt/poster.jpg?width=640
  • https://assets-jpcust.jwpsrv.com/thumbnails/ppnD35KB-640.jpg
29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/ppnD35KB-640.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bf78a85f50fd05f69f31e869c2348da22b09ea697452c53cdcc9e08741a42de7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:18 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
157
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
30091
x-served-by
cache-iad-kcgs7200153-IAD, cache-fra-eddf8230079-FRA
last-modified
Thu, 17 Aug 2023 14:41:42 GMT
server
nginx
x-timer
S1693182498.419386,VS0,VE94
etag
"199d9e9b61aabbd05d490fbdc6ca1cdc"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
17, 1

Redirect headers

date
Mon, 28 Aug 2023 00:28:18 GMT
via
1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/ppnD35KB-640.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
zlQi1uC4PnrQrdueW_635zYZd45gOveABZnec0e78eUWu6uUub8M_A==
ping.gif
prd.jwpltx.com/v1/jwplayer6/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=-1862442750&e=e&n=0954021151733251&abc=0&aid=EP4j6LNJEeu2Q2J%2B7u8ONQ&amp=0&ask=0NdxGYYZ&at=1&c=1&ccp=0&cp=0&d=0&eb=0&ed=6&emi=wlq46r1ko4hu&i=0&id=T3OySyMt&lid=18fv0e4zguxy&lsa=set&mt=0&pbd=1&pbr=1&pgi=i94g2u1firsg&ph=1&pid=IrYAVodh&pii=0&pl=282&plc=20&pli=iptikecg9q3x&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Canada.Com%20%7C%20Homepage%20%7C%20Canada.Com&pu=https%3A%2F%2Fo.canada.com%2F&pv=8.28.0&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=Missing%20Kwikwetlem%20band%20councillor%20found%20dead%2C%20says%20IHIT&tv=3.43.0&vb=1&vi=1&vl=90&wd=501&ab=1&cae=0&cb=1&cdid=leadVideoIFrameHeadline&cme=0&dd=1&fed=zNackYHG&flc=1&fv=&ga=0&lng=en-CA&mk=hls&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FT3OySyMt.m3u8&pbc=0&pd=2&pdr=&plng=en-CA&plt=1450&pni=1&po=0&pogt=%20Canada.Com&rf=%2F%2Fcdn.jwplayer.com%2Fv2%2Fplaylists%2FuzU5KAZg%3Frelated_media_id%3DMEDIAID&sn=%7B%22controlbar%22%3A%7B%22background%22%3A%22rgba(0%2C0%2C0%2C0)%22%2C%22icons%22%3A%22rgba(255%2C255%2C255%2C0.8)%22%2C%22iconsActive%22%3A%22%23FFFFFF%22%2C%22text%22%3A%22%23FFFFFF%22%7D%2C%22menus%22%3A%7B%22background%22%3A%22%23333333%22%2C%22text%22%3A%22rgba(255%2C255%2C255%2C0.8)%22%2C%22textActive%22%3A%22%23FFFFFF%22%7D%2C%22timeslider%22%3A%7B%22progress%22%3A%22%23F2F2F2%22%2C%22rail%22%3A%22rgba(255%2C255%2C255%2C0.3)%22%7D%2C%22tooltips%22%3A%7B%22background%22%3A%22%23FFFFFF%22%2C%22text%22%3A%22%23000000%22%7D%7D&sp=0&st=380&sa=1693182498164
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230079-FRA
date
Mon, 28 Aug 2023 00:28:18 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-cache
MISS
x-cache-hits
0
view
securepubads.g.doubleclick.net/pcs/ Frame CB3F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuxLRXkoKCAgUnKqu5qz_WlaSAox46S61C-_VFzC71f-oV6KqaeEFM6F2DaBYpFaPML5zqiAlFQR-66TbRKSIk4dOBK3iL9GFl3uNZ_8rQO80VG9gPdV2ywGlBPwnt9eRlm_eb856vrtO-mk4zJYfKpU6Iln8uR1a3xK1sAf-RoPDGbQsuoQ_sG-HNGvVmQ54GODDxZwP0WZhXL5T5zoTfGhaGcZPZ1OJ6TwZic0ZBV_aIKvfMGuzONnEDA9f3d_XvPmB5jKn9ptIs4EeAKgd46argwK0mBGFEcA0edGL2W0ZkdurdNkXMMVvlEQfLiO33j&sai=AMfl-YQ5WO77e0IbE6nACEZ71q3YwLx5ked12hH5nfbwnZw_abHsY3pwzneNI1fCkf-iYAN8U4cwUhsZ_omXApDn2vQ42zz-f0JGWK2KiNzZbmO8SrltLJiN-ZqL7hVsng&sig=Cg0ArKJSzDynp5kUSfIQEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 28 Aug 2023 00:28:18 GMT
identify
identity.mparticle.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-mp-key
Access-Control-Request-Method
POST
Origin
https://o.canada.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
age
2599
date
Mon, 28 Aug 2023 00:28:18 GMT
server
Kestrel
strict-transport-security
max-age=900
via
1.1 varnish
x-cache
HIT
x-cache-hits
215
x-fastly-trace-id
992857270
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-fra-eddf8230077-FRA
x-timer
S1693182498.261689,VS0,VE0
identify
identity.mparticle.com/v1/ 		176 B
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
87fdb3428e02b7ef8db6a907d6360ed9232c4c9a47b417c152d67d6f3e70b2b4
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-99b65fde89a1a145894d2d51d283cc83
Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-fra-eddf8230077-FRA
date
Mon, 28 Aug 2023 00:28:18 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=900
server
Kestrel
x-timer
S1693182498.306768,VS0,VE127
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
x-fastly-trace-id
992857433
accept-ranges
bytes
x-cache-hits
0
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-ams21037-AMS
date
Mon, 28 Aug 2023 00:28:18 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1693182498.276858,VS0,VE7
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
identify
api.permutive.com/v2.0/ 		50 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
90dd51cc35228a756b8ba4236650f0cbbed7b80e3ac3512a332641ce87afdf71

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 28 Aug 2023 00:28:18 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
view
securepubads.g.doubleclick.net/pcs/ Frame DC70 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst1DRZcTwnZquCl7Mso4ah7pkbwvuczZz31fh3pqwt1Xf5unZhXh0DrlZE2UfbIjyHJF_yO3EQZrW4UIkkYzOQI-pAL3D_knGWGxHRO2GXmb3PGkP1a9JwTQxohA09I-5EO6OZHq8q4auqP62IgJEPCu8kk_4330Nf8D8h9BBeJiA7XIIHhRQylXVTUYJWC2HdaIzI6TTmfCinSx6Jj_idQJ_xyZMfSzcxDnrgIq55CkltltaQ8jPMuVVpKGlq9iKGeIPUXyvGzHjWLDgOTdVDHzj2ncc4ZiiFiW4A2Y06MXk9bLUs2U982xzDd93hm5qUa&sai=AMfl-YR44MQcus4Oa5AGCvnVYgYlrWtwyaBKQfC0fzC0mksMkOK43cRou83Aoa7hownE3U9-dAtkhvhiP_AendebnLZ2iVFpxX1yGDZjGchZaW1va5jCGA-drxE39shZCA&sig=Cg0ArKJSzPaKyK_esdklEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 28 Aug 2023 00:28:18 GMT
collect
region1.analytics.google.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-CBS6P3K53Q&gtm=45je38n0&_p=732977049&_gaz=1&cid=1897779236.1693182497&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEIE&_s=1&sid=1693182498&sct=1&seg=0&dl=https%3A%2F%2Fo.canada.com%2F&dt=Canada.Com%20%7C%20Homepage%20%7C%20Canada.Com&en=ad_impression&_fv=1&_ss=1&_c=1&ep.query_id=CL-kpKqM_oADFRM34AodNMILbQ
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CBS6P3K53Q&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://o.canada.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CBS6P3K53Q&cid=1897779236.1693182497&gtm=45je38n0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CBS6P3K53Q&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c03::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://o.canada.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-CBS6P3K53Q&gtm=45je38n0&_p=732977049&cid=1897779236.1693182497&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEIE&_s=2&sid=1693182498&sct=1&seg=0&dl=https%3A%2F%2Fo.canada.com%2F&dt=Canada.Com%20%7C%20Homepage%20%7C%20Canada.Com&en=ad_impression&_c=1&ep.query_id=CL6kpKqM_oADFRM34AodNMILbQ&_et=3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CBS6P3K53Q&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://o.canada.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-CBS6P3K53Q&cid=1897779236.1693182497&gtm=45je38n0&aip=1&z=1821820495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=732977049&t=pageview&_s=1&dl=https%3A%2F%2Fo.canada.com%2F&ul=en-us&de=UTF-8&dt=Canada.Com%20%7C%20Homepage%20%7C%20Canada.Com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACAABBAAAACAEK~&jid=1122084042&gjid=1071782252&cid=1897779236.1693182497&tid=UA-213173459-10&_gid=1166003841.1693182498&_r=1&_slc=1&gtm=45He38n0n81P3Q4QHW&cd2=2023-08-28T02%3A28%3A18.042%2B02%3A00&cd7=anonymous&cd17=0&cd23=canada.com&cd24=Cheetah&cd25=14.2.3&cd26=v86.1&cd27=0&cd28=GTM-P3Q4QHW&cd29=51&cd31=index&cd52=index&cd65=false&cd1=1897779236.1693182497&z=1422204820
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://o.canada.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		15 B
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=732977049&t=pageview&_s=1&dl=https%3A%2F%2Fo.canada.com%2F&ul=en-us&de=UTF-8&dt=Canada.Com%20%7C%20Homepage%20%7C%20Canada.Com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACAABBAAAACAEK~&jid=26576876&gjid=550775675&cid=1897779236.1693182497&tid=UA-138335866-21&_gid=1166003841.1693182498&_r=1&_slc=1&gtm=45He38n0n81P3Q4QHW&z=1420888223
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
292942b7ea009b33947befcd41c1fc5d794deb1be3537385af9913c4eff98458
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://o.canada.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-geo.s-onetag.com/ 		555 B
972 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-89.fra56.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 18:38:38 GMT
via
1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront), 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6, FRA56-P5
age
20980
x-amzn-requestid
21038539-b793-46de-9c05-a3105eb9144c
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
KVS3QFnliYcFcpQ=
content-length
555
x-amz-cf-id
DU-8CcpTosTJJ7QSW55F98HgW6-39DVLhSWmOFEeo0LkK_pWVB5Ulw==
beacon.min.js
signal-beacon.s-onetag.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-76.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0a16378462c7afcb27d8e14cf50e2cd3a8980af2895d20622640b096920719e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id
bto3eb0o1YxjKQVMPWidTjdqvOBrBN1F
content-encoding
gzip
via
1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
date
Sun, 27 Aug 2023 06:08:57 GMT
last-modified
Tue, 13 Jun 2023 14:58:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
65962
x-amz-server-side-encryption
AES256
etag
W/"565eb88b90415391668a5cb7cfb4557a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
FHOqcXNT57Hg_W5m4dHVRKba_xGh9_san-9QlOQ7D9d4_5TMoXbUrw==
/
p1.parsely.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1693182498355&plid=20a1c41f-0ba4-4833-9a91-c5ce3fbed9d0&idsite=o.canada.com&url=https%3A%2F%2Fo.canada.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22login_status%22%3A%22anonymous%22%7D&sid=1&surl=https%3A%2F%2Fo.canada.com%2F&sref=&sts=1693182498348&slts=0&title=Canada.Com+%7C+Homepage+%7C+Canada.Com&date=Mon+Aug+28+2023+02%3A28%3A18+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&pvid=d0e12474-a519-4a97-993f-db61de23b127&u=pid%3D6bef3d98-b92e-4f23-8695-a19c33b83f6d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.18.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Mon, 28 Aug 2023 00:28:18 GMT
Cache-Control
no-cache
Last-Modified
Monday, 28-Aug-2023 00:28:18 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
1685973801652415
connect.facebook.net/signals/config/ 		151 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1685973801652415?v=2.9.125&r=stable&domain=o.canada.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
baa06ca152455c505073cf398a603af73530548814bd69b6ec1abeeb2a0d42ca
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 28 Aug 2023 00:28:18 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
39713
x-xss-protection
0
pragma
public
x-fb-debug
6aCaEdAGw0gm0JxngvnBWRHrEK3QCwa5Ok4q9iCWzQ8kIOhe55DhbuZZJFMZCnRtURd675MH6TDWO8tlZabqwg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
bridge3.586.0_en_ca.html
imasdk.googleapis.com/js/core/ Frame 8700 		720 KB
231 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.586.0_en_ca.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48c2e0cd9e4652421e1f86e05bac985443ce43ec4d4561163a07d6edec4e1067
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://o.canada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
449661
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
236429
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 19:33:57 GMT
expires
Wed, 21 Aug 2024 19:33:57 GMT
last-modified
Tue, 22 Aug 2023 19:04:36 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 28 Aug 2023 00:28:18 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E36B 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:17:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
640
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 28 Aug 2023 01:17:38 GMT
manifest-audio_eng=112014-video_eng=135662.m3u8
videos-cloudfront-usp.jwpsrv.com/64ec92e2_edd6d72be8ce1afb8aa8cebf0ee1a0755ecc98e5/site/ReDAXyY4/media/T3OySyMt/version/T3OySyMt/manifest.ism/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront-usp.jwpsrv.com/64ec92e2_edd6d72be8ce1afb8aa8cebf0ee1a0755ecc98e5/site/ReDAXyY4/media/T3OySyMt/version/T3OySyMt/manifest.ism/manifest-audio_eng=112014-video_eng=135662.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.28.0/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:7400:2:cecb:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
7b72c1f1fcd6500f32fb522e1ef785c3f40a6bc62a362af74df3222a963244ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 23:31:08 GMT
via
1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
349030
x-cache
Hit from cloudfront
content-length
2646
server
Apache
etag
"usp-371FABE5"
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-expose-headers
server,range,date,x-cdn-forward
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
origin, range, x-cdn-forward
x-amz-cf-id
yLnq7j2FQCVSLn2Excyn4K65G-kcPYAtbG_mAHyPAb9oJVJz6_TIYA==
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308220101&jk=51620581966705&bg=!g4ClgM_NAAYkVgHwBFY7ADQBe5WfOHy5c-2Bcvvpl9psxeNIogK1FgkcOdz9WkUT3Jwouv-nNHy4TyrMb_A-O9DxrYiIAgAAAFdSAAAABmgBBwoAB1_Mu3KU7oCZArj6UnVAl-G1m-HDoNQvHFzLcF9rQev7zg1dv7vT-FLBGw-w4BzrdHNCbJHLMf4mPVIs_Am2MIWNfgzkw8ErbwQrznx2gt2KYF1spvrEMDngsMPjxb31rbz4mb6EROwSpt7_BWx9sxQz7IJvVg9NgR90yxhgjesH96bmAPXJTm-QMjiHcRqx9ZfYksRe5ZeWPaSH4PaEaHdCgd34ZI5ELYCYgr4Gz2H0iv-6hFo18Yd3gpT1T1XJvV0JZUdSggqC08tabzaWseMO27raWJxXPb5jnrxpjUzqXkdkal0yo-IaQv5KRaWxcdXsNDCeZVZZPKWGo-rmwyH8I_Z7QghAZSEkI9COhQagkwFDr13E-Cb9Dely8L90tyAPW9k4N39CTMA-hJFR54FnRg5Qk2IrB5LzvtkqN_eYRAAUOsY52kF1Cbc7XdZvnFBRJfhJS2GDvN-hyCqX5t5DCC_r9rBbPyJoYFZ7ILjFhnewOyNAKlWkjdVIFzlwl36DxjUwmFJsXeHb0-4yZoD8bw3UJ8MUMmNkSSBqt1ZEtJerRl29-IVpDolEAbO2XSdZpQRI6s8moNlCGyYpBuXbdchzIsUK_xMC25ssNE0sWEQUNK-wtIhIGN92YngO3KdqwB_Id8UnvlqTU1bMun346IEkaG_3GkExdyAIe4-SbSorquBmPTHANBsxZOQpvoJgW48WXpp556vVzISOTlhdUrcyWwPhjKsbn25hIQ5EnG2tmQSVmJ6ChKvwpXrfFP3dTalSTfs0I7zlQFvzxtJ0ZQNFKY214LARjMHHIHVrgofID7AZuOPTvD7R19Ci9NtmledhteUK9R9RonvnY-NWrMfiCdb3Xs0MkHdzaukYNo79g5a8lR4EevwPgfOiX8wl4mzyLs8TQFJY3Mdp-1UL48j1rR1DrhAA3g4Y8M5J3KI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers
ingest.php
events.newsroom.bi/ 		50 B
848 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.144.218 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy04.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 28 Aug 2023 00:28:18 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
66
333d78a65385aa90fb86.js
sdk.mrf.io/statics/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/333d78a65385aa90fb86.js
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9fa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31062826da772e146ea2caf34beeccaf3550998a20becea67cb794a5efce0629

Request headers

Referer
https://o.canada.com/
Origin
https://o.canada.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:18 GMT
content-encoding
gzip
via
1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA60-P2
age
3545
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-envoy-upstream-service-time
129
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 23 Aug 2023 09:58:37 GMT
server
cloudflare
etag
W/"0e16322c53c421e942d7579413f405f7"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
timing-allow-origin
*
cf-ray
7fd86ef7495f9bce-FRA
x-amz-cf-id
r1GyTrijxyWVzQ3SN9PJC1eb25aBjY1mPLMHnonEKC_WEUoDwkkiSg==
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 28 Aug 2023 00:28:18 GMT
audiences
api.permutive.com/audience-matching/v1/id/aff38324-df81-48fe-b6a3-9bb64e2ff7ed/ 		12 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/audience-matching/v1/id/aff38324-df81-48fe-b6a3-9bb64e2ff7ed/audiences?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 28 Aug 2023 00:28:18 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
content-type
application/json
T3OySyMt-120.jpg
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/T3OySyMt-120.jpg
  • https://assets-jpcust.jwpsrv.com/strips/T3OySyMt-120.jpg
112 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/strips/T3OySyMt-120.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8cfeb7f0d636a12f28a410f0fc68ead87b6373a6c8512cc98a30abc7961c06fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:18 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
80
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
108584
x-served-by
cache-iad-kiad7000081-IAD, cache-fra-eddf8230079-FRA
last-modified
Wed, 16 Aug 2023 23:25:45 GMT
server
nginx
x-timer
S1693182499.637069,VS0,VE94
etag
"79f6ea758dae33101f190b877e44e4bc"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
13013, 1

Redirect headers

date
Mon, 28 Aug 2023 00:28:18 GMT
via
1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/strips/T3OySyMt-120.jpg
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
0MKyKAmMF0RQzNth6uxIxSJOQFjLsM-y37-BF6K0aptdiIuL0F4YzQ==
events
jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		42 B
157 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/events
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
0fb228eaf403017fcc12d29cf4a7f964645a6d1f197f643e9540d88a28f1be81

Request headers

Accept
text/plain;charset=UTF-8
Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-ams21037-AMS
date
Mon, 28 Aug 2023 00:28:18 GMT
content-encoding
gzip
via
1.1 varnish
server
Kestrel
x-timer
S1693182499.505628,VS0,VE7
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-213173459-10&cid=1897779236.1693182497&jid=1122084042&gjid=1071782252&_gid=1166003841.1693182498&_u=YCDACAAABAAAACAEK~&z=1758618155
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c03::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 28 Aug 2023 00:28:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://o.canada.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		220 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4PRPPJ1J9V&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
23ba149cc530d1c3628d7609473974bf3635210dd7094992aefd77048a894455
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80582
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 28 Aug 2023 00:28:18 GMT
/
onetag-geo.s-onetag.com/ 		555 B
971 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-89.fra56.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 18:38:38 GMT
via
1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront), 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6, FRA56-P5
age
20980
x-amzn-requestid
21038539-b793-46de-9c05-a3105eb9144c
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
KVS3QFnliYcFcpQ=
content-length
555
x-amz-cf-id
xjcnJLn2itNZUzMHfSPa2P9_uS0YPQklajt39gr-Mc5nbl4F6xKGMw==
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1685973801652415&ev=PageView&dl=https%3A%2F%2Fo.canada.com%2F&rl=&if=false&ts=1693182498525&sw=1600&sh=1200&v=2.9.125&r=stable&ec=0&o=30&fbp=fb.1.1693182498522.1041052400&cs_est=true&it=1693182498370&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 28 Aug 2023 00:28:18 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-213173459-10&cid=1897779236.1693182497&jid=1122084042&_u=YCDACAAABAAAACAEK~&z=479609495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-213173459-10&cid=1897779236.1693182497&jid=1122084042&_u=YCDACAAABAAAACAEK~&z=479609495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
manifest-audio_eng=112014-video_eng=135662-1.ts
videos-cloudfront-usp.jwpsrv.com/64ec92e2_edd6d72be8ce1afb8aa8cebf0ee1a0755ecc98e5/site/ReDAXyY4/media/T3OySyMt/version/T3OySyMt/manifest.ism/ 		153 KB
154 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront-usp.jwpsrv.com/64ec92e2_edd6d72be8ce1afb8aa8cebf0ee1a0755ecc98e5/site/ReDAXyY4/media/T3OySyMt/version/T3OySyMt/manifest.ism/manifest-audio_eng=112014-video_eng=135662-1.ts
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.28.0/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:7400:2:cecb:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
a833989b14be27cfdd394ec2668a9085146af01d48799a886fdbe222ca1ec598

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 00:18:36 GMT
via
1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
x-usp-info1
t=1970-01-01T00:00:00Z lookahead=2
x-amz-cf-pop
FRA56-P7
age
348677
x-cache
Hit from cloudfront
content-length
156792
last-modified
Thu, 13 Jun 1974 01:45:35 GMT
server
Apache
etag
"usp-09CB2927"
vary
Accept-Encoding
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
server,range,date,x-cdn-forward
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
link
<manifest-audio_eng=112014-video_eng=135662-2.ts>; rel="next"
access-control-allow-headers
origin, range, x-cdn-forward
x-amz-cf-id
0ou2Mc6yt6b6THu-yfh2eaQSryYsHx8mb-Uj17HARimbOoRLQo1bgA==
main.19.8.439.js
static.adsafeprotected.com/ Frame 2BE7 		207 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.439.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=928934&campId=970x250&pubId=4811995650&chanId=68750341&placementId=6320677576&pubCreative=138435360861&pubOrder=3214318285&cb=191625056&custom=index&custom2=2&adsafe_par&impId=c823dd0a-4539-11ee-8842-02bf0c6c3701
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:f800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 13:42:57 GMT
x-amz-version-id
jxULgCd28jZVPRI.j5D8yH73I4fVMdj5
content-encoding
gzip
via
1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
1593922
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 08 Aug 2023 19:01:42 GMT
server
AmazonS3
etag
W/"f00fcc2e1b804b8a3edfbb8cb19bddaa"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
qmvCewOTEfv1yj06vWwKPQnunkwlD_Iog8wjPY3llmABN7VOjfNc_g==
cast_framework.js
www.gstatic.com/cast/sdk/libs/sender/1.0/ 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12197
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 23:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="chrome-dongle"
vary
Accept-Encoding
report-to
{"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type
text/javascript
cache-control
private, max-age=0
accept-ranges
bytes
expires
Mon, 28 Aug 2023 00:28:18 GMT
cast_sender.js
www.gstatic.com/eureka/clank/116/ 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/116/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9cdf2602ac04f7e2bed582d4299c73d464fc4ab069e3ad5a20ee2b6635a015b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 15:25:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32584
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15373
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 15:06:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Mon, 28 Aug 2023 15:25:14 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-4PRPPJ1J9V&gtm=45je38n0&_p=732977049&ul=en-us&sr=1600x1200&cid=1897779236.1693182497&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fo.canada.com%2F&dt=Canada.Com%20%7C%20Homepage%20%7C%20Canada.Com&sid=1693182498&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4PRPPJ1J9V&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://o.canada.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rfv.php
compassdata.mrf.io/ 		27 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://compassdata.mrf.io/rfv.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.159.24 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy02.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary8ry5PrnRH3ojWTSg

Response headers

date
Mon, 28 Aug 2023 00:28:18 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
42
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 29 Aug 2023 00:28:18 GMT
thirdpartycookie
api.viafoura.co/v2/o.canada.com/ 		45 B
645 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/o.canada.com/thirdpartycookie?section=
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4847:76a1:b6b5:aeaf:fb4e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356

Request headers

Accept
application/json, text/plain, */*
Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-instance-id
i-0f90d1bb2edbaf1cb
pragma
no-cache
date
Mon, 28 Aug 2023 00:28:18 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://o.canada.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Mon, 28 Aug 2023 00:28:18 GMT
main.19.8.439.js
static.adsafeprotected.com/ Frame 4858 		207 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.439.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=928934&campId=970x250&pubId=4811995650&chanId=68750341&placementId=6320689129&pubCreative=138435367035&pubOrder=3214528277&cb=1380331086&custom=index&custom2=1&adsafe_par&impId=c823dd09-4539-11ee-8842-02bf0c6c3701
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:f800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 13:42:57 GMT
x-amz-version-id
jxULgCd28jZVPRI.j5D8yH73I4fVMdj5
content-encoding
gzip
via
1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
1593922
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 08 Aug 2023 19:01:42 GMT
server
AmazonS3
etag
W/"f00fcc2e1b804b8a3edfbb8cb19bddaa"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
r2DhdBOdPnIbtbQ1lPEWNB0yBZl31dWT8R9m2zASTk4l8JqEL8t0Bw==
e8177c89-da40-4a6b-aa52-ba709592c326
https://o.canada.com/ 		365 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://o.canada.com/e8177c89-da40-4a6b-aa52-ba709592c326
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3778b11054daa02477c738ed3bf2ba3b0ef7c5d57eae266b9f4199fe3c65917e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length
373268
Content-Type
text/javascript
multimedia.php
events.newsroom.bi/ 		12 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/multimedia.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/333d78a65385aa90fb86.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.144.218 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy04.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 28 Aug 2023 00:28:18 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
12
intl-messageformat.958fcc6fef17de377a4f.js
cdn.viafoura.net/chunks/defaultVendors~languages/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/defaultVendors~languages/intl-messageformat.958fcc6fef17de377a4f.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:2800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d30126e5df0e63e4752e17d7ebb3034b11a9344cb5d8e8ace9e8e65fd284af16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:53:16 GMT
x-amz-version-id
cu9i.nzCFch2FGcgLLFvhKzbkFbh6w8i
content-encoding
br
via
1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
275703
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 24 Aug 2023 19:52:32 GMT
server
AmazonS3
etag
W/"a730874ed61111b0ff61a00b096443c8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
dn4afm5zIfJ-4yic_JH0LHe6aBTy0dM_43ZauMolCLqEkBptkB7StQ==
intl-messageformat.668c9dcdaf54915256c2.js
cdn.viafoura.net/chunks/languages/ 		135 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/intl-messageformat.668c9dcdaf54915256c2.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:2800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
372f0b04813518572b524a2b8e24575606b9767725601025e5358cb0cd10f4d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:53:16 GMT
x-amz-version-id
Z5IdDMecEQl1EcHKVHn54cHYiC6bsh3v
via
1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
275703
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
content-length
135
last-modified
Thu, 24 Aug 2023 19:52:39 GMT
server
AmazonS3
etag
"f4904aff4c86016a09ed53be156c5e74"
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
EJw2MqIwcpfTZDxhEGodRhNOpC-fFUQRzIZfk9OEN7GHDUqnaz_nqQ==
en-us-base-json.da313d81b92dbce5685e.js
cdn.viafoura.net/chunks/languages/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-base-json.da313d81b92dbce5685e.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:2800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
008d2fec21e690a66ad9d14e5288959d654abede80aeb2778f0e03f244c8440d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:53:17 GMT
x-amz-version-id
8_usbW5dTQT29yL29Q1QfC8oMmYqBlC_
content-encoding
br
via
1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
275702
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 24 Aug 2023 19:52:33 GMT
server
AmazonS3
etag
W/"a32cdca1ef29e83a74228e96ecae89fd"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
KntIRQ7r-Fb-JOkcw_G1rJcGHn6_aZgZxIskNYRaW4XzCSL-XVtfZQ==
sca.17.6.2.js
static.adsafeprotected.com/ Frame 2F8B 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:f800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 21:19:49 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
6923310
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
VnOOTSNY2SZSebQ_HIlMtsYZyjo7-iyiRykyIWTx9J0dHWJMekveEQ==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=928934&campId=970x250&pubId=4811995650&chanId=68750341&placementId=6320677576&pubCreative=138435360861&pubOrder=3214318285&cb=191625056&custom=index&custom2=2&adsafe_par&impId=c823dd0a-4539-11ee-8842-02bf0c6c3701&adsafe_url=https%3A%2F%2Fo.canada.com%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:d18be056-9405-bd68-f477-ce4a68a9de8b,c:mxPQJQ,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-67bdfc9f5d-xghfp,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:315.1184.970.250,am:i,cc:315.1184.970.250,piv:6,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:242,mot:0,app:0,maw:0,fm:tObrd8v+11%7C12%7C13%7C14%7C15*.928934%7C151%7C161%7C17%7C181%7C182,idMap:15*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:264,oid:c9087108-4539-11ee-babe-92d85483a7b7,v:19.8.439,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.99.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-99-188.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:18 GMT
server
nginx
x-server-name
app14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=d18be056-9405-bd68-f477-ce4a68a9de8b&tv=%7Bc:mxPQJR,pingTime:-8,time:264,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:264,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:263,wc:0.0.1600.1200,ac:315.1184.970.250,am:i,cc:315.1184.970.250,piv:6,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B17~1%5D,as:%5B17~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tObrd8v+11%7C12%7C13%7C14%7C15*.928934%7C151%7C161%7C17%7C181%7C182,idMap:15*,rmeas:1,rend:1,renddet:IMG.qs,siq:264%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:5453:801b:1cfb:a1f6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:19 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=d18be056-9405-bd68-f477-ce4a68a9de8b&tv=%7Bc:mxPQKk,pingTime:-2,time:293,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:715,beZ:715,mfA:957,cmA:959,inA:959,inZ:964,prA:964,prZ:973,si:978,poA:979,poZ:990,cmZ:990,mfZ:990,loA:1003,loZ:1006,ltA:1008,ltZ:1008,mdA:716,mdZ:918%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:6,vs:o,r:l,w:970,h:250,t:263%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:293,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:263,wc:0.0.1600.1200,ac:315.1184.970.250,am:i,cc:315.1184.970.250,piv:6,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B46~1%5D,as:%5B46~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tObrd8v+11%7C12%7C13%7C14%7C15*.928934%7C151%7C161%7C17%7C181%7C182,idMap:15*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:264,slid:%5Bgoogle_ads_iframe_/3081/ccn.com/index_1,google_ads_iframe_/3081/ccn.com/index_1__container__,ad-2,ad__inner-2,main-content%5D,sinceFw:28,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:5453:801b:1cfb:a1f6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:19 GMT
server
nginx
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
LoginRadiusV2.js
auth.lrcontent.com/v2/ 		204 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.lrcontent.com/v2/LoginRadiusV2.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b724128d513fe8a2abe466b9eea06f1c4ec5899f4cf302a4d1963f463caa347
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:18 GMT
strict-transport-security
max-age= 63072000; includeSubdomains; preload
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
gzip
age
3867
x-amz-cf-pop
FRA53-C1
cf-polished
origSize=1300481
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cf-bgj
minify
last-modified
Tue, 22 Aug 2023 07:10:52 GMT
server
cloudflare
etag
W/"3ba0ce20d834b755eccbe57cb0bd74f1"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
7fd86efa397a381b-FRA
x-amz-cf-id
SDajf-LHGyM1-EyzQAF9YLApgOtg9rGDKa3oef6mxbLZAPvuHq4WDw==
expires
Mon, 28 Aug 2023 04:28:18 GMT
ingest
i.viafoura.co/v3/o.canada.com/ 		67 B
389 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://i.viafoura.co/v3/o.canada.com/ingest
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.236.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-236-9.compute-1.amazonaws.com
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://o.canada.com
date
Mon, 28 Aug 2023 00:28:19 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/png
content-length
67
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame 4694 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=o.canada.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://o.canada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 28 Aug 2023 00:28:18 GMT
server
Kestrel
server-processing-duration-in-ticks
253367
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 29 Aug 2023 00:28:19 GMT
sca.17.6.2.js
static.adsafeprotected.com/ Frame 6375 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:f800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 21:19:49 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
6923310
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
8_ycfMGmyvMNFiRVotaCWbaeRyHeFZFjUO6TMvCn9uNnjTObsbA1xQ==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=928934&campId=970x250&pubId=4811995650&chanId=68750341&placementId=6320689129&pubCreative=138435367035&pubOrder=3214528277&cb=1380331086&custom=index&custom2=1&adsafe_par&impId=c823dd09-4539-11ee-8842-02bf0c6c3701&adsafe_url=https%3A%2F%2Fo.canada.com%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:ec840fbe-c36b-3f04-fd57-97ff7a61b6c5,c:mxPQKS,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-67bdfc9f5d-zq4m6,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:315.109.970.250,am:i,cc:315.109.970.250,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:235,mot:0,app:0,maw:0,fm:tObrd9R+11%7C12%7C13%7C14%7C151%7C152%7C16*.928934%7C161%7C17%7C181%7C182%7C19,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:243,oid:c908e689-4539-11ee-b916-ee80ed9d69e8,v:19.8.439,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.99.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-99-188.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:19 GMT
server
nginx
x-server-name
app32.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=ec840fbe-c36b-3f04-fd57-97ff7a61b6c5&tv=%7Bc:mxPQKS,pingTime:-8,time:243,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:243,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:242,wc:0.0.1600.1200,ac:315.109.970.250,am:i,cc:315.109.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B7~100%5D,as:%5B7~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tObrd9R+11%7C12%7C13%7C14%7C151%7C152%7C16*.928934%7C161%7C17%7C181%7C182%7C19,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs,siq:243%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:5453:801b:1cfb:a1f6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:19 GMT
server
nginx
x-server-name
dt16.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=ec840fbe-c36b-3f04-fd57-97ff7a61b6c5&tv=%7Bc:mxPQL1,pingTime:0,time:252,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:243%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:252,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:242,wc:0.0.1600.1200,ac:315.109.970.250,am:i,cc:315.109.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B17~100%5D,as:%5B17~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tObrd9R+11%7C12%7C13%7C14%7C151%7C152%7C16*.928934%7C161%7C17%7C181%7C182%7C19,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs,siq:243%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:5453:801b:1cfb:a1f6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:19 GMT
server
nginx
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=ec840fbe-c36b-3f04-fd57-97ff7a61b6c5&tv=%7Bc:mxPQL6,pingTime:-2,time:257,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:780,beZ:781,mfA:1015,cmA:1015,inA:1015,inZ:1016,prA:1016,prZ:1021,si:1023,poA:1023,poZ:1029,cmZ:1029,mfZ:1029,loA:1035,loZ:1036,ltA:1036,ltZ:1036,mdA:782,mdZ:936%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:243%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:257,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:242,wc:0.0.1600.1200,ac:315.109.970.250,am:i,cc:315.109.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B21~100%5D,as:%5B21~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tObrd9R+11%7C12%7C13%7C14%7C151%7C152%7C16*.928934%7C161%7C17%7C181%7C182%7C19,idMap:16*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:IMG.qs,siq:243,slid:%5Bgoogle_ads_iframe_/3081/ccn.com/index_0,google_ads_iframe_/3081/ccn.com/index_0__container__,ad-1,ad__inner-1,main-content%5D,sinceFw:14,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:5453:801b:1cfb:a1f6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:19 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
mLwT04rz-120.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/in8brjDO/poster.jpg?width=120
  • https://assets-jpcust.jwpsrv.com/thumbnails/mLwT04rz-120.jpg
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/mLwT04rz-120.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
215c97848bfc4144f26215f4baa55eb4b7f3dd2605a58d6e732cf56ca45f020f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:19 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
157
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
3730
x-served-by
cache-iad-kjyo7100021-IAD, cache-fra-eddf8230079-FRA
last-modified
Thu, 17 Aug 2023 14:38:47 GMT
server
nginx
x-timer
S1693182499.121945,VS0,VE88
etag
"6ed890df966761c91f5d63cd6820409b"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
3, 1

Redirect headers

date
Mon, 28 Aug 2023 00:28:19 GMT
via
1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/mLwT04rz-120.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
PamqyvQmmGmD_fpFif1i2nEzp-E2Bd3_7yOUJ9YD-b4ehP5WwPqYug==
svod-module-js.95aff610e9802f83b372.js
cdn.viafoura.net/chunks/vuex_store/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/svod-module-js.95aff610e9802f83b372.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:2800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
483c1f8b2044a456732c7c73a4917d49c3e6e1bfca69f1712f0a623bdc0c2fe9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 19:53:18 GMT
x-amz-version-id
Cj_tYwCOhVxawae9NMod0dJ1Kd0EVJe6
content-encoding
br
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
age
275701
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 24 Aug 2023 19:52:47 GMT
server
AmazonS3
etag
W/"6fd8973aa29820cd867d3293b0d15089"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
uV1hz995d8vd5e6EiSGyygCIpdTzF8uZN7Bru47qZuQdnWEUuMDhww==
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=d18be056-9405-bd68-f477-ce4a68a9de8b&tv=%7Bc:mxPQLA,time:371,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:371,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:263,wc:0.0.1600.1200,ac:315.1184.970.250,am:i,cc:315.1184.970.250,piv:6,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B124~1%5D,as:%5B124~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tObrd8v+11%7C12%7C13%7C14%7C15*.928934%7C151%7C16.928934%7C161%7C17%7C181%7C182,idMap:15*,rmeas:1,rend:1,renddet:IMG.qs,siq:264%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:5453:801b:1cfb:a1f6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:19 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=ec840fbe-c36b-3f04-fd57-97ff7a61b6c5&tv=%7Bc:mxPQLB,time:288,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:288,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:242,wc:0.0.1600.1200,ac:315.109.970.250,am:i,cc:315.109.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B52~100%5D,as:%5B52~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tObrd9R+11%7C12%7C13%7C14%7C151%7C152%7C16*.928934%7C161%7C17%7C181%7C182%7C19,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs,siq:243%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:5453:801b:1cfb:a1f6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:19 GMT
server
nginx
x-server-name
dt20.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
appInfo
config.lrcontent.com/ciam/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://o.canada.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-headers
x-requested-with
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://o.canada.com
allow
GET, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7fd86efbcc199125-FRA
date
Mon, 28 Aug 2023 00:28:19 GMT
server
cloudflare
vary
Origin
appInfo
config.lrcontent.com/ciam/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Requested by
Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b63ad435cf3ecd2c94ef78ac92c0cf7b87d39b0cffdd4976d46ec42567e861c6

Request headers

Referer
https://o.canada.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:19 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
access-control-allow-origin
https://o.canada.com
cache-control
max-age=86400
cf-ray
7fd86efc3c529125-FRA
/
www.facebook.com/tr/ Frame 9C01 		0
69 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://o.canada.com
Referer
https://o.canada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://o.canada.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Mon, 28 Aug 2023 00:28:19 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
sid
mug.criteo.com/ Frame 4694
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=canada.com&sn=ChromeSyncframe&so=0&topUrl=o.canada.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=QwOAXHw2cEF1bVhDUmMybWs5Z25GWitUaHNhQ1VyRndSU0tPUmp1YzlFYW5zZlp2YVNXazF6ejJ5d0JUYWVmbU5nRFFNR2xnUjcvQXJhUnJJb3IxOFE4djd2S0xoOVZEU0dLejFiRVlUenhPMUJkcUNqc2lSOGpGZy9pUi...
433 B
652 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=QwOAXHw2cEF1bVhDUmMybWs5Z25GWitUaHNhQ1VyRndSU0tPUmp1YzlFYW5zZlp2YVNXazF6ejJ5d0JUYWVmbU5nRFFNR2xnUjcvQXJhUnJJb3IxOFE4djd2S0xoOVZEU0dLejFiRVlUenhPMUJkcUNqc2lSOGpGZy9pUitzajlvR0VlelVFSzN1VlZjSkx2cHk0MFV4T0xRNEtNUkZKOFNkOHNRWWtNMmR3UkcrZWpPZTFicFFBVkRZWUtXSGcvOEV3eDhYd3FWcDMvczFNVWZHYTJyTVpLaXh6cm5PbmpsT3g1eWFUM0dPMFZZZ3FRWGtDZy9EQ051bnVISk1va1loU0oyalVrc1B0VnJxYzN6MjlkMG1JRC9wUT09fA&cppv=2
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2869c7105bf71cccd13e3f1d20a0a3074a1970daa74f9e8fd2b1806c5f2353fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:18 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1425151
expires
0

Redirect headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=QwOAXHw2cEF1bVhDUmMybWs5Z25GWitUaHNhQ1VyRndSU0tPUmp1YzlFYW5zZlp2YVNXazF6ejJ5d0JUYWVmbU5nRFFNR2xnUjcvQXJhUnJJb3IxOFE4djd2S0xoOVZEU0dLejFiRVlUenhPMUJkcUNqc2lSOGpGZy9pUitzajlvR0VlelVFSzN1VlZjSkx2cHk0MFV4T0xRNEtNUkZKOFNkOHNRWWtNMmR3UkcrZWpPZTFicFFBVkRZWUtXSGcvOEV3eDhYd3FWcDMvczFNVWZHYTJyTVpLaXh6cm5PbmpsT3g1eWFUM0dPMFZZZ3FRWGtDZy9EQ051bnVISk1va1loU0oyalVrc1B0VnJxYzN6MjlkMG1JRC9wUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
222518
content-length
0
expires
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=d18be056-9405-bd68-f477-ce4a68a9de8b&tv=%7Bc:mxPQPA,pingTime:-10,time:619,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE2LjAuNTg0NS4xMTAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1693182499206%7C%7Cca90547189bf7d37915993d23e1bb78e%7C%7Cf3b2a520b07e1265656cdb121718396d%7C%7C6c279900ead5ca1a821f84b97685c80d%7C%7C3a44f19335ac441c7554c20c5ff955d3%7C%7C47377967b7fb0f1db1e7b73a9b698bea%7C%7Cab3225ba1b9eb9d3e42ab0495db70361%7C%7Cb53ab008203f5791ff0223cdfe8de9c0%7C%7C1663701684%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:5453:801b:1cfb:a1f6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:19 GMT
server
nginx
x-server-name
dt22.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
login
postmedia.hub.loginradius.com/ssologin/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://o.canada.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
x-requested-with
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin
https://o.canada.com
Connection
keep-alive
Date
Mon, 28 Aug 2023 00:28:19 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-LoginRadius-Server
Primary - IDX - AWS
X-Server
ms_idx_primary
login
postmedia.hub.loginradius.com/ssologin/ 		38 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Requested by
Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://o.canada.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Mon, 28 Aug 2023 00:28:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://o.canada.com
X-LoginRadius-Server
Primary - IDX - AWS
Access-Control-Allow-Credentials
true
X-Server
ms_idx_primary
Connection
keep-alive
Content-Length
38
activeview
pagead2.googlesyndication.com/pcs/ Frame DC70 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvnDjUzl_kMbOy45QB8GHMoQwv7N8Gs1gmvKXmiPn2wEX0te3OUk4GP4dg_0H9uPeKAY2efUNjh6pk3OqcXFFArN-vQRnIZuwLyticQEM5EHSCGi2Gx4MyYMPgovETP&sig=Cg0ArKJSzNp8gmsMH_aoEAE&id=lidar2&mcvt=1000&p=109,315,359,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230823&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=4217552496&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693182497886&rpt=384&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
api.permutive.com/v2.0/batch/ 		101 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
2efaa3a4e0888ca7f47821c03cc785377626b3ee09e5378cad1ae372c8dfe547

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 28 Aug 2023 00:28:19 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=ec840fbe-c36b-3f04-fd57-97ff7a61b6c5&tv=%7Bc:mxPQXm,pingTime:-10,time:1017,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE2LjAuNTg0NS4xMTAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1693182499206%7C%7Cca90547189bf7d37915993d23e1bb78e%7C%7Cf3b2a520b07e1265656cdb121718396d%7C%7C6c279900ead5ca1a821f84b97685c80d%7C%7C3a44f19335ac441c7554c20c5ff955d3%7C%7C47377967b7fb0f1db1e7b73a9b698bea%7C%7Cab3225ba1b9eb9d3e42ab0495db70361%7C%7Cb53ab008203f5791ff0223cdfe8de9c0%7C%7C1663701684,sca:%7Bspg:d18be056-9405-bd68-f477-ce4a68a9de8b%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:5453:801b:1cfb:a1f6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:19 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=ec840fbe-c36b-3f04-fd57-97ff7a61b6c5&tv=%7Bc:mxPR1a,pingTime:1,time:1253,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:243%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1253,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:242,wc:0.0.1600.1200,ac:315.109.970.250,am:i,cc:315.109.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1018~100%5D,as:%5B1018~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:229,fm:tObrd9R+11%7C12%7C13%7C14%7C151%7C152%7C16*.928934%7C161%7C17%7C181%7C182%7C19,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs,siq:243,sis:508%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:5453:801b:1cfb:a1f6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:20 GMT
server
nginx
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=ec840fbe-c36b-3f04-fd57-97ff7a61b6c5&tv=%7Bc:mxPR1b,pingTime:1,time:1254,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:243%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1254,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:242,wc:0.0.1600.1200,ac:315.109.970.250,am:i,cc:315.109.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1018~100%5D,as:%5B1018~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:229,fm:tObrd9R+11%7C12%7C13%7C14%7C151%7C152%7C16*.928934%7C161%7C17%7C181%7C182%7C19,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs,siq:243,sis:508,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:5453:801b:1cfb:a1f6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:20 GMT
server
nginx
x-server-name
dt18.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=ec840fbe-c36b-3f04-fd57-97ff7a61b6c5&tv=%7Bc:mxPR1b,pingTime:1,time:1254,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:243%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1254,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:242,wc:0.0.1600.1200,ac:315.109.970.250,am:i,cc:315.109.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1018~100%5D,as:%5B1018~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:229,fm:tObrd9R+11%7C12%7C13%7C14%7C151%7C152%7C16*.928934%7C161%7C17%7C181%7C182%7C19,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs,siq:243,sis:508,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:5453:801b:1cfb:a1f6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:20 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
recirculation.php
events.newsroom.bi/ 		12 B
713 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/recirculation.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.144.218 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy04.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash
a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 28 Aug 2023 00:28:21 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
12
metrics
api.permutive.com/v2.0/internal/ 		2 B
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/internal/metrics?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 28 Aug 2023 00:28:21 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
content-type
text/plain;charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
envelope
lexicon.33across.com/v1/ 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A732 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://o.canada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=114009
content-encoding
gzip
content-length
5606
content-type
text/html
date
Mon, 28 Aug 2023 00:28:22 GMT
expires
Tue, 29 Aug 2023 08:08:31 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame AEC9 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://o.canada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
660
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7fd86f0ed89a5c38-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 28 Aug 2023 00:28:22 GMT
expires
Mon, 28 Aug 2023 04:28:22 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame F5C1 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.112.188 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-112-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://o.canada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 28 Aug 2023 00:28:22 GMT
ETag
"623de86a-cf34"
Expires
Tue, 29 Aug 2023 00:28:24 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
pd
postmedia-d.openx.net/w/1.0/ Frame EFA9 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://postmedia-d.openx.net/w/1.0/pd
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Mon, 28 Aug 2023 00:28:22 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame 8925 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://o.canada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 28 Aug 2023 00:28:22 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
p
sb.scorecardresearch.com/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=19&c2=10276888&ns_ap_an=unknown&ns_ap_pn=js&ns_ap_pv=5&c12=_&name=foreground&ns_ap_ec=1&ns_ap_ev=start&ns_ap_device=Win32&ns_ap_id=1693182502148&ns_ap_csf=1&ns_ap_bi=unknown&ns_ap_pfm=webbrowser&ns_ap_pfv=Chrome%20116.0.5845.110&ns_ap_ver=unknown&ns_ap_sv=7.7.0%2B211006&ns_ap_bv=7.7.0%2B211006&ns_ap_smv=6.4&ns_type=view&ns_ap_gs=1693182497143&ns_ts=1693182497142&ns_ap_cfg=1110101-110-3C-7D0-A-1F-1E-1E-12C-A&ns_ap_env=0-0-2&ns_ap_ut=60000&ns_ap_ar=unknown&ns_ap_cs=1&ns_ap_fg=1&ns_ap_dft=0&ns_ap_dbt=0&ns_ap_dit=0&ns_ap_as=1&ns_ap_das=0&ns_ap_usage=0&ns_radio=unknown&ns_ap_install=1693182497143&ns_ap_ft=0&ns_ap_bt=0&ns_ap_it=0&ns_ap_res=1600x1200&ns_ap_sd=1600x1200&ns_ap_po=0x0&ns_ap_lang=en-US&ns_ap_jb=unknown&ns_c=UTF-8&c7=https%3A%2F%2Fo.canada.com%2F&c8=Canada.Com%20%7C%20Homepage%20%7C%20Canada.Com&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-72.fra60.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:22 GMT
via
1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
7T6JkvpKJ2X1c94CkpzPkEdjx2oDjJ-MHQdhbuTwjwKDIALb5njAGQ==
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.166.140 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-166-140.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://o.canada.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Mon, 28 Aug 2023 00:28:22 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.166.140 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-166-140.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 28 Aug 2023 00:28:22 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
usync.js
eus.rubiconproject.com/ Frame 8925 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
cec590b68a6dd2b40fa90e876cb485c7eea3bac4e54cf4bb60335eacb010c431

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Mon, 28 Aug 2023 00:28:22 GMT
Content-Encoding
gzip
Last-Modified
Sun, 27 Aug 2023 11:46:30 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=40667
Connection
keep-alive
Content-Length
10116
Expires
Mon, 28 Aug 2023 11:46:09 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame A732 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=16114638&p=160305&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
2dd669ae01735ed236eabaefbfb7e1516e1a2bd34332522bac97d0f94f62bf0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 28 Aug 2023 00:28:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usermatch
ssum-sec.casalemedia.com/ Frame B8DC
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
381d3194368dcf2569571ad031c99786ce96b89e0e7c621b924dba3d66a2664c

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1729
Content-Type
text/html
Date
Mon, 28 Aug 2023 00:28:22 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Mon, 28 Aug 2023 00:28:22 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
bounce
ib.adnxs.com/ Frame F5C1
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:22 GMT
an-x-request-uuid
f760fcc7-d1f9-4239-806d-b63c3d1cf6cb
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.100; 80.255.7.100; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:22 GMT
an-x-request-uuid
04ba2ecc-d60c-4214-af25-ac8d033433aa
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.100; 80.255.7.100; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 8925 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 28 Aug 2023 00:28:22 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ecm3
s.amazon-adsystem.com/ Frame 8925
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=NEBZBMacTBuXImkDDD-KEg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=NEBZBMacTBuXImkDDD-KEg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=NEBZBMacTBuXImkDDD-KEg
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Aug 2023 00:28:23 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BBPDV2M2ER78N23QGPDX
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=NEBZBMacTBuXImkDDD-KEg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 8925
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFKZAEBwVprQuRpTfQAd4pI&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFKZAEBwVprQuRpTfQAd4pI&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFKZAEBwVprQuRpTfQAd4pI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8925
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExVNTUzVzktQS0xODk=
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDpOmbq3kh9j9QpZe5Iw8dk&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExVNTUzVzktQS0xODk=&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExVNTUzVzktQS0xODk=&google_push=
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExVNTUzVzktQS0xODk=&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
setuid
px.ads.linkedin.com/ Frame 8925
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLU553W9-A-189
0
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLU553W9-A-189
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:22 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 4D4EF6F1C23D48FD9DDC89E22CC12495 Ref B: DUS30EDGE0406 Ref C: 2023-08-28T00:28:22Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYD8MWduG6oHrefAh/03g==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLU553W9-A-189
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 8925
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=TySnvccyQrOo_BqglIiQvw&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=TySnvccyQrOo_BqglIiQvw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=TySnvccyQrOo_BqglIiQvw
Protocol
HTTP/1.1
Server
54.239.33.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Aug 2023 00:28:22 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QVH1PCC876VKE8SH7NVK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=TySnvccyQrOo_BqglIiQvw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 8925
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTk5OGM4ZDI2MjRmZGI3NjIxMjFmMzg3ODFjM2UzNmQ5NDZjNzQ5MQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTk5OGM4ZDI2MjRmZGI3NjIxMjFmMzg3ODFjM2UzNmQ5NDZjNzQ5MQ
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTk5OGM4ZDI2MjRmZGI3NjIxMjFmMzg3ODFjM2UzNmQ5NDZjNzQ5MQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 8925
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/T-BBXqejsQbpM8qamYnF_Q?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-OISk2JVE2oKrJzk76KO3J_xdwzZkDanK3PC.3w--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-OISk2JVE2oKrJzk76KO3J_xdwzZkDanK3PC.3w--~A
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 28 Aug 2023 00:28:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-OISk2JVE2oKrJzk76KO3J_xdwzZkDanK3PC.3w--~A
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 24C9
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 28 Aug 2023 00:28:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Mon, 28 Aug 2023 00:28:21 GMT
expires
Mon, 28 Aug 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
747079
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 2542
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=BDDD0284-7D77-4D75-AA35-5AFC29B060FD&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=BDDD0284-7D77-4D75-AA35-5AFC29B060FD&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=BDDD0284-7D77-4D75-AA35-5AFC29B060FD&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.33.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 28 Aug 2023 00:28:22 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
RBZ1ACWYX3XXX9YSY40Y

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Mon, 28 Aug 2023 00:28:22 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=BDDD0284-7D77-4D75-AA35-5AFC29B060FD&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
VSHY70V8TYVMS0YH0MV7
Pug
image2.pubmatic.com/AdServer/ Frame FD43
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=HXvSRk4uhRIGeNVGT32aEh5_jh0GfNVBGn_4V1N5
42 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=HXvSRk4uhRIGeNVGT32aEh5_jh0GfNVBGn_4V1N5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 28 Aug 2023 00:28:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Mon, 28 Aug 2023 00:28:22 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=HXvSRk4uhRIGeNVGT32aEh5_jh0GfNVBGn_4V1N5
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A732
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vd0ChH13TXWqNVr8KbBg_Q%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:22 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=114009
accept-ranges
bytes
content-length
5606
expires
Tue, 29 Aug 2023 08:08:31 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame A732 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=BDDD0284-7D77-4D75-AA35-5AFC29B060FD&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.174.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-174-162.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:22 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.31.111
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame A732
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2167500763
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=BDDD0284-7D77-4D75-AA35-5AFC29B060FD
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=BDDD0284-7D77-4D75-AA35-5AFC29B060FD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:22 GMT
via
1.1 google
last-modified
Mon, 28 Aug 2023 00:28:22 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=BDDD0284-7D77-4D75-AA35-5AFC29B060FD
date
Mon, 28 Aug 2023 00:28:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame A732
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=BDDD0284-7D77-4D75-AA35-5AFC29B060FD
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MDgyNkJ2TG83eEdTcTZYVzRIZGpud3otdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=7062279365327152691&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
HTTP/1.1
Server
54.147.123.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-123-103.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Mon, 28 Aug 2023 00:28:23 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 28 Aug 2023 00:28:23 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame A732
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkRERDAyODQtN0Q3Ny00RDc1LUFBMzUtNUFGQzI5QjA2MEZE&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 28 Aug 2023 00:28:22 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame A732
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEACBV5IOEnQf9Dn9xpbqi_s&google_cver=1
42 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEACBV5IOEnQf9Dn9xpbqi_s&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 28 Aug 2023 00:28:22 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEACBV5IOEnQf9Dn9xpbqi_s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame A732 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:22 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 27 Aug 2023 00:28:22 GMT
generic
match.adsrvr.org/track/cmf/ Frame A732 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 28 Aug 2023 00:28:22 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame A732
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7062279365327152691
42 B
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7062279365327152691
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 28 Aug 2023 00:28:21 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7062279365327152691
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
BDDD0284-7D77-4D75-AA35-5AFC29B060FD
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame A732 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/BDDD0284-7D77-4D75-AA35-5AFC29B060FD?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:f821:c088:dfda:b5f7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58292/ Frame A732 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=BDDD0284-7D77-4D75-AA35-5AFC29B060FD&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:22 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
recirculation.php
events.newsroom.bi/ 		12 B
713 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/recirculation.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.144.218 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy04.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash
a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 28 Aug 2023 00:28:22 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
12
casale
match.adsrvr.org/track/cmf/ Frame B8DC 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 28 Aug 2023 00:28:22 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame B8DC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZOvqJr5nyMvyqeamOLOHJwAACJMAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFUKfyoODClRpYVixW_ZhdI&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFUKfyoODClRpYVixW_ZhdI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Aug 2023 00:28:22 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFUKfyoODClRpYVixW_ZhdI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B8DC
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZOvqJr5nyMvyqeamOLOHJwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOn4NH0qA47Sa_i-j4VUamg&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOn4NH0qA47Sa_i-j4VUamg&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Aug 2023 00:28:22 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOn4NH0qA47Sa_i-j4VUamg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame B8DC
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZOvqJr5nyMvyqeamOLOHJwAACJMAAAAB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZOvqJr5nyMvyqeamOLOHJwAACJMAAAAB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZOvqJr5nyMvyqeamOLOHJwAACJMAAAAB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Aug 2023 00:28:23 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PYDDY69Q9RGTDMBG83ZK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 28 Aug 2023 00:28:22 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1638CH987AV1AKGYSGR3
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZOvqJr5nyMvyqeamOLOHJwAACJMAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame B8DC 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
ddos.com
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 28 Aug 2023 00:28:22 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
rum
dsum-sec.casalemedia.com/ Frame B8DC
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZOvqJgAL4ltHsABY
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZOvqJgAL4ltHsABY&_test=ZOvqJgAL4ltHsABY
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZOvqJgAL4ltHsABY&_test=ZOvqJgAL4ltHsABY
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Aug 2023 00:28:22 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-fra-etou8220088-FRA
pragma
no-cache
date
Mon, 28 Aug 2023 00:28:22 GMT
via
1.1 varnish
server
Varnish
x-timer
S1693182503.698115,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZOvqJgAL4ltHsABY&_test=ZOvqJgAL4ltHsABY
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame B8DC
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4376308914535916993
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4376308914535916993
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Aug 2023 00:28:22 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:22 GMT
an-x-request-uuid
4ef2ef96-0fe7-40d9-9da7-35207b99684c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4376308914535916993
x-proxy-origin
80.255.7.100; 80.255.7.100; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame B8DC 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.2.204 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-2-204.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
htw-pixel.gif
cdn.indexww.com/ht/ Frame B8DC 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZOvqJr5nyMvyqeamOLOHJwAA%262195
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:22 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
20962
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7fd86f1109d73a66-FRA
content-length
43
expires
Tue, 29 Aug 2023 00:28:22 GMT
async_usersync
ib.adnxs.com/ Frame F5C1 		0
594 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:23 GMT
an-x-request-uuid
58a3319a-26aa-4c5b-bca4-8419d669e31a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.100; 80.255.7.100; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-CBS6P3K53Q&gtm=45je38n0&_p=732977049&cid=1897779236.1693182497&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=3&dl=https%3A%2F%2Fo.canada.com%2F&sid=1693182498&sct=1&seg=1&dt=Canada.Com%20%7C%20Homepage%20%7C%20Canada.Com&en=page_view&ep.debug_mode=false&ep.gtm_version=51&ep.gtm_container_id=GTM-P3Q4QHW&ep.ad_blocker_enabled=false&ep.user_status=anonymous&ep.page_type=index&ep.session_uuid=A59AAD5D-4790-49D8-F8FB-BA559965FA53&ep.platform=Cheetah&ep.platform_version=14.2.3&ep.fem_version=v86.1&ep.mp_id=-3993449989604224057&ep.brand=canada.com&ep.timestamp=2023-08-28T02%3A28%3A18.398%2B02%3A00&ep.ga_client_id=1897779236.1693182497&ep.main_category=index&ep.metered_content=false&_et=80&up.mp_id=-3993449989604224057&up.client_id=1897779236.1693182497
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CBS6P3K53Q&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://o.canada.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
multimedia.php
events.newsroom.bi/ 		12 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/multimedia.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/333d78a65385aa90fb86.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.144.218 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy04.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 28 Aug 2023 00:28:23 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
12
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=ec840fbe-c36b-3f04-fd57-97ff7a61b6c5&tv=%7Bc:mxPS3G,pingTime:5,time:5253,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:243%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5253,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:242,wc:0.0.1600.1200,ac:315.109.970.250,am:i,cc:315.109.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5017~100%5D,as:%5B5017~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:193,fm:tObrd9R+11%7C12%7C13%7C14%7C151%7C152%7C16*.928934%7C161%7C17%7C181%7C182%7C19,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs,siq:243,sis:508%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:5453:801b:1cfb:a1f6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 00:28:24 GMT
server
nginx
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
SPug
simage4.pubmatic.com/AdServer/ Frame A732 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160305&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:28:23 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
lexicon.33across.com
URL
https://lexicon.33across.com/v1/envelope?pid=0015a0000344KfnAAE&gdpr=0&src=pbjs&ver=7.54.0

Verdicts & Comments Add Verdict or Comment

132 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| documentPictureInPicture function| setNptTechAdblockerCookie object| script object| modern_script_elem object| legacy_script_elem object| ytAdTargetingLoadEvent function| script_onload string| locSrc object| ytVideoAdTargetingConfig object| BlockAdBlock object| blockAdBlock object| webpackJsonpFrontEndModules object| tp object| __iasPET object| FrontEndModules object| googletag object| permutive object| apstag object| pbjs object| diagPixSentCodes object| __iasAdRefreshConfig object| ggeac object| google_tag_data object| google_js_reporting_queue object| _aps boolean| apstagLOADED object| apscustom object| pbjsChunk object| _pbjsGlobals object| LRNameSpace object| LoginRadiusDefaults function| LoginRadiusUtility function| LoginRadiusApiFramework function| setLoginRadiusDefaultSchema function| setLoginRadiusModuleFunctions function| LoginRadiusHooksModel function| SetLoginRadiusCommonFunctions function| LoginRadiusControllers function| LoginRadiusV2 function| FormValidator object| hash undefined| google_measure_js_timing object| webpackChunkdjango_content_services object| Criteo object| __permutive object| PublisherCommonId object| Sailthru string| iasScores number| google_unique_id object| gaGlobal object| ns_ object| jwDefaults object| webpackChunkjwplayer function| jwplayer object| GoogleGcLKhOms object| vf object| vfQ object| dataLayer object| mParticle object| gtm_data_layer boolean| femCePnIdReadyTriggered object| COMSCORE object| _comscore object| mpOneTrustKit object| GoogleTagManagerKit function| OptanonWrapper object| dl_mparticle object| google_tag_manager object| _vfP boolean| vfLoaded function| setImmediate function| clearImmediate object| viafoura string| GoogleAnalyticsObject function| ga function| e function| t object| marfeel function| fbq function| _fbq object| PARSELY function| autotrack function| gtag function| onYouTubeIframeAPIReady object| gaplugins object| gaData function| _ga_originalSendHitTask object| __connect function| _typeof object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| goog object| closure_lm_813048 object| google_image_requests object| webpackChunk_marfeel_marfeel_sdk object| __mrfCompass function| WebVTT object| closure_lm_969318 object| cast object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_136 object| Criteo_prebid_136 object| __IntegralASExec

71 Cookies

Domain/Path Name / Value
o.canada.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.canada.com/ Name: pbjs_sharedId
Value: 509dbc43-b621-4548-829d-75f88e76d468
o.canada.com/ Name: __adblocker
Value: false
.canada.com/ Name: permutive-id
Value: aff38324-df81-48fe-b6a3-9bb64e2ff7ed
o.canada.com/ Name: sailthru_pageviews
Value: 1
o.canada.com/ Name: political-ad-opt-out
Value: {"data":false,"exp":604800000,"ts":1693182496728,"mac":-148616577}
.23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/ Name: pxid
Value: 87a3c898-0980-441a-bd98-2c19761c0a06
.doubleclick.net/ Name: IDE
Value: AHWqTUkxagEQivQZm15UVh1TQOBSg8znhGhH2cyxuGUbvAvGwh4btgJJI0oo_DU67Zc
.rubiconproject.com/ Name: khaos
Value: LLU553W9-A-189
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpDuCu6vdI65wNb0fGVcfL/XWaA1sYWTLE9gLr7Yht2fTIT0w7bA5BBB6NGWVotE2AzgHlbzd1OQFllHfr3pVJr1puu6LoX8NQijy0RC4Zd8RuybVyVU0yt
o.canada.com/ Name: sailthru_content
Value: e0e63ee57f02752e397065170b7057a9
o.canada.com/ Name: sailthru_visitor
Value: ac7a248a-e678-48a2-8424-d643b69120b8
o.canada.com/ Name: x-id
Value: {"data":{"adLight":false,"id":"j8vd3iwksotvo9dycwz4cgswvuq2ntuh","updated":1693182497542},"exp":604800000,"ts":1693182497542,"mac":1785858430}
fem.gprod.postmedia.digital/ Name: x-id
Value: {"data":{"adLight":false,"id":"j8vd3iwksotvo9dycwz4cgswvuq2ntuh","updated":1693182497542},"exp":604800000,"ts":1693182497552,"mac":1785859391}
.canada.com/ Name: __gads
Value: ID=7b4ad06757e51798:T=1693182497:RT=1693182497:S=ALNI_MZdR2SUczEt5jOZ_kYkFL94rot11A
.canada.com/ Name: __gpi
Value: UID=00000c698343ad47:T=1693182497:RT=1693182497:S=ALNI_MabGCLYOu-HzJPKWKn6EslS78wz5A
.canada.com/ Name: _ga
Value: GA1.2.1897779236.1693182497
.canada.com/ Name: _gid
Value: GA1.2.1166003841.1693182498
.canada.com/ Name: _gat_UA-213173459-10
Value: 1
.canada.com/ Name: _gat_UA-138335866-21
Value: 1
.canada.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://o.canada.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1693182498348%2C%22slts%22:0}
.canada.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=6bef3d98-b92e-4f23-8695-a19c33b83f6d%22%2C%22session_count%22:1%2C%22last_session_ts%22:1693182498348}
.canada.com/ Name: _ga_CBS6P3K53Q
Value: GS1.1.1693182498.1.1.1693182498.60.0.0
.canada.com/ Name: ___nrbic
Value: %7B%22previousVisit%22%3A1693182498%2C%22currentVisitStarted%22%3A1693182498%2C%22sessionId%22%3A%22f62dcba2-87da-4bf3-9ade-5d265058bd95%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//o.canada.com/%22%2C%22referrer%22%3A%22%22%7D
.canada.com/ Name: ___nrbi
Value: %7B%22firstVisit%22%3A1693182498%2C%22userId%22%3A%22b1045ea7-9b6b-46ec-a650-faa330e4c75e%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1693182498%2C%22timesVisited%22%3A1%7D
.canada.com/ Name: compass_uid
Value: b1045ea7-9b6b-46ec-a650-faa330e4c75e
.canada.com/ Name: mprtcl-v4_4662F03F
Value: {'gs':{'ie':1|'dt':'us1-99b65fde89a1a145894d2d51d283cc83'|'av':'1.0.0'|'cgid':'95e104f0-595c-46d4-1b2d-817eb99ba472'|'das':'418bdc45-dc95-44c3-569a-848b07317b0c'|'csm':'WyItMzk5MzQ0OTk4OTYwNDIyNDA1NyJd'|'sid':'A59AAD5D-4790-49D8-F8FB-BA559965FA53'|'les':1693182498480|'ssd':1693182497744}|'l':1|'-3993449989604224057':{'fst':1693182498073|'ui':'eyIwIjoiajh2ZDNpd2tzb3R2bzlkeWN3ejRjZ3N3dnVxMm50dWgifQ=='}|'cu':'-3993449989604224057'}
.canada.com/ Name: _fbp
Value: fb.1.1693182498522.1041052400
events.newsroom.bi/ Name: 1528_u
Value: b1045ea7-9b6b-46ec-a650-faa330e4c75e
events.newsroom.bi/ Name: 1528_lv
Value: null
events.newsroom.bi/ Name: 1528_ut
Value: 0
.canada.com/ Name: _ga_4PRPPJ1J9V
Value: GS1.2.1693182498.1.0.1693182498.0.0.0
.viafoura.co/ Name: VfSess
Value: f9e8n17i5stcvace8aemcsrf6p
.viafoura.co/ Name: vfThirdpartyCookiesEnabled
Value: true
o.canada.com/ Name: _vfz
Value: o%2Ecanada%2Ecom.00000000-0000-4000-8000-90e188e7f27f.1693182499.1.medium=direct|source=|sharer_uuid=|terms=
.canada.com/ Name: _vfa
Value: o%2Ecanada%2Ecom.00000000-0000-4000-8000-90e188e7f27f.4c650125-3303-46f0-bc5d-6f36044c9a26.1693182499.1693182499.1693182499.1
.canada.com/ Name: _vfb
Value: o%2Ecanada%2Ecom.00000000-0000-4000-8000-90e188e7f27f.2..1693182499....
.criteo.com/ Name: uid
Value: 5090bd26-a9a7-452d-8b0a-d8482c9b59dd
.canada.com/ Name: cto_bundle
Value: BpAIw19PdzdlJTJCaGF3QTRmSGNueFpyN0NlVXVRVlB5SXFnVlhmJTJGWXBnMWpVTVFmVzBweXhJMjUzRmpNYUd3elZxTVd5MGVOcG5pS3AzMktjbGh2VERkTkJmTGslMkJDSGhaMms0JTJCJTJCZ1hHTnlza1NlcDNWUTRpamhkNDE2MVE3dXJTUmxXM0VpYXM2U0lwUlJneUVnZUVTdzZLZmV3JTNEJTNE
.viafoura.co/ Name: vfDeviceId
Value: 632d6059-ea09-4634-b93f-86ea7201d7db
.ads.pubmatic.com/ Name: KCCH
Value: YES
.adnxs.com/ Name: uuid2
Value: 4376308914535916993
.pubmatic.com/ Name: KADUSERCOOKIE
Value: BDDD0284-7D77-4D75-AA35-5AFC29B060FD
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 160305:2
.pubmatic.com/ Name: DPSync3
Value: 1694390400%3A245_241_235_201
.pubmatic.com/ Name: SyncRTB3
Value: 1694390400%3A220_13_71_8_21_54_56_251%7C1694476800%3A35%7C1693785600%3A223
.casalemedia.com/ Name: CMID
Value: ZOvqJr5nyMvyqeamOLOHJwAA
.casalemedia.com/ Name: CMPS
Value: 2195
.casalemedia.com/ Name: CMPRO
Value: 2195
.adform.net/ Name: C
Value: 1
.quantserve.com/ Name: d
Value: EIEBCwHoKfijAA
.quantserve.com/ Name: mc
Value: 64ebea26-7bbd2-65099-3be10
.simpli.fi/ Name: suid
Value: CFEC8141FB3B45F9A47F93EFF3DC31CE
.adform.net/ Name: uid
Value: 7062279365327152691
.weborama.fr/ Name: AFFICHE_W
Value: ZjlYKLOTkKtm95
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEACBV5IOEnQf9Dn9xpbqi_s&KRTB&23025-CAESEACBV5IOEnQf9Dn9xpbqi_s&KRTB&23386-CAESEACBV5IOEnQf9Dn9xpbqi_s
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-HXvSRk4uhRIGeNVGT32aEh5_jh0GfNVBGn_4V1N5&KRTB&19420-HXvSRk4uhRIGeNVGT32aEh5_jh0GfNVBGn_4V1N5&KRTB&22979-HXvSRk4uhRIGeNVGT32aEh5_jh0GfNVBGn_4V1N5&KRTB&23403-HXvSRk4uhRIGeNVGT32aEh5_jh0GfNVBGn_4V1N5
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-7062279365327152691&KRTB&23263-7062279365327152691&KRTB&23481-7062279365327152691
.pubmatic.com/ Name: PugT
Value: 1693182501
.yahoo.com/ Name: A3
Value: d=AQABBCbq62QCEJ0rzQEn0zomH-nyk6lcoR4FEgEBAQE77WT1ZAAAAAAA_eMAAA&S=AQAAAj4464bsawvkuWkh5wvkvTY
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZOvqJgAL4ltHsABY
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.linkedin.com/ Name: bcookie
Value: "v=2&181a6394-adca-4247-8f9d-ead608e5f29f"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTMxODI1MDI7MjswMjGbdSGnO2fniGa3QSO7ciY1jK6I68JD2NEkU1Wyt/wxBw==
.linkedin.com/ Name: lidc
Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2578:u=1:x=1:i=1693182502:t=1693268902:v=2:sig=AQHg9BcyokXU6EXr1e0NtcSSnyDgRFcB"
.audrte.com/ Name: arcki2
Value: 0826BvLo7xGSq6XW4Hdjnwz-w!20220908!1693182502814!ip#80.255.7.100
.audrte.com/ Name: arcki2_pubmatic
Value: BDDD0284-7D77-4D75-AA35-5AFC29B060FD!20220908!1693182502818
.audrte.com/ Name: arcki2_ddp2
Value: 0826BvLo7xGSq6XW4Hdjnwz-w!20220908!1693182502995
.amazon-adsystem.com/ Name: ad-id
Value: A6lSD4HgLkgqgyuESeXlppw
.audrte.com/ Name: arcki2_adform
Value: 7062279365327152691!20220908!1693182503155

3 Console Messages

Source Level URL
Text
rendering warning URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js(Line 9)
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 482)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=BDDD0284-7D77-4D75-AA35-5AFC29B060FD&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co
37fd233be47a9ff8da56fd1d6f53de47.safeframe.googlesyndication.com
a.audrte.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ads.pubmatic.com
ads.rubiconproject.com
ak.sail-horizon.com
ap.lijit.com
api.permutive.com
api.sail-personalize.com
api.viafoura.co
assets-jpcust.jwpsrv.com
auth.lrcontent.com
bidder.criteo.com
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
canada.com
cdn.adsafeprotected.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.jwplayer.com
cdn.parsely.com
cdn.permutive.com
cdn.viafoura.net
cm.g.doubleclick.net
cms.quantserve.com
compassdata.mrf.io
config.lrcontent.com
connect.facebook.net
cr.frontend.weborama.fr
dcs-static.gprod.postmedia.digital
dis.criteo.com
dmp.adform.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
entitlements.jwplayer.com
eus.rubiconproject.com
events.newsroom.bi
fastlane.rubiconproject.com
fem.gprod.postmedia.digital
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
googlesync.permutive.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.viafoura.co
ib.adnxs.com
identity.mparticle.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
js-sec.indexww.com
jssdkcdns.mparticle.com
jssdks.mparticle.com
lexicon.33across.com
match.adsrvr.org
micro.rubiconproject.com
mug.criteo.com
o.canada.com
onetag-geo.s-onetag.com
p1.parsely.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
postmedia-d.openx.net
postmedia.hub.loginradius.com
pr-bh.ybp.yahoo.com
prd.jwpltx.com
prebid-a.rubiconproject.com
px.ads.linkedin.com
region1.analytics.google.com
region1.google-analytics.com
rtb.openx.net
s.amazon-adsystem.com
s0.2mdn.net
sb.scorecardresearch.com
sdk.mrf.io
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
simage2.pubmatic.com
simage4.pubmatic.com
smartcdn.gprod.postmedia.digital
ssl.p.jwpcdn.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
storage.googleapis.com
sync-tm.everesttech.net
sync.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
videos-cloudfront-usp.jwpsrv.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.npttech.com
x.bidswitch.net
lexicon.33across.com
104.18.38.76
104.18.39.155
104.19.149.54
108.138.9.235
13.224.192.181
13.225.78.97
13.32.121.72
142.250.184.226
143.204.215.76
151.101.2.49
152.199.22.243
162.55.144.218
172.64.149.180
178.250.1.9
178.250.7.13
18.185.12.185
18.197.249.97
18.66.100.58
18.66.112.103
18.66.112.89
184.30.211.26
185.64.189.112
185.80.39.216
185.89.210.180
195.201.159.24
198.47.127.19
198.47.127.20
198.47.127.205
2001:4860:4802:34::36
216.52.2.30
23.21.99.188
23.218.210.30
23.32.184.192
23.54.112.188
23.56.202.187
2600:1f13:800:7781:5453:801b:1cfb:a1f6
2600:1f18:44f0:4847:76a1:b6b5:aeaf:fb4e
2600:9000:21f3:f800:8:48e:53c0:93a1
2600:9000:223c:2800:8:2ae1:d740:93a1
2600:9000:225e:6c00:1:a3fa:7cc0:93a1
2600:9000:2491:7400:2:cecb:23c0:93a1
2602:803:c003:200::41
2606:4700:3033::ac43:9fa2
2606:4700:4400::ac40:9256
2606:4700::6810:5814
2606:4700::6812:4eb
2606:4700::6812:5eb
2606:4700:e6::ac40:c70b
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2620:1ec:21::14
2a00:1450:4001:801::2003
2a00:1450:4001:801::2008
2a00:1450:4001:802::2001
2a00:1450:4001:803::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2004
2a00:1450:4001:813::200a
2a00:1450:4001:828::2002
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2010
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a00:1450:400c:c03::9b
2a02:2638:3::7
2a02:2638:d::2
2a02:2638:d::d
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:200::645
2a04:4e42:400::626
2a04:4e42:400::645
2a04:4e42:600::645
2a05:d018:d29:3605:f821:c088:dfda:b5f7
3.223.236.9
3.71.149.231
34.107.254.252
34.111.129.221
34.111.131.239
34.111.249.109
34.111.67.160
34.117.54.29
34.149.157.221
34.98.64.218
35.157.166.140
35.204.74.118
35.227.252.103
35.241.9.51
35.71.131.137
37.157.4.28
52.213.174.162
52.222.214.32
52.28.2.204
52.46.130.91
54.147.123.103
54.155.18.159
54.239.33.159
69.173.144.139
75.2.40.13
98.98.134.243
008d2fec21e690a66ad9d14e5288959d654abede80aeb2778f0e03f244c8440d
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0381967675976510e2916e43a8b674c08194163e69ead105d6a8c48405993ed2
04b9cb5ed4d889d84f6a5223bc4ec932d53f3d32c9534a3d89cb732861f1b198
057195b80c1594769bccb5bbb495f6b011b0fa6b0a39f12194248ef9dc15420a
05721aed8db14a0b8424719528faf137f35471a4c383ddef3f0c4758163b5529
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07af69012c290d3655c6c0e638f4ac4e504d55363dff7eb7a1319615336c9fd1
08cd07907e956d147860431fdbcd4b941f8969ea29b53960ee623b57f9097937
0aa6175bf9ddd57283e8d589a38a80890c4f232edc4842c71d61663e649b3304
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bda12ec46f9b68e7d87808dbf65ee8b1860ce9087d37edbe34cd96d423f89da
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
0fb228eaf403017fcc12d29cf4a7f964645a6d1f197f643e9540d88a28f1be81
10910cf8b30d9606ad8a61c9641993e27a48f336efad06966d7dfcf8baa184c4
109bc526dbd668fd2a2450b0d4841c8dd99f4e0942835634e46c0c2c2ca1845c
141d5bbc284c11dd6a0a3f369ec345c8821515ff3a9476c327ece61ceab8db47
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1d776ce917561decdc8d2200cbb2834d5b04c641e8d434c78a366d8d24b24fa2
1dec6b344b0999e29b683cce0271969c15da25173d258514e61d807a7fea7909
1e49483abab8d63805dbed859f1689bf1cea49a4778b7a7a93bd53ee31b9a7c5
215c97848bfc4144f26215f4baa55eb4b7f3dd2605a58d6e732cf56ca45f020f
228e28741b1e7a00904f9c14ca9602c6678b35c51567f688eb75932aeaa2366e
23ba149cc530d1c3628d7609473974bf3635210dd7094992aefd77048a894455
261b28ac104a26d0af0a3338ba54cc1ae1bb79df343c5e2ea98ffa695aa13964
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27184b63e1de9ea2fdf0ddc25c7ab0f9f87510826beec4c9a7f3d2b502e0e3d0
276b5244682738d09b1f2ea556faf7d6d967c844fa95c762c121a0957ebe4503
2869c7105bf71cccd13e3f1d20a0a3074a1970daa74f9e8fd2b1806c5f2353fe
288b9a4684c881cf9fe41d6b74c23f2db03660e82abe8c1a37de21c43eeefbf2
292942b7ea009b33947befcd41c1fc5d794deb1be3537385af9913c4eff98458
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ad143c952b87fa8d930da29d4d4603e1b682dcea5d436ba6bd3ffbd44e51237
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
2dd669ae01735ed236eabaefbfb7e1516e1a2bd34332522bac97d0f94f62bf0a
2e0a25181e03e795fcd966a053a03210c7d735e1f438af2ea5111fd1d4609390
2efaa3a4e0888ca7f47821c03cc785377626b3ee09e5378cad1ae372c8dfe547
2f28c008f0ce667d697ccc95a07377e8562c0c28dd910f864724a265f75671e4
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f6e4e4c4ae60b11b7d296ce54b227212ba7f492ec670d99bcf2bb87dd9e5dd5
31062826da772e146ea2caf34beeccaf3550998a20becea67cb794a5efce0629
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
32cda5d2bc8cef352af1c98d81394457feeb031a134fc09694f07e01aef64f7c
35c51b78e7d78765670c0125560cc48e91de1969d1e19f82f8290b4719199ee9
35d949ba6290f5fead3462ae0321e2dcf8277c5a3c27ae99be1405004f0e1f15
372f0b04813518572b524a2b8e24575606b9767725601025e5358cb0cd10f4d6
3778b11054daa02477c738ed3bf2ba3b0ef7c5d57eae266b9f4199fe3c65917e
381d3194368dcf2569571ad031c99786ce96b89e0e7c621b924dba3d66a2664c
386ba8ededf5020b87f503588fb602cdbdb341a9e9c8578d2545ee32e43449e9
3ba148b56c1e21c7f25a7b8fa923f18a272b200d9bfca943f242bd0205261cc7
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3ded2629738669603833e6e8a676e61c989ab992c4e91d057b36643d5ac0675f
3e48869d45889d8c1370161ac5b499cb02dc73c6bebefb8c487173010aabb78b
3fde76cacc186420d0405496f66f9cd00a7c14a38a9ffa4b626a09affe83cc2a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
406b6d79687c2601d33b029cf7867ab6cedc6c01ef13d669835b743f967d5d52
432d5b30a7e98ff618e6693c3b9d1fa681b616edccc92c7a52ab6643b1f64738
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
481c79997942dbcee31940dca9e49cdce8d3c9c621e681de8d655da726b99f09
483c1f8b2044a456732c7c73a4917d49c3e6e1bfca69f1712f0a623bdc0c2fe9
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c2e0cd9e4652421e1f86e05bac985443ce43ec4d4561163a07d6edec4e1067
4a621960be2e525d7f2ea31c774b8294f18e2cd4cc9abc2ae61ce6d73213c92f
502b0f55241e21c08f0f1a7186d9c3a6432ce1b098181d0dc78fdeac1660f14b
508357b3085cc382fea571ea9766dfa9f9aa29fe04b55d13018aaedc3215ca9e
5427e10c23520fbca480e8750c7e03dc2858eee594081879ea72a559bbd9fa81
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
556d08565e3c3b39fe4b5f5e41bf2fd391f3f208fe060e754407496eec326569
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57172d29692f5a0c1f520490f8c0c494e58839b99861f92f87ebedd2d2ed5f94
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5bf600028d0e616bc5aa7333bfc266ed4c0f5315cccd12095b5a558e7439ab31
5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271
6029effcb1fb7327b832ce827a84f8ebe8c7a2154cb43f4186e5ea2bd6f9f49f
6133e533650d0319730369ab635c8729b6c6d2c5a9ebdefb51569fead1866036
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61f3d837f4b48a92950f7f825ce2dccfd39a05627a034a942b00278c99cd74a6
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
63e0fea118f062e92df3cd4277bf0d8f2c53267f165a77bbc7a5aa221b6b5bdb
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
654de8cc07ddd5d9ba26a5ce2c732788204fef23265d43908c88927bf55fbd2d
65a4f83b9dd7511519a2def2a190dcff68f637e2ed69c4a3af86d667ae483019
6896bc86244bda2300ded2f8504173a8b625cac2f589d4cd4e4c457bf4fb4d66
6a75a4b1636f11cddf9b137fc062bf449ad465c3f5da99796ef326fe1e7acf2a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b724128d513fe8a2abe466b9eea06f1c4ec5899f4cf302a4d1963f463caa347
6bdfb926e9f1c888d3433c31ee430569f9a910ae326a588993f3f444c62954d6
6c99fab08a44054245da15841452c59189f0a4e1af90201aa6b297b0b1de62e2
6c9cc85445c79dc59b8dae2e5f9a7625860a0a6fb80a9d97979a49d56dc68eb2
7020ef6ad6c7b239d8e02fd328298a8faacc4552d305520baa990ed13ca6c157
742df88a3a7f6c09453d09b276dbc12458d1fd1a72715bb5310096fcb1d4e33a
74901fba41a616a70d845392a0b9f106bcffce1de4f0957a9f4ed6cc65444a70
74b099ec98934eb0f6cda03b3baf5ddbc8754960332b64dafae25a3e4a85190a
761c1399a0b17b478dd4d3b7c1710fab0e7c0c8f998bed8a394b300df0532a97
76d74e450c768617546ab4a55682ef64bc4a2f5cdf58868a1f55c195a169acba
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7
7a85f9643932d18198e07eb9e6492e435ee7d670e04579c53ced6ceb9be8e292
7b72c1f1fcd6500f32fb522e1ef785c3f40a6bc62a362af74df3222a963244ba
7c5c753d767246bc16477a40861cdda78886b625977471fa253a7be7c5082b70
7fdeb1c6fd18e0f486055ae90b9c37c166cd1b455157daa7de08f4271ac696ce
8165d8e2771d30c1a2baf2e6ebb58ce49c3b9dc575676b6f1aa7afeb2e5efe86
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
836795af46031aa4fbd3459cf3ce97f8467a3d04c6017acf6f6868b553f9bbca
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85cdf478003e2bed5001d485e07e7510cef548edd05dd68c709b4b1ad65988e7
87a8d750b678e7c560b9ca005e4888e81f5f3d13ad6ca3b47da08d26d1c68e75
87fdb3428e02b7ef8db6a907d6360ed9232c4c9a47b417c152d67d6f3e70b2b4
8c67d47496a8af1f4c99a350ababf131661cf111a02460c5e9f6d9539db481c3
8cfeb7f0d636a12f28a410f0fc68ead87b6373a6c8512cc98a30abc7961c06fd
8d3d191d44b6a042adb3ac86d403f8eaa0f7d28056ce74fb3ec3bc65aff5178f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e830cb08aff9d0795b68335b7022bcf93c7aa98236a856b6096f5bc1775f212
8ea1a85514c72c925aa2762afe631e95a66e05bcd096ecc81476f9d6a03d0ab6
90dd51cc35228a756b8ba4236650f0cbbed7b80e3ac3512a332641ce87afdf71
9153b2b7ef893e42642147755ff6ea0929bfc78c1ef15235fcdd504899e36c72
919fa76fb3097aa7d523eafe00c99b0239e2464ee662f6c070aa22f710f3071f
93e4c55dd8ba6cd9b176509faa27de60a11aa36be7c7e78efcab425686ad2257
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
99278409c931eb4c80b228b97af071e211f5ed97d862f66eced8906c71b1976f
9cdf2602ac04f7e2bed582d4299c73d464fc4ab069e3ad5a20ee2b6635a015b8
9d799961163bc310e9b528b76ced3dd459085488c92a0713ce48f2ee67c4a06b
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
a0e36cc497f920c4f855d24ba3c2728b0e945581a0bad78cee00513af3f4e0de
a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
a345a18e5d3f6c07451cb14dd480bfad123f03663912b581265d617d4725fe9a
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a833989b14be27cfdd394ec2668a9085146af01d48799a886fdbe222ca1ec598
ad527d7ac9e5c62049e2d0186ab8a60a4a6d8527b78711a37be14a8bfc557d44
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0a16378462c7afcb27d8e14cf50e2cd3a8980af2895d20622640b096920719e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b370b0e1e9b7793a856707ed48f6b7ef7257ef61024a3ea517e0a922008a2222
b46113355a9907a0e925e7103e7ecde122524b21c5c73fb53fce4f0953f481ef
b48743091fa7f477ba4780fe108d6a622bf01de9e6047d7855a59e04ba87f916
b496c8d2e9273eb02bc75d4bb13b5cca59983655dbb6b3f82827856bc5097dac
b5eedc85b327186bea4d94cacdbcf9127cbc04630e9d133ac9d2970de55ea1f0
b63ad435cf3ecd2c94ef78ac92c0cf7b87d39b0cffdd4976d46ec42567e861c6
baa06ca152455c505073cf398a603af73530548814bd69b6ec1abeeb2a0d42ca
bda79d4caf64902833a3ffcf58c19e0628cddf57bee9ea11ac9ce74141cdcf32
bf241b4786e6e6123c0f4c02b632d0d37e13f2af9357980bbe175235b13e234b
bf695af17447664f7cf354621ff2d42c73e977c8821a159d35319c084bc69b7c
bf78a85f50fd05f69f31e869c2348da22b09ea697452c53cdcc9e08741a42de7
c1efaf915b1fa14f952d152a54962056124509628f2fcfebad136265eaf6e41a
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2fd0807a620ec304e3bc451f1a8fc0e106b0449a40d4b45e89493c5b5be26c5
cce768cee839e01c304a426f0dbce4298f6024d856d1abe69efe450ac35863b4
ce559c0f43ec2a0dc664159bd06a2ac3bd3e5fdde0958a7db9418a80b1c4cf09
ce9eb7780ddd632942aa03fc1fbb4bfefedb353f9716be8b908562b29cc471a6
cec590b68a6dd2b40fa90e876cb485c7eea3bac4e54cf4bb60335eacb010c431
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d00b4c8953cdf25f549728ad667759e6f7650b5bf6146ecd3ec7c087bd3265b8
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d30126e5df0e63e4752e17d7ebb3034b11a9344cb5d8e8ace9e8e65fd284af16
d314da1c0fe98b9d700b0ea14785acd14ad4d09e989e39c8b3422c1f91db98ae
d35b70fa769af3788e74658794d4b0e408e093af93306b9b5e6b20015a5d17e9
d921dc8a1f94be3bdd51539f9c173060059f36f7d3b20a52874ac79f6b95ef20
d9970e94ef695ca2e0cdf842ea080f24620bf391f4fd72214dc3226b4fa5639d
d9e08da8f03bfc136e84f23144e1d9c6837ebed60f4c61b6c8cafc8215f77585
da9b18821986663ec3e5f926699020bfcd9ca73aec75fbed9006866022808e8a
db1254a2ac60330880b474f931b4b0c539c6447aeda98ef994e437cd82e60156
dc97b445d8b28ec15e45c6a9660661471d4caa1299608fc9a85cb204c1efa3f8
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df6616dc0689e17d4e1031808380fe1fbf8c924231da0708837d0a46bfb0527a
e0a2b797e099b99228a405532701f02d29f54fc4c4da1b7d3a43100e10af7a71
e11a2c6bc712755b1d810599b7bdee67c6e9d247fb4adc6e1bb2d70df4a60838
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50644da55ca1b330faf6d2c182211d3177f6f7683f616e76093e4014ef922c1
e592c023e395d520e95efed9c15d14c77d5c101e3ce6b5d71413384508b55d59
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e9da190b5c284cad20ffdeb57a7a49fa0295eed41f669f7c4ae163822f5993ea
ea8d63997f0981eb88a7fc3a1ef67c6256588a33b49bdfc3abfe57ac8c87ad37
eb39b652e5e9d7434f396cddc25eb3a444281af88f43d6be3f96f26e196d7771
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ebfb55e932617cd20a2559370d1a345c119a3f4ef90c60defd3abcd88616b090
ed6c7ece81d6ef492104612259c7200d48e25630afd7feb8616ddc822d56f190
eda9060404e3ab6238268acf344618da09532339465f0a9c8ee280c480867a02
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eea87d0c42dca92493e0808440fd590380766ebd7299aa5a5b30707dfc9ff2e8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02
f1f02f85e563a36a18ec85ac32dc764aa02c98f382daa3d6d035e572c4fee707
f46c84174d978eb9ea2884f2cfa1438f100d5de1f45c5a32c96b5085491f430e
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f559f34f0551022110227bd1722031db81bc461827d3589a157947e8a4450045
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6e05f5bd6f9da2d90030b22960571faf14590890c05e3d932604d3ce53e54ee
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
fa0a07b7a6dfe5697a98aa8bf6eb24c292c39930113d405922f4923984d40ed4
fb6771475ed65ded701f68dccc9066a87c72f3740e3d0d88d9b3f393900d1799
fbe2776528321e86eab1c9f37320995207af2ddc97a41f452b022e7a2495c987
ff370d654e8a5a3d99b0235c075435341e9ae588dc7ec0dd5733ae553c4b48dd