etcanada.com Open in urlscan Pro
192.0.66.80 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://etcanada.com/
Submission: On September 23 via manual (September 23rd 2022, 7:54:43 pm UTC) from US — Scanned from DE

Summary HTTP 274 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 65 IPs in 9 countries across 54 domains to perform 274 HTTP transactions. The main IP is 192.0.66.80, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is etcanada.com. The Cisco Umbrella rank of the primary domain is 223396.
TLS certificate: Issued by R3 on August 3rd 2022. Valid for: 3 months.

This is the only time etcanada.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
58	192.0.66.80 192.0.66.80	2635 (AUTOMATTIC) (AUTOMATTIC)
1	13.227.219.51 13.227.219.51	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:225f:da00:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
3	18.155.181.110 18.155.181.110	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:10e... 2a02:26f0:10e:29a::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6812:551	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:26f0:10e... 2a02:26f0:10e:2b7::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	65.9.71.118 65.9.71.118	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	34.239.63.36 34.239.63.36	14618 (AMAZON-AES) (AMAZON-AES)
1	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 7	104.103.77.186 104.103.77.186	16625 (AKAMAI-AS) (AKAMAI-AS)
6	52.30.136.248 52.30.136.248	16509 (AMAZON-02) (AMAZON-02)
1	35.241.9.51 35.241.9.51	15169 (GOOGLE) (GOOGLE)
4 7	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.19.150.54 104.19.150.54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	34.107.254.252 34.107.254.252	15169 (GOOGLE) (GOOGLE)
6	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	34.200.39.142 34.200.39.142	14618 (AMAZON-AES) (AMAZON-AES)
2	18.64.79.112 18.64.79.112	16509 (AMAZON-02) (AMAZON-02)
3	34.205.216.121 34.205.216.121	14618 (AMAZON-AES) (AMAZON-AES)
1	13.32.10.16 13.32.10.16	16509 (AMAZON-02) (AMAZON-02)
2 2	52.215.56.149 52.215.56.149	16509 (AMAZON-02) (AMAZON-02)
1	52.49.126.217 52.49.126.217	16509 (AMAZON-02) (AMAZON-02)
1	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
3	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
4	18.156.195.47 18.156.195.47	16509 (AMAZON-02) (AMAZON-02)
1	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::22	60068 (CDN77 ^_^) (CDN77 ^_^)
8 26	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:807::2001	15169 (GOOGLE) (GOOGLE)
6 11	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
20	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
19	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:400d:807::2004	15169 (GOOGLE) (GOOGLE)
1	65.9.66.118 65.9.66.118	16509 (AMAZON-02) (AMAZON-02)
2	184.51.10.56 184.51.10.56	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2a00:1450:400... 2a00:1450:400d:804::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:807::200a	15169 (GOOGLE) (GOOGLE)
1 2	54.194.29.214 54.194.29.214	16509 (AMAZON-02) (AMAZON-02)
18	2a00:1450:400... 2a00:1450:400d:80c::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
1	18.159.14.126 18.159.14.126	16509 (AMAZON-02) (AMAZON-02)
1	18.64.119.45 18.64.119.45	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	18.197.134.247 18.197.134.247	16509 (AMAZON-02) (AMAZON-02)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	3.122.47.104 3.122.47.104	16509 (AMAZON-02) (AMAZON-02)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	216.52.2.30 216.52.2.30	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
2 2	54.155.65.255 54.155.65.255	16509 (AMAZON-02) (AMAZON-02)
4	172.217.19.98 172.217.19.98	15169 (GOOGLE) (GOOGLE)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	169.50.137.182 169.50.137.182	36351 (SOFTLAYER) (SOFTLAYER)
1	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:ebd:fba0:5325:a4e6	16509 (AMAZON-02) (AMAZON-02)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
2	2600:9000:225... 2600:9000:225f:e800:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:400d:80e::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:807::200e	15169 (GOOGLE) (GOOGLE)
7	2600:1f13:800... 2600:1f13:800:7780:d3d:c825:22bf:b320	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:11a... 2a02:26f0:11a::6867:4830	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
274	65

58 192.0.66.80 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

etcanada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.219.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-51.ams54.r.cloudfront.net

sdk.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225f:da00:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.155.181.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-181-110.sfo53.r.cloudfront.net

fonts.smdg.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10e:29a::1931 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:551 (United States)

ASN13335 (CLOUDFLARENET, US)

f7e98148-cb09-4cf1-9b9f-b5aee3465d6e.edge.permutive.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:10e:2b7::1e80 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.71.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-71-118.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.239.63.36 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-63-36.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.103.77.186 (Vienna, Austria) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-103-77-186.deploy.static.akamaitechnologies.com

c.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.30.136.248 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-136-248.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
corus.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com

f7e98148-cb09-4cf1-9b9f-b5aee3465d6e.prmutv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.252.172.249 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.150.54 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.107.254.252 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 252.254.107.34.bc.googleusercontent.com

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.200.39.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-39-142.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.64.79.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-79-112.txl50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.205.216.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-216-121.compute-1.amazonaws.com

l.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.10.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-10-16.vie50.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.215.56.149 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-56-149.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.126.217 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-126-217.eu-west-1.compute.amazonaws.com

shaw.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

smetrics.etcanada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.254.47 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::22 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 172.217.18.2 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:807::2001 (Ireland)

ASN15169 (GOOGLE, US)

971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.18.18.126 (None, ) 6 redirects

ASN13335 (CLOUDFLARENET, US)

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:807::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-118.fra56.r.cloudfront.net

native.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.51.10.56 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-10-56.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:804::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.29.214 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-29-214.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:400d:80c::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.159.14.126 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-14-126.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.64.119.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-119-45.txl50.r.cloudfront.net

sfp-adserver-cdn.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.134.247 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-134-247.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.47.104 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-47-104.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.30 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.155.65.255 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-65-255.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.19.98 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s27-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.182 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:ebd:fba0:5325:a4e6 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.44 (Amsterdam, Netherlands) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225f:e800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80e::200e (Ireland)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:807::200e (Ireland)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:1f13:800:7780:d3d:c825:22bf:b320 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:11a::6867:4830 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	etcanada.com etcanada.com — Cisco Umbrella Rank: 223396 smetrics.etcanada.com — Cisco Umbrella Rank: 929808	622 KB
43	googlesyndication.com 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 142	265 KB
38	doubleclick.net 8 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180 cm.g.doubleclick.net — Cisco Umbrella Rank: 210 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 307	249 KB
18	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 271	448 KB
13	gstatic.com fonts.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn1.gstatic.com	197 KB
12	casalemedia.com 6 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 479 as-sec.casalemedia.com — Cisco Umbrella Rank: 1353 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528	9 KB
11	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 774 static.adsafeprotected.com — Cisco Umbrella Rank: 575 dt.adsafeprotected.com — Cisco Umbrella Rank: 527	96 KB
10	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 228 secure.adnxs.com — Cisco Umbrella Rank: 432	8 KB
10	evidon.com 1 redirects c.evidon.com — Cisco Umbrella Rank: 1124 l.evidon.com — Cisco Umbrella Rank: 8278	35 KB
7	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 208 corus.demdex.net shaw.demdex.net — Cisco Umbrella Rank: 110517	12 KB
7	wp.com i0.wp.com — Cisco Umbrella Rank: 2875 i2.wp.com — Cisco Umbrella Rank: 6700 i1.wp.com — Cisco Umbrella Rank: 7317 stats.wp.com — Cisco Umbrella Rank: 2621 pixel.wp.com — Cisco Umbrella Rank: 2436	14 KB
6	permutive.com cdn.permutive.com — Cisco Umbrella Rank: 2351 api.permutive.com — Cisco Umbrella Rank: 1902	6 KB
5	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 75 www.google.com — Cisco Umbrella Rank: 2	2 KB
5	yahoo.com 1 redirects c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 953 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468	1 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	202 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 275 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 6415	48 KB
4	sharethrough.com sdk.sharethrough.com — Cisco Umbrella Rank: 1998 native.sharethrough.com — Cisco Umbrella Rank: 1741 btlr.sharethrough.com — Cisco Umbrella Rank: 991 sfp-adserver-cdn.sharethrough.com — Cisco Umbrella Rank: 39013	78 KB
3	exelator.com 2 redirects loadm.exelator.com — Cisco Umbrella Rank: 1378 load77.exelator.com — Cisco Umbrella Rank: 2424	2 KB
3	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 495	86 KB
3	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3387 onesignal.com — Cisco Umbrella Rank: 1231	73 KB
3	smdg.ca fonts.smdg.ca — Cisco Umbrella Rank: 959308
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 547	2 KB
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 3665	787 B
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 597	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 301	2 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 739	2 KB
2	moatads.com z.moatads.com — Cisco Umbrella Rank: 403 px.moatads.com — Cisco Umbrella Rank: 467	105 KB
2	everesttech.net 2 redirects cm.everesttech.net — Cisco Umbrella Rank: 1036	1 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 153	2 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 342	651 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	88 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	20 KB
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1465	63 KB
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1048	574 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 335	457 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 593	191 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 833	709 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 444	862 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1505	350 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 14012	556 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3005	104 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40	1 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 215	611 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 326	14 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 9081	792 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1220	201 B
1	prmutv.co f7e98148-cb09-4cf1-9b9f-b5aee3465d6e.prmutv.co — Cisco Umbrella Rank: 136276	391 B
1	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 804	357 B
1	liadm.com idx.liadm.com — Cisco Umbrella Rank: 2735	399 B
1	permutive.app f7e98148-cb09-4cf1-9b9f-b5aee3465d6e.edge.permutive.app — Cisco Umbrella Rank: 107363	96 KB
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 615	33 KB
1	pinterest.com assets.pinterest.com — Cisco Umbrella Rank: 2609	448 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1317	15 KB
0	districtm.io Failed dmx.districtm.io Failed
274	54

	Domain	Requested by
58	etcanada.com	etcanada.com
22	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
20	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
19	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com etcanada.com s0.2mdn.net
18	s0.2mdn.net	etcanada.com s0.2mdn.net 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
10	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
7	dt.adsafeprotected.com	971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
7	ib.adnxs.com	4 redirects f7e98148-cb09-4cf1-9b9f-b5aee3465d6e.edge.permutive.app googleads.g.doubleclick.net
7	c.evidon.com	1 redirects etcanada.com c.evidon.com
6	googleads.g.doubleclick.net	971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com etcanada.com
6	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net etcanada.com
5	api.permutive.com	f7e98148-cb09-4cf1-9b9f-b5aee3465d6e.edge.permutive.app
5	dpm.demdex.net	assets.adobedtm.com etcanada.com
5	www.googletagservices.com	etcanada.com securepubads.g.doubleclick.net 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
4	encrypted-tbn1.gstatic.com
4	encrypted-tbn2.gstatic.com
4	encrypted-tbn3.gstatic.com
4	googleads4.g.doubleclick.net	etcanada.com
4	www.google.com	1 redirects tpc.googlesyndication.com 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
4	971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	c2shb.ssp.yahoo.com	js-sec.indexww.com
3	secure.adnxs.com	js-sec.indexww.com
3	l.evidon.com	etcanada.com
3	c.amazon-adsystem.com	etcanada.com c.amazon-adsystem.com
3	assets.adobedtm.com	etcanada.com assets.adobedtm.com
3	fonts.smdg.ca	etcanada.com
2	static.adsafeprotected.com	971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
2	sync.1rx.io	2 redirects
2	match.360yield.com	2 redirects
2	ap.lijit.com	2 redirects
2	x.bidswitch.net	2 redirects
2	pm.w55c.net	2 redirects
2	fw.adsafeprotected.com	1 redirects etcanada.com
2	loadm.exelator.com	2 redirects
2	cm.everesttech.net	2 redirects
2	sb.scorecardresearch.com	etcanada.com
2	match.adsrvr.org	js-sec.indexww.com 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
2	connect.facebook.net	etcanada.com connect.facebook.net
2	www.google-analytics.com	etcanada.com www.google-analytics.com
2	i1.wp.com	etcanada.com
2	i0.wp.com	etcanada.com
2	cdn.onesignal.com	etcanada.com cdn.onesignal.com
1	code.createjs.com	s0.2mdn.net
1	sync.targeting.unrulymedia.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	pixel-sync.sitescout.com	971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
1	um.simpli.fi	1 redirects
1	sync.mathtag.com	1 redirects
1	rtb.openx.net	971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
1	ads.travelaudience.com	1 redirects
1	dclk-match.dotomi.com	971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
1	sfp-adserver-cdn.sharethrough.com	sdk.sharethrough.com
1	btlr.sharethrough.com	sdk.sharethrough.com
1	fonts.gstatic.com	fonts.googleapis.com
1	px.moatads.com
1	fonts.googleapis.com	tpc.googlesyndication.com
1	z.moatads.com	securepubads.g.doubleclick.net
1	native.sharethrough.com	securepubads.g.doubleclick.net
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	etcanada.com
1	as-sec.casalemedia.com	js-sec.indexww.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	load77.exelator.com	etcanada.com
1	htlb.casalemedia.com	js-sec.indexww.com
1	smetrics.etcanada.com	etcanada.com
1	shaw.demdex.net	assets.adobedtm.com
1	corus.demdex.net	assets.adobedtm.com
1	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
1	ping.chartbeat.net	etcanada.com
1	onesignal.com	cdn.onesignal.com
1	pixel.wp.com	etcanada.com
1	cdn.permutive.com	f7e98148-cb09-4cf1-9b9f-b5aee3465d6e.edge.permutive.app
1	f7e98148-cb09-4cf1-9b9f-b5aee3465d6e.prmutv.co	f7e98148-cb09-4cf1-9b9f-b5aee3465d6e.edge.permutive.app
1	api.rlcdn.com	js-sec.indexww.com
1	idx.liadm.com	js-sec.indexww.com
1	stats.wp.com	etcanada.com
1	i2.wp.com	etcanada.com
1	f7e98148-cb09-4cf1-9b9f-b5aee3465d6e.edge.permutive.app	etcanada.com
1	js-sec.indexww.com	etcanada.com
1	assets.pinterest.com	etcanada.com
1	static.chartbeat.com	etcanada.com
1	sdk.sharethrough.com	etcanada.com
0	dmx.districtm.io Failed	js-sec.indexww.com
274	85

This site contains links to these domains. Also see Links.

Domain
facebook.com
twitter.com
instagram.com
www.youtube.com
www.linkedin.com
www.corusent.com
www.globaltv.com
www.shawmedia.ca
wpvip.com

Subject Issuer	Validity	Valid
etcanada.com R3	`2022-08-03` - `2022-11-01`	3 months	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
smdg.ca Amazon	`2022-05-25` - `2023-06-23`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
permutive.app Cloudflare Inc ECC CA-3	`2022-09-13` - `2022-12-12`	3 months	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-11` - `2023-07-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-03` - `2022-10-01`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.liadm.com Amazon	`2021-10-31` - `2022-11-28`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.evidon.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-12` - `2023-04-12`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
*.prmutv.co R3	`2022-07-04` - `2022-10-02`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
permutive.com Cloudflare Inc ECC CA-3	`2022-02-26` - `2023-02-25`	a year	crt.sh
api.permutive.com R3	`2022-08-19` - `2022-11-17`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
smetrics.etcanada.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-03` - `2023-03-06`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-02` - `2023-01-25`	6 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-11-19` - `2022-12-18`	a year	crt.sh
tls.adobe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-29` - `2023-05-30`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://etcanada.com/
Frame ID: F267E41ECF08F7E8C626244C25E8416A
Requests: 141 HTTP requests in this frame

Frame: https://corus.demdex.net/dest5.html?d_nsid=0
Frame ID: 4B700B54F23F4DAC8AAD2BFDA0E54B72
Requests: 1 HTTP requests in this frame

Frame: https://shaw.demdex.net/dest5.html?d_nsid=undefined
Frame ID: 00C0062165C06CEF08761603F2834072
Requests: 3 HTTP requests in this frame

Frame: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 227784E4A30E2E991A46BA683904508C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0EA8C9945C9A46454E0571F39AC1ECA4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 983C5C5E59C4837D7841FDA87822AF89
Requests: 2 HTTP requests in this frame

Frame: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2E8B9A942A72CA3F6AB70EC087B9B0D7
Requests: 15 HTTP requests in this frame

Frame: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7364CD7E8EF679DF4737013C453FB471
Requests: 23 HTTP requests in this frame

Frame: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 114D04898242CEB8F75399EED2CD5A53
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9hvKLsqr7TdGD8dNhkYWekujbH3bbU604QjTmhBt4rds1uWgW6o7bY21yxUGlwI0RDBHjrsNwEgHb5ymtrT5yPSslw7anHYyYIZ-LZaqVZqkxmv99ESqgxgrBBl0StrGTfk1Q4mfSouWvA3B_B2wjOniGBKArUUvvBb1h9r6m5AskOoVHKZT2bQrYx-I-zXMsZKyzJ7QE4_TMrTxdo5Ny67LE3RnhM_ZUEhixKmohDvkCua7SAjRWtowN2-CZcnyx_Dc4gkJqxjDuZu3BYyusL8fReXnFfhBUNLjN-MjWsRiSF6szNnmMan9ba_QIVTLS&sai=AMfl-YRTB7Wd0yvXIVGmc_QSM2nRd24kEqoJx4ZU3nb7WdwxCKKSsrDRQgrF9Fcnu21WdXwfEFnUtkou4E5EltCnfBatDRUMzKSy23YnDtsHJadMQzY3_n3RCoHisSBjCQ&sig=Cg0ArKJSzDXhChNMb8LDEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 25A12963AFF0592AA0D1CAD45C7F7268
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGPe9tdEBMAE&v=APEucNXAUPa1E9lGCfJKiL8X7Zah8bzOaBmSQuOnEpRYpyBbhpWY6pDGwzRWZWnfLVI20Ig2ETo88ARcUiE1zA76sA0REwDtPtGRzn3nU38oVvgqy6Ff-hIME9CocMfCehyeVhb6ok0VTMmjsz-pWT3dkdkEstmrCLHr4NtRDlAgoa8Khl9oqm4
Frame ID: 3AC7551F3E6E3B04253BDF8118174C62
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEY35Sh0wEwAQ&v=APEucNVhWOGFoND6XsF_oDBBxzxKJREkT33U2f4fvNO7pcb-0kyxu3Drk4RrRkcw9zBrkxjjt5s2WfZAOLArI4EcW4P0EMa9OIzzWxphXiIoENTwNLbx4AilK_KtyxbTv90BTE994bvItvVyGMRIU44g6bvMuMbm3kr3Yb7XfdCa7KTvssmpXgA
Frame ID: 30237A179AD5CDA8084E90649288E941
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html
Frame ID: 31FE4CF93C72212A44FD10CBD82C597C
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 30B72D1EEDAC1634C548E93FCAFB3586
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 560D154F4420F9319CDF08CD0C3015A6
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3B894190618B47FC9468EACCDB2B2BBA
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7D1A4FDC577F06C8258D4AF5C2DFD10D
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14601583612666637731/index.html
Frame ID: AC99665C6F5DB632021F52D19E96811D
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A13999515BEE2FD2A4CF4AC4214EEE45
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10530354489605488036/index.html?e=69&leftOffset=0&topOffset=0&c=XO72kz6ys6&t=1&renderingType=2&ev=01_247
Frame ID: DC80C36ABB5E37BB0389D22DB6B037CE
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: D85AE4B3CB7F25484B3051D498C4CD98
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/D52GskfJOxf5PECSshYwDvZZSmyyoPi_bK3LssDxWko.js
Frame ID: 9C12C69BBC53ADD9A2C3349189A1EF22
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ET Canada | ETCanada.com

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Crownpeak (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

c\.evidon\.com

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Pinterest (Widgets) Expand

Overall confidence: 100%
Detected patterns

//assets\.pinterest\.com/js/pinit\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

274
Requests

90 %
HTTPS

36 %
IPv6

54
Domains

85
Subdomains

65
IPs

9
Countries

2882 kB
Transfer

7440 kB
Size

46
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://facebook.com/etcanada
Title: facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/etcanada
Title: twitter

Search URL Search Domain Scan URL

URL: https://instagram.com/etcanada
Title: instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/etcanadaofficial
Title: youtube

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/et-canada/
Title: linkedin

Search URL Search Domain Scan URL

URL: http://www.corusent.com/privacy-policy/#adchoices
Title: Ad Choices Ad Choices

Search URL Search Domain Scan URL

URL: https://www.globaltv.com/

Search URL Search Domain Scan URL

URL: http://www.corusent.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.shawmedia.ca/copyright.asp
Title: Copyright

Search URL Search Domain Scan URL

URL: https://www.corusent.com/media-centre/brands/
Title: Corus Entertainment

Search URL Search Domain Scan URL

URL: https://www.corusent.com/advertising/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.corusent.com/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.corusent.com/terms-and-conditions/
Title: Advertising Standard Terms

Search URL Search Domain Scan URL

URL: https://www.corusent.com/

Search URL Search Domain Scan URL

URL: https://wpvip.com/?utm_source=vip_powered_wpcom&utm_medium=web&utm_campaign=VIP%20Footer%20Credit&utm_term=etcanada.com

Search URL Search Domain Scan URL

URL: https://www.corusent.com/privacy-policy/#section1
Title: what data is being collected

Search URL Search Domain Scan URL

URL: https://www.corusent.com/privacy-policy/#section2
Title: the purposes of collection

Search URL Search Domain Scan URL

URL: https://www.corusent.com/privacy-policy/#section3
Title: the potential processing or storage of this data by third parties

Search URL Search Domain Scan URL

URL: https://www.corusent.com/privacy-policy/#section4
Title: general risks and concerns that you should be aware of

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 83

https://c.evidon.com/sitenotice/6153/etcanada/settings.js HTTP 301
https://c.evidon.com/sitenotice/6153/etcanada/settingsV2.js

Request Chain 111

https://cm.everesttech.net/cm/dd?d_uuid=42126211022196094112908741473233673234 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yy4O-QAAAIKzBwMx

Request Chain 113

https://cm.everesttech.net/cm/dd?d_uuid=17711204706920210360873050624611148191 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yy4O-QAAAD3flAOV

Request Chain 127

https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=17711204706920210360873050624611148191 HTTP 302
https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=17711204706920210360873050624611148191&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 128

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MTc3MTEyMDQ3MDY5MjAyMTAzNjA4NzMwNTA2MjQ2MTExNDgxOTE= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MTc3MTEyMDQ3MDY5MjAyMTAzNjA4NzMwNTA2MjQ2MTExNDgxOTE=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEOvEmBKCwRuC4a2G-RomtVE&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 178

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBSMAZAAsIQ0xoPgo56h5oI&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBSMAZAAsIQ0xoPgo56h5oI&google_cver=1&C=1

Request Chain 179

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yy4O-tAJMh9QuDfDGKQe6AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBSMAZAAsIQ0xoPgo56h5oI&google_cver=1

Request Chain 180

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENCnCfI0fjbwZA4iEnrfN4o&google_cver=1

Request Chain 181

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMxMjYxNzY2ODY4MTU5NzQ4OA%3D%3D

Request Chain 183

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBSMAZAAsIQ0xoPgo56h5oI&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBSMAZAAsIQ0xoPgo56h5oI&google_cver=1&C=1

Request Chain 184

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yy4O-tAJMh9QuDfDGKQe6AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBSMAZAAsIQ0xoPgo56h5oI&google_cver=1

Request Chain 185

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENCnCfI0fjbwZA4iEnrfN4o&google_cver=1

Request Chain 186

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMxMjYxNzY2ODY4MTU5NzQ4OA%3D%3D

Request Chain 191

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 206

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBly5eYpe-Kc44HCAcJz-bc&google_cver=1&google_push=AZmPxg8l3Wh7N8eaLIfMldGvSekisV_EufBifVcVDoqGKwHHeL2DluSoURil-qz2GwM4Q0O0HkQLR_CIykpEt4tP5CzeSfExiFQ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBly5eYpe-Kc44HCAcJz-bc&google_cver=1&google_push=AZmPxg8l3Wh7N8eaLIfMldGvSekisV_EufBifVcVDoqGKwHHeL2DluSoURil-qz2GwM4Q0O0HkQLR_CIykpEt4tP5CzeSfExiFQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aWJweVZ0V3kxT0JPS1c1&google_gid=CAESEBly5eYpe-Kc44HCAcJz-bc&google_cver=1&google_push=AZmPxg8l3Wh7N8eaLIfMldGvSekisV_EufBifVcVDoqGKwHHeL2DluSoURil-qz2GwM4Q0O0HkQLR_CIykpEt4tP5CzeSfExiFQ

Request Chain 207

https://ads.travelaudience.com/google_pixel?google_gid=CAESEEya2CIsEZERxtsnBSzdRWY&google_cver=1&google_push=AZmPxg9WwNyURYpVRTSRJ3BXHYTq-acVwjWJyG7Dz7Ady-_1eXD-DSsHRpoBQvaIWlk4ozelj6oBdxCULIJZCHqOLZOMYEGkkiI HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ZsbaicCZTlOlM7q9cq-Orw2&google_push=AZmPxg9WwNyURYpVRTSRJ3BXHYTq-acVwjWJyG7Dz7Ady-_1eXD-DSsHRpoBQvaIWlk4ozelj6oBdxCULIJZCHqOLZOMYEGkkiI

Request Chain 208

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAnkytGL3Y4wP071YINRjFY&google_cver=1&google_push=AZmPxg-JYxG2vur2CDhk8XXwyadgSvn9UoO2SzGo6JTXDK0ZQ0uM_mmWEfb_1PKPRg7Pbtu2Q2NhhcZdO8vS-cKzWJtC_ZT_E-04 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEAnkytGL3Y4wP071YINRjFY&google_cver=1&google_push=AZmPxg-JYxG2vur2CDhk8XXwyadgSvn9UoO2SzGo6JTXDK0ZQ0uM_mmWEfb_1PKPRg7Pbtu2Q2NhhcZdO8vS-cKzWJtC_ZT_E-04 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg-JYxG2vur2CDhk8XXwyadgSvn9UoO2SzGo6JTXDK0ZQ0uM_mmWEfb_1PKPRg7Pbtu2Q2NhhcZdO8vS-cKzWJtC_ZT_E-04&google_hm=hnEuJwKITU6pGK_4WmUYHQ==

Request Chain 210

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFPDog00Yfhz6DuEBEqbZRg&google_cver=1&google_push=AZmPxg8B4_UDZ37ItinIAPj8_wFXneinT-KP4eqYU_uOVmQqrIrAAtG8nwstw4p__n821pxN2s0r3SIb_I70P83DEbqLuc0ehxaE HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFPDog00Yfhz6DuEBEqbZRg&google_cver=1&google_push=AZmPxg8B4_UDZ37ItinIAPj8_wFXneinT-KP4eqYU_uOVmQqrIrAAtG8nwstw4p__n821pxN2s0r3SIb_I70P83DEbqLuc0ehxaE&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg8B4_UDZ37ItinIAPj8_wFXneinT-KP4eqYU_uOVmQqrIrAAtG8nwstw4p__n821pxN2s0r3SIb_I70P83DEbqLuc0ehxaE&google_hm=FXaquGZHOmyDiJeRQ-Ss2GPO

Request Chain 211

https://match.360yield.com/match/ebda?google_gid=CAESEOGHbq70cvdwAcNhNbjQeoQ&google_cver=1&google_push=AZmPxg_YWyEBC01iq-_A4HSqXRxeqNw_7pr69eiA3wCvV9tVf9APoI1pgIgsDqVYaTNqsr_mjvGxV6X8r-fUrkiQpyPKU1uAcva7 HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEOGHbq70cvdwAcNhNbjQeoQ&google_cver=1&google_push=AZmPxg_YWyEBC01iq-_A4HSqXRxeqNw_7pr69eiA3wCvV9tVf9APoI1pgIgsDqVYaTNqsr_mjvGxV6X8r-fUrkiQpyPKU1uAcva7 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jY98K978TjSLDsakYYT7RA&google_push=AZmPxg_YWyEBC01iq-_A4HSqXRxeqNw_7pr69eiA3wCvV9tVf9APoI1pgIgsDqVYaTNqsr_mjvGxV6X8r-fUrkiQpyPKU1uAcva7

Request Chain 218

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEBfGYZkrtaYzny7DknlgJi8&google_cver=1&google_push=AZmPxg-ii7ujCe1YHe67XKsKs6uqQqD7MIywjRP5El0chWRpISCihXObBEHaDzTANS_aAwromZ4PrDHlw4no2P-0CIMXw4cu7b-3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg-ii7ujCe1YHe67XKsKs6uqQqD7MIywjRP5El0chWRpISCihXObBEHaDzTANS_aAwromZ4PrDHlw4no2P-0CIMXw4cu7b-3

Request Chain 219

https://um.simpli.fi/gp_match?google_gid=CAESEGXVWpC62Z1s_qSXum1BXtY&google_cver=1&google_push=AZmPxg81AQpOOI711T59Dg-OCiBPdex48EgxKYCSB3DO_QEPWQ2D_70kSDpISRxsh3StLS47TpyigRBKy8KYWl5osyNOEsLXetMD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AA93468AF3A644C2A0928311E13A8182&google_push=AZmPxg81AQpOOI711T59Dg-OCiBPdex48EgxKYCSB3DO_QEPWQ2D_70kSDpISRxsh3StLS47TpyigRBKy8KYWl5osyNOEsLXetMD

Request Chain 222

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGCDbOqmObHCjIPHXN2VX4s&google_cver=1&google_push=AZmPxg92ftey2OKwILAICHPvSZ3wN1cokxP_-9FxOQJ_qx8BLgVzUD9LHtn2k6u02Rh8yVT9anexdPE9nGeBJN9QZR3wLbEH5NPu HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg92ftey2OKwILAICHPvSZ3wN1cokxP_-9FxOQJ_qx8BLgVzUD9LHtn2k6u02Rh8yVT9anexdPE9nGeBJN9QZR3wLbEH5NPu&google_hm=NDA5OTY1OTM4ODg3MTk1NzI3MA%3D%3D

Request Chain 223

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEC9x-OL11V1SawsqYu2YPGs&google_cver=1&google_push=AZmPxg8ct6PETK4Mho4CRHOU4oPD4Cz8McwuIN6ks7wQnEnQmC1mLuUOEKvSzZJa89xyVteS90-6-AGve3_ELhIJm3LaTXU8q1a- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhFV0pBOUktVC01T0tX&google_push=AZmPxg8ct6PETK4Mho4CRHOU4oPD4Cz8McwuIN6ks7wQnEnQmC1mLuUOEKvSzZJa89xyVteS90-6-AGve3_ELhIJm3LaTXU8q1a-

Request Chain 224

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEEn5_izW-Rs2S0-ryxcU27M&google_cver=1&google_push=AZmPxg-hgduZKFQt2_vexsQH5_9kgQqEfL8ZTN0ulxWbcOLd_LDpV5jiPp8NwHbqbi-k9yJg1sdS3jw_cZb2o-ZwdXujanu2sQak HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg-hgduZKFQt2_vexsQH5_9kgQqEfL8ZTN0ulxWbcOLd_LDpV5jiPp8NwHbqbi-k9yJg1sdS3jw_cZb2o-ZwdXujanu2sQak&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1663962878619 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-2dbc110e-0f37-4061-bf68-0076fc8e3bb7-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg-hgduZKFQt2_vexsQH5_9kgQqEfL8ZTN0ulxWbcOLd_LDpV5jiPp8NwHbqbi-k9yJg1sdS3jw_cZb2o-ZwdXujanu2sQak%26google_hm%3DAy28EQ4PN0Bhv2gAdvyOO7c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg-hgduZKFQt2_vexsQH5_9kgQqEfL8ZTN0ulxWbcOLd_LDpV5jiPp8NwHbqbi-k9yJg1sdS3jw_cZb2o-ZwdXujanu2sQak&google_hm=Ay28EQ4PN0Bhv2gAdvyOO7c

Request Chain 226

https://fw.adsafeprotected.com/rfw/st/1140163/65044663/4.js?ias_dspID=3&ias_campId=1009016887&ias_pubId=pub-1599777167715704&ias_chanId=1&ias_placementId=18196981561&bidurl=https://etcanada.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iFpUADFrPRa0mMNPKHpfPC&adContainerId=brand_safety__g4uY-LqC_CV9u8PzZKwiAk&cbFunctionName=goog_wrapCb__g4uY-LqC_CV9u8PzZKwiAk&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fetcanada.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:85883362-f2a6-4f6b-339c-3942f2f55d5c,c:p4m2p7,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-b97f7975-nfth8,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tihYFaR+11%7C12%7C13%7C14%7C15%7C161%7C162%7C163%7C164%7C17*.1140163-65044663%7C171%7C172%7C173%7C174%7C181%7C182%7C183%7C19,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:25,oid:8e652c74-3b79-11ed-af8f-366c4395e6b3,v:19.8.352,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js

274 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
etcanada.com/ 91 KB
23 KB 39ms
7ms Document
text/html 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e392598ef48998a8a3e7e42d728fdefa6a13b2d2b45cd4a91d51812746c53900

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1044
cache-control: max-age=300, must-revalidate
content-encoding: gzip
content-length: 23100
content-type: text/html; charset=UTF-8
date: Fri, 23 Sep 2022 19:54:35 GMT
host-header: a9130478a60e5f9135f765b23f26593b
link: <https://etcanada.com/wp-json/>; rel="https://api.w.org/"
server: nginx
strict-transport-security: max-age=86400
vary: Accept-Encoding
x-cache: hit
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
x-rq: hhn1 0 4 9980

GET
H2 200 gc.js Show response
sdk.sharethrough.com/ 266 KB
72 KB 91ms
18ms Script
application/javascript 13.227.219.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.sharethrough.com/gc.js
Requested by: Host: etcanada.com
URL: https://etcanada.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-51.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6a22585ac52bb7182e1ad9bb6fd415502dc21ade692bf0fec3eede71e47e5a6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:04:44 GMT
content-encoding: gzip
last-modified: Wed, 14 Sep 2022 14:15:58 GMT
server: AmazonS3
age: 2992
etag: W/"fdcdbaa7dac37d3e4709af61791c4ba6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 630336d6cdf08cf266841fd503dc03d0.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: ydSz4ytoLHyJ6vp60UdBpxVLLimVtNsWFgPKGRQY-LEhjMkvMHa9Bg==
expires: Wed, 14 Sep 2022 15:15:57 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 96ms
17ms Script
application/x-javascript 2600:9000:225f:da00:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: etcanada.com
URL: https://etcanada.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225f:da00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:37:24 GMT
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 00:50:34 GMT
server: nginx
age: 4631
etag: W/"62d7515a-933f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 086613b3103277577d231678b44747c2.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: TXL50-P2
x-amz-cf-id: SOI0zdyEeebMkH-hipc6Ivzkex_OP5gFX2ZLxFjS8Lrwho_CnMIOOQ==
expires: Fri, 23 Sep 2022 20:37:24 GMT

GET
H2 502 pzs6hjq.js
fonts.smdg.ca/ 0
0 693ms
349ms Script
text/html 18.155.181.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.smdg.ca/pzs6hjq.js
Requested by: Host: etcanada.com
URL: https://etcanada.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.181.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-181-110.sfo53.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 502 pzs6hjq-d.css
fonts.smdg.ca/k/c/ 0
0 626ms
282ms Stylesheet
text/html 18.155.181.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.smdg.ca/k/c/pzs6hjq-d.css
Requested by: Host: etcanada.com
URL: https://etcanada.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.181.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-181-110.sfo53.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 200 pinit.js Show response
assets.pinterest.com/js/ 361 B
448 B 228ms
16ms Script
application/javascript 2a02:26f0:10e:29a::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit.js
Requested by: Host: etcanada.com
URL: https://etcanada.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10e:29a::1931 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-x-true-ttl: 300
content-encoding: br
x-cdn: akamai
etag: "62d32c28f14783b94192cd8d35bc010d"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=276
accept-ranges: bytes
content-length: 203
access-control-expose-headers: X-CDN

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 77ms
15ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74f5d5493b7f9c07-FRA
date: Fri, 23 Sep 2022 19:54:36 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 2019
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 26 Sep 2022 19:54:36 GMT

GET
H/1.1 200
OK 183422-67482236234351.js Show response
js-sec.indexww.com/ht/p/ 110 KB
33 KB 68ms
10ms Script
text/javascript 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/183422-67482236234351.js
Requested by: Host: etcanada.com
URL: https://etcanada.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: aa2b420f60a6cd0b5f19bf066403c59bbeb84dd55178832d8ea95a75e19bf5a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:54:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Sep 2022 19:50:13 GMT
Server: Apache
ETag: "904d37-1b865-5e95d7c7dec20"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3574
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 33788
Expires: Fri, 23 Sep 2022 20:54:10 GMT

GET
H2 200 /
etcanada.com/_static/ 102 KB
14 KB 10ms
8ms Stylesheet
text/css 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://etcanada.com/_static/??-eJyNy0EKgCAQheELZUMF4iY6i+kQU6OFY4S3z01Qu5Y/731wHYqi49OjgBMBT5Jh5t1timlONhWQXBjbQLGthwbeYhUI6MkiY8CYP3GwLZgU42Jd+cfr9u4HTWHstB6MNkb3N4fWQbc=

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9a498fa67baa2666eed28350f8a5c0b49b7d5de7899b1950a68dba7342eaab7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:35 GMT
x-rq: hhn1 0 4 9980
last-modified: Thu, 22 Sep 2022 17:47:42 GMT
server: nginx
age: 92537
vary: Accept-Encoding
x-cache: hit
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
strict-transport-security: max-age=86400
accept-ranges: bytes
content-encoding: gzip
content-length: 14667

GET
H2 200 /
etcanada.com/_static/ 114 KB
21 KB 11ms
9ms Stylesheet
text/css 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://etcanada.com/_static/??-eJytkNEKwjAMRX/IGpyj+CJ+S6yRFrOuejPG/t5qP2AOfAkkOfdAQnNxYcwm2ciiDAJC5NmJucCZb0z3ugWlChFsUdkHYEersUqRpitBU3jU4WucINraVv8mct/gBh2X8iPdjoc8J1EHzmg/QBSxj+IynA/eH/2p77r+DZ5CenI=

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

47d9e538e3d78e4434f4ecce92f167844e6e078e8cf7e8d4e715d6c7f5606687

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:35 GMT
x-rq: hhn1 0 4 9980
last-modified: Tue, 20 Sep 2022 14:30:24 GMT
server: nginx
age: 175933
vary: Accept-Encoding
x-cache: hit
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
strict-transport-security: max-age=86400
accept-ranges: bytes
content-encoding: gzip
content-length: 21162

GET
H2 200 critical-mobile.css
etcanada.com/wp-content/themes/shaw-et-canada/assets/dist/css/ 60 B
166 B 12ms
10ms Stylesheet
text/css 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://etcanada.com/wp-content/themes/shaw-et-canada/assets/dist/css/critical-mobile.css?ver=SlSknGpsWIQ71WmuJUtTwruP%2Byw%3D

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a3685d0b9189593704de2adbaf3e672cbe61b513a5820a418ddd2275d6cc8f3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:35 GMT
x-rq: hhn1 0 4 9980
last-modified: Tue, 20 Sep 2022 14:37:52 GMT
server: nginx
age: 277943
etag: "6329d040-3c"
strict-transport-security: max-age=86400
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 60
expires: Sat, 23 Sep 2023 19:54:35 GMT

GET
H2 200 critical-tablet-portrait.css
etcanada.com/wp-content/themes/shaw-et-canada/assets/dist/css/ 60 B
92 B 12ms
10ms Stylesheet
text/css 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://etcanada.com/wp-content/themes/shaw-et-canada/assets/dist/css/critical-tablet-portrait.css?ver=NHeL8MzJPAkEGkqGTiSknnimWYE%3D

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

049bd93e3d3c2a907fa1344dd4dc97bccb8af25a5817fa76f25233b606e6d724

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:35 GMT
x-rq: hhn1 0 4 9980
last-modified: Tue, 20 Sep 2022 14:37:52 GMT
server: nginx
age: 277943
etag: "6329d040-3c"
strict-transport-security: max-age=86400
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 60
expires: Sat, 23 Sep 2023 19:54:35 GMT

GET
H2 200 critical-tablet-landscape.css
etcanada.com/wp-content/themes/shaw-et-canada/assets/dist/css/ 61 B
108 B 20ms
19ms Stylesheet
text/css 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://etcanada.com/wp-content/themes/shaw-et-canada/assets/dist/css/critical-tablet-landscape.css?ver=ZnSddyzMIoPjBGWlh%2F%2B0szfgtoQ%3D

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

77b68fb7472cab3e4a1f6a04fc54f0df50f7775d0fe9d3f4c17aaa6854785a56

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:35 GMT
x-rq: hhn1 0 4 9980
last-modified: Tue, 20 Sep 2022 14:37:52 GMT
server: nginx
age: 277943
etag: "6329d040-3d"
strict-transport-security: max-age=86400
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 61
expires: Sat, 23 Sep 2023 19:54:35 GMT

GET
H2 200 critical-desktop.css
etcanada.com/wp-content/themes/shaw-et-canada/assets/dist/css/ 61 B
93 B 20ms
19ms Stylesheet
text/css 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://etcanada.com/wp-content/themes/shaw-et-canada/assets/dist/css/critical-desktop.css?ver=hWf%2BaRRTtDWl5PMzNS%2Fx8SPkwOs%3D

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b64b6db6c9030b464fb50d70445fa8632050958f7f0f84fca28ab655fadb022b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:35 GMT
x-rq: hhn1 0 4 9980
last-modified: Tue, 20 Sep 2022 14:37:52 GMT
server: nginx
age: 277943
etag: "6329d040-3d"
strict-transport-security: max-age=86400
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 61
expires: Sat, 23 Sep 2023 19:54:35 GMT

GET
H2 200 jetpack.css
etcanada.com/wp-content/mu-plugins/jetpack-11.3/css/ 84 KB
16 KB 20ms
19ms Stylesheet
text/css 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://etcanada.com/wp-content/mu-plugins/jetpack-11.3/css/jetpack.css?m=1663698619g

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

48fdcad6248cad75d16876289b4543334d70d7aab6c06f79160034568468f813

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:35 GMT
x-rq: hhn1 0 4 9980
last-modified: Tue, 20 Sep 2022 18:30:19 GMT
server: nginx
age: 262989
etag: W/"632a06bb-14eba"
vary: Accept-Encoding
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
strict-transport-security: max-age=86400
accept-ranges: bytes
content-encoding: gzip
content-length: 16420
expires: Sat, 23 Sep 2023 19:54:35 GMT

GET
H2 200 / Show response
etcanada.com/_static/ 106 KB
36 KB 17ms
16ms Script
application/javascript 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://etcanada.com/_static/??-eJyNjTsOAjEMRC+ENwKkKA3iLCYx+Sjxhny0wOlxQUGFVhp5ppjnUVuFyDZPR10l0WNSe31tKZGX1A/qXwlK9A0H/ZbtyoN4qBGoCNIDbkADLDI6VDVPH7krizYQYMKnRLn7aNnHgu+V4Radi+whUK7U9u/LBxoW3L0Cui7MtVyOWp+NNkaf0gduLGRv

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

37eb5b8eeb1baef972546736d1305ce4e59799df10e7673177322b3b619d6811

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:35 GMT
x-rq: hhn1 0 4 9980
last-modified: Thu, 22 Sep 2022 17:47:42 GMT
server: nginx
age: 92537
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=86400
accept-ranges: bytes
content-encoding: gzip
content-length: 36748

GET
H2 502 pzs6hjq.js
fonts.smdg.ca/ 0
0 627ms
285ms Script
text/html 18.155.181.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.smdg.ca/pzs6hjq.js?ver=6.0.2
Requested by: Host: etcanada.com
URL: https://etcanada.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.181.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-181-110.sfo53.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 200 etc-watcher.min.js Show response
etcanada.com/wp-content/themes/shaw-et-canada/js/ 2 KB
935 B 19ms
18ms Script
application/javascript 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://etcanada.com/wp-content/themes/shaw-et-canada/js/etc-watcher.min.js?m=1663684224g

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d81980bb8bc8ea1bc0114e5cd385034ea3a4a27eb8aa689294980dbd54488460

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:35 GMT
x-rq: hhn1 0 4 9980
last-modified: Tue, 20 Sep 2022 14:30:24 GMT
server: nginx
age: 175933
etag: W/"6329ce80-805"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=86400
accept-ranges: bytes
content-encoding: gzip
content-length: 883
expires: Sat, 23 Sep 2023 19:54:35 GMT

GET
H2 200 utils~main.bundle.js Show response
etcanada.com/wp-content/themes/shaw-et-canada/assets/dist/js/ 2 KB
1 KB 32ms
8ms Script
application/javascript 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://etcanada.com/wp-content/themes/shaw-et-canada/assets/dist/js/utils~main.bundle.js?ver=oYz8HrVE2Vo214UaUZhcQ4%2Bl7Zg%3D

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d8c443940dfbf232229d37f4b9e806534d29da126b80356a24c4295b48c4b577

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 0 4 9980
last-modified: Tue, 06 Sep 2022 19:21:17 GMT
server: nginx
age: 600051
etag: W/"63179dad-988"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=86400
accept-ranges: bytes
content-encoding: gzip
content-length: 1307
expires: Sat, 23 Sep 2023 19:54:36 GMT

GET
H2 200 vendor~main.bundle.js Show response
etcanada.com/wp-content/themes/shaw-et-canada/assets/dist/js/ 2 KB
1 KB 29ms
5ms Script
application/javascript 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://etcanada.com/wp-content/themes/shaw-et-canada/assets/dist/js/vendor~main.bundle.js?ver=SKNxj%2B6e40o8CQZBXwWcYR%2BdNZA%3D

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6a373da02e16acbf89679342d16f87653a31a830d9a0ac1ff7b3994fd21288d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 0 4 9980
last-modified: Tue, 06 Sep 2022 19:21:17 GMT
server: nginx
age: 600051
etag: W/"63179dad-8db"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=86400
accept-ranges: bytes
content-encoding: gzip
content-length: 1172
expires: Sat, 23 Sep 2023 19:54:36 GMT

GET
H2 200 main.bundle.js Show response
etcanada.com/wp-content/themes/shaw-et-canada/assets/dist/js/ 8 KB
3 KB 29ms
6ms Script
application/javascript 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://etcanada.com/wp-content/themes/shaw-et-canada/assets/dist/js/main.bundle.js?ver=1afEk0YIYo%2Fn4Iehlpa41QHp9ZI%3D

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

1114bef5e1f745b3f4293c8f7de173435e1a6d52d1494b2b03d1c5e70d5e5fa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 0 4 9980
last-modified: Tue, 06 Sep 2022 19:21:17 GMT
server: nginx
age: 600219
etag: W/"63179dad-1fce"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=86400
accept-ranges: bytes
content-encoding: gzip
content-length: 2705
expires: Sat, 23 Sep 2023 19:54:36 GMT

GET
H2 200 vendor~styles.bundle.js Show response
etcanada.com/wp-content/themes/shaw-et-canada/assets/dist/js/ 6 KB
2 KB 29ms
7ms Script
application/javascript 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://etcanada.com/wp-content/themes/shaw-et-canada/assets/dist/js/vendor~styles.bundle.js?ver=Ea1FEOfpzvj0BoXnTwiSperpx34%3D

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f955a8754576b9d8ee8afb211e5fc63e79ea250aac588a16fa295eaa3a8ba95e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 0 4 9980
last-modified: Tue, 06 Sep 2022 19:21:17 GMT
server: nginx
age: 600051
etag: W/"63179dad-167f"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=86400
accept-ranges: bytes
content-encoding: gzip
content-length: 2390
expires: Sat, 23 Sep 2023 19:54:36 GMT

GET
H2 200 styles.bundle.js Show response
etcanada.com/wp-content/themes/shaw-et-canada/assets/dist/js/ 3 KB
1 KB 29ms
7ms Script
application/javascript 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://etcanada.com/wp-content/themes/shaw-et-canada/assets/dist/js/styles.bundle.js?ver=LhbjDQufyWTRaj%2BQS4dSDNtTfb4%3D

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f7c758c5fa72559c55f3ab340e4066ece8ed39ead00fa2332da8c9e5663c3998

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 0 4 9980
last-modified: Tue, 06 Sep 2022 19:21:17 GMT
server: nginx
age: 600051
etag: W/"63179dad-ae1"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=86400
accept-ranges: bytes
content-encoding: gzip
content-length: 1329
expires: Sat, 23 Sep 2023 19:54:36 GMT

GET
H2 200 f7e98148-cb09-4cf1-9b9f-b5aee3465d6e-web.js Show response
f7e98148-cb09-4cf1-9b9f-b5aee3465d6e.edge.permutive.app/ 328 KB
96 KB 125ms
56ms Script
application/javascript 2606:4700::6812:551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://f7e98148-cb09-4cf1-9b9f-b5aee3465d6e.edge.permutive.app/f7e98148-cb09-4cf1-9b9f-b5aee3465d6e-web.js
Requested by: Host: etcanada.com
URL: https://etcanada.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6c19d22586dd9c2ed2d4f7285feabecd3c7065073c29da20799cd1fe5b2ddbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: f7e98148-cb09-4cf1-9b9f-b5aee3465d6e
age: 3456
x-guploader-uploadid: ADPycduqXQeY4XgXsYf0YJ44UJmjD9ozn97OQnbv8DUzc_I-MkFr8SUmrnfRs2A-ef1Jx5qX2-xSh6cTlski4V1S-eSdiA
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/javascript
last-modified: Fri, 23 Sep 2022 16:53:58 GMT
server: cloudflare
etag: W/"d71a758d9bcea50b98d381fac3f518bd"
vary: Accept-Encoding
x-goog-hash: crc32c=GIgOYA==, md5=1xp1jZvOpQuY04H6w/UYvQ==
x-goog-generation: 1663952038652292
cache-control: public, max-age=900
x-goog-stored-content-length: 101254
cf-ray: 74f5d5495aed9be6-FRA
expires: Fri, 23 Sep 2022 20:09:36 GMT

GET
H2 200 launch-EN6bb9ef052fe24388b9d1ae37a0dd4e00.min.js Show response
assets.adobedtm.com/ 289 KB
72 KB 122ms
16ms Script
application/x-javascript 2a02:26f0:10e:2b7::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-EN6bb9ef052fe24388b9d1ae37a0dd4e00.min.js
Requested by: Host: etcanada.com
URL: https://etcanada.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10e:2b7::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 5999e7642540f430a14f047e07bacce4af47f7e2bdfd9efca91873ad2469e270

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62: 8096267
date: Fri, 23 Sep 2022 19:54:36 GMT
content-encoding: gzip
last-modified: Mon, 22 Nov 2021 15:49:47 GMT
server: AkamaiNetStorage
etag: "cb7bda4a508a571013786b888e1838c0:1637596187.219785"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://etcanada.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 73005
expires: Fri, 23 Sep 2022 20:54:36 GMT

GET
H2 200 etcanada-blue.png
etcanada.com/wp-content/uploads/2019/08/ 3 KB
3 KB 29ms
8ms Image
image/webp 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://etcanada.com/wp-content/uploads/2019/08/etcanada-blue.png?w=90

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c594517c1ff134ee9b8a63fc25a441c757e40bc021998f5acc0575e047975ac7

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 109 142 443
last-modified: Wed, 08 Dec 2021 16:57:58 GMT
server: nginx
etag: "050fd0130ea4ddae"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 3014
expires: Thu, 08 Dec 2022 16:57:58 GMT

GET
H2 200 ad-choices.png
etcanada.com/wp-content/themes/shaw-et-canada/img/logos/ 2 KB
1 KB 31ms
11ms Image
image/png 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://etcanada.com/wp-content/themes/shaw-et-canada/img/logos/ad-choices.png

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4719304d7183a3513c3b135aca53068b68e5568f814af3800ca55694d1d4bcd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 0 4 9980
last-modified: Tue, 21 Jun 2022 20:49:12 GMT
server: nginx
age: 5009363
etag: W/"62b22ec8-639"
strict-transport-security: max-age=86400
x-cache: hit
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 1162
expires: Sat, 23 Sep 2023 19:54:36 GMT

GET
H2 200 Shania-Twain-Photo-Credit_-Louie-Banks-1.jpg
etcanada.com/wp-content/uploads/2022/09/ 16 KB
17 KB 28ms
8ms Image
image/webp 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://etcanada.com/wp-content/uploads/2022/09/Shania-Twain-Photo-Credit_-Louie-Banks-1.jpg?quality=80&strip=all&w=816&h=459&crop=1

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

197558ffb5c4359f076e151a5269611d932881ffdcc921b4994ec9ccfdc055d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 109 195 443
last-modified: Fri, 23 Sep 2022 10:53:30 GMT
server: nginx
etag: "94faf09e850610ac"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 16822
expires: Sat, 23 Sep 2023 10:53:30 GMT

GET
H2 200 GettyImages-1414355199.jpg
etcanada.com/wp-content/uploads/2022/08/ 4 KB
4 KB 28ms
8ms Image
image/webp 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://etcanada.com/wp-content/uploads/2022/08/GettyImages-1414355199.jpg?quality=80&strip=all&w=300&h=200&crop=1

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

96600000e134def3d084e36025de36806814fc694e8eb5477b0a8f9fc819688d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 109 198 443
last-modified: Fri, 23 Sep 2022 12:20:43 GMT
server: nginx
etag: "b8d184e91ab7ea5e"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 3956
expires: Sat, 23 Sep 2023 12:20:43 GMT

GET
H2 200 CP157814822.jpg
etcanada.com/wp-content/uploads/2022/09/ 5 KB
5 KB 27ms
9ms Image
image/webp 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://etcanada.com/wp-content/uploads/2022/09/CP157814822.jpg?quality=80&strip=all&w=300&h=200&crop=1

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

bda3074cd0ab4ba9747eef15def41167cba17adc95c73a7b3abf7acfe9ece320

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 109 88 443
last-modified: Mon, 19 Sep 2022 00:13:05 GMT
server: nginx
etag: "c8e95d8654ac31d4"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 4934
expires: Tue, 19 Sep 2023 00:13:05 GMT

GET
H2 200 image002.png
etcanada.com/wp-content/uploads/2022/09/ 65 KB
65 KB 34ms
16ms Image
image/webp 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://etcanada.com/wp-content/uploads/2022/09/image002.png?w=300&h=200&crop=1

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f1965afdf18f461f3d36e15fcae4f59fd3dda3adaa77f71570d5c525bba33f11

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 109 27 443
last-modified: Fri, 23 Sep 2022 17:09:49 GMT
server: nginx
etag: "c9000b160b1a41e5"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 66822
expires: Sat, 23 Sep 2023 17:09:49 GMT

GET
H2 200 GettyImages-1421791462.jpg
etcanada.com/wp-content/uploads/2022/09/ 9 KB
9 KB 34ms
16ms Image
image/jpeg 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://etcanada.com/wp-content/uploads/2022/09/GettyImages-1421791462.jpg?quality=80&strip=all&w=300&h=200&crop=1

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e42cb1852c100ca44ebf37a76b86d287d2d3fb7e408da1ae8656bfa752731d51

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 109 84 443
x-optim-disabled: true
last-modified: Fri, 23 Sep 2022 19:41:51 GMT
server: nginx
etag: "7d9d5e77ebcbc31a"
vary: Accept
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 9480
expires: Sat, 23 Sep 2023 19:41:51 GMT

GET
H2 200 de-grasse-kyla-grey-colas-getty.jpg
etcanada.com/wp-content/uploads/2022/09/ 11 KB
11 KB 34ms
17ms Image
image/webp 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://etcanada.com/wp-content/uploads/2022/09/de-grasse-kyla-grey-colas-getty.jpg?quality=80&strip=all&w=300&h=200&crop=1

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6ee5b409d544d9bb2d9efe13cf0cc1d1f63f5273573383731b6f5c2fd710e393

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 109 83 443
last-modified: Fri, 23 Sep 2022 19:32:23 GMT
server: nginx
etag: "afd1b7fb6f1d0260"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 11598
expires: Sat, 23 Sep 2023 19:32:23 GMT

GET
H2 200 GettyImages-1423627103.jpg
etcanada.com/wp-content/uploads/2022/09/ 12 KB
12 KB 34ms
17ms Image
image/webp 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://etcanada.com/wp-content/uploads/2022/09/GettyImages-1423627103.jpg?quality=80&strip=all&w=300&h=200&crop=1

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

1b34052b8cab45956cc21549aaeef9a10210e06ace870b6a9aaf96a106341df3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 109 86 443
last-modified: Fri, 23 Sep 2022 19:20:47 GMT
server: nginx
etag: "2b2d33f2894d111b"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 12034
expires: Sat, 23 Sep 2023 19:20:47 GMT

GET
H2 200 kardashians_201_screengrab_05rt.jpg
etcanada.com/wp-content/uploads/2022/09/ 6 KB
6 KB 34ms
18ms Image
image/webp 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://etcanada.com/wp-content/uploads/2022/09/kardashians_201_screengrab_05rt.jpg?quality=80&strip=all&w=300&h=200&crop=1

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ba1f00a63fa276bd7e04861072fbc5259e508b56f8cd1edd0cc935b5d0145a9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 109 32 443
last-modified: Fri, 23 Sep 2022 19:20:46 GMT
server: nginx
etag: "c0b19740ab1a2271"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 6274
expires: Sat, 23 Sep 2023 19:20:46 GMT

GET
H2 200 SPT_BTS_Pair_Press_2x3_2000x3000_wBranding1.jpg
etcanada.com/wp-content/uploads/2022/09/ 9 KB
9 KB 34ms
18ms Image
image/webp 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://etcanada.com/wp-content/uploads/2022/09/SPT_BTS_Pair_Press_2x3_2000x3000_wBranding1.jpg?quality=80&strip=all&w=300&h=200&crop=1

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0db11402fe1f21932bab57397d9a98920a29b7970a193a32da86aab7effe2b4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 109 198 443
last-modified: Fri, 23 Sep 2022 18:45:05 GMT
server: nginx
etag: "d37b15973c1fcba5"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 9142
expires: Sat, 23 Sep 2023 18:45:05 GMT

GET
H2 200 shutterstock_editorial_13097487ka.jpg
etcanada.com/wp-content/uploads/2022/08/ 5 KB
6 KB 34ms
18ms Image
image/webp 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://etcanada.com/wp-content/uploads/2022/08/shutterstock_editorial_13097487ka.jpg?quality=80&strip=all&w=300&h=200&crop=1

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f1315f43a24e1326ce79eec64bf054ab30a550917a44fadd18eaa870a3c03230

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 109 195 443
last-modified: Fri, 23 Sep 2022 18:33:42 GMT
server: nginx
etag: "7f775f8fc13b746f"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 5544
expires: Sat, 23 Sep 2023 18:33:42 GMT

GET
H2 200 GettyImages-1426419339.jpg
etcanada.com/wp-content/uploads/2022/09/ 13 KB
13 KB 34ms
19ms Image
image/jpeg 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://etcanada.com/wp-content/uploads/2022/09/GettyImages-1426419339.jpg?quality=80&strip=all&w=300&h=200&crop=1

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

50bf4b59f0563526a2abe05498839750aa2c6de268a895a362cea89af8f80fe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 109 86 443
x-optim-disabled: true
last-modified: Fri, 23 Sep 2022 18:24:37 GMT
server: nginx
etag: "b73883d30c2f0076"
vary: Accept
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 13532
expires: Sat, 23 Sep 2023 18:24:37 GMT

GET
H2 200 GettyImages-642478006-e1663871152855.jpg
etcanada.com/wp-content/uploads/2022/09/ 9 KB
9 KB 34ms
19ms Image
image/webp 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://etcanada.com/wp-content/uploads/2022/09/GettyImages-642478006-e1663871152855.jpg?quality=80&strip=all&w=300&h=200&crop=1

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

59e63c5ea9e19576eeb92bd2f84cd59d117d49fe6ebc7b1be36ac550d3d9d08b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 109 198 443
last-modified: Thu, 22 Sep 2022 19:42:50 GMT
server: nginx
etag: "97a9273515037a73"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 9118
expires: Fri, 22 Sep 2023 19:42:50 GMT

GET
H2 200 shutterstock_editorial_13001691ez-e1662148960163.jpg
etcanada.com/wp-content/uploads/2022/09/ 4 KB
4 KB 34ms
20ms Image
image/webp 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://etcanada.com/wp-content/uploads/2022/09/shutterstock_editorial_13001691ez-e1662148960163.jpg?quality=80&strip=all&w=300&h=200&crop=1

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b03a5e81c7b1dbec3b476b1651739198697ccd66a159d0abb0004da9486b3d5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 109 196 443
last-modified: Fri, 23 Sep 2022 17:55:54 GMT
server: nginx
etag: "cf189456463a5500"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 3940
expires: Sat, 23 Sep 2023 17:55:54 GMT

GET
H2 200 GettyImages-1425749504.jpg
etcanada.com/wp-content/uploads/2022/09/ 6 KB
7 KB 34ms
20ms Image
image/webp 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://etcanada.com/wp-content/uploads/2022/09/GettyImages-1425749504.jpg?quality=80&strip=all&w=300&h=200&crop=1

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4f0634f2e70a9da179f16e4d196de69ae2e21076ddd8689baea8be262aaceb30

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 109 86 443
last-modified: Fri, 23 Sep 2022 17:46:56 GMT
server: nginx
etag: "21f895f22cbc726a"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 6550
expires: Sat, 23 Sep 2023 17:46:56 GMT

GET
H2 200 web-MYSTIC-RAISIN-BRICK-340x150-co-brand.jpg
etcanada.com/wp-content/uploads/2022/09/ 9 KB
9 KB 34ms
21ms Image
image/webp 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://etcanada.com/wp-content/uploads/2022/09/web-MYSTIC-RAISIN-BRICK-340x150-co-brand.jpg?quality=80&strip=all&w=340&h=150&crop=1

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e24080a4c68278b7b750ab0afdb20beea8a9dfce46c77515425a80457af40880

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 109 144 443
last-modified: Fri, 02 Sep 2022 20:22:36 GMT
server: nginx
etag: "5f46763107574c6b"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 9002
expires: Sat, 02 Sep 2023 20:22:36 GMT

GET
H2 200 royals-brick-340x150-1.jpg
etcanada.com/wp-content/uploads/2020/02/ 4 KB
4 KB 35ms
21ms Image
image/webp 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://etcanada.com/wp-content/uploads/2020/02/royals-brick-340x150-1.jpg?quality=80&strip=all&w=340&h=150&crop=1

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

8a69378b86aacac2b861e8245d09d96827d39415bde1fd16167e0da0279f85ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 109 84 443
last-modified: Mon, 30 May 2022 09:37:00 GMT
server: nginx
etag: "f7a5f5e44879e567"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 3990
expires: Tue, 30 May 2023 09:37:00 GMT

GET
H2 200 Ford_CCMA_ETC_Country_Club_340x150.jpg
etcanada.com/wp-content/uploads/2022/09/ 7 KB
7 KB 35ms
21ms Image
image/webp 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://etcanada.com/wp-content/uploads/2022/09/Ford_CCMA_ETC_Country_Club_340x150.jpg?quality=80&strip=all&w=340&h=150&crop=1

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

500b07e36d61bf9c6f14dd6e8ff5c285a770fb4acb035fbec0e64328a24ab0e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 109 195 443
last-modified: Mon, 12 Sep 2022 20:23:19 GMT
server: nginx
etag: "f25f434bb9656754"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 6800
expires: Tue, 12 Sep 2023 20:23:19 GMT

GET
H2 200 5b7753aa-7d67-4aee-a43e-ade8290ecb41.jpg
etcanada.com/wp-content/uploads/2022/06/ 11 KB
11 KB 34ms
21ms Image
image/webp 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://etcanada.com/wp-content/uploads/2022/06/5b7753aa-7d67-4aee-a43e-ade8290ecb41.jpg?quality=80&strip=all

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c93b484f52ff72b6b6c310615b851dd7eda7357da6e5fe27c2076971f51a7d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 109 84 443
last-modified: Tue, 21 Jun 2022 20:55:47 GMT
server: nginx
etag: "9fe7fc7ac6f7a477"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 11322
expires: Wed, 21 Jun 2023 20:55:47 GMT

GET
H2 200 newsletter-small.jpg
etcanada.com/wp-content/themes/shaw-et-canada/img/newsletter/ 28 KB
28 KB 47ms
34ms Image
image/jpeg 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://etcanada.com/wp-content/themes/shaw-et-canada/img/newsletter/newsletter-small.jpg

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

263fa46a0523bc2bd7ad8a7f6a73a53db60b8e55ddb556ad9f22366f375d971b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 0 4 9980
last-modified: Tue, 21 Jun 2022 20:49:12 GMT
server: nginx
age: 5008928
etag: W/"62b22ec8-6fed"
strict-transport-security: max-age=86400
x-cache: hit
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 28495
expires: Sat, 23 Sep 2023 19:54:36 GMT

GET
H2 200 HGTV-Canada_Pamela-Anderson_PGE2.jpg
etcanada.com/wp-content/uploads/2022/09/ 1 KB
1 KB 34ms
22ms Image
image/webp 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://etcanada.com/wp-content/uploads/2022/09/HGTV-Canada_Pamela-Anderson_PGE2.jpg?quality=80&strip=all&crop=0px%2C0px%2C5464px%2C3656px&resize=145%2C97

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d95bf7b208c7b065ccfedeaab1b39124dcd0ffc098f04df4739839f79993fcd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 109 139 443
last-modified: Fri, 23 Sep 2022 00:49:18 GMT
server: nginx
etag: "409d7ee066e25c29"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 1092
expires: Sat, 23 Sep 2023 00:49:18 GMT

GET
H2 200 HR_PROPOSAL_COTTAGE-_2022-KATHERINE-HOLLAND-65.jpg
etcanada.com/wp-content/uploads/2022/09/ 4 KB
4 KB 34ms
22ms Image
image/webp 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://etcanada.com/wp-content/uploads/2022/09/HR_PROPOSAL_COTTAGE-_2022-KATHERINE-HOLLAND-65.jpg?quality=80&strip=all&w=145&h=97&crop=1

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

eb9b779632120efcf62ae31e31b58177f54fc3d685b7152315a7cabb25bcf2e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 109 84 443
last-modified: Fri, 23 Sep 2022 00:23:19 GMT
server: nginx
etag: "54fb273d16651145"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 3736
expires: Sat, 23 Sep 2023 00:23:19 GMT

GET
H2 200 CP11772531.jpg
etcanada.com/wp-content/uploads/2022/09/ 2 KB
2 KB 34ms
22ms Image
image/webp 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://etcanada.com/wp-content/uploads/2022/09/CP11772531.jpg?quality=80&strip=all&w=145&h=97&crop=1

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

07625b415cb12bf9a668cb5de34003e0159ba2975f82627ca32e7132724847de

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 109 30 443
last-modified: Fri, 23 Sep 2022 04:04:30 GMT
server: nginx
etag: "c7113be7c3e62038"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 2416
expires: Sat, 23 Sep 2023 04:04:30 GMT

GET
H2 200 gayleroyals.jpg
etcanada.com/wp-content/uploads/2022/09/ 4 KB
4 KB 34ms
23ms Image
image/webp 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://etcanada.com/wp-content/uploads/2022/09/gayleroyals.jpg?quality=80&strip=all&w=145&h=97&crop=1

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c55d43682f88f457c8246beb266b870ee0d0025f3d32912772b581d5fe7feef1

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 109 27 443
last-modified: Fri, 23 Sep 2022 04:05:18 GMT
server: nginx
etag: "a78093631b25fe8a"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 4414
expires: Sat, 23 Sep 2023 04:05:18 GMT

GET
H2 200 GettyImages-1426419339.jpg
etcanada.com/wp-content/uploads/2022/09/ 19 KB
19 KB 34ms
23ms Image
image/webp 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://etcanada.com/wp-content/uploads/2022/09/GettyImages-1426419339.jpg?quality=80&strip=all&w=300&h=500&crop=1

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4b4d03899d145873efce94fc2f7eee04b2146deb3d9431743c2296b85440b3cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 109 86 443
last-modified: Fri, 23 Sep 2022 18:33:42 GMT
server: nginx
etag: "8ad2a7769dfe261e"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 19662
expires: Sat, 23 Sep 2023 18:33:42 GMT

GET
H2 200 shutterstock_editorial_13402840au.jpg
etcanada.com/wp-content/uploads/2022/08/ 24 KB
24 KB 34ms
23ms Image
image/webp 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://etcanada.com/wp-content/uploads/2022/08/shutterstock_editorial_13402840au.jpg?quality=80&strip=all&w=300&h=500&crop=1

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

587aab8023bc6a87c6abd09ce03a769fce321c6e2ba487c763899cae70e5da32

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 109 195 443
last-modified: Tue, 20 Sep 2022 17:42:33 GMT
server: nginx
etag: "8f9199af73bbed8b"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 24396
expires: Wed, 20 Sep 2023 17:42:33 GMT

GET
H2 200 BGUS_2463802_0011.jpg
etcanada.com/wp-content/uploads/2022/09/ 23 KB
23 KB 34ms
23ms Image
image/webp 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://etcanada.com/wp-content/uploads/2022/09/BGUS_2463802_0011.jpg?quality=80&strip=all&w=300&h=500&crop=1

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

61e3b264a12d9dadf548b505741b0dda1e38c4c87c9a6c1c8cf17c9dc9a653d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 109 144 443
last-modified: Tue, 20 Sep 2022 17:42:33 GMT
server: nginx
etag: "905aea4d8aa36331"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 23264
expires: Wed, 20 Sep 2023 17:42:33 GMT

GET
H2 200 shutterstock_editorial_13393076ad.jpg
etcanada.com/wp-content/uploads/2022/09/ 10 KB
10 KB 34ms
24ms Image
image/webp 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://etcanada.com/wp-content/uploads/2022/09/shutterstock_editorial_13393076ad.jpg?quality=80&strip=all&w=300&h=500&crop=1

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

8a5586026212b7c47b4cf72ea723877df8d75913407ea389e8300c8b5cbfdcde

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 109 32 443
last-modified: Fri, 16 Sep 2022 17:58:40 GMT
server: nginx
etag: "4a65d87d5228576a"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 10208
expires: Sat, 16 Sep 2023 17:58:40 GMT

GET
H2 200 ETC092322TheChallenge.png
i0.wp.com/media.globaltv.com/videostatic/vms/py8wmss7mk-lyz4dnhhsp/ 2 KB
3 KB 60ms
8ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/media.globaltv.com/videostatic/vms/py8wmss7mk-lyz4dnhhsp/ETC092322TheChallenge.png?w=145&h=97&quality=60

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

6f9cd656ca1edc5c21e8fa922989bdc26cda12e81a3b90db8294b2a1308b827e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Fri, 23 Sep 2022 19:54:36 GMT
x-content-type-options: nosniff
last-modified: Fri, 23 Sep 2022 18:33:42 GMT
server: nginx
etag: "f982ce63ba4494bb"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://media.globaltv.com/videostatic/vms/py8wmss7mk-lyz4dnhhsp/ETC092322TheChallenge.png>; rel="canonical"
content-length: 2280
expires: Mon, 23 Sep 2024 06:33:42 GMT

GET
H2 200 ETC092322EddieandJessica.png
i2.wp.com/media.globaltv.com/videostatic/vms/cpz0jva1uc-8fwu0vjnfb/ 2 KB
2 KB 54ms
7ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/media.globaltv.com/videostatic/vms/cpz0jva1uc-8fwu0vjnfb/ETC092322EddieandJessica.png?w=145&h=97&quality=60

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

e551933c7f99fb030414ee2f11b6b871fbc19f782e545db0c19ac33a5b20962b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 23 Sep 2022 19:54:36 GMT
x-content-type-options: nosniff
last-modified: Fri, 23 Sep 2022 16:44:09 GMT
server: nginx
etag: "21226d4a475bdce0"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://media.globaltv.com/videostatic/vms/cpz0jva1uc-8fwu0vjnfb/ETC092322EddieandJessica.png>; rel="canonical"
content-length: 1596
expires: Mon, 23 Sep 2024 04:44:09 GMT

GET
H2 200 ETC092322RoyalsAndVolunteers.png
i1.wp.com/media.globaltv.com/videostatic/vms/zr3kg3o4pd-b5nghakvhw/ 2 KB
2 KB 55ms
8ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/media.globaltv.com/videostatic/vms/zr3kg3o4pd-b5nghakvhw/ETC092322RoyalsAndVolunteers.png?w=145&h=97&quality=60

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

fcb67ace0547b06124c2654c78207299a3e34c5e8a501feb07e4aff221bd89e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Fri, 23 Sep 2022 19:54:36 GMT
x-content-type-options: nosniff
last-modified: Fri, 23 Sep 2022 13:59:56 GMT
server: nginx
etag: "95da726c376d912e"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://media.globaltv.com/videostatic/vms/zr3kg3o4pd-b5nghakvhw/ETC092322RoyalsAndVolunteers.png>; rel="canonical"
content-length: 1618
expires: Mon, 23 Sep 2024 01:59:56 GMT

GET
H2 200 GLOB0056780340000011_1_thumbnail.jpeg
i0.wp.com/media.globaltv.com/videostatic/vms/GlobalTV/GLOB0056780340000000/ 2 KB
2 KB 60ms
8ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/media.globaltv.com/videostatic/vms/GlobalTV/GLOB0056780340000000/GLOB0056780340000011_1_thumbnail.jpeg?w=145&h=97&quality=60

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

0123c48ffdcdbda87db60d6a1d97a9cfb579f28ce410fca2b3b5b2330d446c03

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Fri, 23 Sep 2022 19:54:36 GMT
x-content-type-options: nosniff
last-modified: Thu, 22 Sep 2022 20:48:29 GMT
server: nginx
etag: "77133e2c8f64a508"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://media.globaltv.com/videostatic/vms/GlobalTV/GLOB0056780340000000/GLOB0056780340000011_1_thumbnail.jpeg>; rel="canonical"
content-length: 2064
expires: Sun, 22 Sep 2024 08:48:29 GMT

GET
H2 200 YOUTUBE_thumb.jpg
i1.wp.com/media.globaltv.com/videostatic/vms/mu2iv5vpnw-f529opzttp/ 2 KB
2 KB 55ms
9ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/media.globaltv.com/videostatic/vms/mu2iv5vpnw-f529opzttp/YOUTUBE_thumb.jpg?w=145&h=97&quality=60

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

1ba87215e7a9aaf987a5608186a0fdc9a7ad211178a91fe731e2477e2988f2a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Fri, 23 Sep 2022 19:54:36 GMT
x-content-type-options: nosniff
last-modified: Thu, 22 Sep 2022 20:48:29 GMT
server: nginx
etag: "e5fd30379c5e7d51"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://media.globaltv.com/videostatic/vms/mu2iv5vpnw-f529opzttp/YOUTUBE_thumb.jpg>; rel="canonical"
content-length: 1914
expires: Sun, 22 Sep 2024 08:48:29 GMT

GET
H2 200 HR_PROPOSAL_COTTAGE-_2022-KATHERINE-HOLLAND-65.jpg
etcanada.com/wp-content/uploads/2022/09/ 19 KB
19 KB 33ms
24ms Image
image/webp 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://etcanada.com/wp-content/uploads/2022/09/HR_PROPOSAL_COTTAGE-_2022-KATHERINE-HOLLAND-65.jpg?quality=80&strip=all&w=387&h=258&crop=1

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

49ff5bdb93b7f34bb606974d1e30fdeb0836580dc8f8efada363545b5365efb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 109 84 443
last-modified: Thu, 22 Sep 2022 22:09:32 GMT
server: nginx
etag: "7ca228f3fda488cf"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 19452
expires: Fri, 22 Sep 2023 22:09:32 GMT

GET
H2 200 shutterstock_editorial_13402840au.jpg
etcanada.com/wp-content/uploads/2022/08/ 18 KB
18 KB 33ms
24ms Image
image/webp 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://etcanada.com/wp-content/uploads/2022/08/shutterstock_editorial_13402840au.jpg?quality=80&strip=all&w=387&h=258&crop=1

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

634c8cda4fe02873bea2ab020bd3314ad9da43a4a215e2f929cda05fb94d5b82

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 109 195 443
last-modified: Tue, 20 Sep 2022 11:35:16 GMT
server: nginx
etag: "c450e3d1cbe8a5a2"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 18150
expires: Wed, 20 Sep 2023 11:35:16 GMT

GET
H2 200 WOW-WOMEN-OF-WRESTLING.jpg
etcanada.com/wp-content/uploads/2022/09/ 24 KB
24 KB 33ms
24ms Image
image/jpeg 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://etcanada.com/wp-content/uploads/2022/09/WOW-WOMEN-OF-WRESTLING.jpg?quality=80&strip=all&w=387&h=258&crop=1

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b0024b0acfefbaf90b14bf0aeb647029bf731260e17f4d706e2523e8d3c5f1a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 109 30 443
x-optim-disabled: true
last-modified: Thu, 22 Sep 2022 18:18:54 GMT
server: nginx
etag: "43a883f821c1c5fc"
vary: Accept
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 24242
expires: Fri, 22 Sep 2023 18:18:54 GMT

GET
H2 200 global.png
etcanada.com/wp-content/themes/shaw-et-canada/img/logos/ 2 KB
2 KB 42ms
34ms Image
image/png 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://etcanada.com/wp-content/themes/shaw-et-canada/img/logos/global.png

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

73b0aac2fdb5067ac3d563423b019f966220acf1231d772344af51aa5fa7cac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 0 4 9980
last-modified: Tue, 21 Jun 2022 20:49:12 GMT
server: nginx
age: 5009363
etag: W/"62b22ec8-917"
strict-transport-security: max-age=86400
x-cache: hit
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 2350
expires: Sat, 23 Sep 2023 19:54:36 GMT

GET
H2 200 etcanada-blue.png
etcanada.com/wp-content/uploads/2019/08/ 3 KB
3 KB 32ms
25ms Image
image/webp 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://etcanada.com/wp-content/uploads/2019/08/etcanada-blue.png?w=82

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

bed23df262795e1d382d54587c93236f10a9063c12fef5af0bfc963833ece6b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 109 142 443
last-modified: Wed, 08 Dec 2021 16:57:59 GMT
server: nginx
etag: "6e8ee692bf8489fd"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 2860
expires: Thu, 08 Dec 2022 16:57:59 GMT

GET
H2 200 corus.png
etcanada.com/wp-content/themes/shaw-et-canada/img/logos/ 7 KB
7 KB 43ms
35ms Image
image/png 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://etcanada.com/wp-content/themes/shaw-et-canada/img/logos/corus.png

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

369fd56a37d468fb8b15761b228e76fcc1a6c3280cada8b30bac87a1aaf6e73b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 0 4 9980
last-modified: Tue, 21 Jun 2022 20:49:12 GMT
server: nginx
age: 5009363
etag: W/"62b22ec8-1bde"
strict-transport-security: max-age=86400
x-cache: hit
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 7157
expires: Sat, 23 Sep 2023 19:54:36 GMT

GET
H2 200 / Show response
etcanada.com/_static/ 170 KB
41 KB 11ms
10ms Script
application/javascript 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://etcanada.com/_static/??-eJydkkuOwzAIhi9UYk1bRbMZ9SzEdhsSx7gGN8rtJ1W76HKYDQLE9/MQbi3gOWvM6nSMSxQnI64QFTxmDOgmcYkGt46oQLk0/XC7hXI3ycH9VeXKLQdU4gxCupcFEv3ImgUlkZ/3XOUmMb3ClzVLhSs8SGhI0U33FuvWvUOTUlQPTSmJmRL2hMmMJcawcLVPKbpfaQMM/yC5blAq+yjC1cRjKfYVKc+gFf1M+WajHxT2X7uFYpvy2RX9cz0aKJFub/qy/Hz1/an/Ph+P5+kXuhUxWQ==

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

eaf33f7c65374bfc2292086bf03d1a9890ad09a93ecbc219ddc658b938ce32ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 0 4 9980
last-modified: Tue, 20 Sep 2022 14:30:24 GMT
server: nginx
age: 176028
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=86400
accept-ranges: bytes
content-encoding: gzip
content-length: 42011

GET
H2 200 e-202238.js Show response
stats.wp.com/ 9 KB
3 KB 56ms
6ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202238.js
Requested by: Host: etcanada.com
URL: https://etcanada.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nc: HIT hhn
date: Fri, 23 Sep 2022 19:54:36 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 21:05:18 GMT

GET
H2 200 vip-powered-dark-small.png
etcanada.com/wp-content/mu-plugins/vip-helpers/images/ 2 KB
2 KB 41ms
35ms Image
image/png 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://etcanada.com/wp-content/mu-plugins/vip-helpers/images/vip-powered-dark-small.png?ver=20220317

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b0b26fb8e1318f612e7bc978307f18fc79b93bc58e8b7311eed80de7b21e45ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 0 4 9980
last-modified: Tue, 05 Jul 2022 19:20:18 GMT
server: nginx
age: 5009363
etag: W/"62c48ef2-849"
strict-transport-security: max-age=86400
x-cache: hit
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 2144
expires: Sat, 23 Sep 2023 19:54:36 GMT

GET
H2 200 etc-pwa-style.css
etcanada.com/wp-content/themes/shaw-et-canada/css/pwa/ 233 B
313 B 41ms
36ms Stylesheet
text/css 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://etcanada.com/wp-content/themes/shaw-et-canada/css/pwa/etc-pwa-style.css

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

47f2b02bc33961711f258dcea3168389e150e6cfc343b8e6d5c54d1a577558eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 0 4 9980
last-modified: Tue, 06 Sep 2022 19:21:17 GMT
server: nginx
age: 600051
etag: "63179dad-e9"
strict-transport-security: max-age=86400
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 233
expires: Sat, 23 Sep 2023 19:54:36 GMT

GET
H2 200 wp-emoji-release.min.js Show response
etcanada.com/wp-includes/js/ 18 KB
5 KB 41ms
35ms Script
application/javascript 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://etcanada.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 0 4 9980
last-modified: Fri, 09 Sep 2022 13:12:25 GMT
server: nginx
age: 600051
etag: W/"631b3bb9-48b9"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=86400
accept-ranges: bytes
content-encoding: gzip
content-length: 5004
expires: Sat, 23 Sep 2023 19:54:36 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
28 KB 72ms
17ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: etcanada.com
URL: https://etcanada.com/_static/??-eJyNjTsOAjEMRC+ENwKkKA3iLCYx+Sjxhny0wOlxQUGFVhp5ppjnUVuFyDZPR10l0WNSe31tKZGX1A/qXwlK9A0H/ZbtyoN4qBGoCNIDbkADLDI6VDVPH7krizYQYMKnRLn7aNnHgu+V4Radi+whUK7U9u/LBxoW3L0Cui7MtVyOWp+NNkaf0gduLGRv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17fdd996df769da70eb60286e12df9efbb1497050818a8261b95e61f9cab9e91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27803
x-xss-protection: 0
server: sffe
etag: "1343 / 941 of 1000 / last-modified: 1663931308"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 23 Sep 2022 19:54:36 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 174 KB
44 KB 45ms
7ms Script
application/javascript 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: etcanada.com
URL: https://etcanada.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c984df63dad3bd35c63ab9828a0f780fbfae029b04695d7232c18379e4f976bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 23 Sep 2022 19:37:31 GMT
content-encoding: gzip
last-modified: Mon, 19 Sep 2022 17:55:34 GMT
server: AmazonS3
age: 1025
etag: W/"e90d372314a34f6c87345bb83c555480"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront), 1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P1, FRA56-C1
x-amz-cf-id: mIYJkP-T0lEiWtA9fMWNqhWf1ucLXm5jU5JBk-6kkkQ1v79jt6-JNw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 36ms
11ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 3156
date: Fri, 23 Sep 2022 19:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Fri, 23 Sep 2022 21:02:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 32ms
11ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dbed84e419f10fdf224a5737cf8946b447fe3f132ece8ce4fb8c9588f12a58cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: mgrSyFtCWwrzDmTz3/wT/w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: GD4lbACRAMeyG4BMZP8Y2wxGQvwMC1ce22+HjYcsZ4fA3Q60EpgJmMeF4Hks1TNnhAv6doDVUDLNwKJsVN/g/w==
x-fb-trip-id: 2050670934
x-fb-content-md5: b241c03a4dc6568e13f194d998ec40d5
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 23 Sep 2022 19:54:36 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "e32acd6e18b5705e0644f8af60a0ace1"
timing-allow-origin: *
expires: Fri, 23 Sep 2022 20:01:23 GMT

GET
H2 200 sequelsans-bookbody-webfont.woff2
etcanada.com/wp-content/themes/shaw-et-canada/fonts/sequel-sans/ 21 KB
21 KB 113ms
111ms Font
font/woff2 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://etcanada.com/wp-content/themes/shaw-et-canada/fonts/sequel-sans/sequelsans-bookbody-webfont.woff2

Requested by

Host: etcanada.com
URL: https://etcanada.com/_static/??-eJytkNEKwjAMRX/IGpyj+CJ+S6yRFrOuejPG/t5qP2AOfAkkOfdAQnNxYcwm2ciiDAJC5NmJucCZb0z3ugWlChFsUdkHYEersUqRpitBU3jU4WucINraVv8mct/gBh2X8iPdjoc8J1EHzmg/QBSxj+IynA/eH/2p77r+DZ5CenI=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9a47ad1e1cafef6d30dc46bfe1fc136eafcb79a0b8d79cd75de9f658ba468354

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://etcanada.com/_static/??-eJytkNEKwjAMRX/IGpyj+CJ+S6yRFrOuejPG/t5qP2AOfAkkOfdAQnNxYcwm2ciiDAJC5NmJucCZb0z3ugWlChFsUdkHYEersUqRpitBU3jU4WucINraVv8mct/gBh2X8iPdjoc8J1EHzmg/QBSxj+IynA/eH/2p77r+DZ5CenI=
Origin: https://etcanada.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
content-encoding: gzip
vary: X-Mobile-Class
age: 0
x-cache: miss
content-length: 21160
x-rq: hhn1 0 4 9980
last-modified: Tue, 20 Sep 2022 14:30:24 GMT
server: nginx
etag: W/"6329ce80-528c"
strict-transport-security: max-age=86400
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Sep 2023 19:54:36 GMT

GET
H2 200 icomoon.ttf
etcanada.com/wp-content/themes/shaw-et-canada/fonts/icon/fonts/ 8 KB
5 KB 114ms
112ms Font
application/octet-stream 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://etcanada.com/wp-content/themes/shaw-et-canada/fonts/icon/fonts/icomoon.ttf?zervyn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e9ad20a74c66287340e224da543e6998185a949b8a6b4a76707f855666871064

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://etcanada.com/_static/??-eJytkNEKwjAMRX/IGpyj+CJ+S6yRFrOuejPG/t5qP2AOfAkkOfdAQnNxYcwm2ciiDAJC5NmJucCZb0z3ugWlChFsUdkHYEersUqRpitBU3jU4WucINraVv8mct/gBh2X8iPdjoc8J1EHzmg/QBSxj+IynA/eH/2p77r+DZ5CenI=
Origin: https://etcanada.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
content-encoding: gzip
vary: X-Mobile-Class
age: 0
x-cache: miss
content-length: 4975
x-rq: hhn1 0 4 9980
last-modified: Tue, 20 Sep 2022 14:30:24 GMT
server: nginx
etag: W/"6329ce80-2074"
strict-transport-security: max-age=86400
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Sep 2023 19:54:36 GMT

GET
H2 200 sequelsans-boldbody-webfont.woff2
etcanada.com/wp-content/themes/shaw-et-canada/fonts/sequel-sans/ 21 KB
21 KB 120ms
109ms Font
font/woff2 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://etcanada.com/wp-content/themes/shaw-et-canada/fonts/sequel-sans/sequelsans-boldbody-webfont.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c9b24ed51e388a24a5297e7dddb82d49c19ce6f5a56b1afb4e8129c431ec584d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://etcanada.com/_static/??-eJytkNEKwjAMRX/IGpyj+CJ+S6yRFrOuejPG/t5qP2AOfAkkOfdAQnNxYcwm2ciiDAJC5NmJucCZb0z3ugWlChFsUdkHYEersUqRpitBU3jU4WucINraVv8mct/gBh2X8iPdjoc8J1EHzmg/QBSxj+IynA/eH/2p77r+DZ5CenI=
Origin: https://etcanada.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
content-encoding: gzip
vary: X-Mobile-Class
age: 0
x-cache: miss
x-rq: hhn1 0 4 9980
last-modified: Tue, 20 Sep 2022 14:30:24 GMT
server: nginx
etag: W/"6329ce80-54c0"
strict-transport-security: max-age=86400
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Sep 2023 19:54:36 GMT

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 31ms
30ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74f5d549dcb49c07-FRA
date: Fri, 23 Sep 2022 19:54:36 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 2020
etag: W/"2f96824aee4bf927e734cc519e3e726d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 26 Sep 2022 19:54:36 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
387 B 126ms
33ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=183422
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183422-67482236234351.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 311b028e2aff47d534219f3759996b9659435e052dd1df32486035302534f348

Request headers

Referer: https://etcanada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://etcanada.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sun, 23 Oct 2022 19:54:37 GMT

GET
H2 200 any Show response
idx.liadm.com/idex/ie/ 54 B
399 B 312ms
103ms XHR
application/json 34.239.63.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/ie/any

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183422-67482236234351.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.239.63.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-239-63-36.compute-1.amazonaws.com

Software

Resource Hash

cff2fddd0382a2f4113ce84ee9e019eb1e60da60f02cd1dbc968d93f9142e17c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://etcanada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
request-time: 2
vary: Origin
content-type: application/json
access-control-allow-origin: https://etcanada.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: e9c8d7663e01f37e
content-length: 54

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
357 B 43ms
18ms XHR
text/plain 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183422-67482236234351.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://etcanada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://etcanada.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44

GET
H2 200 evidon-sitenotice-tag.js Show response
c.evidon.com/sitenotice/ 70 KB
19 KB 125ms
13ms Script
application/x-javascript 104.103.77.186
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Requested by: Host: etcanada.com
URL: https://etcanada.com/_static/??-eJydkkuOwzAIhi9UYk1bRbMZ9SzEdhsSx7gGN8rtJ1W76HKYDQLE9/MQbi3gOWvM6nSMSxQnI64QFTxmDOgmcYkGt46oQLk0/XC7hXI3ycH9VeXKLQdU4gxCupcFEv3ImgUlkZ/3XOUmMb3ClzVLhSs8SGhI0U33FuvWvUOTUlQPTSmJmRL2hMmMJcawcLVPKbpfaQMM/yC5blAq+yjC1cRjKfYVKc+gFf1M+WajHxT2X7uFYpvy2RX9cz0aKJFub/qy/Hz1/an/Ph+P5+kXuhUxWQ==
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.103.77.186 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-103-77-186.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 933ed0cc126688a85f623a58cc7775a2f64aff7febf156c82b8f6ef8f5296115

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
content-encoding: gzip
last-modified: Tue, 13 Sep 2022 19:10:22 GMT
server: AkamaiNetStorage
etag: "c98284a022465a26f840b59d150aabea:1663096222.132346"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 18709
expires: Sun, 25 Sep 2022 19:54:36 GMT

GET
H2 200 country.js Show response
c.evidon.com/geo/ 252 B
473 B 137ms
24ms Script
application/x-javascript 104.103.77.186
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/geo/country.js
Requested by: Host: etcanada.com
URL: https://etcanada.com/_static/??-eJydkkuOwzAIhi9UYk1bRbMZ9SzEdhsSx7gGN8rtJ1W76HKYDQLE9/MQbi3gOWvM6nSMSxQnI64QFTxmDOgmcYkGt46oQLk0/XC7hXI3ycH9VeXKLQdU4gxCupcFEv3ImgUlkZ/3XOUmMb3ClzVLhSs8SGhI0U33FuvWvUOTUlQPTSmJmRL2hMmMJcawcLVPKbpfaQMM/yC5blAq+yjC1cRjKfYVKc+gFf1M+WajHxT2X7uFYpvy2RX9cz0aKJFub/qy/Hz1/an/Ph+P5+kXuhUxWQ==
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.103.77.186 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-103-77-186.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: fd6321a73fa53c24f5ac39432a3eaf12305d410b415349e19278548b8a4deb75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62: 8096267
date: Fri, 23 Sep 2022 19:54:36 GMT
content-encoding: gzip
last-modified: Fri, 13 Mar 2020 23:46:45 GMT
server: AkamaiNetStorage
etag: "61397050076da6e6062ac7b53a8ef498:1584143205.714402"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 174

GET
H2 200 snthemes.js Show response
c.evidon.com/sitenotice/6153/ 30 KB
3 KB 137ms
25ms Script
application/x-javascript 104.103.77.186
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/6153/snthemes.js
Requested by: Host: etcanada.com
URL: https://etcanada.com/_static/??-eJydkkuOwzAIhi9UYk1bRbMZ9SzEdhsSx7gGN8rtJ1W76HKYDQLE9/MQbi3gOWvM6nSMSxQnI64QFTxmDOgmcYkGt46oQLk0/XC7hXI3ycH9VeXKLQdU4gxCupcFEv3ImgUlkZ/3XOUmMb3ClzVLhSs8SGhI0U33FuvWvUOTUlQPTSmJmRL2hMmMJcawcLVPKbpfaQMM/yC5blAq+yjC1cRjKfYVKc+gFf1M+WajHxT2X7uFYpvy2RX9cz0aKJFub/qy/Hz1/an/Ph+P5+kXuhUxWQ==
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.103.77.186 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-103-77-186.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2f6930cc1b7008a03f228043ccafff29ca90b027e2fa1b70d42c5f55cc34daf7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62: 8096267
date: Fri, 23 Sep 2022 19:54:36 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
content-length: 2716
last-modified: Fri, 02 Aug 2019 18:55:13 GMT
server: AkamaiNetStorage
etag: "f7ed93ac49ea4c553767b9dd933ce089:1564772113"
access-control-max-age: 108000
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
expires: Sun, 25 Sep 2022 19:54:36 GMT

GET
H2

200

settingsV2.js Show response
c.evidon.com/sitenotice/6153/etcanada/
Redirect Chain

https://c.evidon.com/sitenotice/6153/etcanada/settings.js
https://c.evidon.com/sitenotice/6153/etcanada/settingsV2.js

15 KB
4 KB

13ms
13ms

Script
application/x-javascript

104.103.77.186
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/6153/etcanada/settingsV2.js
Requested by: Host: etcanada.com
URL: https://etcanada.com/
Protocol: H2
Server: 104.103.77.186 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-103-77-186.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e275cb3cc28faac28cf971c5ad647113e8ee048be7c833c46c2f16e15fe7b0db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
content-encoding: gzip
last-modified: Mon, 19 Sep 2022 15:05:46 GMT
server: AkamaiNetStorage
etag: "4064e6014d15b313dff0584bb691efd6:1663599945.983909"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 3750
expires: Sun, 25 Sep 2022 19:54:36 GMT

Redirect headers

date: Fri, 23 Sep 2022 19:54:36 GMT
server: AkamaiGHost
location: https://c.evidon.com/sitenotice/6153/etcanada/settingsV2.js
vary: Origin
access-control-allow-methods: GET,OPTIONS,POST
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=432000, private;max-age=86400
access-control-allow-headers: *
content-length: 0

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 313 KB
85 KB 18ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=98c968b11e0952a58e76bba54fb55be1

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2106e0c866ffc014582e728122e802d61a45fe3a5460e4d69dc09c7e584862ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://etcanada.com/
Origin: https://etcanada.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: //mudvNxZeOIQXRmwe0sSA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 87335
x-fb-rlafr: 0
x-fb-debug: 6aRXwaDDfpfZ6CtbBaxB5F/tNygqy8dhFIiEBNZkeaR5yxQfXIM/GZ7c+5yB9OwPiMjhxeEpjYH7j6O7T0uUyg==
x-fb-content-md5: 7e185c1c6f164290a7251721158f7d2c
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 23 Sep 2022 19:54:36 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "2cf2c7a2d7cd9bb2f39c6a9bdb46b258"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 23 Sep 2023 18:54:13 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 31ms
14ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=999858155&t=pageview&_s=1&dl=https%3A%2F%2Fetcanada.com%2F&ul=en-us&de=UTF-8&dt=ET%20Canada%20%7C%20ETCanada.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=712279850&gjid=140211507&cid=1313731380.1663962877&tid=UA-43818396-1&_gid=6008110.1663962877&_r=1&_slc=1&z=72259161

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://etcanada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://etcanada.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
306 B 9ms
8ms XHR
text/plain 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3311&u=https%3A%2F%2Fetcanada.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-118.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:06 GMT
via: 1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
server: Server
age: 810
x-cache: Hit from cloudfront
access-control-allow-origin: https://etcanada.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: JPHJobuizJOCgUi4zVoPRllQDr7zb8BHkbTzzhcm6jntAtbOoGFHxw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 24ms
8ms XHR
application/javascript 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: I95TjGhhrR3O7F99m0mjPLrSrnJRj9o4
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 36033
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Mon, 19 Sep 2022 09:37:07 GMT
server: AmazonS3
date: Fri, 23 Sep 2022 09:54:04 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: PdrIb5WO4zA3XA1QMR-2npOr5_9-QIMk4sEz3UUA0IbD1Xkwsm3Ekg==

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 364 B
1 KB 174ms
34ms XHR
application/json 52.30.136.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.5.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=E4B957EB548F15C10A4C98A5%40AdobeOrg&d_nsid=0&ts=1663962876569

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN6bb9ef052fe24388b9d1ae37a0dd4e00.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.136.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-136-248.eu-west-1.compute.amazonaws.com

Software

Resource Hash

5638bb477fecafaa355c72be317c8aa2312c1b36a5763320808dfdf6d1307049

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://etcanada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v042-08b3351bb.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: hFvv3lTOQJw=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://etcanada.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 310
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP5e9ec493dfa0465eaa797b523b09d3f7/ 36 KB
13 KB 16ms
16ms Script
application/x-javascript 2a02:26f0:10e:2b7::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP5e9ec493dfa0465eaa797b523b09d3f7/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN6bb9ef052fe24388b9d1ae37a0dd4e00.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10e:2b7::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 7c9cecd10e7ebe0bd54d4c544d872270d4148922ee896d2ad404dc791ad0ef3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62: 8096267
date: Fri, 23 Sep 2022 19:54:36 GMT
content-encoding: gzip
last-modified: Wed, 13 Nov 2019 18:34:43 GMT
server: AkamaiNetStorage
etag: "d6e076e7d6ae0d567c0f611bee8f9855:1573670083.361234"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://etcanada.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 13335
expires: Fri, 23 Sep 2022 20:54:36 GMT

GET
H2 200 pxid Show response
f7e98148-cb09-4cf1-9b9f-b5aee3465d6e.prmutv.co/v2.0/ 46 B
391 B 62ms
18ms XHR
application/json 35.241.9.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://f7e98148-cb09-4cf1-9b9f-b5aee3465d6e.prmutv.co/v2.0/pxid?k=2e14a473-6c86-4a13-b06d-59143665c372
Requested by: Host: f7e98148-cb09-4cf1-9b9f-b5aee3465d6e.edge.permutive.app
URL: https://f7e98148-cb09-4cf1-9b9f-b5aee3465d6e.edge.permutive.app/f7e98148-cb09-4cf1-9b9f-b5aee3465d6e-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.9.241.35.bc.googleusercontent.com
Software: Permutive /
Resource Hash: d0df6145ba9d154e7c7e68b8a3f40a9f9b00c75db70049a07c3beb96f0a6fed4

Request headers

Referer: https://etcanada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://etcanada.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66
via: 1.1 google

GET
H/1.1 200
OK getuidj Show response
ib.adnxs.com/ 11 B
692 B 43ms
22ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: f7e98148-cb09-4cf1-9b9f-b5aee3465d6e.edge.permutive.app
URL: https://f7e98148-cb09-4cf1-9b9f-b5aee3465d6e.edge.permutive.app/f7e98148-cb09-4cf1-9b9f-b5aee3465d6e-web.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://etcanada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 19:54:36 GMT
X-Proxy-Origin: 81.95.5.41; 81.95.5.41; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: bcd3227d-0d8d-4440-b04f-75a39dbdad95
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://etcanada.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 f7e98148-cb09-4cf1-9b9f-b5aee3465d6e-models.bin Show response
cdn.permutive.com/models/v2/ 7 KB
5 KB 81ms
28ms XHR
application/x-binary 104.19.150.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/models/v2/f7e98148-cb09-4cf1-9b9f-b5aee3465d6e-models.bin
Requested by: Host: f7e98148-cb09-4cf1-9b9f-b5aee3465d6e.edge.permutive.app
URL: https://f7e98148-cb09-4cf1-9b9f-b5aee3465d6e.edge.permutive.app/f7e98148-cb09-4cf1-9b9f-b5aee3465d6e-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68d6d9a48b945fe4334e8058c3f819080f04c6d5f08a1f921d368bbd1cf53fa0

Request headers

Referer: https://etcanada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
content-encoding: gzip
cf-cache-status: HIT
x-goog-meta-oid: f7e98148-cb09-4cf1-9b9f-b5aee3465d6e
age: 1720
x-guploader-uploadid: ADPycdsEPl2OBcn9Tgwhaptmhqc_-leRCkm4zIqZfZ36fsPgwNPB5XyQLxsSX-gC2-raKBZRUGtCSWzMOFW4e3P8rleW2QVnf0KS
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/x-binary
content-length: 4769
last-modified: Fri, 23 Sep 2022 06:02:56 GMT
server: cloudflare
etag: "624a2698f79600f85789dc6bfad1ef51"
vary: Accept-Encoding
x-goog-hash: crc32c=ToqHGA==, md5=YkommPeWAPhXidxr+tHvUQ==
x-goog-generation: 1663912976831191
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=900, no-transform
x-goog-stored-content-length: 4769
accept-ranges: bytes
cf-ray: 74f5d54b08b19112-FRA
expires: Fri, 23 Sep 2022 19:25:56 GMT

GET
H2 200 geoip Show response
api.permutive.com/v2.0/ 252 B
378 B 73ms
19ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=2e14a473-6c86-4a13-b06d-59143665c372
Requested by: Host: f7e98148-cb09-4cf1-9b9f-b5aee3465d6e.edge.permutive.app
URL: https://f7e98148-cb09-4cf1-9b9f-b5aee3465d6e.edge.permutive.app/f7e98148-cb09-4cf1-9b9f-b5aee3465d6e-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: b6d0af9909bff7a99572397d4ae9e2cdcd9aa7922a65d0bcf649d59523869483

Request headers

Referer: https://etcanada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://etcanada.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 186
via: 1.1 google

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 21ms
7ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A11.3.1&blog=177646860&post=0&tz=-4&srv=etcanada.com&hp=vip&host=etcanada.com&ref=&fcp=947&rand=0.5659149061193429
Requested by: Host: etcanada.com
URL: https://etcanada.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 23 Sep 2022 19:54:36 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 RCed01fa3e410944b3b108df3496294ffe-source.min.js Show response
assets.adobedtm.com/b75837a7c3df/949e0af4ca12/f1d44c635ff1/ 882 B
769 B 16ms
16ms Script
application/x-javascript 2a02:26f0:10e:2b7::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/b75837a7c3df/949e0af4ca12/f1d44c635ff1/RCed01fa3e410944b3b108df3496294ffe-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN6bb9ef052fe24388b9d1ae37a0dd4e00.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10e:2b7::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 8efa026f45883128f040cdc142c8e88a2146d641b5d2a442689898619a87a767

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62: 8096267
date: Fri, 23 Sep 2022 19:54:36 GMT
content-encoding: gzip
last-modified: Mon, 22 Nov 2021 15:49:48 GMT
server: AkamaiNetStorage
etag: "612ec225ee26f603e30639e8284f0b14:1637596188.074726"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://etcanada.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 493
expires: Fri, 23 Sep 2022 20:54:36 GMT

GET
BLOB 200
OK cb771560-f07c-4054-aa8e-4d18fb12a0cd
https://etcanada.com/ 114 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://etcanada.com/cb771560-f07c-4054-aa8e-4d18fb12a0cd
Requested by: Host: etcanada.com
URL: https://etcanada.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6c8223e6e7bf7d472b5d0c2f4a2b9180ac8c46ab120815aa2803a3cf0148048

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 117155

GET
BLOB 200
OK 46943a1a-adc8-41f2-a7f3-2f691234108b
https://etcanada.com/ 20 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://etcanada.com/46943a1a-adc8-41f2-a7f3-2f691234108b
Requested by: Host: etcanada.com
URL: https://etcanada.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06539d6e5d43f62d02567af20d3e37d330af694a3a390ba75276ee8d72ae417b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 20393

GET
H2 200 pubads_impl_2022092001.js Show response
securepubads.g.doubleclick.net/gpt/ 378 KB
129 KB 60ms
9ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

47395347833919b1b83bb90b7487da0d9213502fb8f18af28230b9c4a199affa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 10:56:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 291499
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131075
x-xss-protection: 0
last-modified: Tue, 20 Sep 2022 08:35:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 20 Sep 2023 10:56:17 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 127 B
731 B 66ms
17ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=etcanada.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

0b3edf25f02d7223aad2def311ac3250b6491152355e396fd00fff744b08766b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Sep 2022 19:54:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95
x-xss-protection: 0
expires: Fri, 23 Sep 2022 19:54:36 GMT

GET
H2 200 ajax-loader.gif
etcanada.com/wp-content/themes/shaw-et-canada/css/lib/slick-carousel/slick/ 4 KB
3 KB 8ms
8ms Image
image/gif 192.0.66.80
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://etcanada.com/wp-content/themes/shaw-et-canada/css/lib/slick-carousel/slick/ajax-loader.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/_static/??-eJytkNEKwjAMRX/IGpyj+CJ+S6yRFrOuejPG/t5qP2AOfAkkOfdAQnNxYcwm2ciiDAJC5NmJucCZb0z3ugWlChFsUdkHYEersUqRpitBU3jU4WucINraVv8mct/gBh2X8iPdjoc8J1EHzmg/QBSxj+IynA/eH/2p77r+DZ5CenI=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
x-rq: hhn1 0 4 9980
last-modified: Tue, 21 Jun 2022 20:49:12 GMT
server: nginx
age: 5008928
etag: W/"62b22ec8-1052"
strict-transport-security: max-age=86400
x-cache: hit
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 3325
expires: Sat, 23 Sep 2023 19:54:36 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/f03e98ed-27f4-45d1-9642-8fdfd9a63005/ 5 KB
2 KB 75ms
60ms Script
text/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/f03e98ed-27f4-45d1-9642-8fdfd9a63005/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

900b5f638586f64742c68865f427efb3768914f96cfe0c35f67699f258612b76

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-permitted-cross-domain-policies: none
status: 200 OK
x-envoy-upstream-service-time: 30
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 48db290e-8f4a-44db-ac6f-5526b5f6a8c7
x-runtime: 0.028659
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"900b5f638586f64742c68865f427efb3"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 74f5d54b3f7d9c07-FRA
access-control-allow-headers: SDK-Version
expires: Fri, 23 Sep 2022 20:54:36 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 317ms
101ms Image
image/gif 34.200.39.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=etcanada.com&p=%2F&u=BS3WjuCjzaolCEtoaW&d=etcanada.com&g=56730&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=5539&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1281&t=DRNMVWDdJ6ryHqz9a_jEy6DAqHk&V=136&i=ET%20Canada%20%7C%20ETCanada.com&tz=0&sn=1&sv=mrkxXB79Gt6lhduBcPl5cB4ePfe&sd=1&im=06030c03&_
Requested by: Host: etcanada.com
URL: https://etcanada.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.39.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-39-142.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:36 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

POST
H3 200 identify Show response
api.permutive.com/v2.0/ 50 B
88 B 42ms
25ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=2e14a473-6c86-4a13-b06d-59143665c372
Requested by: Host: f7e98148-cb09-4cf1-9b9f-b5aee3465d6e.edge.permutive.app
URL: https://f7e98148-cb09-4cf1-9b9f-b5aee3465d6e.edge.permutive.app/f7e98148-cb09-4cf1-9b9f-b5aee3465d6e-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e122abd3c84949dd4d98049ef884aa92f02da643fdc215dc74c55b149a5b625c

Request headers

Referer: https://etcanada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://etcanada.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70
via: 1.1 google

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 86ms
13ms Script
application/javascript 18.64.79.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: etcanada.com
URL: https://etcanada.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-112.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 05:38:47 GMT
content-encoding: gzip
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
age: 51350
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 168ddbb82d6c89c84a1a7963d1d3db88.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: TXL50-P2
x-amz-cf-id: I4seBIfy95So3NQwQkwt_iDGADGIAFSysWq518twEYPyXCxCzEKsEQ==

GET
H2 200 en.js Show response
c.evidon.com/sitenotice/6153/translations/ 25 KB
5 KB 14ms
13ms Script
application/x-javascript 104.103.77.186
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/6153/translations/en.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.103.77.186 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-103-77-186.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 122745f1c40b846e4d5f9596795e43086df269126d7fc01efbeec5c8775be0ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62: 8096267
date: Fri, 23 Sep 2022 19:54:36 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
content-length: 4289
last-modified: Thu, 05 Sep 2019 20:09:24 GMT
server: AkamaiNetStorage
etag: "a8ca47a06b5f347af0f61178deb9b03f:1567714164"
access-control-max-age: 108000
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
expires: Sun, 25 Sep 2022 19:54:36 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 752 B
1 KB 39ms
35ms XHR
application/json 52.30.136.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.5.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=5F34123F5245B4A70A490D45%40AdobeOrg&d_nsid=0&ts=1663962876739

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN6bb9ef052fe24388b9d1ae37a0dd4e00.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.136.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-136-248.eu-west-1.compute.amazonaws.com

Software

Resource Hash

31fdd1a7515da5a01598daa68b19ae1e94b326d2eb2e6782edb808c32d346cf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://etcanada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v042-0c1e247cf.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: GBgENTU5RLQ=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://etcanada.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 481
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 evidon-banner.js Show response
c.evidon.com/sitenotice/ 12 KB
4 KB 18ms
17ms Script
application/x-javascript 104.103.77.186
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/evidon-banner.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.103.77.186 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-103-77-186.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: dc1745a57c602d22b101b6c26872cba914859389bc1652c68b29107a6577f410

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
content-encoding: gzip
last-modified: Tue, 13 Sep 2022 19:10:22 GMT
server: AkamaiNetStorage
etag: "1cedd6f3979b8baa5658a7cd526300b2:1663096222.778822"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 3531
expires: Sun, 25 Sep 2022 19:54:36 GMT

GET
H2 204 2
l.evidon.com/site/v3/6153/15261/3/1/2/ 0
121 B 400ms
96ms Image
text/plain 34.205.216.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.evidon.com/site/v3/6153/15261/3/1/2/2?consent=0&regulationid=0&regulationconsenttypeid=1
Requested by: Host: etcanada.com
URL: https://etcanada.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.216.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-216-121.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:37 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 64 B
501 B 134ms
75ms XHR
text/javascript 13.32.10.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3311&u=https%3A%2F%2Fetcanada.com%2F&pid=94mbmGtaGNtbL&cb=0&ws=1600x1200&v=22.9.171830&t=1200&slots=%5B%7B%22sd%22%3A%22etc-gpt-lb1%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F6872%2Fshaw.etcanada.com%2Fetc-gpt-lb1%22%7D%2C%7B%22sd%22%3A%22etc-gpt-bb1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F6872%2Fshaw.etcanada.com%2Fetc-gpt-bb1%22%7D%2C%7B%22sd%22%3A%22etc-gpt-bb2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F6872%2Fshaw.etcanada.com%2Fetc-gpt-bb2%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.10.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-10-16.vie50.r.cloudfront.net

Software

Server /

Resource Hash

d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
via: 1.1 1a276be771f01064831eea4851319c28.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-C2
x-amz-rid: W94W0YTG2SPMFJZQJDE8
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://etcanada.com
access-control-allow-credentials: true
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 64
x-amz-cf-id: OpOwabtDW3jvAnQCeGqOLGlR5hZqc8qgTf_TVzTlIWojOJeixQQOaA==

GET
H/1.1 200
OK dest5.html Show response
corus.demdex.net/ Frame 4B70 7 KB
3 KB 190ms
30ms Document
text/html 52.30.136.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://corus.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN6bb9ef052fe24388b9d1ae37a0dd4e00.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.136.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-136-248.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://etcanada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-2-v042-064dc637c.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: YLY/TibRTkg=
content-encoding: gzip
date: Fri, 23 Sep 2022 19:54:36 GMT
last-modified: Thu, 22 Sep 2022 11:35:25 GMT
vary: accept-encoding

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Yy4O-QAAAIKzBwMx
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=42126211022196094112908741473233673234
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yy4O-QAAAIKzBwMx

42 B
942 B

35ms
35ms

Image
image/gif

52.30.136.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yy4O-QAAAIKzBwMx

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

HTTP/1.1

Server

52.30.136.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-136-248.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v042-0302a3956.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: +K2HVe/ST/U=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yy4O-QAAAIKzBwMx
Date: Fri, 23 Sep 2022 19:54:37 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1 200
OK dest5.html Show response
shaw.demdex.net/ Frame 00C0 7 KB
3 KB 130ms
28ms Document
text/html 52.49.126.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://shaw.demdex.net/dest5.html?d_nsid=undefined

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN6bb9ef052fe24388b9d1ae37a0dd4e00.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.49.126.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-126-217.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://etcanada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-1-v042-0aeed1808.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: YdN8zBjOQHs=
content-encoding: gzip
date: Fri, 23 Sep 2022 19:54:36 GMT
last-modified: Thu, 22 Sep 2022 11:17:11 GMT
vary: accept-encoding

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Yy4O-QAAAD3flAOV
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=17711204706920210360873050624611148191
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yy4O-QAAAD3flAOV

42 B
942 B

30ms
30ms

Image
image/gif

52.30.136.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yy4O-QAAAD3flAOV

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

HTTP/1.1

Server

52.30.136.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-136-248.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v042-0b550ec94.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: u7xJpKBDQGY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yy4O-QAAAD3flAOV
Date: Fri, 23 Sep 2022 19:54:37 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 204 47283
l.evidon.com/site/v3/6153/15261/3/1/2/2/ 0
120 B 330ms
98ms Image
text/plain 34.205.216.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.evidon.com/site/v3/6153/15261/3/1/2/2/47283?consent=0&regulationid=0&regulationconsenttypeid=1
Requested by: Host: etcanada.com
URL: https://etcanada.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.216.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-216-121.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:37 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H2 204 47283
l.evidon.com/site/v3/6153/15261/3/4/2/2/ 0
120 B 323ms
97ms Image
text/plain 34.205.216.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.evidon.com/site/v3/6153/15261/3/4/2/2/47283?consent=0&regulationid=0&regulationconsenttypeid=1
Requested by: Host: etcanada.com
URL: https://etcanada.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.216.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-216-121.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:37 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H2 204 b
sb.scorecardresearch.com/ 0
190 B 26ms
26ms Image
text/plain 18.64.79.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=3005670&cs_it=b3&cv=3.8.0.210223&ns__t=1663962876837&ns_c=UTF-8&c7=https%3A%2F%2Fetcanada.com%2F&c8=ET%20Canada%20%7C%20ETCanada.com&c9=
Requested by: Host: etcanada.com
URL: https://etcanada.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-112.txl50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:36 GMT
via: 1.1 168ddbb82d6c89c84a1a7963d1d3db88.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P2
x-amz-cf-id: y7FowyKuhQSIrHYQERMvuk-5lkJLA_9gm7QzPaahwL5Gg8o6tCi0_w==
x-cache: Miss from cloudfront

GET
H2 200 s06965508758834
smetrics.etcanada.com/b/ss/corus-tv-etcanada/1/JS-2.17.0-LBWB/ 43 B
373 B 93ms
19ms Image
image/gif 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.etcanada.com/b/ss/corus-tv-etcanada/1/JS-2.17.0-LBWB/s06965508758834?AQB=1&ndh=1&pf=1&t=23%2F8%2F2022%2019%3A54%3A36%205%200&mid=42145966096500786482906670238438615785&aamlh=6&ce=UTF-8&g=https%3A%2F%2Fetcanada.com%2F&c.&content.&contenttitle=ET%20Canada%20%7C%20ETCanada.com&dayofweek=friday&hourofday=15&pagename=home&server=www.etcanada.com&sitename=etcanada&sitesection=home&sitesubsection=home&sitesubsection2=home&sitesubsection3=home&sitesubsection4=home&weekdayweekend=weekday&.content&.c&cc=CAD&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=VisitorAPI%20Present&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=E4B957EB548F15C10A4C98A5%40AdobeOrg&AQE=1

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:36 GMT
x-content-type-options: nosniff
last-modified: Sat, 24 Sep 2022 19:54:36 GMT
server: jag
etag: 3573333069136953344-4619614194066117707
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 22 Sep 2022 19:54:36 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 0
673 B 26ms
8ms XHR
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=17580475&size=300x250&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=c2em891c&psa=0&referrer=https%3A%2F%2Fetcanada.com%2F

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183422-67482236234351.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://etcanada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 19:54:36 GMT
X-Proxy-Origin: 81.95.5.41; 81.95.5.41; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: bdb8d095-685d-4a21-b92d-d970cddc288f
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://etcanada.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 0
673 B 30ms
12ms XHR
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=17580473&size=300x250&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=PrUIqyUy&psa=0&promo_sizes=300x600&referrer=https%3A%2F%2Fetcanada.com%2F

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183422-67482236234351.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://etcanada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 19:54:36 GMT
X-Proxy-Origin: 81.95.5.41; 81.95.5.41; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: b13dcc26-9907-4dbc-8c5d-423ff36f2c53
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://etcanada.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 0
673 B 25ms
7ms XHR
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=17580474&size=728x90&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=vPdyGZGW&psa=0&referrer=https%3A%2F%2Fetcanada.com%2F

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183422-67482236234351.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://etcanada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 19:54:36 GMT
X-Proxy-Origin: 81.95.5.41; 81.95.5.41; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 6debb28e-ae85-4e00-860f-e45a6cc55854
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://etcanada.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST v1
dmx.districtm.io/b/ 0
0

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 132ms
87ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9695ec01767642314c43e533650023&pos=d_3_300x250_etc_gpt_bb2&secure=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183422-67482236234351.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: c7c1101a9361f5bcd81dc291ad33d56f6f72ac721f18e66f893fd16fd43016de

Request headers

Referer: https://etcanada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 23 Sep 2022 19:54:37 GMT
server: ATS/9.1.10.25
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://etcanada.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
290 B 128ms
83ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9695ec01767642314c43e533650023&pos=d_1_300x250_etc_gpt_bb1&secure=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183422-67482236234351.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 39276e70b97067d34c673b84062bc1e5383669ed509e28d5bca4bc140224547e

Request headers

Referer: https://etcanada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 23 Sep 2022 19:54:37 GMT
server: ATS/9.1.10.25
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://etcanada.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 137ms
92ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9695ec01767642314c43e533650023&pos=d_1_300x600_etc_gpt_bb1&secure=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183422-67482236234351.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: f1f629112c077b1ba53c631699bd5ac3e58305f95e76360e57d09ecd8403eb3c

Request headers

Referer: https://etcanada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 23 Sep 2022 19:54:37 GMT
server: ATS/9.1.10.25
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://etcanada.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 134ms
89ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9695ec01767642314c43e533650023&pos=d_2_728x90_etc_gpt_lb1&secure=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183422-67482236234351.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 36d8512665ca7bce004af3d0f05f41e70c6255fc2f9f669eea3fbb7b14f04278

Request headers

Referer: https://etcanada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 23 Sep 2022 19:54:37 GMT
server: ATS/9.1.10.25
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://etcanada.com
access-control-allow-credentials: true
content-length: 62

POST
H2 200 cygnus Show response
htlb.casalemedia.com/ 30 B
556 B 82ms
53ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=235874
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183422-67482236234351.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 129e4d8a61f9c50e3eb929c4fa2560140cd9f89b1e5a928a3de8c1e1764c8b4f

Request headers

Referer: https://etcanada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GPfO8ml931Nflb6YJknhAPiI2ef%2BRih3njoW3FTb%2F3ux68Jy0sRiYjujvpZubUcbNotIO%2BCDKjnXbGbSz9M2A2x3kyQCIRNDXUHGmKkZmmtV5hoOlYhh7ctcAlxH8t%2FvXRTZ37oO"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://etcanada.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 74f5d54cfdcc9a3b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30
expires: 0

GET
H2

200

pixel.gif
load77.exelator.com/ Frame 00C0
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=17711204706920210360873050624611148191
https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=17711204706920210360873050624611148191&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
333 B

72ms
7ms

Image
image/gif

2a02:6ea0:c700::22
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: etcanada.com
URL: https://etcanada.com/
Protocol: H2
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shaw.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-77-nzt: AdRmOLTwkMP/j80OAA
x-accel-expires: @1664029550
date: Fri, 23 Sep 2022 19:54:37 GMT
etag: "59f0c3fc-2b"
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
x-77-nzt-ray: K+kk18dUTxo
x-77-cache: HIT
content-type: image/gif
access-control-allow-origin: *
x-cache: HIT
x-age: 970127
accept-ranges: bytes
x-77-pop: frankfurtDE
content-length: 43

Redirect headers

date: Fri, 23 Sep 2022 19:54:37 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEOvEmBKCwRuC4a2G-RomtVE&google_cver=1
dpm.demdex.net/ Frame 00C0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MTc3MTEyMDQ3MDY5MjAyMTAzNjA4NzMwNTA2MjQ2MTExNDgxOTE=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MTc3MTEyMDQ3MDY5MjAyMTAzNjA4NzMwNTA2MjQ2MTExNDgxOTE=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEOvEmBKCwRuC4a2G-RomtVE&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

33ms
33ms

Image
image/gif

52.30.136.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEOvEmBKCwRuC4a2G-RomtVE&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

HTTP/1.1

Server

52.30.136.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-136-248.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shaw.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v042-01114ae75.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: R7upwO8lQXU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:37 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEOvEmBKCwRuC4a2G-RomtVE&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 122ms
43ms Script
application/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=etcanada.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Sep 2022 19:54:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 66ms
26ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=etcanada.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Sep 2022 19:54:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 152 KB
45 KB 757ms
741ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3009862448700575&correlator=3208672767949126&eid=31067825&output=ldjh&gdfp_req=1&vrg=2022092001&ptt=17&impl=fifs&iu_parts=6872%2Cshaw.etcanada.com&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=728x90%2C300x250%7C300x600%2C300x250%2C340x100%2C340x100%2C340x100%2C2x2%2C1x1&ifi=1&adks=2622883265%2C1859399495%2C1920415906%2C1064686700%2C1064686691%2C1064686690%2C3231595187%2C4017519241&sfv=1-0-38&ists=1&fsapi=false&prev_scp=pos%3D1%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26amznbid%3D2%26amznp%3D2%7Cpos%3D2%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%7Cpos%3D2%7Cpos%3D3%7Cpos%3D1%26strnativekey%3DfHgQwEEsWTdxL4Lz7YshCqs8%7Cpos%3D1&eri=1&cust_params=site%3Detcanada%26network%3Dshaw%26page%3Dhomepage%26amznbid%3D0%26amznp%3D0%26permutive%3D55952%252C87937%252Crts&sc=1&cookie_enabled=1&abxe=1&dt=1663962877164&lmt=1663962877&dlt=1663962875669&idt=1104&adxs=436%2C1090%2C465%2C1070%2C1070%2C1070%2C190%2C0&adys=15%2C300%2C2345%2C611%2C611%2C611%2C2290%2C5033&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C0%7C0%7C0%7C2%7C3&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fetcanada.com%2F&frm=20&vis=1&psz=1600x-1%7C340x301%7C850x301%7C340x0%7C340x0%7C340x0%7C850x0%7C1600x5539&msz=728x-1%7C300x281%7C300x281%7C340x0%7C340x0%7C340x0%7C2x0%7C1600x0&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C0&ohw=1600%2C340%2C850%2C1220%2C1220%2C1220%2C1220%2C0&ga_vid=1313731380.1663962877&ga_sid=1663962877&ga_hid=999858155&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

bb515805738b590056d42e65fa6034da715cc11b9e214f1d502fc95002993e58

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIj83uHYq_oCFXSZ_QcdXDQA-w&gqi=&layout=/sadbundle/%24csp%253Der3%24/1838989884782542848/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIj83uHYq_oCFXSZ_QcdXDQA-w&gqi=&layout=/sadbundle/%24csp%253Der3%24/1838989884782542848/index.html
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2
google-creative-id: -1,-1,-1,-2,-2,-2,119893969751,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45601
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-2,-2,-2,1460439791,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
date: Fri, 23 Sep 2022 19:54:37 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://etcanada.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2277 6 KB
4 KB 180ms
55ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://etcanada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 19:54:37 GMT
expires: Sat, 23 Sep 2023 19:54:37 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 headerstats Show response
as-sec.casalemedia.com/ 0
502 B 59ms
31ms XHR
text/plain 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=235874&u=https%3A%2F%2Fetcanada.com%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183422-67482236234351.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://etcanada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XY8gN%2FnCrV4hkje0TdmgxnW95ZzbFwk9SJyQ4CZfJxwKT%2FQ%2Bkxt2mBVdsZ66tPEAPfHVtBKEilnvj05BgNXO6wdIwqrsNG0NsLdWRW1WayKPfE8F2TS%2BcxC6%2BliioCdGPKOIzrkhOYA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://etcanada.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 74f5d54e8c239b9b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 nr-1216.min.js Show response
js-agent.newrelic.com/ 38 KB
14 KB 48ms
7ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1216.min.js
Requested by: Host: etcanada.com
URL: https://etcanada.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding: gzip
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-request-id: PT1X3XEF2KF64GRE
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14391
x-amz-id-2: rWr2JWGo0/hJJpCkOl46Jludz4/khIecVhbiRQQ0qpVwJVN5XkS3fA4iIlbnsr7DzvXsY648nRw=
x-served-by: cache-hhn4035-HHN
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1663962877.440517,VS0,VE0
date: Fri, 23 Sep 2022 19:54:37 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3993

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 134ms
57ms XHR
application/json 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad4a95c5307273e426dec587c16aee416ac0f630a2108112619ba7f2fd9f3c34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Sep 2022 19:54:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11184
x-xss-protection: 0

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 301 B
181 B 52ms
23ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=2e14a473-6c86-4a13-b06d-59143665c372
Requested by: Host: f7e98148-cb09-4cf1-9b9f-b5aee3465d6e.edge.permutive.app
URL: https://f7e98148-cb09-4cf1-9b9f-b5aee3465d6e.edge.permutive.app/f7e98148-cb09-4cf1-9b9f-b5aee3465d6e-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 901e1a00b12fe8a17192202e8d121f839d1ef15b7fe25ffac4cf2af2c7b4b33a

Request headers

Referer: https://etcanada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 23 Sep 2022 19:54:37 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://etcanada.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 163
via: 1.1 google

GET
H/1.1 200
OK 75660ba8f4 Show response
bam.nr-data.net/1/ 49 B
611 B 297ms
255ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/75660ba8f4?a=418684753&v=1216.487a282&to=Z1BWZxdTWkAHVExRXF4adVARW1tdSV5WXFZI&rst=2060&ck=1&ref=https://etcanada.com/&ap=337&be=287&fe=1998&dc=1207&perf=%7B%22timing%22:%7B%22of%22:1663962875408,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:15,%22c%22:15,%22s%22:23,%22ce%22:33,%22rq%22:33,%22rp%22:40,%22rpe%22:48,%22dl%22:261,%22di%22:1203,%22ds%22:1206,%22de%22:1212,%22dc%22:1997,%22l%22:1998,%22le%22:2019%7D,%22navigation%22:%7B%7D%7D&fp=947&fcp=947&at=SxdBEV9JSR9EVhoCSE1I&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:54:37 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 74f5d5506987bbf1-FRA

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 153ms
106ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 23 Sep 2022 19:54:37 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0EA8 13 KB
5 KB 30ms
9ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://etcanada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2826
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 19:07:31 GMT
expires: Sat, 23 Sep 2023 19:07:31 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 983C 783 B
1 KB 106ms
44ms Document
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7340785d6dfc0421c6492a702226a31564605d8e9702ba94881c4e7e8064efb2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8fSRSOQpEf73iw5CAaRSZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://etcanada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-8fSRSOQpEf73iw5CAaRSZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 19:54:37 GMT
expires: Fri, 23 Sep 2022 19:54:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 D52GskfJOxf5PECSshYwDvZZSmyyoPi_bK3LssDxWko.js Show response
pagead2.googlesyndication.com/bg/ Frame 0EA8 36 KB
16 KB 63ms
21ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/D52GskfJOxf5PECSshYwDvZZSmyyoPi_bK3LssDxWko.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f9d86b247c93b17f93c4092b216300ef6594a6cb2a0f8bf6cadcbb2c0f15a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 00:46:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155316
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15913
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Sep 2023 00:46:01 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 983C 0
0 53ms
52ms Image
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092001&jk=3009862448700575&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

POST
H3 200 state Show response
api.permutive.com/v1.0/ 0
34 B 76ms
76ms XHR
text/plain 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v1.0/state?fetch_unseen=true&k=2e14a473-6c86-4a13-b06d-59143665c372
Requested by: Host: f7e98148-cb09-4cf1-9b9f-b5aee3465d6e.edge.permutive.app
URL: https://f7e98148-cb09-4cf1-9b9f-b5aee3465d6e.edge.permutive.app/f7e98148-cb09-4cf1-9b9f-b5aee3465d6e-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://etcanada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 23 Sep 2022 19:54:37 GMT
content-encoding: gzip
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20
via: 1.1 google

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0EA8 0
10 B 8ms
8ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?sH6MKQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 container.html Show response
971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2E8B 6 KB
3 KB 66ms
24ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://etcanada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 19:54:37 GMT
expires: Sat, 23 Sep 2023 19:54:37 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7364 6 KB
3 KB 58ms
22ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://etcanada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 19:54:37 GMT
expires: Sat, 23 Sep 2023 19:54:37 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 114D 6 KB
3 KB 54ms
26ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://etcanada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 19:54:37 GMT
expires: Sat, 23 Sep 2023 19:54:37 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 25A1 0
0 47ms
47ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9hvKLsqr7TdGD8dNhkYWekujbH3bbU604QjTmhBt4rds1uWgW6o7bY21yxUGlwI0RDBHjrsNwEgHb5ymtrT5yPSslw7anHYyYIZ-LZaqVZqkxmv99ESqgxgrBBl0StrGTfk1Q4mfSouWvA3B_B2wjOniGBKArUUvvBb1h9r6m5AskOoVHKZT2bQrYx-I-zXMsZKyzJ7QE4_TMrTxdo5Ny67LE3RnhM_ZUEhixKmohDvkCua7SAjRWtowN2-CZcnyx_Dc4gkJqxjDuZu3BYyusL8fReXnFfhBUNLjN-MjWsRiSF6szNnmMan9ba_QIVTLS&sai=AMfl-YRTB7Wd0yvXIVGmc_QSM2nRd24kEqoJx4ZU3nb7WdwxCKKSsrDRQgrF9Fcnu21WdXwfEFnUtkou4E5EltCnfBatDRUMzKSy23YnDtsHJadMQzY3_n3RCoHisSBjCQ&sig=Cg0ArKJSzDXhChNMb8LDEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Sep 2022 19:54:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 sfp-iframe-buster.js Show response
native.sharethrough.com/assets/ Frame 25A1 14 KB
5 KB 51ms
14ms Script
application/javascript 65.9.66.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://native.sharethrough.com/assets/sfp-iframe-buster.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1f494b2f6e29144340a90132de61615016c7c0df4f5808a02171c904f14444d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:38 GMT
content-encoding: gzip
last-modified: Wed, 14 Sep 2022 14:15:58 GMT
server: AmazonS3
age: 2742
etag: W/"01aecd2edb6f37d7c729ac9a65830893"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b3dc72c60418e8887de31f772538f118.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: vZbZTxiYfH2-lc2exIErxsXlcbcGAgPlXxpPWN6genb5zc_is_otOQ==
expires: Wed, 14 Sep 2022 15:15:57 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 25A1 140 KB
44 KB 45ms
44ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

sffe /

Resource Hash

d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44525
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663760195623328"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 23 Sep 2022 19:54:38 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/shawmedia183027258601/ Frame 25A1 305 KB
104 KB 101ms
16ms Script
application/x-javascript 184.51.10.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/shawmedia183027258601/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.10.56 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-10-56.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f6c908a05314f202c10df4d0d01c649bb81c03ff237399180d7f9fde61588e06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:38 GMT
content-encoding: gzip
last-modified: Wed, 21 Sep 2022 18:31:32 GMT
server: AmazonS3
x-amz-request-id: H6Z51JF3NK0GNJY1
etag: "55daf9464a95bdaf99719747343c8df6"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=22690
accept-ranges: bytes
content-length: 106412
x-amz-id-2: tcDqFTLbCpz81oADgd5QL8qpEXh1xID1RzZkxgs83HMp6Mg71NHf+kkGV/4O/RRET6FnT3sPojw=

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3AC7 624 B
529 B 126ms
47ms Document
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGPe9tdEBMAE&v=APEucNXAUPa1E9lGCfJKiL8X7Zah8bzOaBmSQuOnEpRYpyBbhpWY6pDGwzRWZWnfLVI20Ig2ETo88ARcUiE1zA76sA0REwDtPtGRzn3nU38oVvgqy6Ff-hIME9CocMfCehyeVhb6ok0VTMmjsz-pWT3dkdkEstmrCLHr4NtRDlAgoa8Khl9oqm4

Requested by

Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 19:54:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7364 95 KB
36 KB 177ms
93ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CKJinoxh9NzqGgYVjyu_LyubDlv-abjC-GmqJSVWcsLd6-35_P9Dbd0gy8yGlnLUHsWLlroHJMX2eU5nr2iezbHOP-gFpWAUzDWR4WByZt_IU61zpQTeC2UlZaa4ISzyXASBh7vc4Qo9gvBiGcveg0fN1OGA&dbm_d=AKAmf-DnDkouNkAm1_XC7RrClLpeA-_wkzL_37V1kbfpbjYoDV4FLOZJkW5YtePNyeQkyOkhAQgSK3yA7cC1Wx4fjMnKJVGmglRUqD_OXr42Vq3gDwFGXOAQW5ZQhEa7DZpGsajRK1Ed6vPO-FIjzuAkT6xZIW1wTeCHcCrB__MuLyuE3BBs0Fw7rQttX4eKIl1c5Kl-UeNFxtI1W3kZ4f_o-CcKADGRCpq4OrUgnldhqEzEd5lTEkjV0ZfRWAk7VNPL7JEuzeeuj0xHjFDjRLYs6F8vfMi5HIniap1rwL69oGGmkzodYosMpkirmCeD47hfM2yaK4mYPlngjg2pkl7wonexlRBcW4RqQmvfSdl-sHPdV0DDzjm5Vu9eoZxMEoKb815UXInTDJGLn7XCzTooWmNzn5NXVU-COdny57ibXW_Gyai_4_shY83e0gD-vgAHGY4zKe--nrH22yV2Sf5J5V1-hHzW9GYqvE4LYSlUEIeFQpsOR59YCIgshiLjpvKP5BpPBdv5Wycg_OcutnZckesTX5O_bySmzf3mlxOpjlWFQgBrqni8FoR0M4uNij4WROpYOIAxjv_4E9fZZTwj4nx-YF1I9ADDEoYr2_10MPM-QC0uHcD0cX8M0fpNg0j7-iNNcg-DzqNOQy0DWr6P1Fg6YhbkmY5Y55GGIVBOFFjZAIFu-HQLWB89DNemrKgELKwpBETQCj6-LBoc2La0gFJQA9-84cSilhLXzDHY7DMO--yDtmjnSW7-sz_hkqrSP3cYFIioFS35R7dAA1ntY1xzk8HHdv9q7BnddW0NfBBEZFQJXB98GC6he88fpuApfmTjkGBJO7n29RSMP9DVrH3yZLBrCgzmGATyeKg4hNPnEjufO5QaPfwWSYssE9xN8VUI9oOLUVpHMd2yNf9yRhPpl4cQbkw7r4rrp8BgBya1XGajMdzDMmrydqCPm0paHsAwlGn-kfdD2IM4GCFXG1GLNAf1SI6s5jVjv0bi4xff-brccIng6DgNLjoNjCOPCr4pNi1hmGpNmDRhv_Qh0GhO18X2fHwVSsNkdQe_Nnjvo-Io5D51EeyugFGszV3ZwDDkkVOvVv02_IfIffnVKnLrhER_c6iT6eIgPGFMkspYDTAP-Y1O8SuZf-C6fIP3VFbW2ZDe-h6iojLUkZIkUcYnulMuCqcuM6bJ0anWTl181eTrtzxb_xmpZeZhMDVveZp7ERPluki8_PfbQJurBqnxXaqrqoXZfZsqZU281Ge8SRZK6MSQtRwjwXqP5BxNjzrVhYFeFY87U0mbDcFNVu6AppE0Oz0KSKuvFEZrCFIJPd4WLPeRsNC98i1XH1O8p-2zfJom0y3Rs3SsNjQI1aQS2aev8fP163JG8I9xvZB1madcsqUljnW0ef6eOErZUB6ALpfHRCcSybpopHRiteWNBgNr3WyOJltK2qMxxHOZLPyNnq1TYWahZdBbE3EJiBU0ixuyoCjwRu5rwG73YJJbPuZJUwk4Yy45HExBia1ArY-0GRhBFi0ggMm_UrF8OFFa8Y6Nq-W6kw94shX_7tF7_nrQh9t3Drn7PX994XUkHMnFnj1SlRFblNAbJ1QE57AMAo3TogTAw2D8-JEgaN2FsxrPDzheda5q5yOxZ0hDEZsAZI_v9ZFhsrQigdlq4OzsYI4aA7ER56MXz-yuIheAKdIY1EnFAkh_vBIccAd__FhW9SfaUmRZANZHCTUBqaQYOfnjbReu9irMVx6FSKcS66PudLOCKKKPvnnDpAT8dxX8pVfKNz-wVOtXBNWsXa-FhEAe95qCSPsZ2-YTOfA1F1rFcIFWi2Ih-8qHxX93UjJBiSEW2WDfw8GyYE56PxfuJW3KScPDaI7DRLbfhiLkJ3F2m8Y73sfHIGpMJVSH5gJFR7KIbWgQND5vF1_Q0DqyOEvoe9fRnD-K6x2-qu8ZvBudqmytfjgntN3klbLd0tLpsvtNClJ-DkABGRv6ze0QuDLQDnHA8fruOmM0cm7T1Psibdo3XjmmrEH7hAg9dEb1A-otqs9azIj50IE-FFyTwuO5UXXOio8A5aE-Hz2WM3rK9Jo5-NDZyYCtdAykBMVN5IdXzCC5gJm5fEsnGhpdZBMhmMNLPx1JTi9TIL5TF2CbYEvsSq7PgmRAVnmSVO5TH-BQDH1RksrdjoU3vUH85nOovM9tpoIBOXQOZd3-VdLWRHhCIz_v1s0kSY2aKJGq0bkQIsvsnueBF5fds9sVOM9wFoQFegON5U_YDhmtbDUYnv9UIzHZ84rOYSWO2Go08N9ePLvQp-rhNxp3JO5JI2nei7rHWaEaf5b_A_irUUwNiCYdFw6AgETeiuizL-rq9wPmqJeCLW4djNl1KXza9sSJ50eFlVVRAGXHpLrwjtWPhMCYyi2jd5eOcj_nOgIGmtO2nGneTki1JlNY94NHS65anOnNgKMUO2Qi0gB4aYdWsy3xw9C8dQypwiQPmQIWB3zioO6Wr9MRlKxZ4bWGyXrnuSCmxe2kmCGDxMvHOa-FKnbdWnwK0ZhLDTFAOg8fOx0r8bOhwM31vk-Fqa2u4ff1Q6KOIwR5xyTt1Yhduu65vHhcC3g3sgVx6GMoZzUrJ9Axj44ETg8llCp7_5ROYCGeKLK_tZvQK8RW15a7PoxAsTBZ9PmUocyzaR3gO-jFnwxBa-FuYH-sLoFu6q2ZCfSZ-pB81LyXoDub3i89_jF4j4hn-LxGOvjm_4Voa6F5soqEVAgTDdltc9jRR1KjCJ_sMQy399P7iaJ-lqjxV-MfWcICYvQAkbaJm7VIMZS4FWJgZVK2c8KDq8E5kfWGdu6e9oVSjE_LnQrV-E4ji1MoHCsDEbsCfrTMFnejWv86AHLtIYmyc5_RPwj6HxiQmZnlzHHDDAdoHjP8smI1WWqIbp2DmM7eLXUfaNEh6QQ1azDpU0KnoZpN-cPpOF0bQKXZ6-WHURq8GufsmwGK5VCEOkFld0kdZ7GEOT0wzJRwkXB3mIcPvVCaJyqyot14Dx_WUm-cE99gBHagqDkrR1Zjn0htTBOU0i_N-i7ZNpQS3z7-pqDyFgabuYR7P2LL6e5O2cx9PC6hjpwkxFmzHclUrIMr4-TskPmh52oYe8AM4VbyExrJBB8lu6JVEdNUOWeiSGEmwv4FgHQ91ET_KaF5slzEIHWAjzAwj7pxTXkdIKQzq7vn5aOD6U__c0MkqjNc&cid=CAASJORoS0LLsCzTtMr7H0aY-HmREqmfdilrMfVr0qph42JNBWFSEw&rfl=1%2Chttps%253A%252F%252Fetcanada.com%252F%240

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29ff4ae7f0ea8f926bc4b353f8f2ade34345f312396f2b3cb164d6a58f0ab667

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37037
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7364 42 B
63 B 64ms
52ms Image
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BdmaJaLmveGJRAOzvGNhi6dwDP65yXOpd1P74A0YgSpRQlREbPce7Ow3NJw0qfRlSr-KS9Tbxdwp2yMZxwlAG8bni_sMCvxRMJCddwZZsxpmpKrqs

Requested by

Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 7364 3 KB
1 KB 19ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js

Requested by

Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:51:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 19:51:10 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 7364 17 KB
7 KB 19ms
8ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:43:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 19:43:30 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7364 140 KB
44 KB 30ms
23ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

sffe /

Resource Hash

d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44525
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663760195623328"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 23 Sep 2022 19:54:38 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3023 624 B
340 B 124ms
48ms Document
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEY35Sh0wEwAQ&v=APEucNVhWOGFoND6XsF_oDBBxzxKJREkT33U2f4fvNO7pcb-0kyxu3Drk4RrRkcw9zBrkxjjt5s2WfZAOLArI4EcW4P0EMa9OIzzWxphXiIoENTwNLbx4AilK_KtyxbTv90BTE994bvItvVyGMRIU44g6bvMuMbm3kr3Yb7XfdCa7KTvssmpXgA

Requested by

Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 19:54:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2E8B 80 KB
34 KB 192ms
115ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CDOr7-cf56YjZaTgcW1Q8Js21IkGOjouwFZrWqdIM6-YKyKerz-Y6d3GN3JhVmPTLfnVkwWoFd1Kk0pGXiXOOvmpkJuAlqGBRUueJKqvNGcwOpSROmehQjGd0crevlxshR1dc5BqY5hwBVE9_36GFq4-MpQ3T-iRIi2of-IaFEvJfBh1f2C4YYkN5s5ud4myXiDMJp&cry=1&dbm_d=AKAmf-BUbwdlLXxvnOEMinsbjm2Jsg9fYUqFcnzE__PydASHO61x-_5N_ah6BmbHa5HOffM37lxbBtu5iJE7g0Zq0DSFp0_5Z_dZDAR7GKx6tor0-tFjGtZPQP5y3G4RIeCeViW_nSYMX72Vf55GCwwP_nDVZU50gc1NfyHxsrYTN8S_2dajVd8fcu5R_dhco4pXp6BOY8I7DwTvTl-8-8VUHSzNke9xTq6I5g4gYV2UBOypSMkfGUhI2BR38By-N5g8zbK1ni7FvXbaS8wUpOp9KykmWUhIfvvkIPA7XHYy6wOgufa0gpL14fDg1-3sLTyoe8c0X8OtFzzIRpMSiT1o15sLoW-RQK7DlwtC6MwHKTJ0TzOPNjiT4CYJH9jmQ_wgyMZHP1RII59qFkAQwCkOu57lJ6WY-SrzjRWL3HC_-UWpuFrHVwTWcQUZrFyqKvcdszwMlfvR8U0bkWrpvH6qDTRhLGVx6J_AFOfKUF7yPAwA5sxfLNUHPaEWXzz3ZHTRHv-QnfXSitbxjHWpod3kAnIN8SfoKBAQi3rCfqkVkw5rnx0HLd0jztlPKzXUKAcM1xIkd3z2dWTeQ-UmFuUfVMSCi8SFqXFQm-XFzGM-3_ha0QpO6qb52_UrFW707qW5NWsWjCf_HoUcO8ztvu8YXZTg664yvqSeuzqLUzLesotkv65yN4HuoIkBvjZWdY9xlTHyR-Atrq0Fy-Iek7HmHqkBY7ksbmOZFwdcz-kwZUcw0-cgEwmpWS0AYeV4aDpl2YwXTiZ9erU_qluax_-dH5-FSAgMeEtrD9tjVOHEkxEKv0AGcSDI4OIQx9FalrGYRjtDRVt5gEQDKWnYwPX2HXCag5kJyOktsG2SsCaPwkNyFdzPt5DnTGN0hI48iH6Loq7kPcwYsydC2GLLLtc2tiN8WBnz3wA0okS66vfRI_aaAh04NLeUvrr2QfUt_TgNacscPun9-YMoSswzG78zHmhRbnuJsv4R7AT8nIJQt6KgSiEIpzYUpOO5UHCfHAfvSy2GJPsLQQ-IiL33sRjXOyJB7Nshjm017QengHbFGhlor_NenKGm-QEtVhR86VjCwfIE_Ujx5dENoBwPIs3FDKn7ZhcP4-DZy3_uE8JduqdWjTqdYULv6U3ybVky1wV_APFbT_b7jDXP9fIBkRV7yG3cZtHUsHO9aHhtAzxqczibulAOSa_oSdY2TnNR_e90Bz00054DeZuD1cwYqicoGnZJC6Wg0sF0GKt1WfWHAlGTwDvtlRq7EvR50Ce3-VxcdF4R9SxXae7jtRLdMznEMLFScgrRMtDXEyVvtvgIHob5yfg97b3mtlU1J4y7DQHDtzt6MhMpoAn14xD73F5z2xbclG97kixgDNz8PCWSWhRbg2xr0oCBKBUFY30xsDSSIkF2lIL1mz5bFL17G0XQXNMkhVrIv3sizavSQSIT7DoM-SYzSihE6kRaAXbUmg3sDZtOV_PYZUtBqk8ME1m-JAOTHepzJmqDYXaPo1-i2ADl2whSerHlpWrwYwZLsdbw9cVOH9khMDe03jNqHiDT6IDt3ahlzTRK-djR-A9ZlKcpy4kOtGg-YpB57FEbSNphlY4Nq3OmPB3RoDEA9tU8heUvwBeDYHsCiss1AQqfdAltBLkKIiHNEwwTJKn2z47o9N4rdMNhXreI8FIUMl_VkqwMbMToU4QYduQCPSfUlaQQvYjwsLEOlxtUdLhkGkWYcq5Auqk7yp_RyEf9LzR-vN-5TBmkHSIIsg-ld5RpM24gKQjxXvH00q-xhHTYxm-XKsO-rrnVbj8CbZL4oLwXpKDAlj3UpuqUTZnZumxazyafL3Q-HYt5hmrwUq2joYbdF45hImxAqEVW1cpFU0XxnzTl52nBh41zTnLA9n542HsJJx6JtOH_2dXPaDrjlhmfhY9-12bA1kX5RGVk4_JkwSCWrsO0PUlMH38xb7FaeexBlJckPfQw-jNJY2jB7vLn-hn9M3s2Kna8-QhlrXgm9FzpKm5EUgHa-0ej9IOTo4MTieG9WIZWNaOgXo06IDahMzhh4wGZ0c3ZIF6L-8rltL412DGtumKPFS1Y0Czj7v-sQqaS0EBSNji2G0XTXE4bmkmWNXH2Yl7n5klVHSIGGoxsVpEuJ1u9TjlSqUj22SS2RmmvxGIFM2f0S22HG-l6AssnQoYAdfTxx8ui44blTwui9RAF9Y4TfGtphztPUEq5tV1lm70U5BPbDBXivXXXmvfDnYmTn730egMMDoRch3lAEYgR0R8iuj0xHhcZ9Q0-BXibZfalIVmutOZPAxE09ylnWFJTYGSr6OTJktkyvPWShLJSIH6YvmYXIl62dcmALgS7MQvdkjAkFR-koNZHo7W_Bf4KoJzdmUkLb_nYtXTxp8CuVsT5jZ0XgX9S51LI_DLH9Ptk4wdIfaeS3KXtS0owGRP_AvfOUOXAuez3HJ_ArwVIy-t2Q0BVbrIBe77Xk2uf_RVmnVPYmMP1-c9B6P4QMCvLNv0TsEHCGSC8X6BT7YC00IiNKkDtP8Dt3Xe3_u73UHIHjYaOGSfljJS2RMb76RHG01MWZg-nBBXVnUFllKYpqS1MeA18P-sVT96qFXGretJmQaFO0Dzq4RlewXkMIh8Gu4O2cw90yOhqgyI0DNavocmaal9YDCo5688zYOlnV_Tbo1nPsu4uimX-jBCLH8rz0BkwGDznYPypxORDPQjy_1xgH4fzcFy5iJDf4FaBGzJ9P8OdqvGAhiCR4-K4hkPu0ofYQsfwsboSoTWXEAFx9uneWaa4Gs3H4t8a15WfRZAJug2Nwx1tbCn-IAEVxRrCHtPLctK5GWvy-4qijUoorpccmB_cP66IcZ-9fftec__KL-Rwj7tZL1At5OB_pI7jWNV65AAKZxgQ7NJlzcZfeNcCARZa96NU5iRRzwsx4Jc2LHHaYufjIo54siydo6hZGIGg9Bfd_YX1XnsnGLeYhzE_SDRlYE9_qIUFr4CnqVeilnCjrVOJXt57Dn6uDzX2vRD6mgB667KnzkDJ1n2EsbggJVXPwsHnxj2aIa7aS-HX3uYNrG2UDcJzF0WNJMjkGh9dt6OntH0McjpkweWJPUkbw38lCnikL7zJBllJP2WqU3xEKvyw2rhW4vlsZQskOQfqy-eG2ddyAIvMEYHCbYNa7YxpBqsivJah98NvgCLyL_K_6-TrbJq-VliNUDTzz9XiSU84MRceRGtwMyKashgldHmi1xZPIFM_MDJxHXeMq-6jGmlvoeNftkTlrX4d_PPTzkPA8xvif1I1Ej0gg1SJ99fQapRJh0FZwyubwiZEW-YOCTkccGOXMgSRXcrU30-0KRjHUAMiGLVpYY2CQZ0UtGyRhZ5p__lFSou68VR7rwib0Hg3iG3mtxjqyPzYxqnSMt4PzDmu0Y_W4onTxp6J9XalLwARblWykf-_H83mWvVb3rBjqXT-RWEMzmNu_NGrq6JlmBnTJ-HEmrsHxLrEj29FHeAcpOfMXGp7xxKItxvV5ZHX1oXODTEukktCTZsR7En7amXdybNC9ptUqfT_2HMVDu6OMS-EQYxTJUqmQjy3bkuTG6Vaqs9AoS9GU6Qve3oSyZcaAH3DsaKVaflzDc8JsYX_s8EznOZd5eQ&cid=CAASJORo_IdN49SIRM5vxJPwqfEPVtpw8QOzjDXQCXqvcDL7D_Lt2Q&rfl=1%2Chttps%253A%252F%252Fetcanada.com%252F%240

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22f1b8ced0987e099ce75310096474c8359ba883212b1958321633528ca976c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34234
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2E8B 42 B
63 B 58ms
52ms Image
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BOxUO-O4N-1fa4RRG7ZzxXuqwa_CBP26hICKnqG4nxgqsT40Jnw17OVbPiLUUJBk-Exw1Cc5GGbnDN3xC12V6fdalr5ssRyd6Pxm_zo7mFdMMuLT0

Requested by

Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 2E8B 3 KB
1 KB 15ms
8ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js

Requested by

Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:51:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 19:51:10 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 2E8B 17 KB
7 KB 15ms
9ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:43:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 19:43:30 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2E8B 0
0 90ms
40ms Image
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTZcQEj0qMSRKhvvsDYm1SNyLEcEWM8wrVNBP4Cu_uaClhvvJSKY7peGg777brto74WrBRj71Q4zCaTA5aH27iGZVaIUA
Requested by: Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2E8B 140 KB
44 KB 44ms
39ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

sffe /

Resource Hash

d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44525
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663760195623328"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 23 Sep 2022 19:54:38 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/ Frame 31FE 105 KB
26 KB 10ms
9ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a8c742162d4336f7579cc2113eeb132065b6875c822c0f6190c8fde9d04adfb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 69240
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 26541
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 00:40:38 GMT
expires: Sat, 23 Sep 2023 00:40:38 GMT
last-modified: Thu, 03 Mar 2022 09:38:55 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 114D 0
0 53ms
53ms Fetch
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CW6wd_Q4uY8iJD_Sy9u8P3OiA2A_zqcyrbMzG3IOIELLqk7TvMBABILqY9xVgldqIgpgHoAHm7fjCAcgBCakCWaIGyT1HsD7gAgCoAwGqBP8BT9BC1_DkLn-lqTcZfdauRvitbtJ84sxIGWYjLXE63FpR3y_yfRtgPQuZtc5cyurJ_9YiITpJEnBTna-yFNkSlDJ-aYpvZa_Q-o8D6RvUiKpuIZpW6b5HKSz5oeaL6NovAClNFPWAUG22a2GfY38u__3VpXSFEPxgvvZBUeMZkOvZuhdCQlxEtSROXGeaiht8zvanfun8tUYcd69G6UPUj9-7y9UTyG8vwxetROV5VRQgh2hoUKoGBJ_VopqXshEQnrrp5xHcitJ9k-jL2eHasWQGlRceYBxPGz_ibQ-5jXZntE62j-I6sHd5L2rL1aT3AlWVQt-qC67xuezHzsRqwATd2s2j9APgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGa4AHg62m3gKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwHyBwQQl-Ys0ggRCIDhgBAQARgfMgKqAjoCgECACgPICwHYEwvQFQGAFwGyFx4KHAgAEhRwdWItMTU5OTc3NzE2NzcxNTcwNBif_BE&sigh=MJKZsJzaeGs&uach_m=[UACH]&template_id=531
Requested by: Host: etcanada.com
URL: https://etcanada.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 30B7 143 B
426 B 79ms
22ms Document
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1055
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Fri, 23 Sep 2022 19:37:03 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 114D 3 KB
1 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js

Requested by

Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:51:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 19:51:10 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 114D 17 KB
7 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:43:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 19:43:30 GMT

GET
DATA 200
OK truncated
/ Frame 25A1 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3cb852b8df1d35b118dbdd7455cdd4e140d1bfbc95baa587668a00fe7b5ee15f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 31FE 4 KB
1 KB 113ms
44ms Stylesheet
text/css 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:500,600|Poppins:regular

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8842d55c7ed6bddca9f29e54a22750272dadb786cb8f6bc7b1e3e337510b2621

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 19:54:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 23 Sep 2022 19:54:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Sep 2022 19:54:38 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 31FE 16 KB
6 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 04:14:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56434
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 24 Sep 2022 04:14:04 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 31FE 33 KB
13 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86453ecc16f6b785226ee9203819ea6bc46dc79171c51ed9605e3e2662281704

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 09:36:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37098
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13228
x-xss-protection: 0
server: cafe
etag: 10485928763175976200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 24 Sep 2022 09:36:20 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
267 B 169ms
20ms Image
image/gif 184.51.10.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=SHAWMEDIA1&hp=1&wf=1&ra=1&pxm=7&sgs=3&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1663962878170&de=492151468169&m=0&ar=220b545db30-clean&iw=01e916a&q=2&cb=0&ym=0&cu=1663962878170&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=18004391%3A1009282871%3A1460439791%3A119893969751&zMoatSZ=2x2&zMoatOrigSlicer1=196708631&zMoatOrigSlicer2=196708631&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fetcanada.com%2F&id=1&ii=4&bo=196708631&bd=196708631&dfp=0%2C1&la=196708631&gw=shawmedia183027258601&fd=1&it=500&ti=0&ih=2&pe=1%3A947%3A947%3A2019%3A1203&fs=200409&na=519725164&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.10.56 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-10-56.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62: 8096267
date: Fri, 23 Sep 2022 19:54:38 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 23 Sep 2022 19:54:38 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 25A1 0
0 76ms
48ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstKaoFzJjRDNqs6cOLstYM4JrJSitmvcRs13aNlkLG9yZFTMLtDEKWUo73lVPl1NQ0bz_PFAEjqis3ewY_IA4WVx0ppN-P2i9Jm9lYgd65GEPet_6W4Fxx4HTs3eBcL6CYU3nCXQj-4g68H5-vnsFJilL8bnSDBbIEISdM6c4LzEoLVReYLhqnxrL0C1_ZiwOmkz7miBl8SShEx6lDbJ7SJf_GFGftZxZDCKNDZrloSSfWqqBBGKFUZYDOKV0IcufLLM_qMvh_-QmquGlV7ocIl80v9Xx5pBLlIgNuYlB4yJtS6m4Rj3o7vtG_6ld-QkuIWYJo&sai=AMfl-YTYhR1Z_l9-lQsdnH8JaybXYtxiT4IK3tDmW2y9BQRWWXV8ct_xk-_Pr-_S6NBhnx8m7hhD2ZWroXGnqMQGZzJDG3KCOFMagh8lMh9c4Dgq6fkGpBhaHbblqASZTQ&sig=Cg0ArKJSzCZ1ZS3l-i83EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Sep 2022 19:54:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 23 Sep 2022 19:54:38 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 114D 0
0 51ms
51ms Image
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSNhzrH07xb5r6df0J-E44t-58ogHYND8GppKohrT_rBPczzTd7RbrfT1MFdbrzkPoo5_PTgLxB463DRgojfIgTHL1XBw
Requested by: Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 114D 140 KB
44 KB 23ms
22ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

sffe /

Resource Hash

d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44525
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663760195623328"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 23 Sep 2022 19:54:38 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3AC7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBSMAZAAsIQ0xoPgo56h5oI&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBSMAZAAsIQ0xoPgo56h5oI&google_cver=1&C=1

43 B
841 B

67ms
47ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBSMAZAAsIQ0xoPgo56h5oI&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGPe9tdEBMAE&v=APEucNXAUPa1E9lGCfJKiL8X7Zah8bzOaBmSQuOnEpRYpyBbhpWY6pDGwzRWZWnfLVI20Ig2ETo88ARcUiE1zA76sA0REwDtPtGRzn3nU38oVvgqy6Ff-hIME9CocMfCehyeVhb6ok0VTMmjsz-pWT3dkdkEstmrCLHr4NtRDlAgoa8Khl9oqm4
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74f5d5562aa79052-FRA
pragma: no-cache
date: Fri, 23 Sep 2022 19:54:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TFFZc1AUXsA9BUyqchcofkF8JI9v%2BzOsz9RiZTNPCd6HUwTVUuqBiYeygdzpxf3CUgKHoZa5C4O1GFUuoLRLcJgiS3vemN%2BgXn2iuc2skQ0OAp9x0CnAn%2BjSyK1frQcQVD4Fl85rHb8OOA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BwBbYTPm7X5BXAsT9nQ5UVX7Bt2lXAEtTfE1XOTn1TZfwvRZGrMTh7yO6XZ4NywSYXPBXWPUee6Up7IwipZH2N8oaJe7gWMgLqWuM84tvGXML15WY4r%2BH8dDDGt%2FhygzN7wr7fnbn5Z6IQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEBSMAZAAsIQ0xoPgo56h5oI&google_cver=1&C=1
cache-control: no-cache
cf-ray: 74f5d555adce9bac-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3AC7
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yy4O-tAJMh9QuDfDGKQe6AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBSMAZAAsIQ0xoPgo56h5oI&google_cver=1

43 B
845 B

49ms
49ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBSMAZAAsIQ0xoPgo56h5oI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGPe9tdEBMAE&v=APEucNXAUPa1E9lGCfJKiL8X7Zah8bzOaBmSQuOnEpRYpyBbhpWY6pDGwzRWZWnfLVI20Ig2ETo88ARcUiE1zA76sA0REwDtPtGRzn3nU38oVvgqy6Ff-hIME9CocMfCehyeVhb6ok0VTMmjsz-pWT3dkdkEstmrCLHr4NtRDlAgoa8Khl9oqm4
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74f5d556ebbb9052-FRA
pragma: no-cache
date: Fri, 23 Sep 2022 19:54:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pBKB99WxzaFFySJNYT6nH8QNOxRXT6%2BAuDT%2FUxJtrJ7DCtFXhpV1bsoBacZ00sMLZ80DtKgauQ8J82wWLV4ycSHaGMUKfO9n5%2FQW%2BAkQ4D9GgljHxkJcNW%2Bf9Lr1Ch5HAxN5TU1pnD6KaA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBSMAZAAsIQ0xoPgo56h5oI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 3AC7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENCnCfI0fjbwZA4iEnrfN4o&google_cver=1

43 B
1010 B

34ms
20ms

Image
image/gif

37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENCnCfI0fjbwZA4iEnrfN4o&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGPe9tdEBMAE&v=APEucNXAUPa1E9lGCfJKiL8X7Zah8bzOaBmSQuOnEpRYpyBbhpWY6pDGwzRWZWnfLVI20Ig2ETo88ARcUiE1zA76sA0REwDtPtGRzn3nU38oVvgqy6Ff-hIME9CocMfCehyeVhb6ok0VTMmjsz-pWT3dkdkEstmrCLHr4NtRDlAgoa8Khl9oqm4

Protocol

HTTP/1.1

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 19:54:38 GMT
X-Proxy-Origin: 81.95.5.41; 81.95.5.41; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1839fb25-6b32-440f-b733-4f7c3f8b9b11
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENCnCfI0fjbwZA4iEnrfN4o&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3AC7
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMxMjYxNzY2ODY4MTU5NzQ4OA%3D%3D

170 B
188 B

27ms
25ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMxMjYxNzY2ODY4MTU5NzQ4OA%3D%3D

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 19:54:38 GMT
X-Proxy-Origin: 81.95.5.41; 81.95.5.41; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1469acb6-bd6b-48f6-8d09-3a9916d2a511
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMxMjYxNzY2ODY4MTU5NzQ4OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 114D 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 03420998eb4e01fb185f814aa1305e923951444b43d68740ec938402460c0b19

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3023
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBSMAZAAsIQ0xoPgo56h5oI&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBSMAZAAsIQ0xoPgo56h5oI&google_cver=1&C=1

43 B
846 B

64ms
48ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBSMAZAAsIQ0xoPgo56h5oI&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEY35Sh0wEwAQ&v=APEucNVhWOGFoND6XsF_oDBBxzxKJREkT33U2f4fvNO7pcb-0kyxu3Drk4RrRkcw9zBrkxjjt5s2WfZAOLArI4EcW4P0EMa9OIzzWxphXiIoENTwNLbx4AilK_KtyxbTv90BTE994bvItvVyGMRIU44g6bvMuMbm3kr3Yb7XfdCa7KTvssmpXgA
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74f5d5562aac9052-FRA
pragma: no-cache
date: Fri, 23 Sep 2022 19:54:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AmzvZtzMOy6Ilow93vdlzP%2FG0PpiVVzKOIraKZIou1pXgasdPMAzbaHWrWyPZD2Sx26SECHYd%2BT0RJNZhtrHr%2BqAGjXCvwFnjRUDNKRNHkcEh%2FSttwDj6nSwE8GPm%2FtMg9RElZo9hqzikw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kVsJcXhS5iJGaeKWfzfSdG3zvAhcBlT%2FwY3iwc2azmQ4zdrRhsI9a5T1c%2BRWX1FN8LMwh0D5M07yYx8OGnvyH%2F4mlS0cbopCTZ1peq3JTDrp%2BIOc93dXmKIf5Jz2MOq9LD%2BK7YkwFga6CA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEBSMAZAAsIQ0xoPgo56h5oI&google_cver=1&C=1
cache-control: no-cache
cf-ray: 74f5d555bdd39bac-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3023
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yy4O-tAJMh9QuDfDGKQe6AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBSMAZAAsIQ0xoPgo56h5oI&google_cver=1

43 B
848 B

29ms
29ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBSMAZAAsIQ0xoPgo56h5oI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEY35Sh0wEwAQ&v=APEucNVhWOGFoND6XsF_oDBBxzxKJREkT33U2f4fvNO7pcb-0kyxu3Drk4RrRkcw9zBrkxjjt5s2WfZAOLArI4EcW4P0EMa9OIzzWxphXiIoENTwNLbx4AilK_KtyxbTv90BTE994bvItvVyGMRIU44g6bvMuMbm3kr3Yb7XfdCa7KTvssmpXgA
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74f5d556ebb99052-FRA
pragma: no-cache
date: Fri, 23 Sep 2022 19:54:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YLqyzHReB3iAcuU27qSu3RNEWWT9u9ZhcjC%2BmrARo7aW6j3fIygkisfPf%2Bt1VNh3FYeJYXlVhKI7ZmE6Bdq%2BfTu04cO%2FuHQJdfZ6Y0hZcv%2FFczi3%2FY1r%2F1mqR%2BL3tfX4hFtQC8dnHPnHdA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBSMAZAAsIQ0xoPgo56h5oI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 3023
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENCnCfI0fjbwZA4iEnrfN4o&google_cver=1

43 B
1010 B

22ms
8ms

Image
image/gif

37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENCnCfI0fjbwZA4iEnrfN4o&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEY35Sh0wEwAQ&v=APEucNVhWOGFoND6XsF_oDBBxzxKJREkT33U2f4fvNO7pcb-0kyxu3Drk4RrRkcw9zBrkxjjt5s2WfZAOLArI4EcW4P0EMa9OIzzWxphXiIoENTwNLbx4AilK_KtyxbTv90BTE994bvItvVyGMRIU44g6bvMuMbm3kr3Yb7XfdCa7KTvssmpXgA

Protocol

HTTP/1.1

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 19:54:38 GMT
X-Proxy-Origin: 81.95.5.41; 81.95.5.41; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 68a89e1b-adb1-4911-8f1c-6bd9f009f51b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENCnCfI0fjbwZA4iEnrfN4o&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3023
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMxMjYxNzY2ODY4MTU5NzQ4OA%3D%3D

170 B
188 B

20ms
20ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMxMjYxNzY2ODY4MTU5NzQ4OA%3D%3D

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 19:54:38 GMT
X-Proxy-Origin: 81.95.5.41; 81.95.5.41; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ceab7a7a-82ee-48d8-8402-cfee16f05622
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMxMjYxNzY2ODY4MTU5NzQ4OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1140163/65044663/ Frame 7364 236 KB
70 KB 176ms
37ms Script
application/javascript 54.194.29.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1140163/65044663/skeleton.js?ias_dspID=3&ias_campId=1009016887&ias_pubId=pub-1599777167715704&ias_chanId=1&ias_placementId=18196981561&bidurl=https://etcanada.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iFpUADFrPRa0mMNPKHpfPC
Requested by: Host: etcanada.com
URL: https://etcanada.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.29.214 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-29-214.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 88e1f4eb0541b1ab51c5225df03decacbcccbeeb92bc8db1ee061deeb3bed4d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:38 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 7364 106 KB
38 KB 119ms
20ms Script
text/javascript 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
Origin: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 07:30:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44659
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 24 Sep 2022 07:30:19 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/ Frame 7364 8 KB
3 KB 32ms
31ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CKJinoxh9NzqGgYVjyu_LyubDlv-abjC-GmqJSVWcsLd6-35_P9Dbd0gy8yGlnLUHsWLlroHJMX2eU5nr2iezbHOP-gFpWAUzDWR4WByZt_IU61zpQTeC2UlZaa4ISzyXASBh7vc4Qo9gvBiGcveg0fN1OGA&dbm_d=AKAmf-DnDkouNkAm1_XC7RrClLpeA-_wkzL_37V1kbfpbjYoDV4FLOZJkW5YtePNyeQkyOkhAQgSK3yA7cC1Wx4fjMnKJVGmglRUqD_OXr42Vq3gDwFGXOAQW5ZQhEa7DZpGsajRK1Ed6vPO-FIjzuAkT6xZIW1wTeCHcCrB__MuLyuE3BBs0Fw7rQttX4eKIl1c5Kl-UeNFxtI1W3kZ4f_o-CcKADGRCpq4OrUgnldhqEzEd5lTEkjV0ZfRWAk7VNPL7JEuzeeuj0xHjFDjRLYs6F8vfMi5HIniap1rwL69oGGmkzodYosMpkirmCeD47hfM2yaK4mYPlngjg2pkl7wonexlRBcW4RqQmvfSdl-sHPdV0DDzjm5Vu9eoZxMEoKb815UXInTDJGLn7XCzTooWmNzn5NXVU-COdny57ibXW_Gyai_4_shY83e0gD-vgAHGY4zKe--nrH22yV2Sf5J5V1-hHzW9GYqvE4LYSlUEIeFQpsOR59YCIgshiLjpvKP5BpPBdv5Wycg_OcutnZckesTX5O_bySmzf3mlxOpjlWFQgBrqni8FoR0M4uNij4WROpYOIAxjv_4E9fZZTwj4nx-YF1I9ADDEoYr2_10MPM-QC0uHcD0cX8M0fpNg0j7-iNNcg-DzqNOQy0DWr6P1Fg6YhbkmY5Y55GGIVBOFFjZAIFu-HQLWB89DNemrKgELKwpBETQCj6-LBoc2La0gFJQA9-84cSilhLXzDHY7DMO--yDtmjnSW7-sz_hkqrSP3cYFIioFS35R7dAA1ntY1xzk8HHdv9q7BnddW0NfBBEZFQJXB98GC6he88fpuApfmTjkGBJO7n29RSMP9DVrH3yZLBrCgzmGATyeKg4hNPnEjufO5QaPfwWSYssE9xN8VUI9oOLUVpHMd2yNf9yRhPpl4cQbkw7r4rrp8BgBya1XGajMdzDMmrydqCPm0paHsAwlGn-kfdD2IM4GCFXG1GLNAf1SI6s5jVjv0bi4xff-brccIng6DgNLjoNjCOPCr4pNi1hmGpNmDRhv_Qh0GhO18X2fHwVSsNkdQe_Nnjvo-Io5D51EeyugFGszV3ZwDDkkVOvVv02_IfIffnVKnLrhER_c6iT6eIgPGFMkspYDTAP-Y1O8SuZf-C6fIP3VFbW2ZDe-h6iojLUkZIkUcYnulMuCqcuM6bJ0anWTl181eTrtzxb_xmpZeZhMDVveZp7ERPluki8_PfbQJurBqnxXaqrqoXZfZsqZU281Ge8SRZK6MSQtRwjwXqP5BxNjzrVhYFeFY87U0mbDcFNVu6AppE0Oz0KSKuvFEZrCFIJPd4WLPeRsNC98i1XH1O8p-2zfJom0y3Rs3SsNjQI1aQS2aev8fP163JG8I9xvZB1madcsqUljnW0ef6eOErZUB6ALpfHRCcSybpopHRiteWNBgNr3WyOJltK2qMxxHOZLPyNnq1TYWahZdBbE3EJiBU0ixuyoCjwRu5rwG73YJJbPuZJUwk4Yy45HExBia1ArY-0GRhBFi0ggMm_UrF8OFFa8Y6Nq-W6kw94shX_7tF7_nrQh9t3Drn7PX994XUkHMnFnj1SlRFblNAbJ1QE57AMAo3TogTAw2D8-JEgaN2FsxrPDzheda5q5yOxZ0hDEZsAZI_v9ZFhsrQigdlq4OzsYI4aA7ER56MXz-yuIheAKdIY1EnFAkh_vBIccAd__FhW9SfaUmRZANZHCTUBqaQYOfnjbReu9irMVx6FSKcS66PudLOCKKKPvnnDpAT8dxX8pVfKNz-wVOtXBNWsXa-FhEAe95qCSPsZ2-YTOfA1F1rFcIFWi2Ih-8qHxX93UjJBiSEW2WDfw8GyYE56PxfuJW3KScPDaI7DRLbfhiLkJ3F2m8Y73sfHIGpMJVSH5gJFR7KIbWgQND5vF1_Q0DqyOEvoe9fRnD-K6x2-qu8ZvBudqmytfjgntN3klbLd0tLpsvtNClJ-DkABGRv6ze0QuDLQDnHA8fruOmM0cm7T1Psibdo3XjmmrEH7hAg9dEb1A-otqs9azIj50IE-FFyTwuO5UXXOio8A5aE-Hz2WM3rK9Jo5-NDZyYCtdAykBMVN5IdXzCC5gJm5fEsnGhpdZBMhmMNLPx1JTi9TIL5TF2CbYEvsSq7PgmRAVnmSVO5TH-BQDH1RksrdjoU3vUH85nOovM9tpoIBOXQOZd3-VdLWRHhCIz_v1s0kSY2aKJGq0bkQIsvsnueBF5fds9sVOM9wFoQFegON5U_YDhmtbDUYnv9UIzHZ84rOYSWO2Go08N9ePLvQp-rhNxp3JO5JI2nei7rHWaEaf5b_A_irUUwNiCYdFw6AgETeiuizL-rq9wPmqJeCLW4djNl1KXza9sSJ50eFlVVRAGXHpLrwjtWPhMCYyi2jd5eOcj_nOgIGmtO2nGneTki1JlNY94NHS65anOnNgKMUO2Qi0gB4aYdWsy3xw9C8dQypwiQPmQIWB3zioO6Wr9MRlKxZ4bWGyXrnuSCmxe2kmCGDxMvHOa-FKnbdWnwK0ZhLDTFAOg8fOx0r8bOhwM31vk-Fqa2u4ff1Q6KOIwR5xyTt1Yhduu65vHhcC3g3sgVx6GMoZzUrJ9Axj44ETg8llCp7_5ROYCGeKLK_tZvQK8RW15a7PoxAsTBZ9PmUocyzaR3gO-jFnwxBa-FuYH-sLoFu6q2ZCfSZ-pB81LyXoDub3i89_jF4j4hn-LxGOvjm_4Voa6F5soqEVAgTDdltc9jRR1KjCJ_sMQy399P7iaJ-lqjxV-MfWcICYvQAkbaJm7VIMZS4FWJgZVK2c8KDq8E5kfWGdu6e9oVSjE_LnQrV-E4ji1MoHCsDEbsCfrTMFnejWv86AHLtIYmyc5_RPwj6HxiQmZnlzHHDDAdoHjP8smI1WWqIbp2DmM7eLXUfaNEh6QQ1azDpU0KnoZpN-cPpOF0bQKXZ6-WHURq8GufsmwGK5VCEOkFld0kdZ7GEOT0wzJRwkXB3mIcPvVCaJyqyot14Dx_WUm-cE99gBHagqDkrR1Zjn0htTBOU0i_N-i7ZNpQS3z7-pqDyFgabuYR7P2LL6e5O2cx9PC6hjpwkxFmzHclUrIMr4-TskPmh52oYe8AM4VbyExrJBB8lu6JVEdNUOWeiSGEmwv4FgHQ91ET_KaF5slzEIHWAjzAwj7pxTXkdIKQzq7vn5aOD6U__c0MkqjNc&cid=CAASJORoS0LLsCzTtMr7H0aY-HmREqmfdilrMfVr0qph42JNBWFSEw&rfl=1%2Chttps%253A%252F%252Fetcanada.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:52:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 19:52:16 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame 7364 30 KB
11 KB 27ms
27ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:44:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 581
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11724
x-xss-protection: 0
server: cafe
etag: 16554960040364120486
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 19:44:57 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 30B7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

96ms
54ms

Document
text/html

2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 19:54:38 GMT
expires: Fri, 23 Sep 2022 19:54:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 23 Sep 2022 19:54:38 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 2E8B 170 KB
59 KB 112ms
43ms Script
text/javascript 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
Origin: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 07:35:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44358
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 24 Sep 2022 07:35:20 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/ Frame 2E8B 8 KB
3 KB 25ms
20ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CDOr7-cf56YjZaTgcW1Q8Js21IkGOjouwFZrWqdIM6-YKyKerz-Y6d3GN3JhVmPTLfnVkwWoFd1Kk0pGXiXOOvmpkJuAlqGBRUueJKqvNGcwOpSROmehQjGd0crevlxshR1dc5BqY5hwBVE9_36GFq4-MpQ3T-iRIi2of-IaFEvJfBh1f2C4YYkN5s5ud4myXiDMJp&cry=1&dbm_d=AKAmf-BUbwdlLXxvnOEMinsbjm2Jsg9fYUqFcnzE__PydASHO61x-_5N_ah6BmbHa5HOffM37lxbBtu5iJE7g0Zq0DSFp0_5Z_dZDAR7GKx6tor0-tFjGtZPQP5y3G4RIeCeViW_nSYMX72Vf55GCwwP_nDVZU50gc1NfyHxsrYTN8S_2dajVd8fcu5R_dhco4pXp6BOY8I7DwTvTl-8-8VUHSzNke9xTq6I5g4gYV2UBOypSMkfGUhI2BR38By-N5g8zbK1ni7FvXbaS8wUpOp9KykmWUhIfvvkIPA7XHYy6wOgufa0gpL14fDg1-3sLTyoe8c0X8OtFzzIRpMSiT1o15sLoW-RQK7DlwtC6MwHKTJ0TzOPNjiT4CYJH9jmQ_wgyMZHP1RII59qFkAQwCkOu57lJ6WY-SrzjRWL3HC_-UWpuFrHVwTWcQUZrFyqKvcdszwMlfvR8U0bkWrpvH6qDTRhLGVx6J_AFOfKUF7yPAwA5sxfLNUHPaEWXzz3ZHTRHv-QnfXSitbxjHWpod3kAnIN8SfoKBAQi3rCfqkVkw5rnx0HLd0jztlPKzXUKAcM1xIkd3z2dWTeQ-UmFuUfVMSCi8SFqXFQm-XFzGM-3_ha0QpO6qb52_UrFW707qW5NWsWjCf_HoUcO8ztvu8YXZTg664yvqSeuzqLUzLesotkv65yN4HuoIkBvjZWdY9xlTHyR-Atrq0Fy-Iek7HmHqkBY7ksbmOZFwdcz-kwZUcw0-cgEwmpWS0AYeV4aDpl2YwXTiZ9erU_qluax_-dH5-FSAgMeEtrD9tjVOHEkxEKv0AGcSDI4OIQx9FalrGYRjtDRVt5gEQDKWnYwPX2HXCag5kJyOktsG2SsCaPwkNyFdzPt5DnTGN0hI48iH6Loq7kPcwYsydC2GLLLtc2tiN8WBnz3wA0okS66vfRI_aaAh04NLeUvrr2QfUt_TgNacscPun9-YMoSswzG78zHmhRbnuJsv4R7AT8nIJQt6KgSiEIpzYUpOO5UHCfHAfvSy2GJPsLQQ-IiL33sRjXOyJB7Nshjm017QengHbFGhlor_NenKGm-QEtVhR86VjCwfIE_Ujx5dENoBwPIs3FDKn7ZhcP4-DZy3_uE8JduqdWjTqdYULv6U3ybVky1wV_APFbT_b7jDXP9fIBkRV7yG3cZtHUsHO9aHhtAzxqczibulAOSa_oSdY2TnNR_e90Bz00054DeZuD1cwYqicoGnZJC6Wg0sF0GKt1WfWHAlGTwDvtlRq7EvR50Ce3-VxcdF4R9SxXae7jtRLdMznEMLFScgrRMtDXEyVvtvgIHob5yfg97b3mtlU1J4y7DQHDtzt6MhMpoAn14xD73F5z2xbclG97kixgDNz8PCWSWhRbg2xr0oCBKBUFY30xsDSSIkF2lIL1mz5bFL17G0XQXNMkhVrIv3sizavSQSIT7DoM-SYzSihE6kRaAXbUmg3sDZtOV_PYZUtBqk8ME1m-JAOTHepzJmqDYXaPo1-i2ADl2whSerHlpWrwYwZLsdbw9cVOH9khMDe03jNqHiDT6IDt3ahlzTRK-djR-A9ZlKcpy4kOtGg-YpB57FEbSNphlY4Nq3OmPB3RoDEA9tU8heUvwBeDYHsCiss1AQqfdAltBLkKIiHNEwwTJKn2z47o9N4rdMNhXreI8FIUMl_VkqwMbMToU4QYduQCPSfUlaQQvYjwsLEOlxtUdLhkGkWYcq5Auqk7yp_RyEf9LzR-vN-5TBmkHSIIsg-ld5RpM24gKQjxXvH00q-xhHTYxm-XKsO-rrnVbj8CbZL4oLwXpKDAlj3UpuqUTZnZumxazyafL3Q-HYt5hmrwUq2joYbdF45hImxAqEVW1cpFU0XxnzTl52nBh41zTnLA9n542HsJJx6JtOH_2dXPaDrjlhmfhY9-12bA1kX5RGVk4_JkwSCWrsO0PUlMH38xb7FaeexBlJckPfQw-jNJY2jB7vLn-hn9M3s2Kna8-QhlrXgm9FzpKm5EUgHa-0ej9IOTo4MTieG9WIZWNaOgXo06IDahMzhh4wGZ0c3ZIF6L-8rltL412DGtumKPFS1Y0Czj7v-sQqaS0EBSNji2G0XTXE4bmkmWNXH2Yl7n5klVHSIGGoxsVpEuJ1u9TjlSqUj22SS2RmmvxGIFM2f0S22HG-l6AssnQoYAdfTxx8ui44blTwui9RAF9Y4TfGtphztPUEq5tV1lm70U5BPbDBXivXXXmvfDnYmTn730egMMDoRch3lAEYgR0R8iuj0xHhcZ9Q0-BXibZfalIVmutOZPAxE09ylnWFJTYGSr6OTJktkyvPWShLJSIH6YvmYXIl62dcmALgS7MQvdkjAkFR-koNZHo7W_Bf4KoJzdmUkLb_nYtXTxp8CuVsT5jZ0XgX9S51LI_DLH9Ptk4wdIfaeS3KXtS0owGRP_AvfOUOXAuez3HJ_ArwVIy-t2Q0BVbrIBe77Xk2uf_RVmnVPYmMP1-c9B6P4QMCvLNv0TsEHCGSC8X6BT7YC00IiNKkDtP8Dt3Xe3_u73UHIHjYaOGSfljJS2RMb76RHG01MWZg-nBBXVnUFllKYpqS1MeA18P-sVT96qFXGretJmQaFO0Dzq4RlewXkMIh8Gu4O2cw90yOhqgyI0DNavocmaal9YDCo5688zYOlnV_Tbo1nPsu4uimX-jBCLH8rz0BkwGDznYPypxORDPQjy_1xgH4fzcFy5iJDf4FaBGzJ9P8OdqvGAhiCR4-K4hkPu0ofYQsfwsboSoTWXEAFx9uneWaa4Gs3H4t8a15WfRZAJug2Nwx1tbCn-IAEVxRrCHtPLctK5GWvy-4qijUoorpccmB_cP66IcZ-9fftec__KL-Rwj7tZL1At5OB_pI7jWNV65AAKZxgQ7NJlzcZfeNcCARZa96NU5iRRzwsx4Jc2LHHaYufjIo54siydo6hZGIGg9Bfd_YX1XnsnGLeYhzE_SDRlYE9_qIUFr4CnqVeilnCjrVOJXt57Dn6uDzX2vRD6mgB667KnzkDJ1n2EsbggJVXPwsHnxj2aIa7aS-HX3uYNrG2UDcJzF0WNJMjkGh9dt6OntH0McjpkweWJPUkbw38lCnikL7zJBllJP2WqU3xEKvyw2rhW4vlsZQskOQfqy-eG2ddyAIvMEYHCbYNa7YxpBqsivJah98NvgCLyL_K_6-TrbJq-VliNUDTzz9XiSU84MRceRGtwMyKashgldHmi1xZPIFM_MDJxHXeMq-6jGmlvoeNftkTlrX4d_PPTzkPA8xvif1I1Ej0gg1SJ99fQapRJh0FZwyubwiZEW-YOCTkccGOXMgSRXcrU30-0KRjHUAMiGLVpYY2CQZ0UtGyRhZ5p__lFSou68VR7rwib0Hg3iG3mtxjqyPzYxqnSMt4PzDmu0Y_W4onTxp6J9XalLwARblWykf-_H83mWvVb3rBjqXT-RWEMzmNu_NGrq6JlmBnTJ-HEmrsHxLrEj29FHeAcpOfMXGp7xxKItxvV5ZHX1oXODTEukktCTZsR7En7amXdybNC9ptUqfT_2HMVDu6OMS-EQYxTJUqmQjy3bkuTG6Vaqs9AoS9GU6Qve3oSyZcaAH3DsaKVaflzDc8JsYX_s8EznOZd5eQ&cid=CAASJORo_IdN49SIRM5vxJPwqfEPVtpw8QOzjDXQCXqvcDL7D_Lt2Q&rfl=1%2Chttps%253A%252F%252Fetcanada.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:52:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 19:52:16 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame 2E8B 30 KB
11 KB 23ms
21ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:44:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 581
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11724
x-xss-protection: 0
server: cafe
etag: 16554960040364120486
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 19:44:57 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame 31FE 30 KB
31 KB 92ms
20ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:500,600|Poppins:regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 09:20:18 GMT
x-content-type-options: nosniff
age: 383660
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 09:20:18 GMT

GET
H2 204 v4 Show response
btlr.sharethrough.com/ 0
142 B 87ms
18ms XHR
text/plain 18.159.14.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/v4?placement_key=fHgQwEEsWTdxL4Lz7YshCqs8&secure=true
Requested by: Host: sdk.sharethrough.com
URL: https://sdk.sharethrough.com/gc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.14.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-14-126.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: https://etcanada.com
date: Fri, 23 Sep 2022 19:54:38 GMT
access-control-allow-credentials: true
timing-allow-origin: https://etcanada.com
vary: Origin

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7364 41 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 08:54:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126013
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Sep 2023 08:54:25 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 560D 1 KB
749 B 24ms
22ms Document
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 44646
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 07:30:32 GMT
etag: 48472445140208031
expires: Sat, 24 Sep 2022 07:30:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7364 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9241489f91ae2155b23fbd762c05b9a233c9c7de9d8c56f313ad16275ba8b08

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2E8B 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 08:54:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126013
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Sep 2023 08:54:25 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3B89 1 KB
749 B 25ms
24ms Document
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 44646
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 07:30:32 GMT
etag: 48472445140208031
expires: Sat, 24 Sep 2022 07:30:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2E8B 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa36c5e1be0de242db43e233e72079e4cc0c047bc73ab74b85432209a0c04aa4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7D1A 22 KB
8 KB 9ms
7ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 125990
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 08:54:48 GMT
expires: Fri, 22 Sep 2023 08:54:48 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK placement Show response
sfp-adserver-cdn.sharethrough.com/ 2 KB
2 KB 110ms
33ms XHR
application/json 18.64.119.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sfp-adserver-cdn.sharethrough.com/placement?key=fHgQwEEsWTdxL4Lz7YshCqs8
Requested by: Host: sdk.sharethrough.com
URL: https://sdk.sharethrough.com/gc.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.119.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-119-45.txl50.r.cloudfront.net
Software: / Express
Resource Hash: 87fae86e79f80a7f379e0d61c814f6be56ff78a6028edd4cf26e8f63b23913ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 05:33:44 GMT
Content-Encoding: gzip
Vary: Accept-Encoding,Origin
Age: 51654
X-Powered-By: Express
ETag: W/"882-drjH8iYiSy5n5Y0xd7qeIatBm+g"
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://etcanada.com
Connection: keep-alive
Access-Control-Allow-Credentials: true
X-Amz-Cf-Pop: TXL50-P4
X-Amz-Cf-Id: L8gasrHvPyLxZZfLu2dLvUCcJKLTNU3qRBwlqIWlf3Nieqe6vEc2sQ==
Via: 1.1 cb643617ee4bca09492409ac12401bfc.cloudfront.net (CloudFront)

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 560D 0
104 B 131ms
29ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEOrlPdMsHrYogWFL6Q-OVPM&google_cver=1&google_push=AZmPxg-NbvFXUi6lhtoVaUl1hslbYEcuoZPIshO6AVQor13VL8q0uJwkTMqqe3_yJXEK7eUnzEYD5S4nAZ0a34S0cDFWq5oI4pE
Requested by: Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:38 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 560D
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBly5eYpe-Kc44HCAcJz-bc&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBly5eYpe-Kc44HCAcJz-bc&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aWJweVZ0V3kxT0JPS1c1&google_gid=CAESEBly5eYpe-Kc44HCAcJz-bc&google_cver=1&google_push=AZmPxg8l3Wh7N8eaLIfMldGvSekisV_EufBifVcVDoqGKwH...

170 B
188 B

19ms
18ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aWJweVZ0V3kxT0JPS1c1&google_gid=CAESEBly5eYpe-Kc44HCAcJz-bc&google_cver=1&google_push=AZmPxg8l3Wh7N8eaLIfMldGvSekisV_EufBifVcVDoqGKwHHeL2DluSoURil-qz2GwM4Q0O0HkQLR_CIykpEt4tP5CzeSfExiFQ

Requested by

Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 19:54:38 GMT
Server: PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-09d402fd386b2a89c@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aWJweVZ0V3kxT0JPS1c1&google_gid=CAESEBly5eYpe-Kc44HCAcJz-bc&google_cver=1&google_push=AZmPxg8l3Wh7N8eaLIfMldGvSekisV_EufBifVcVDoqGKwHHeL2DluSoURil-qz2GwM4Q0O0HkQLR_CIykpEt4tP5CzeSfExiFQ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 560D
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEEya2CIsEZERxtsnBSzdRWY&google_cver=1&google_push=AZmPxg9WwNyURYpVRTSRJ3BXHYTq-acVwjWJyG7Dz7Ady-_1eXD-DSsHRpoBQvaIWlk4ozelj6oBdxCULIJZCHqO...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ZsbaicCZTlOlM7q9cq-Orw2&google_push=AZmPxg9WwNyURYpVRTSRJ3BXHYTq-acVwjWJyG7Dz7Ady-_1eXD-DSsHRpoBQvaIWlk4ozelj6oBdxCULIJZCHqOLZOMYEGkkiI

170 B
188 B

20ms
18ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ZsbaicCZTlOlM7q9cq-Orw2&google_push=AZmPxg9WwNyURYpVRTSRJ3BXHYTq-acVwjWJyG7Dz7Ady-_1eXD-DSsHRpoBQvaIWlk4ozelj6oBdxCULIJZCHqOLZOMYEGkkiI

Requested by

Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 23 Sep 2022 19:54:38 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ZsbaicCZTlOlM7q9cq-Orw2&google_push=AZmPxg9WwNyURYpVRTSRJ3BXHYTq-acVwjWJyG7Dz7Ady-_1eXD-DSsHRpoBQvaIWlk4ozelj6oBdxCULIJZCHqOLZOMYEGkkiI
x-host: tde-deliveryengine-production-646f888bdc-7wbsc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 560D
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAnkytGL3Y4wP071YINRjFY&google_cver=1&google_push=AZmPxg-JYxG2vur2CDhk8XXwyadgSvn9UoO2SzGo6JTXDK0ZQ0uM_mmWEfb_1PKPRg7Pbtu2Q2NhhcZdO8vS-cKzWJtC...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEAnkytGL3Y4wP071YINRjFY&google_cver=1&google_push=AZmPxg-JYxG2vur2CDhk8XXwyadgSvn9UoO2SzGo6JTXDK0ZQ0uM_mmWEfb_1PKPRg7Pbtu2Q2NhhcZdO8vS-c...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg-JYxG2vur2CDhk8XXwyadgSvn9UoO2SzGo6JTXDK0ZQ0uM_mmWEfb_1PKPRg7Pbtu2Q2NhhcZdO8vS-cKzWJtC_ZT_E-04&google_hm=hnEuJwKITU6pGK_4WmUYHQ==

170 B
188 B

21ms
21ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg-JYxG2vur2CDhk8XXwyadgSvn9UoO2SzGo6JTXDK0ZQ0uM_mmWEfb_1PKPRg7Pbtu2Q2NhhcZdO8vS-cKzWJtC_ZT_E-04&google_hm=hnEuJwKITU6pGK_4WmUYHQ==

Requested by

Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg-JYxG2vur2CDhk8XXwyadgSvn9UoO2SzGo6JTXDK0ZQ0uM_mmWEfb_1PKPRg7Pbtu2Q2NhhcZdO8vS-cKzWJtC_ZT_E-04&google_hm=hnEuJwKITU6pGK_4WmUYHQ==
Date: Fri, 23 Sep 2022 19:54:38 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 560D 43 B
350 B 82ms
16ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEEDyfjFMl3vLxzkLiWNAXUg&google_cver=1&google_push=AZmPxg-1sYNMbeIMr_VpzgKNG_RIHPJdx73PN8VPzcLwueCYBECWZKDsMo9yMmZu6i97CYgB2wuw-2stWMcW9VDdA0i8RWW1KqPk
Requested by: Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:38 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: omfn9svte9osuguovvpc4en3cgrlveh0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 560D
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFPDog00Yfhz6DuEBEqbZRg&google_cver=1&google_push=AZmPxg8B4_UDZ37ItinIAPj8_wFXneinT-KP4eqYU_uOVmQqrIrAAtG8nwstw4p__n821pxN2s0r3SIb_I70P83DE...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFPDog00Yfhz6DuEBEqbZRg&google_cver=1&google_push=AZmPxg8B4_UDZ37ItinIAPj8_wFXneinT-KP4eqYU_uOVmQqrIrAAtG8nwstw4p__n821pxN2s0r3SIb_I70P83DE...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg8B4_UDZ37ItinIAPj8_wFXneinT-KP4eqYU_uOVmQqrIrAAtG8nwstw4p__n821pxN2s0r3SIb_I70P83DEbqLuc0ehxaE&google_hm=FXaquGZHOmyDiJeRQ-Ss2GPO

170 B
188 B

19ms
19ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg8B4_UDZ37ItinIAPj8_wFXneinT-KP4eqYU_uOVmQqrIrAAtG8nwstw4p__n821pxN2s0r3SIb_I70P83DEbqLuc0ehxaE&google_hm=FXaquGZHOmyDiJeRQ-Ss2GPO

Requested by

Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 23 Sep 2022 19:54:38 GMT
pod: X-Sovrn-Pod: ad_ap6ams1
location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg8B4_UDZ37ItinIAPj8_wFXneinT-KP4eqYU_uOVmQqrIrAAtG8nwstw4p__n821pxN2s0r3SIb_I70P83DEbqLuc0ehxaE&google_hm=FXaquGZHOmyDiJeRQ-Ss2GPO
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-origin: *
access-control-allow-credentials: true
connection: close
access-control-allow-headers: X-Requested-With, Content-Type

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 560D
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEOGHbq70cvdwAcNhNbjQeoQ&google_cver=1&google_push=AZmPxg_YWyEBC01iq-_A4HSqXRxeqNw_7pr69eiA3wCvV9tVf9APoI1pgIgsDqVYaTNqsr_mjvGxV6X8r-fUrkiQpyPKU1...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEOGHbq70cvdwAcNhNbjQeoQ&google_cver=1&google_push=AZmPxg_YWyEBC01iq-_A4HSqXRxeqNw_7pr69eiA3wCvV9tVf9APoI1pgIgsDqVYaTNqsr_mjvGxV6X8r-fUrkiQ...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jY98K978TjSLDsakYYT7RA&google_push=AZmPxg_YWyEBC01iq-_A4HSqXRxeqNw_7pr69eiA3wCvV9tVf9APoI1pgIgsDqVYaTNqsr_mjvGxV6X8r-fUrki...

170 B
188 B

20ms
19ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jY98K978TjSLDsakYYT7RA&google_push=AZmPxg_YWyEBC01iq-_A4HSqXRxeqNw_7pr69eiA3wCvV9tVf9APoI1pgIgsDqVYaTNqsr_mjvGxV6X8r-fUrkiQpyPKU1uAcva7

Requested by

Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jY98K978TjSLDsakYYT7RA&google_push=AZmPxg_YWyEBC01iq-_A4HSqXRxeqNw_7pr69eiA3wCvV9tVf9APoI1pgIgsDqVYaTNqsr_mjvGxV6X8r-fUrkiQpyPKU1uAcva7
date: Fri, 23 Sep 2022 19:54:38 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 560D 0
12 B 18ms
17ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kg-O44I-FEk-Z46OoqRKUicUHNKrgheJaepk7xDxlTwyH_1zDUYVmTRPlEe1iE_cxy6qlm

Requested by

Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:38 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/14601583612666637731/ Frame AC99 6 KB
2 KB 66ms
21ms Document
text/html 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14601583612666637731/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1155dd833fc06b5987e36dc5d1531520ac62b736b5c629eca10677c80527d131

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 312193
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2345
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 05:11:25 GMT
expires: Wed, 20 Sep 2023 05:11:25 GMT
last-modified: Mon, 15 Aug 2022 13:13:21 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7364 0
622 B 163ms
64ms Ping
image/gif 172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstQsa68WltLh_uwysy2-Xwc2pn3wLRizl7eDs7bgc8pc64cuL5Vu3gP3lNaZE4bX163fkVBxklesL51slQ8-OiGlL2_vVAMfQrcGCUFdQ6V-4u0jFfOKbSIiqsUrUc10JI7vo4OLumyYOHBJSUN3K-JD93ehlii_LJyhLxNMxiC0Gg8puaiKwW181g6Tz_E9jbY-lT0U2BcuLC6Gy7gzr_p9S6kXb9owNgUHG0Bi41nuf06DywZ_FlYEVFPWy5bL85tlhz9RnSnuzGAIG26zVO0q7zjTlHK_g2pMa6iX7yws4OXUzVsQFRQcqaDlOSsQviFBxzbRwqW7HuqeCupgJXoIt8DT2vlZcEuWDU5JFe_H_uaNw8owBw6LZo5nt6s6lUT-hmWJyzS8wGkq7m0s-VgD_XoLGwIDCq7z0qMzTOaSVcKT9GoqZc90Xbua2DTdo_UPzz9JQXjpNfsg_wQGCI18GpSjE8hEsW8KDPyrbBEfuWGoGPx1gABssXU3L-E5ya3hHtzEvniUKdd6JG1IFByb0rH7s-7rD4cnD0UUzkESdSXstiYQmU9nGkwdaR8K17vJy2rYLDwpFkYOqRLtohybIGjjfGp88xxs6lYFl-isn_7auhtBGnNHTcC_fyvBQJB0xVdFNDzQpEh9I3HduD5zM_WHP08FCsQgYhTd2FLWcx3NJ0l1DhbgSauHxzk04FgNg3v1NPv8oqAISgmrhlFmhhvLA6zzMIJrfTg7SRHRfQ_2LkhrNGCxLjm2oBjfrEXJs6v2irW38oUf_-CRZm2q1HLKbMFqQPadP6vwD5pauBY5oymiOdu8uHiKKCO0tOIlOFXxfMcJIC2zu5xeKbvGtePRm2qTZIqCyIi39TxeYetgrhg1CAcwdN8vtDlHE_RHvnYSFLc20VJUKqSo0NNbqeHuBqNuwNfk0qgSvZVDYzQeXkhToTW0-veKxDCQbiaTuQiydtUhmVM7F_oWIVV8IW3DZMXOEnva7raaBrO-WI_LHdTcK8gAUh80kgqry6pyx3GpYyfhaj5Y7elhy1dRK_GyHbhbY0r1OlGwFRWbodJ8khlT2B3MyyfamsotfxLQV_0VvznAgnY-EJHK5CSYc0V_GVTbXs-TP9kVhnqrSLIoisxrTXrA3ImshZFzlKSH_lIqLdgU55T7tdbAH20qNlGF2Oz0IrPsb90ZA2y7KxsZg_LRXfqM4OJ4wN-QeOeihU&sai=AMfl-YTudIT_14Tx-C-NfZW-uitKKfebsQyx6oJQ4lC0jx6F4ceTvb_VxiK1RMq8O5HgdZs7Rr5eSmkdr6C0ItVVTDse9EOCLwe85iFeg27Wv7BkjBkdkLPV1Th6kL5HYN7jGquIeIA6V0RsPlOSiBJd6LNPqPNn9iO34UQH74e5wJ3SZYAb-SRMs64FuFCowV00R5tzhMOYXOF2WPjZ0GzN9Q&sig=Cg0ArKJSzMp1y5JoGt46EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=212&cbvp=1&cstd=209&cisv=r20220921.25201&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s27-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Fri, 23 Sep 2022 19:54:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A139 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 125990
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 08:54:48 GMT
expires: Fri, 22 Sep 2023 08:54:48 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10530354489605488036/ Frame DC80 124 KB
25 KB 84ms
56ms Document
text/html 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10530354489605488036/index.html?e=69&leftOffset=0&topOffset=0&c=XO72kz6ys6&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0e2972287f1528390eec2cdeda7586fd938137fbdc2b43a6252ca50164a5069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 19:54:38 GMT
expires: Sat, 23 Sep 2023 19:54:38 GMT
last-modified: Mon, 12 Sep 2022 11:20:52 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2E8B 0
64 B 144ms
66ms Ping
image/gif 172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsshDxdlzuFY986PakQKEFwTMUnlfx1H3ZK4Dh0F0I4xtLpuY149sgLXxR-tTNTa6Waqvll62_D4mnzeLz2Qd49dVRmatlAYeuie78qVkcWXZgd_7zFvsUA0P1wzzvkVuz7nvtDHjD9P5KL2GpvQlAiP3sMcH0dlY745wbSX_kddk3cerP_fN2XoZjryLcEaBiVLAfRo_7kOfj9lFyKOBXG9pQG1Kl1pE2b3L0WZQmfm-L5rGYiDZxbs64uIzWGpAGG3sjkhA1AJOP7MOIXZRsuaIKl7Ot1houEo298vHzd5eQ_xYZvFWbFFd_G0l2LnNrWM_niFX-qHW0cpWhp9L3rsrMRfXk7TBQprWB3xeSpgRyWS3uueN2D88rPFMZarPqJM45tvE4PLOTnq3F81ZAcoCk65r-YkJs0xShlzerA0KlLL-WV_2KxmDbpPwEcipwbuN0zEJsoFBDvNBizQ1z5t8e1VTtLxpEzKqjKiBeTtQBB25zNBlKaRIDVwA-cIwbFGEwRGsFy6QaLoRKAkP2u4hkPvRcDpyU8GWbylVqdr9tYTSRO59QnZ5EWLHf1bOPQhiqXQ4WYPu1FNmYFpCWHBBtxSLPS3Fkg8LEF1U7uqD5ihHaaO_TT0CBSi6ojOl3Dy6-6nUjRLYpoF0gNuZmIRByP_PFmBotmTdVkW3oRZynSeq1fiBKRxvk_bhTTCpLKRnW9vs1Xhel5j1VeLGi2QnFRpi5FCFOABt6DOt02KXn8aMxBWTcrvavTNpIUi6jQ9dqnhXK_InTsgM18uAaWd4MY8RRpcZcQ7InkTZMx_3JcIFx-HArH4bl702HWEscftGeJjZ7IqmQbipxRMrJWej-qvKfBZIFWwU-62AinL0So6fXK2TyJA5eSeC40X83_bM6bkJDZ6Me4Ri5tSiBZ0R51bQNJTJeqG-Igpof905urGE3H1Vf-lzzy9ywvhSfXZN37S0NY8ShsdIhn4V1izPSG3n8jfIr_tINwRREBHdt8NtR-QjzLmxqxQUDixvOLY5qUfSSG4nVhYhszGYZFxGOEwFbLnXdkdNjPdGekP8G8Mdv1ydJRAv_E7ex3K5Z5-O6UgLXDwsMqa6jYXANfKlEEax00hSIluAd9Z-4ML-P7kmCiIhXblPy2vcIab-8KksPzRiwxgALq08voVD8LrUrs0C7SOV_z7v1HmAOlN_wvXPZGICpnJp5nOGbEUcBxBWSGfOm8BCezvhg&sai=AMfl-YT15dyBZb9GayjMsOMExaUFage1whNKkhOJttHpNvsYmfOfmD42TH3jbCUoS1mAaga84xKy4vj_9iXZ54BvBipLv8PR-tu0CgsJEBTnZoHEF1bn6LCMqMQ4YnGkS8fLxEB38VlWkMvoR7NugN2CaPzHSFuBP_BQnRWiVYAV9XNPZ2ja_7EngtEEBVXkcz-U4ZbQGNVQjBcushuImbCuEQ&sig=Cg0ArKJSzKI80EjOURVQEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=204&cbvp=1&cstd=196&cisv=r20220921.86253&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s27-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Fri, 23 Sep 2022 19:54:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3B89
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEBfGYZkrtaYzny7DknlgJi8&google_cver=1&google_push=AZmPxg-ii7ujCe1YHe67XKsKs6uqQqD7MIywjRP5El0chWRpISCihXObBEHaDzTANS_aAwromZ4PrDHlw4no2P-0...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg-ii7ujCe1YHe67XKsKs6uqQqD7MIywjRP5El0chWRpISCihXObBEHaDzTANS_aAwromZ4PrDHlw4no2P-0CIMXw4cu7b-3

170 B
188 B

18ms
17ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg-ii7ujCe1YHe67XKsKs6uqQqD7MIywjRP5El0chWRpISCihXObBEHaDzTANS_aAwromZ4PrDHlw4no2P-0CIMXw4cu7b-3

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 23 Sep 2022 19:54:39 GMT
Server: MT3 4505 5b23575 master zrh-pixel-x14 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg-ii7ujCe1YHe67XKsKs6uqQqD7MIywjRP5El0chWRpISCihXObBEHaDzTANS_aAwromZ4PrDHlw4no2P-0CIMXw4cu7b-3
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 23 Sep 2022 19:54:38 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3B89
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEGXVWpC62Z1s_qSXum1BXtY&google_cver=1&google_push=AZmPxg81AQpOOI711T59Dg-OCiBPdex48EgxKYCSB3DO_QEPWQ2D_70kSDpISRxsh3StLS47TpyigRBKy8KYWl5osyNOEsLXetMD
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AA93468AF3A644C2A0928311E13A8182&google_push=AZmPxg81AQpOOI711T59Dg-OCiBPdex48EgxKYCSB3DO_QEPWQ2D_70kSDpISRxsh3StLS47TpyigRBKy8KYWl5...

170 B
188 B

19ms
18ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AA93468AF3A644C2A0928311E13A8182&google_push=AZmPxg81AQpOOI711T59Dg-OCiBPdex48EgxKYCSB3DO_QEPWQ2D_70kSDpISRxsh3StLS47TpyigRBKy8KYWl5osyNOEsLXetMD

Requested by

Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 23 Sep 2022 19:54:38 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AA93468AF3A644C2A0928311E13A8182&google_push=AZmPxg81AQpOOI711T59Dg-OCiBPdex48EgxKYCSB3DO_QEPWQ2D_70kSDpISRxsh3StLS47TpyigRBKy8KYWl5osyNOEsLXetMD
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Thu, 22 Sep 2022 19:54:38 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 3B89 70 B
264 B 36ms
33ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEMoOVucimPKcvlp3nZlnB3U&google_cver=1&google_push=AZmPxg-eqSMIELZ0hbAnCkC4VNwPrqxet-EBoJbKRTfBuOHJ1O6DOPc7feVNDVx346bTVJW3JypHdp2WxxIKBAnU6zv5ZmWIEkY
Requested by: Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:38 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 3B89 0
191 B 103ms
24ms Image
text/plain 66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESELr9C0ul3XcT_v45kKHZUS4&google_cver=1&google_push=AZmPxg-_9zVNaK9E-THI26xOYXQfSN3YVGOm5nA0XiS3XHg47t7nRIGIX3vHpTl9Ie0CPP5KRxIXllRDvlzr5FFaCttwh53EOzE
Requested by: Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:38 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3B89
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGCDbOqmObHCjIPHXN2VX4s&google_cver=1&google_push=AZmPxg92ftey2OKwILAICHPvSZ3wN1cokxP_-9FxOQJ_qx8BLgVzUD9LHtn2k6u02Rh8yVT9anexdPE9nGeBJN9QZR3wLbE...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg92ftey2OKwILAICHPvSZ3wN1cokxP_-9FxOQJ_qx8BLgVzUD9LHtn2k6u02Rh8yVT9anexdPE9nGeBJN9QZR3wLbEH5NPu&google_hm=NDA5OTY1OTM4ODg3MTk1Nz...

170 B
188 B

20ms
20ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg92ftey2OKwILAICHPvSZ3wN1cokxP_-9FxOQJ_qx8BLgVzUD9LHtn2k6u02Rh8yVT9anexdPE9nGeBJN9QZR3wLbEH5NPu&google_hm=NDA5OTY1OTM4ODg3MTk1NzI3MA%3D%3D

Requested by

Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 23 Sep 2022 19:54:38 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg92ftey2OKwILAICHPvSZ3wN1cokxP_-9FxOQJ_qx8BLgVzUD9LHtn2k6u02Rh8yVT9anexdPE9nGeBJN9QZR3wLbEH5NPu&google_hm=NDA5OTY1OTM4ODg3MTk1NzI3MA%3D%3D
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3B89
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEC9x-OL11V1SawsqYu2YPGs&google_cver=1&google_push=AZmPxg8ct6PETK4Mho4CRHOU4oPD4Cz8McwuIN6ks7wQnEnQmC1mLuUOEKvSzZJa89xyVteS90-...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhFV0pBOUktVC01T0tX&google_push=AZmPxg8ct6PETK4Mho4CRHOU4oPD4Cz8McwuIN6ks7wQnEnQmC1mLuUOEKvSzZJa89xyVteS90-6-AGve3_ELhIJm3LaTXU8q1a-

170 B
188 B

19ms
19ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhFV0pBOUktVC01T0tX&google_push=AZmPxg8ct6PETK4Mho4CRHOU4oPD4Cz8McwuIN6ks7wQnEnQmC1mLuUOEKvSzZJa89xyVteS90-6-AGve3_ELhIJm3LaTXU8q1a-

Requested by

Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhFV0pBOUktVC01T0tX&google_push=AZmPxg8ct6PETK4Mho4CRHOU4oPD4Cz8McwuIN6ks7wQnEnQmC1mLuUOEKvSzZJa89xyVteS90-6-AGve3_ELhIJm3LaTXU8q1a-
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3B89
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEE...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg-hgduZKFQt2_vexsQH5_9kgQqEfL8ZTN0ulxWbcOLd_LDpV5jiPp8NwHbqbi-k9yJg1sdS3jw_cZb2o-ZwdXujanu2sQak&redir=https%3A%2F%2Fcm.g.doubl...
https://sync.targeting.unrulymedia.com/csync/RX-2dbc110e-0f37-4061-bf68-0076fc8e3bb7-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg-hgduZKFQt2_vexsQH5...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg-hgduZKFQt2_vexsQH5_9kgQqEfL8ZTN0ulxWbcOLd_LDpV5jiPp8NwHbqbi-k9yJg1sdS3jw_cZb2o-ZwdXujanu2sQak&google_hm=Ay28EQ4PN0Bhv2gAdvyOO7c

170 B
188 B

20ms
19ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg-hgduZKFQt2_vexsQH5_9kgQqEfL8ZTN0ulxWbcOLd_LDpV5jiPp8NwHbqbi-k9yJg1sdS3jw_cZb2o-ZwdXujanu2sQak&google_hm=Ay28EQ4PN0Bhv2gAdvyOO7c

Requested by

Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg-hgduZKFQt2_vexsQH5_9kgQqEfL8ZTN0ulxWbcOLd_LDpV5jiPp8NwHbqbi-k9yJg1sdS3jw_cZb2o-ZwdXujanu2sQak&google_hm=Ay28EQ4PN0Bhv2gAdvyOO7c
date: Fri, 23 Sep 2022 19:54:38 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX2dbc110e0f374061bf680076fc8e3bb7003
content-type: text/html

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3B89 0
12 B 22ms
19ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LCqEh_bOGHBSj1yOV0IPlQ7Pe2NEfUMqFfeWPjLHfr_-HUgqJas_1vDs0WWNrnhq-4n_1g

Requested by

Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:38 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 7364
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1140163/65044663/4.js?ias_dspID=3&ias_campId=1009016887&ias_pubId=pub-1599777167715704&ias_chanId=1&ias_placementId=18196981561&bidurl=https://etcanada.com/&ia...
https://static.adsafeprotected.com/4.js

1 KB
1 KB

60ms
16ms

Script
application/javascript

2600:9000:225f:e800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js
Requested by: Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:225f:e800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: F9SFrZ64oEGbgZWabg99TABbvOn4m_yP
content-encoding: gzip
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
age: 20125
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Fri, 16 Sep 2022 14:19:08 GMT
server: AmazonS3
date: Fri, 23 Sep 2022 14:19:14 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 89cfaf7130b791496ae5b9cd16f7eb0a.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: TXL50-P2
x-amz-cf-id: I_2roEE43MdpjJ2fU0eIBd-XlJxL4xVv7eG-daPfzicKIEsbSZyoug==

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:38 GMT
x-server-name: app10.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame D85A 91 KB
23 KB 98ms
15ms Script
application/javascript 2600:9000:225f:e800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225f:e800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
content-encoding: gzip
age: 188302
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via: 1.1 89cfaf7130b791496ae5b9cd16f7eb0a.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: TXL50-P2
content-type: application/javascript
x-amz-cf-id: VyL5vFAR41muagbJjsDnwj9cE0YhyoAoLqey0oKYC0K2EbF7CJQ-jw==

GET
H3 200 Logo-Transparent-Small.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/ Frame 31FE 3 KB
3 KB 13ms
9ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/Logo-Transparent-Small.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e327c4cf3b80e5e5bdea164926c57b871c1b240212065782d28cb22dd60fa51b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 70820
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3327
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 09:38:55 GMT
server: sffe
date: Fri, 23 Sep 2022 00:14:18 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 23 Sep 2023 00:14:18 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 31FE 10 KB
11 KB 105ms
21ms Image
image/jpeg 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQVnSJMD5cnkJHzC9-kto5bW_iagE0oHrxmKCiICAkVcPaBnzo&usqp=CAI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

522ab2e374ffaa11a71bdaa3d97f1d6484213ef7716cc7d7d1464c799fa38bf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:21:13 GMT
x-content-type-options: nosniff
age: 102805
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10244
x-xss-protection: 0
last-modified: Tue, 03 May 2022 22:35:28 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 22 Sep 2023 15:21:13 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 31FE 9 KB
10 KB 79ms
26ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSSZor2T1yryzWJq8CXVOR9DRkAaa3mfq42FZMb0WZsNFPojzwf_43GQ-HlFA&usqp=CAI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f56bb7d57f95112338405d6b896e13b625841f4820c946feda73beee41abbbf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 08:40:02 GMT
x-content-type-options: nosniff
age: 299676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9726
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 22:26:40 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 20 Sep 2023 08:40:02 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 31FE 25 KB
26 KB 72ms
19ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRzFr5NGwohFlSi0C_Oi29jK-KH37vaLuT8HW98RLD2TIWLRzKkzKOT0NoYFw&usqp=CAI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5515deab2c5e17053c9c5601f72e51a6656ee75fbd93e7adbe4d4779350b42e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 05:21:58 GMT
x-content-type-options: nosniff
age: 397960
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26111
x-xss-protection: 0
last-modified: Tue, 03 May 2022 22:35:12 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 19 Sep 2023 05:21:58 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 31FE 17 KB
17 KB 106ms
25ms Image
image/jpeg 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTR7hctHJW_oOq_3GEqM-uC2Od0-ouJGatxs_4ZpoixZOZtwsk&usqp=CAI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bebac62c953edf0d0ce8dced28607c288ca4e8edc7e52b2703bb45f8014bca3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 22:40:13 GMT
x-content-type-options: nosniff
age: 594865
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17473
x-xss-protection: 0
last-modified: Thu, 19 May 2022 22:32:14 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 16 Sep 2023 22:40:13 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 31FE 10 KB
10 KB 107ms
24ms Image
image/jpeg 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQJ8qmQh3y8IpLlm2WGnh3kBs2zKuJOHdXISKTA1U5zFBsHPso&usqp=CAI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e06996d9eff7b6a6fe44e35248366b91be97cc7021a7e34bd00fa11c3e587704

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 18:07:17 GMT
x-content-type-options: nosniff
age: 265641
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10411
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 22:27:07 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 20 Sep 2023 18:07:17 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 31FE 10 KB
10 KB 101ms
21ms Image
image/jpeg 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSxcUD6VCahoG4vcK6F_rGL6H30zi9jfFEUvSXevhwnz2AZNYo&usqp=CAI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7748101fe9215a0b58c31df76753bc6c18228f6ffae946569d9a87e6c681a2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 19:26:50 GMT
x-content-type-options: nosniff
age: 174468
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9903
x-xss-protection: 0
last-modified: Tue, 03 May 2022 22:36:20 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 21 Sep 2023 19:26:50 GMT

GET
H3 200 D52GskfJOxf5PECSshYwDvZZSmyyoPi_bK3LssDxWko.js Show response
pagead2.googlesyndication.com/bg/ Frame 7D1A 36 KB
16 KB 23ms
20ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/D52GskfJOxf5PECSshYwDvZZSmyyoPi_bK3LssDxWko.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f9d86b247c93b17f93c4092b216300ef6594a6cb2a0f8bf6cadcbb2c0f15a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 00:46:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155317
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15913
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Sep 2023 00:46:01 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7364 43 B
215 B 538ms
161ms Image
image/gif 2600:1f13:800:7780:d3d:c825:22bf:b320
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1140163&asId=85883362-f2a6-4f6b-339c-3942f2f55d5c&tv=%7Bc:p4m2pT,pingTime:-3,time:72,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:24%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:72,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B64~0%5D,as:%5B64~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tihYFaR+11%7C12%7C13%7C14%7C15%7C161%7C162%7C163%7C164%7C17*.1140163-65044663%7C171%7C172%7C173%7C174%7C181%7C182%7C183%7C19,idMap:17*,rmeas:1,rend:0,renddet:DIV,siq:26%7D&br=c
Requested by: Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:d3d:c825:22bf:b320 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:39 GMT
x-server-name: dt17.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7364 43 B
216 B 533ms
160ms Image
image/gif 2600:1f13:800:7780:d3d:c825:22bf:b320
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1140163&asId=85883362-f2a6-4f6b-339c-3942f2f55d5c&tv=%7Bc:p4m2pV,pingTime:-6,time:74,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:74,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B66~0%5D,as:%5B66~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tihYFaR+11%7C12%7C13%7C14%7C15%7C161%7C162%7C163%7C164%7C17*.1140163-65044663%7C171%7C172%7C173%7C174%7C181%7C182%7C183%7C19,idMap:17*,rmeas:1,rend:0,renddet:DIV,siq:26%7D&tpiLookup=ao:etcanada.com*&br=c
Requested by: Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:d3d:c825:22bf:b320 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:39 GMT
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame AC99 236 KB
63 KB 108ms
26ms Script
text/javascript 2a02:26f0:11a::6867:4830
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14601583612666637731/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:11a::6867:4830 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:38 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Fri, 23 Sep 2022 20:09:38 GMT

GET
H3 200 index.js Show response
s0.2mdn.net/sadbundle/14601583612666637731/ Frame AC99 95 KB
20 KB 32ms
32ms Script
application/x-javascript 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14601583612666637731/index.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14601583612666637731/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc3f762083c7c659100377e2ace8b8346418f1be26b5cb5dd6c0dacfc5a43df8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14601583612666637731/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 03:22:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 405149
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20093
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 13:13:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Sep 2023 03:22:09 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7364 43 B
215 B 517ms
161ms Image
image/gif 2600:1f13:800:7780:d3d:c825:22bf:b320
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1140163&asId=85883362-f2a6-4f6b-339c-3942f2f55d5c&tv=%7Bc:p4m2qd,pingTime:-2,time:92,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:586,beZ:588,mfA:590,cmA:591,inA:592,inZ:596,prA:596,prZ:603,si:611,poA:612,poZ:637,cmZ:637,mfZ:637,loA:659,loZ:662,ltA:677,ltZ:677%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:24%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:92,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B84~0%5D,as:%5B84~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tihYFaR+11%7C12%7C13%7C14%7C15%7C161%7C162%7C163%7C164%7C17*.1140163-65044663%7C171%7C172%7C173%7C174%7C181%7C182%7C183%7C19,idMap:17*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:DIV,siq:26,sinceFw:65,readyFired:true%7D&br=c
Requested by: Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:d3d:c825:22bf:b320 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:39 GMT
x-server-name: dt15.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame DC80 118 KB
40 KB 33ms
33ms Script
text/javascript 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10530354489605488036/index.html?e=69&leftOffset=0&topOffset=0&c=XO72kz6ys6&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10530354489605488036/index.html?e=69&leftOffset=0&topOffset=0&c=XO72kz6ys6&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 10:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34139
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 24 Sep 2022 10:25:39 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 56ms
55ms Image
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092001&jk=3009862448700575&bg=!8vGl8bXNAAYIxsuQKMY7ACkAdvg8WoMX7KLOexCgmpO75fwMmgeExiBrpVWa0SOY9es08HBMTkMXGQIAAAC1UgAAAAFoAQcKAHEKEl1ciLt2zPPQ5bvOw2HJ8HqgZdkALy-o6tKPCu6ZArN7Eb1hU3z8Ld_yU5Qi4oRge-_Fd0e3LSWEeh99A5x_DiB26S2sjubPRKMzRMIyPNcCdBrehRS5zwOx7YOffwMjxLoQidsDY-2SIZZUJ3ahhpkClwDY7TvLoBvh5nzjEaovcOwsve8PGe4yNeufLCWSXSKaeYsq8phG3GTrqnEMqHC30UJQ-LXC23MWd-93sa4CTdRXUgD65PR1LntPKg1Yi-pZIzN_oj8FwqxCeuGDvt4gf2tf8KUAOIGibRW6_GuGM3CflkArWLXlaxkiVqwiZNQpSC9InF7LA_p7bD1YCuHPlmSXQ0PH1rtwCF1G7QdoU0RgHcWjXzcr5DZlcI4qzRdTevc9FW3rhWL4c_uP6tPIxF3shk2xtD37VRGlNizWQHm2_SCPTF4DIMygYCFlbNQ3qXQ2gYgFM8ETCATlw-2TAM6nJHo8p6w8zVhMU34RNdtUHtGE0JOPNQjC-TXB4okj50gWwwT-vPdu3AIm3Qqxa9eTkTqroukVp9KfJOw_Mis2rz-51FXrwIANlNo4-itDSxgKT7_1a_jIO7sDVltXzYaDT5LQkBfFyy2U3RDk7l7W3tNhqIy05ECyWM1-AJOIuhZowE4qmZRIPYT0m4MAzi3F7eYtjOlUE4_POt-anbOWxu0m5s_vhmRkGuQxJiFiSY8vyfiZDxHnuXbsGyCvZxUNlrwfKW3GBO3JQKUrD24OSs_eiDQV41hPzmajE_CZAtQnwmeGQ45OzRzLNXRZSiQ43qrD_4ByJh6c2RjhBXHumCcBk3aGSYRUppPdX5GgmBvF_oSRRIK5S_1RmowxIqBM0J3_IWhiW52I7PclnFvtVakJmTb1jFq7o5U8VBg9eQKuTuibZCAwyxOKU74Oxtqx8G9SQ8qrzK5v915XG6BmI-DdDLEHSUDMUrNxn4HRUw0g7PSLLhBEbfCTlpFqM2aOZgvCUXwGV2cnbrzC1M_K_MhRBGMxufF3WGuK-c8JWZIn0ZGgwg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://etcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 D52GskfJOxf5PECSshYwDvZZSmyyoPi_bK3LssDxWko.js Show response
pagead2.googlesyndication.com/bg/ Frame A139 36 KB
16 KB 21ms
21ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/D52GskfJOxf5PECSshYwDvZZSmyyoPi_bK3LssDxWko.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f9d86b247c93b17f93c4092b216300ef6594a6cb2a0f8bf6cadcbb2c0f15a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 00:46:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155317
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15913
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Sep 2023 00:46:01 GMT

GET
DATA 200
OK truncated
/ Frame 31FE 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 CASans-Light.woff2
s0.2mdn.net/sadbundle/10530354489605488036/ Frame DC80 22 KB
22 KB 22ms
22ms Font
font/woff2 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10530354489605488036/CASans-Light.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10530354489605488036/index.html?e=69&leftOffset=0&topOffset=0&c=XO72kz6ys6&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce34f381a7a9e9969904d70d8b6c241983fcbe5ee21fc66fbe57ae34dd44b46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10530354489605488036/index.html?e=69&leftOffset=0&topOffset=0&c=XO72kz6ys6&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:08:46 GMT
x-content-type-options: nosniff
age: 132352
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22612
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 11:20:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Sep 2023 07:08:46 GMT

GET
H3 200 shopping
encrypted-tbn1.gstatic.com/ Frame 31FE 10 KB
10 KB 74ms
27ms Image
image/jpeg 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSxcUD6VCahoG4vcK6F_rGL6H30zi9jfFEUvSXevhwnz2AZNYo&usqp=CAI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7748101fe9215a0b58c31df76753bc6c18228f6ffae946569d9a87e6c681a2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 19:26:50 GMT
x-content-type-options: nosniff
age: 174468
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9903
x-xss-protection: 0
last-modified: Tue, 03 May 2022 22:36:20 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 21 Sep 2023 19:26:50 GMT

GET
H3 200 shopping
encrypted-tbn3.gstatic.com/ Frame 31FE 10 KB
10 KB 78ms
31ms Image
image/jpeg 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQJ8qmQh3y8IpLlm2WGnh3kBs2zKuJOHdXISKTA1U5zFBsHPso&usqp=CAI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e06996d9eff7b6a6fe44e35248366b91be97cc7021a7e34bd00fa11c3e587704

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 18:07:17 GMT
x-content-type-options: nosniff
age: 265641
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10411
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 22:27:07 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 20 Sep 2023 18:07:17 GMT

GET
H3 200 shopping
encrypted-tbn1.gstatic.com/ Frame 31FE 17 KB
17 KB 74ms
29ms Image
image/jpeg 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTR7hctHJW_oOq_3GEqM-uC2Od0-ouJGatxs_4ZpoixZOZtwsk&usqp=CAI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bebac62c953edf0d0ce8dced28607c288ca4e8edc7e52b2703bb45f8014bca3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 22:40:13 GMT
x-content-type-options: nosniff
age: 594865
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17473
x-xss-protection: 0
last-modified: Thu, 19 May 2022 22:32:14 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 16 Sep 2023 22:40:13 GMT

GET
H3 200 shopping
encrypted-tbn2.gstatic.com/ Frame 31FE 25 KB
26 KB 35ms
10ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRzFr5NGwohFlSi0C_Oi29jK-KH37vaLuT8HW98RLD2TIWLRzKkzKOT0NoYFw&usqp=CAI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5515deab2c5e17053c9c5601f72e51a6656ee75fbd93e7adbe4d4779350b42e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 05:21:58 GMT
x-content-type-options: nosniff
age: 397960
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26111
x-xss-protection: 0
last-modified: Tue, 03 May 2022 22:35:12 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 19 Sep 2023 05:21:58 GMT

GET
H3 200 shopping
encrypted-tbn2.gstatic.com/ Frame 31FE 9 KB
10 KB 33ms
9ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSSZor2T1yryzWJq8CXVOR9DRkAaa3mfq42FZMb0WZsNFPojzwf_43GQ-HlFA&usqp=CAI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f56bb7d57f95112338405d6b896e13b625841f4820c946feda73beee41abbbf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 08:40:02 GMT
x-content-type-options: nosniff
age: 299676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9726
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 22:26:40 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 20 Sep 2023 08:40:02 GMT

GET
H3 200 shopping
encrypted-tbn3.gstatic.com/ Frame 31FE 10 KB
10 KB 71ms
26ms Image
image/jpeg 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQVnSJMD5cnkJHzC9-kto5bW_iagE0oHrxmKCiICAkVcPaBnzo&usqp=CAI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

522ab2e374ffaa11a71bdaa3d97f1d6484213ef7716cc7d7d1464c799fa38bf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:21:13 GMT
x-content-type-options: nosniff
age: 102805
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10244
x-xss-protection: 0
last-modified: Tue, 03 May 2022 22:35:28 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 22 Sep 2023 15:21:13 GMT

GET
H3 200 Logo-Transparent-Small.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/ Frame 31FE 3 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/Logo-Transparent-Small.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e327c4cf3b80e5e5bdea164926c57b871c1b240212065782d28cb22dd60fa51b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 70820
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3327
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 09:38:55 GMT
server: sffe
date: Fri, 23 Sep 2022 00:14:18 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 23 Sep 2023 00:14:18 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2E8B 0
26 B 109ms
61ms Ping
image/gif 172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsshDxdlzuFY986PakQKEFwTMUnlfx1H3ZK4Dh0F0I4xtLpuY149sgLXxR-tTNTa6Waqvll62_D4mnzeLz2Qd49dVRmatlAYeuie78qVkcWXZgd_7zFvsUA0P1wzzvkVuz7nvtDHjD9P5KL2GpvQlAiP3sMcH0dlY745wbSX_kddk3cerP_fN2XoZjryLcEaBiVLAfRo_7kOfj9lFyKOBXG9pQG1Kl1pE2b3L0WZQmfm-L5rGYiDZxbs64uIzWGpAGG3sjkhA1AJOP7MOIXZRsuaIKl7Ot1houEo298vHzd5eQ_xYZvFWbFFd_G0l2LnNrWM_niFX-qHW0cpWhp9L3rsrMRfXk7TBQprWB3xeSpgRyWS3uueN2D88rPFMZarPqJM45tvE4PLOTnq3F81ZAcoCk65r-YkJs0xShlzerA0KlLL-WV_2KxmDbpPwEcipwbuN0zEJsoFBDvNBizQ1z5t8e1VTtLxpEzKqjKiBeTtQBB25zNBlKaRIDVwA-cIwbFGEwRGsFy6QaLoRKAkP2u4hkPvRcDpyU8GWbylVqdr9tYTSRO59QnZ5EWLHf1bOPQhiqXQ4WYPu1FNmYFpCWHBBtxSLPS3Fkg8LEF1U7uqD5ihHaaO_TT0CBSi6ojOl3Dy6-6nUjRLYpoF0gNuZmIRByP_PFmBotmTdVkW3oRZynSeq1fiBKRxvk_bhTTCpLKRnW9vs1Xhel5j1VeLGi2QnFRpi5FCFOABt6DOt02KXn8aMxBWTcrvavTNpIUi6jQ9dqnhXK_InTsgM18uAaWd4MY8RRpcZcQ7InkTZMx_3JcIFx-HArH4bl702HWEscftGeJjZ7IqmQbipxRMrJWej-qvKfBZIFWwU-62AinL0So6fXK2TyJA5eSeC40X83_bM6bkJDZ6Me4Ri5tSiBZ0R51bQNJTJeqG-Igpof905urGE3H1Vf-lzzy9ywvhSfXZN37S0NY8ShsdIhn4V1izPSG3n8jfIr_tINwRREBHdt8NtR-QjzLmxqxQUDixvOLY5qUfSSG4nVhYhszGYZFxGOEwFbLnXdkdNjPdGekP8G8Mdv1ydJRAv_E7ex3K5Z5-O6UgLXDwsMqa6jYXANfKlEEax00hSIluAd9Z-4ML-P7kmCiIhXblPy2vcIab-8KksPzRiwxgALq08voVD8LrUrs0C7SOV_z7v1HmAOlN_wvXPZGICpnJp5nOGbEUcBxBWSGfOm8BCezvhg&sai=AMfl-YT15dyBZb9GayjMsOMExaUFage1whNKkhOJttHpNvsYmfOfmD42TH3jbCUoS1mAaga84xKy4vj_9iXZ54BvBipLv8PR-tu0CgsJEBTnZoHEF1bn6LCMqMQ4YnGkS8fLxEB38VlWkMvoR7NugN2CaPzHSFuBP_BQnRWiVYAV9XNPZ2ja_7EngtEEBVXkcz-U4ZbQGNVQjBcushuImbCuEQ&sig=Cg0ArKJSzKI80EjOURVQEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=495&vt=11&dtpt=291&dett=3&cstd=196&cisv=r20220921.86253&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s27-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Sep 2022 19:54:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame DC80 7 KB
6 KB 119ms
51ms XHR
application/json 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

748fc2b89b693f61258fc83aea7af797a087d2192b5187c93d3987a417c13170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Sep 2022 19:54:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5743
x-xss-protection: 0

GET
H3 200 prod_studio_01_247_configurablemodule.js Show response
s0.2mdn.net/879366/ Frame DC80 31 KB
10 KB 49ms
39ms Script
text/javascript 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/prod_studio_01_247_configurablemodule.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8460aaf36b73e229c6b0fcaf7bac791e23c3145e87de6a04d0d91541e39289b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10530354489605488036/index.html?e=69&leftOffset=0&topOffset=0&c=XO72kz6ys6&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:09:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2694
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10616
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 24 Sep 2022 19:09:44 GMT

GET
H3 200 airwrap.jpg
s0.2mdn.net/sadbundle/14601583612666637731/images/ Frame AC99 15 KB
15 KB 32ms
31ms Image
image/jpeg 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14601583612666637731/images/airwrap.jpg

Requested by

Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f974af7226f7c3c119e3a530004fd5bd38dac2b9ac1ae5551f0aaff9ed1e43be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14601583612666637731/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 03:22:09 GMT
x-content-type-options: nosniff
age: 405149
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14873
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 13:13:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Sep 2023 03:22:09 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7364 0
26 B 61ms
60ms Ping
image/gif 172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstQsa68WltLh_uwysy2-Xwc2pn3wLRizl7eDs7bgc8pc64cuL5Vu3gP3lNaZE4bX163fkVBxklesL51slQ8-OiGlL2_vVAMfQrcGCUFdQ6V-4u0jFfOKbSIiqsUrUc10JI7vo4OLumyYOHBJSUN3K-JD93ehlii_LJyhLxNMxiC0Gg8puaiKwW181g6Tz_E9jbY-lT0U2BcuLC6Gy7gzr_p9S6kXb9owNgUHG0Bi41nuf06DywZ_FlYEVFPWy5bL85tlhz9RnSnuzGAIG26zVO0q7zjTlHK_g2pMa6iX7yws4OXUzVsQFRQcqaDlOSsQviFBxzbRwqW7HuqeCupgJXoIt8DT2vlZcEuWDU5JFe_H_uaNw8owBw6LZo5nt6s6lUT-hmWJyzS8wGkq7m0s-VgD_XoLGwIDCq7z0qMzTOaSVcKT9GoqZc90Xbua2DTdo_UPzz9JQXjpNfsg_wQGCI18GpSjE8hEsW8KDPyrbBEfuWGoGPx1gABssXU3L-E5ya3hHtzEvniUKdd6JG1IFByb0rH7s-7rD4cnD0UUzkESdSXstiYQmU9nGkwdaR8K17vJy2rYLDwpFkYOqRLtohybIGjjfGp88xxs6lYFl-isn_7auhtBGnNHTcC_fyvBQJB0xVdFNDzQpEh9I3HduD5zM_WHP08FCsQgYhTd2FLWcx3NJ0l1DhbgSauHxzk04FgNg3v1NPv8oqAISgmrhlFmhhvLA6zzMIJrfTg7SRHRfQ_2LkhrNGCxLjm2oBjfrEXJs6v2irW38oUf_-CRZm2q1HLKbMFqQPadP6vwD5pauBY5oymiOdu8uHiKKCO0tOIlOFXxfMcJIC2zu5xeKbvGtePRm2qTZIqCyIi39TxeYetgrhg1CAcwdN8vtDlHE_RHvnYSFLc20VJUKqSo0NNbqeHuBqNuwNfk0qgSvZVDYzQeXkhToTW0-veKxDCQbiaTuQiydtUhmVM7F_oWIVV8IW3DZMXOEnva7raaBrO-WI_LHdTcK8gAUh80kgqry6pyx3GpYyfhaj5Y7elhy1dRK_GyHbhbY0r1OlGwFRWbodJ8khlT2B3MyyfamsotfxLQV_0VvznAgnY-EJHK5CSYc0V_GVTbXs-TP9kVhnqrSLIoisxrTXrA3ImshZFzlKSH_lIqLdgU55T7tdbAH20qNlGF2Oz0IrPsb90ZA2y7KxsZg_LRXfqM4OJ4wN-QeOeihU&sai=AMfl-YTudIT_14Tx-C-NfZW-uitKKfebsQyx6oJQ4lC0jx6F4ceTvb_VxiK1RMq8O5HgdZs7Rr5eSmkdr6C0ItVVTDse9EOCLwe85iFeg27Wv7BkjBkdkLPV1Th6kL5HYN7jGquIeIA6V0RsPlOSiBJd6LNPqPNn9iO34UQH74e5wJ3SZYAb-SRMs64FuFCowV00R5tzhMOYXOF2WPjZ0GzN9Q&sig=Cg0ArKJSzMp1y5JoGt46EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=574&vt=11&dtpt=362&dett=3&cstd=209&cisv=r20220921.25201&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: etcanada.com
URL: https://etcanada.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s27-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Sep 2022 19:54:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 attachments.png
s0.2mdn.net/sadbundle/14601583612666637731/images/ Frame AC99 8 KB
8 KB 22ms
22ms Image
image/png 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14601583612666637731/images/attachments.png

Requested by

Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba583d00ee53db21480e9d6a9f67cdf4fb2a1da49c4464d23fd16ba4595bed61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14601583612666637731/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 03:22:09 GMT
x-content-type-options: nosniff
age: 405149
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8138
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 13:13:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Sep 2023 03:22:09 GMT

GET
H3 200 10517908925579912874
s0.2mdn.net/simgad/ Frame DC80 16 KB
16 KB 22ms
21ms Image
image/png 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/10517908925579912874

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38c2d612a7fc68a57284d966c42435bc8b3c562a7732f1eeec132f5f45c0ab17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10530354489605488036/index.html?e=69&leftOffset=0&topOffset=0&c=XO72kz6ys6&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:08:47 GMT
x-content-type-options: nosniff
age: 132351
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16398
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 15:22:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Sep 2023 07:08:47 GMT

GET
H3 200 1826051688123909991
s0.2mdn.net/simgad/ Frame DC80 66 KB
66 KB 24ms
23ms Image
image/jpeg 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/1826051688123909991

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

340ffce6656e0797fce89566794df7db5a7261731e6e3a4f3c65a932c66c1085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10530354489605488036/index.html?e=69&leftOffset=0&topOffset=0&c=XO72kz6ys6&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:08:47 GMT
x-content-type-options: nosniff
age: 132351
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67448
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 15:22:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Sep 2023 07:08:47 GMT

GET
H3 200 10256627191528399367
s0.2mdn.net/simgad/ Frame DC80 34 KB
34 KB 34ms
34ms Image
image/jpeg 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/10256627191528399367

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

319ae06a0b297e825e80bf50045993bd2764a6ebac20eba0cdee68ae77580e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10530354489605488036/index.html?e=69&leftOffset=0&topOffset=0&c=XO72kz6ys6&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:08:47 GMT
x-content-type-options: nosniff
age: 132351
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34542
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 15:22:25 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Sep 2023 07:08:47 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame DC80 17 KB
6 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:54:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 23 Sep 2022 19:54:38 GMT

GET
H3 200 attachments2.png
s0.2mdn.net/sadbundle/14601583612666637731/images/ Frame AC99 7 KB
7 KB 32ms
31ms Image
image/png 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14601583612666637731/images/attachments2.png

Requested by

Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a05147e4f7621cac26e5103471663549579a0525f3d5326228847b6030f7ecd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14601583612666637731/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 03:22:09 GMT
x-content-type-options: nosniff
age: 405149
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7071
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 13:13:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Sep 2023 03:22:09 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7D1A 0
20 B 59ms
57ms Image
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BHlGH_g4uY-LqC_CV9u8PzZKwiAkAAAAAOAHgBAI&bg=!-vml-b3NAAYIxsuQKMY7ACkAdvg8WrfKVrBecGMJsz5XBMS6B0IdXykWBUd6PqiRHd45N6Cv8CEyrAIAAAEmUgAAAAJoAQeZAui1lfQWPKAyNSs7w6sVJMM9HwNChy7XcpV7NcxWXSe68cmCWPvF2lHKBi1ucQVATWZhdcFczPKZvvuz52jT-2EV8GnCLjDbTgdCHjVcLgMiXXupyJfdFhgH_0D9iia11W2KgV960r4LEK3LrB6L3s80LjwpkLyUMyhm_XEm6IIyDmuPuynDRV_LWYzKwtqcSexQHvm1Vi6nlfdOhIzXVvxYb0MdOOJnmYSaGcA7C3G2bsif02O8a7vwKnZwaLHJGDfer-syI9oOuPafXTRJc63nF7mZrm-uUORtPuwAuacKJBVFMicX7zFVhFltn3znRDl-EwVshNdVcSVArYqoSrZgCtJc5qrxgG1At6SwMrva6VDxwoFr2AiegGbIKQmUqWjA5f8WrPcmkZxQ3naZKY6n2dpbSI4-R4XV5Rs2wtb2NHTdd_n8XwIdW0TJpbxrq729t8zmZ318h9TuEyq7vHCKqHSAAv_Z2h-ijIHbdMINTqzuvs0CoEMpnFDM2eNZKXli2Qi4iY-vcVVK6nSbb6WVetSI5TvfVR2ZeEDRag7NNrIlfX4jQnXxc8pmcnNIe5ko0ylAGctTDJksBPfUXiNR_EX4JD4JKHXjVccboEaYFNrdmS_bFvnlU-Dj_1xzV_KD2dQwi2xtU5LquehiNpzQPCRuOHWHr-WIbLHAeWWOcojh_sqfqMM4F1t4Jil7g2apPH6CfGVkzy50sJ6DnsuH2Mp9moClctpJKgGhO8N8On6OHWzR36l68Aj2ViAu3cbJVmG7qLTljokKj6hQF9-L6KAnn5JyxG3HrFWdc45JemIztOg_WDIMfNi4Ob-OshYw7fzxXGGq2dXtU6puv0bx6gpCcYPRs1EJD97HzYO-vcCH3YXgsLlDL_YHwfb-bdslesDvNWpP76Hhdn6k-kZW6IRcyecc6wgwCY-l-UX6fulIaHziNdyTQZJocAZMHlQTorbBAJnyTHJtgvoTwpm8TYjx-mm0yZw

Requested by

Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A139 0
20 B 59ms
59ms Image
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bcw5f_g4uY9zFDPvA9u8P1JOmcAAAAAA4AeAEAg&bg=!qKulq-_NAAYIxsuQKMY7ACkAdvg8WkObeejdc1cvpvd6nUwiFxFnQKp7T0MHDZdfePX8SGGBhQVlrgIAAAEQUgAAAANoAQcKAE6uy-ygeiJggc3pIyG01sOWUPqvWx_AZgVu2-rWUKE7IR62N2m1WPKF1SHt5AyrELTr2wMrEaHfBXoITrwqTMEMBhWfOIufpXNnRnGgVJCZAuidZiOzZYUI3ucxh7SXvag8HKy9AludjwN2SzNgEm4GA4VJpQ7yrlNqwoWOA0ahvkK2OfgWUPwUkH5oJsrW8Idnk-kMPR3DXVRMPudwSYaZhsKIsLZg2yIXFejREqWyS-1qi78A42IlaZuU0w6dFbbiyLuNQ_xh7piETvFvv2kgSx7JBy8VEtJld_DPHi6NQcfbmJRQw_46o522uLPyQ2CHO6y6VF-qxetZVxWHo2aTmlXeUx0GsPvVe-OrTr2HitSQN4yWNnKLDP8t07MwVYBIGRMOn_qPXqKRbHRuJnu35OpurGwo9iPaHq0PWFxNOme-i3uJfC2lVj80Und3ML1GpjWz_vPw0tLm5zcT3Ofpm7RJFHLTyztbc1dixNDfE44pf4tDklf2IyAoxv7-eAcA2djFTclvhFw_U1vXVf3IM5h0l7i4HGCVXJG76UH-5jyoOj6zGFqF0kZhmw_-L8o89WW8bSE5cXUCM_x5e65BH8l9DDiSF-a1Q6oRoxyJknBrWOHZgT853l5PsoPKbQKQowxTeLqDAGfPx256xBqG01zx6leOKQ1xoWNId56cNDghurPzmlSp5N3LRghwdRm3FavOBa26rUtuvfCgGKYq6iWr6nub7xIX4v45LadMRHcHpRTLxahzfN0BGgmKlfUVLzV5dXl61V1Aopj9Olar04gQGryZlKWPjSfFN5c7HUc8v_IQRiVRwacP0-f44dEh2uqXmbhvWoXAGnin6pUbnAURb_WYrj5Fk1i9gPzCnZtRS9xhvWvGMdcSIywO2V5dDo77_w1JtQ2knsAEx--EqT4g2CA_wtBShkmL9UjMpQEQ6sO-yFyjJ0Eenjb6fkeG7hYWDGe_8fQkX7D1gzucegRRuRskHxPKKcALroCSf6-eFLQOVWDIwI0zZ5ZpcCyTyaBwsnMVI2f74hk6oekHCFsBtCUTJzaoIMOWvXus_KjZqjNopRMQLOPLezIoBUkpsRCMSiOxO_k

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 D52GskfJOxf5PECSshYwDvZZSmyyoPi_bK3LssDxWko.js Show response
pagead2.googlesyndication.com/bg/ Frame 9C12 36 KB
16 KB 22ms
22ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/D52GskfJOxf5PECSshYwDvZZSmyyoPi_bK3LssDxWko.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f9d86b247c93b17f93c4092b216300ef6594a6cb2a0f8bf6cadcbb2c0f15a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 00:46:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155318
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15913
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Sep 2023 00:46:01 GMT

GET
H3 200 model111.jpg
s0.2mdn.net/sadbundle/14601583612666637731/images/ Frame AC99 18 KB
18 KB 21ms
21ms Image
image/jpeg 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14601583612666637731/images/model111.jpg

Requested by

Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74f82e4b815f619487c2d65b21438d9418d8266762715076ab47e0571115e06e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14601583612666637731/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 03:22:09 GMT
x-content-type-options: nosniff
age: 405150
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17976
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 13:13:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Sep 2023 03:22:09 GMT

GET
H3 200 model1after.jpg
s0.2mdn.net/sadbundle/14601583612666637731/images/ Frame AC99 20 KB
20 KB 21ms
20ms Image
image/jpeg 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14601583612666637731/images/model1after.jpg

Requested by

Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b363e045d0b6c70c29b515be78ac70a97d524ea6e191384381de8be8f25a182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14601583612666637731/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 03:22:10 GMT
x-content-type-options: nosniff
age: 405149
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20885
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 13:13:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Sep 2023 03:22:10 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7364 43 B
215 B 162ms
161ms Image
image/gif 2600:1f13:800:7780:d3d:c825:22bf:b320
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1140163&asId=85883362-f2a6-4f6b-339c-3942f2f55d5c&tv=%7Bc:p4m2x8,pingTime:-10,time:521,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA1LjAuNTE5NS4xMjUgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1663962879101%7C%7Cab26ef887b38b881e37cb8e86b5b710c%7C%7Ca6d005963b3621e7f0de2da18354c282%7C%7C08d2c980c758c4cee57ceb9e0002082b%7C%7C79646de9321b559a8184a88d781458c7%7C%7C88ad4be64cb9a932d4df7158ea608c77%7C%7C85556b09e88011fb2013080acfeaff12%7C%7Cd5af4b8b402301d3973e9108e92a6491%7C%7C1663701684%7D
Requested by: Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:d3d:c825:22bf:b320 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:39 GMT
x-server-name: dt22.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 model211.jpg
s0.2mdn.net/sadbundle/14601583612666637731/images/ Frame AC99 25 KB
25 KB 21ms
21ms Image
image/jpeg 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14601583612666637731/images/model211.jpg

Requested by

Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cec13747f199fa21272f935cd33b9138587f04e9b4f8be92a4f8fb862b087d8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14601583612666637731/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 03:22:10 GMT
x-content-type-options: nosniff
age: 405149
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25987
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 13:13:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Sep 2023 03:22:10 GMT

GET
H3 200 model2after0321.jpg
s0.2mdn.net/sadbundle/14601583612666637731/images/ Frame AC99 24 KB
24 KB 21ms
21ms Image
image/jpeg 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14601583612666637731/images/model2after0321.jpg

Requested by

Host: 971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87fd8cd47c44ef6f7af728fd4b9350a70fb02f6c4e545faa0321e83269f4ce93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14601583612666637731/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 03:22:10 GMT
x-content-type-options: nosniff
age: 405149
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24315
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 13:13:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Sep 2023 03:22:10 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2E8B 42 B
64 B 59ms
59ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvbIytq5O1qotaTs_R7VdAoc8MJrylGFJZ6GWYnRu6KY2X-cJdgZ8h8slk4XLeOtuavMB1SYabBK37TCiMNgJf4HfNfGjcai1DV6yvsz2D7tOOv5vAwvPBSVYJu4r1k23Jy5Sf3XFw&sai=AMfl-YSj175SCKPKMArT8CZeNfifxrXYuj8oySeIBPdW0K1IGezlrhvYwVEwbcmf1iM0UOhDgDmdDuSFKDMWa1WsD25A1zZYGDudF4sEqeCTGMk-PFw1T_MbJnE_o4A&sig=Cg0ArKJSzGjkRobFTaUuEAE&cid=CAASJORo_IdN49SIRM5vxJPwqfEPVtpw8QOzjDXQCXqvcDL7D_Lt2Q&id=lidar2&mcvt=1000&p=15,436,105,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220921&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2622883265&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663962877989&rpt=463&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7364 42 B
64 B 65ms
65ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv-eLaHLjTLfKPZCoiT9vFxxbKjAga_Gz0ddGZA45zIkY_ehGZoPbhSjjT4Q6yMd6D28MCP7UcWUFBihVMlmUyHRArX9J9yPgU4F5qcoH1_1-jbbErHi4Vl2l90U92szwKJtO9nAw&sai=AMfl-YQe26g-VeYpIB7W5-gkhwQwgOmKLjm6e951enzNTPUMxk9Bw5FLx3XOy69AVIanq9w1HXYzZLLAhJDP_-4GIAVupDjbZSIyDSRtdEaMSg2YXrIPeqnWgYUeMMk&sig=Cg0ArKJSzIodSiW5jAbmEAE&cid=CAASJORoS0LLsCzTtMr7H0aY-HmREqmfdilrMfVr0qph42JNBWFSEw&id=lidar2&mcvt=1000&p=300,1349,340,1390&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220921&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1859399495&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663962877995&rpt=401&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7364 43 B
215 B 161ms
161ms Image
image/gif 2600:1f13:800:7780:d3d:c825:22bf:b320
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1140163&asId=85883362-f2a6-4f6b-339c-3942f2f55d5c&tv=%7Bc:p4m2FL,time:1056,type:e,im:%7Bpci:%7Btdr:1006%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1057,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1049~0%5D,as:%5B1049~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:241,fm:tihYFaR+11%7C12%7C13%7C14%7C15%7C161%7C162%7C163%7C164%7C17*.1140163-65044663%7C171%7C172%7C173%7C174%7C181%7C182%7C183%7C19,idMap:17*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:26,sis:218%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:d3d:c825:22bf:b320 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:39 GMT
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7364 43 B
215 B 160ms
159ms Image
image/gif 2600:1f13:800:7780:d3d:c825:22bf:b320
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1140163&asId=85883362-f2a6-4f6b-339c-3942f2f55d5c&tv=%7Bc:p4m2WD,pingTime:1,time:2102,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:24%7D,%7Bpiv:100,vs:i,r:,t:1100%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1100,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1092~0,1~100%5D,as:%5B1093~300.600%5D%7D%7D,%7Bsl:i,t:1100,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:163,fm:tihYFaR+11%7C12%7C13%7C14%7C15%7C161%7C162%7C163%7C164%7C17*.1140163-65044663%7C171%7C172%7C173%7C174%7C181%7C182%7C183%7C19,idMap:17*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:26,sis:218%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:d3d:c825:22bf:b320 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:40 GMT
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7364 43 B
215 B 161ms
161ms Image
image/gif 2600:1f13:800:7780:d3d:c825:22bf:b320
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1140163&asId=85883362-f2a6-4f6b-339c-3942f2f55d5c&tv=%7Bc:p4m2WD,pingTime:1,time:2102,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:24%7D,%7Bpiv:100,vs:i,r:,t:1100%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1100,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1092~0,1~100%5D,as:%5B1093~300.600%5D%7D%7D,%7Bsl:i,t:1100,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:163,fm:tihYFaR+11%7C12%7C13%7C14%7C15%7C161%7C162%7C163%7C164%7C17*.1140163-65044663%7C171%7C172%7C173%7C174%7C181%7C182%7C183%7C19,idMap:17*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:26,sis:218%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:d3d:c825:22bf:b320 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:54:40 GMT
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 201 B
158 B 19ms
19ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=2e14a473-6c86-4a13-b06d-59143665c372
Requested by: Host: f7e98148-cb09-4cf1-9b9f-b5aee3465d6e.edge.permutive.app
URL: https://f7e98148-cb09-4cf1-9b9f-b5aee3465d6e.edge.permutive.app/f7e98148-cb09-4cf1-9b9f-b5aee3465d6e-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: ee3b9afa9e67b0c6afabab0479242b5b098a9b2ec3f35d73b8a08d768b135d34

Request headers

Referer: https://etcanada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 23 Sep 2022 19:54:40 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://etcanada.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140
via: 1.1 google

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dmx.districtm.io
URL: https://dmx.districtm.io/b/v1

Verdicts & Comments Add Verdict or Comment

116 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

46 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.etcanada.com/	1970-01-20 15:48:42	Name: _ga Value: GA1.2.1313731380.1663962877
.etcanada.com/	1970-01-20 06:14:09	Name: _gid Value: GA1.2.6008110.1663962877
.etcanada.com/	1970-01-20 06:12:42	Name: _gat Value: 1
.etcanada.com/	1970-01-20 10:33:21	Name: permutive-id Value: 5fd7e5b3-1a00-42c1-82bc-5415a8d7c390
.f7e98148-cb09-4cf1-9b9f-b5aee3465d6e.prmutv.co/	1970-01-20 08:23:45	Name: pxid Value: e35c5b60-586b-475c-9947-a9e2c8e18ebf
.etcanada.com/	1970-01-20 15:41:30	Name: _cb Value: BS3WjuCjzaolCEtoaW
.etcanada.com/	1970-01-20 15:41:30	Name: _chartbeat2 Value: .1663962876678.1663962876678.1.mrkxXB79Gt6lhduBcPl5cB4ePfe.1
.etcanada.com/	1970-01-20 06:12:44	Name: _cb_svref Value: null
.demdex.net/	1970-01-20 10:31:54	Name: demdex Value: 17711204706920210360873050624611148191
.liadm.com/	1970-01-20 15:48:42	Name: lidid Value: 064ce58e-cd8b-4ef4-914e-65071b81d800
.etcanada.com/	1969-12-31 23:59:59	Name: AMCVS_E4B957EB548F15C10A4C98A5%40AdobeOrg Value: 1
.etcanada.com/	1969-12-31 23:59:59	Name: AMCVS_5F34123F5245B4A70A490D45%40AdobeOrg Value: 1
.etcanada.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.demdex.net/	1970-01-20 10:31:54	Name: dextp Value: 3-1-1663962876971\|771-1-1663962877077
.everesttech.net/	1970-01-20 14:58:18	Name: everest_g_v2 Value: g_surferid~Yy4O-QAAAD3flAOV
.exelator.com/	1970-01-20 09:05:30	Name: EE Value: "d66d3f786e5bd024cd81855f37574c79"
.dpm.demdex.net/	1970-01-20 10:31:54	Name: dpm Value: 17711204706920210360873050624611148191
.etcanada.com/	1970-01-20 15:48:42	Name: AMCV_5F34123F5245B4A70A490D45%40AdobeOrg Value: -432600572%7CMCMID%7C17837091542752231600885230295770186955%7CMCAAMLH-1664567676%7C6%7CMCAAMB-1664567676%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1663970076s%7CNONE%7CMCSYNCSOP%7C411-19266%7CvVersion%7C4.5.2
.etcanada.com/	1970-01-20 15:48:42	Name: AMCV_E4B957EB548F15C10A4C98A5%40AdobeOrg Value: -432600572%7CMCIDTS%7C19259%7CMCMID%7C42145966096500786482906670238438615785%7CMCAAMLH-1664567676%7C6%7CMCAAMB-1664567676%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1663970076s%7CNONE%7CMCSYNCSOP%7C411-19266%7CvVersion%7C4.5.2
.exelator.com/	1970-01-20 09:05:30	Name: ud Value: "eJxrXxzq6XKLQSHFzCzFOM3cwizVNCnFwMgkOcXC0MLUNM3Y3NTcJNnccnFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAdEl%252BUWb6IhfXxUUpaQyLSopPBR%252Fc%252BhUAkPEquw%253D%253D"
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 62e962140ab2ff08
.doubleclick.net/	1970-01-20 15:34:18	Name: IDE Value: AHWqTUlhueCQfXET7kYgCol-C_9bJb0DcoIvowcJ6U8-DPoJ4r-FUr8Q0jiYHlwbg6c
.etcanada.com/	1970-01-20 15:34:18	Name: __gads Value: ID=7a966b5b0191b4f5:T=1663962877:S=ALNI_MaVADq7W-VflvP9qGeP7kVkWuItRw
.adnxs.com/	1970-01-20 08:22:18	Name: uuid2 Value: 6312617668681597488
.adnxs.com/	1970-01-20 08:22:18	Name: anj Value: dTM7k!M41.D>6NRF']wIg2IlduT5M-!]tbPl1M>e)ZlrFUfJ+tGXxp6J1VLEZf7Oj?P.Q'<_%=3?7A.Oc?1Pt7*ghn3If)y3KL9D3I?+tKWeGD
.casalemedia.com/	1970-01-20 14:58:18	Name: CMID Value: Yy4O-tAJMh9QuDfDGKQe6AAA
.casalemedia.com/	1970-01-20 08:22:18	Name: CMPS Value: 5168
.casalemedia.com/	1970-01-20 08:22:18	Name: CMPRO Value: 5168
.doubleclick.net/	1970-01-20 06:12:46	Name: DSID Value: NO_DATA
.travelaudience.com/	1970-01-20 15:41:30	Name: _tracker Value: %7B%22UUID%22%3A%2266C6DA89-C099-4E53-A533-BABD72AF8EAF%22%7D
.w55c.net/	1970-01-20 15:41:30	Name: wfivefivec Value: ibpyVtWy1OBOKW5
.casalemedia.com/	1970-01-20 08:22:18	Name: CMTS Value: 1117
.lijit.com/	1970-01-20 14:58:18	Name: ljt_reader Value: FXaquGZHOmyDiJeRQ-Ss2GPO
.simpli.fi/	1970-01-20 14:59:45	Name: suid Value: AA93468AF3A644C2A0928311E13A8182
.bidswitch.net/	1970-01-20 14:58:18	Name: tuuid Value: 86712e27-0288-4d4e-a918-aff85a65181d
.bidswitch.net/	1970-01-20 14:58:18	Name: c Value: 1663962878
.bidswitch.net/	1970-01-20 14:58:18	Name: tuuid_lu Value: 1663962878
.w55c.net/	1970-01-20 06:55:54	Name: matchgoogle Value: 5
.360yield.com/	1970-01-20 08:22:18	Name: tuuid Value: 8d8f7c2b-defc-4e34-8b0e-c6a46184fb44
.360yield.com/	1970-01-20 08:22:18	Name: tuuid_lu Value: 1663962878
.bidswitch.net/	1970-01-20 06:12:43	Name: google_push Value: AZmPxg-JYxG2vur2CDhk8XXwyadgSvn9UoO2SzGo6JTXDK0ZQ0uM_mmWEfb_1PKPRg7Pbtu2Q2NhhcZdO8vS-cKzWJtC_ZT_E-04
.1rx.io/	1970-01-20 14:58:18	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-2dbc110e-0f37-4061-bf68-0076fc8e3bb7-003%22%7D
.targeting.unrulymedia.com/	1970-01-20 14:58:18	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-2dbc110e-0f37-4061-bf68-0076fc8e3bb7-003%22%7D
.yahoo.com/	1970-01-20 14:58:40	Name: A3 Value: d=AQABBP4OLmMCEIL3eCpclGV36ZmYSHXTFuoFEgEBAQFgL2M3YwAAAAAA_eMAAA&S=AQAAAi-WOGiefOD4f5jAB_39HjU
.mathtag.com/	1970-01-20 15:38:38	Name: uuid Value: 0d81632e-0eff-4100-a496-a920e6513751
.mathtag.com/	1970-01-20 06:55:54	Name: mt_mop Value: 4:1663962879

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://fonts.smdg.ca/k/c/pzs6hjq-d.css Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://fonts.smdg.ca/pzs6hjq.js?ver=6.0.2 Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://fonts.smdg.ca/pzs6hjq.js Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://dmx.districtm.io/b/v1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	error	URL: https://971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11) Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/1838989884782542848/index.html".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=86400

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

971daba8d0e0b8e3537df2ef5d0ade38.safeframe.googlesyndication.com
aax-dtb-cf.amazon-adsystem.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
ap.lijit.com
api.permutive.com
api.rlcdn.com
as-sec.casalemedia.com
assets.adobedtm.com
assets.pinterest.com
bam.nr-data.net
btlr.sharethrough.com
c.amazon-adsystem.com
c.evidon.com
c2shb.ssp.yahoo.com
cdn.onesignal.com
cdn.permutive.com
cm.everesttech.net
cm.g.doubleclick.net
code.createjs.com
connect.facebook.net
corus.demdex.net
dclk-match.dotomi.com
dmx.districtm.io
dpm.demdex.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
etcanada.com
f7e98148-cb09-4cf1-9b9f-b5aee3465d6e.edge.permutive.app
f7e98148-cb09-4cf1-9b9f-b5aee3465d6e.prmutv.co
fonts.googleapis.com
fonts.gstatic.com
fonts.smdg.ca
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
htlb.casalemedia.com
i0.wp.com
i1.wp.com
i2.wp.com
ib.adnxs.com
idx.liadm.com
js-agent.newrelic.com
js-sec.indexww.com
l.evidon.com
load77.exelator.com
loadm.exelator.com
match.360yield.com
match.adsrvr.org
native.sharethrough.com
onesignal.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel-sync.sitescout.com
pixel.rubiconproject.com
pixel.wp.com
pm.w55c.net
pr-bh.ybp.yahoo.com
px.moatads.com
rtb.openx.net
s0.2mdn.net
sb.scorecardresearch.com
sdk.sharethrough.com
secure.adnxs.com
securepubads.g.doubleclick.net
sfp-adserver-cdn.sharethrough.com
shaw.demdex.net
smetrics.etcanada.com
static.adsafeprotected.com
static.chartbeat.com
stats.wp.com
sync.1rx.io
sync.mathtag.com
sync.targeting.unrulymedia.com
tpc.googlesyndication.com
um.simpli.fi
www.google-analytics.com
www.google.com
www.googletagservices.com
x.bidswitch.net
z.moatads.com
dmx.districtm.io
104.103.77.186
104.18.18.126
104.18.19.126
104.19.150.54
13.227.219.51
13.32.10.16
13.36.218.177
142.250.185.98
151.101.130.137
162.247.241.14
169.50.137.182
172.217.18.2
172.217.19.98
18.155.181.110
18.156.195.47
18.159.14.126
18.197.134.247
18.64.119.45
18.64.79.112
184.51.10.56
185.29.132.241
192.0.66.80
192.0.76.3
192.0.77.2
213.19.147.44
216.52.2.30
23.35.236.247
2600:1f13:800:7780:d3d:c825:22bf:b320
2600:9000:225f:da00:18:1fcd:351:7bc1
2600:9000:225f:e800:8:48e:53c0:93a1
2606:4700::6812:551
2606:4700::6812:e234
2a00:1450:4001:806::2001
2a00:1450:4001:810::2002
2a00:1450:4001:810::200e
2a00:1450:4001:812::200e
2a00:1450:4001:831::2002
2a00:1450:400d:804::2002
2a00:1450:400d:807::2001
2a00:1450:400d:807::2004
2a00:1450:400d:807::200a
2a00:1450:400d:807::200e
2a00:1450:400d:80a::2002
2a00:1450:400d:80a::2003
2a00:1450:400d:80c::2006
2a00:1450:400d:80d::2002
2a00:1450:400d:80e::200e
2a02:26f0:10e:29a::1931
2a02:26f0:10e:2b7::1e80
2a02:26f0:11a::6867:4830
2a02:6ea0:c700::22
2a02:fa8:8806:12::1370
2a03:2880:f02d:12:face:b00c:0:3
2a05:d018:d29:3601:ebd:fba0:5325:a4e6
3.122.47.104
3.33.220.150
34.107.254.252
34.120.133.55
34.200.39.142
34.205.216.121
34.239.63.36
35.190.0.66
35.227.252.103
35.241.9.51
37.252.172.249
37.252.173.215
52.215.56.149
52.30.136.248
52.49.126.217
54.155.65.255
54.194.29.214
54.78.254.47
65.9.66.118
65.9.71.118
66.155.71.149
69.173.144.138
0123c48ffdcdbda87db60d6a1d97a9cfb579f28ce410fca2b3b5b2330d446c03
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
03420998eb4e01fb185f814aa1305e923951444b43d68740ec938402460c0b19
049bd93e3d3c2a907fa1344dd4dc97bccb8af25a5817fa76f25233b606e6d724
06539d6e5d43f62d02567af20d3e37d330af694a3a390ba75276ee8d72ae417b
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07625b415cb12bf9a668cb5de34003e0159ba2975f82627ca32e7132724847de
0b3edf25f02d7223aad2def311ac3250b6491152355e396fd00fff744b08766b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce34f381a7a9e9969904d70d8b6c241983fcbe5ee21fc66fbe57ae34dd44b46
0db11402fe1f21932bab57397d9a98920a29b7970a193a32da86aab7effe2b4a
0f9d86b247c93b17f93c4092b216300ef6594a6cb2a0f8bf6cadcbb2c0f15a4a
1114bef5e1f745b3f4293c8f7de173435e1a6d52d1494b2b03d1c5e70d5e5fa1
1155dd833fc06b5987e36dc5d1531520ac62b736b5c629eca10677c80527d131
122745f1c40b846e4d5f9596795e43086df269126d7fc01efbeec5c8775be0ee
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
129e4d8a61f9c50e3eb929c4fa2560140cd9f89b1e5a928a3de8c1e1764c8b4f
17fdd996df769da70eb60286e12df9efbb1497050818a8261b95e61f9cab9e91
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
197558ffb5c4359f076e151a5269611d932881ffdcc921b4994ec9ccfdc055d7
1b34052b8cab45956cc21549aaeef9a10210e06ace870b6a9aaf96a106341df3
1b363e045d0b6c70c29b515be78ac70a97d524ea6e191384381de8be8f25a182
1ba87215e7a9aaf987a5608186a0fdc9a7ad211178a91fe731e2477e2988f2a9
1f494b2f6e29144340a90132de61615016c7c0df4f5808a02171c904f14444d6
2106e0c866ffc014582e728122e802d61a45fe3a5460e4d69dc09c7e584862ba
22f1b8ced0987e099ce75310096474c8359ba883212b1958321633528ca976c2
263fa46a0523bc2bd7ad8a7f6a73a53db60b8e55ddb556ad9f22366f375d971b
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
29ff4ae7f0ea8f926bc4b353f8f2ade34345f312396f2b3cb164d6a58f0ab667
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f6930cc1b7008a03f228043ccafff29ca90b027e2fa1b70d42c5f55cc34daf7
300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816
311b028e2aff47d534219f3759996b9659435e052dd1df32486035302534f348
319ae06a0b297e825e80bf50045993bd2764a6ebac20eba0cdee68ae77580e7b
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
31fdd1a7515da5a01598daa68b19ae1e94b326d2eb2e6782edb808c32d346cf2
340ffce6656e0797fce89566794df7db5a7261731e6e3a4f3c65a932c66c1085
369fd56a37d468fb8b15761b228e76fcc1a6c3280cada8b30bac87a1aaf6e73b
36d8512665ca7bce004af3d0f05f41e70c6255fc2f9f669eea3fbb7b14f04278
37eb5b8eeb1baef972546736d1305ce4e59799df10e7673177322b3b619d6811
38c2d612a7fc68a57284d966c42435bc8b3c562a7732f1eeec132f5f45c0ab17
39276e70b97067d34c673b84062bc1e5383669ed509e28d5bca4bc140224547e
3cb852b8df1d35b118dbdd7455cdd4e140d1bfbc95baa587668a00fe7b5ee15f
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
4719304d7183a3513c3b135aca53068b68e5568f814af3800ca55694d1d4bcd2
47395347833919b1b83bb90b7487da0d9213502fb8f18af28230b9c4a199affa
47d9e538e3d78e4434f4ecce92f167844e6e078e8cf7e8d4e715d6c7f5606687
47f2b02bc33961711f258dcea3168389e150e6cfc343b8e6d5c54d1a577558eb
48fdcad6248cad75d16876289b4543334d70d7aab6c06f79160034568468f813
49ff5bdb93b7f34bb606974d1e30fdeb0836580dc8f8efada363545b5365efb9
4b4d03899d145873efce94fc2f7eee04b2146deb3d9431743c2296b85440b3cb
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f0634f2e70a9da179f16e4d196de69ae2e21076ddd8689baea8be262aaceb30
500b07e36d61bf9c6f14dd6e8ff5c285a770fb4acb035fbec0e64328a24ab0e8
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50bf4b59f0563526a2abe05498839750aa2c6de268a895a362cea89af8f80fe7
522ab2e374ffaa11a71bdaa3d97f1d6484213ef7716cc7d7d1464c799fa38bf9
5515deab2c5e17053c9c5601f72e51a6656ee75fbd93e7adbe4d4779350b42e5
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5638bb477fecafaa355c72be317c8aa2312c1b36a5763320808dfdf6d1307049
587aab8023bc6a87c6abd09ce03a769fce321c6e2ba487c763899cae70e5da32
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5999e7642540f430a14f047e07bacce4af47f7e2bdfd9efca91873ad2469e270
59e63c5ea9e19576eeb92bd2f84cd59d117d49fe6ebc7b1be36ac550d3d9d08b
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e3b264a12d9dadf548b505741b0dda1e38c4c87c9a6c1c8cf17c9dc9a653d2
634c8cda4fe02873bea2ab020bd3314ad9da43a4a215e2f929cda05fb94d5b82
68d6d9a48b945fe4334e8058c3f819080f04c6d5f08a1f921d368bbd1cf53fa0
6a22585ac52bb7182e1ad9bb6fd415502dc21ade692bf0fec3eede71e47e5a6a
6a373da02e16acbf89679342d16f87653a31a830d9a0ac1ff7b3994fd21288d7
6ee5b409d544d9bb2d9efe13cf0cc1d1f63f5273573383731b6f5c2fd710e393
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
6f9cd656ca1edc5c21e8fa922989bdc26cda12e81a3b90db8294b2a1308b827e
7340785d6dfc0421c6492a702226a31564605d8e9702ba94881c4e7e8064efb2
73b0aac2fdb5067ac3d563423b019f966220acf1231d772344af51aa5fa7cac1
748fc2b89b693f61258fc83aea7af797a087d2192b5187c93d3987a417c13170
74f82e4b815f619487c2d65b21438d9418d8266762715076ab47e0571115e06e
77b68fb7472cab3e4a1f6a04fc54f0df50f7775d0fe9d3f4c17aaa6854785a56
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c9cecd10e7ebe0bd54d4c544d872270d4148922ee896d2ad404dc791ad0ef3a
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
8460aaf36b73e229c6b0fcaf7bac791e23c3145e87de6a04d0d91541e39289b6
86453ecc16f6b785226ee9203819ea6bc46dc79171c51ed9605e3e2662281704
87fae86e79f80a7f379e0d61c814f6be56ff78a6028edd4cf26e8f63b23913ee
87fd8cd47c44ef6f7af728fd4b9350a70fb02f6c4e545faa0321e83269f4ce93
8842d55c7ed6bddca9f29e54a22750272dadb786cb8f6bc7b1e3e337510b2621
88e1f4eb0541b1ab51c5225df03decacbcccbeeb92bc8db1ee061deeb3bed4d8
8a5586026212b7c47b4cf72ea723877df8d75913407ea389e8300c8b5cbfdcde
8a69378b86aacac2b861e8245d09d96827d39415bde1fd16167e0da0279f85ed
8a8c742162d4336f7579cc2113eeb132065b6875c822c0f6190c8fde9d04adfb
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8efa026f45883128f040cdc142c8e88a2146d641b5d2a442689898619a87a767
900b5f638586f64742c68865f427efb3768914f96cfe0c35f67699f258612b76
901e1a00b12fe8a17192202e8d121f839d1ef15b7fe25ffac4cf2af2c7b4b33a
933ed0cc126688a85f623a58cc7775a2f64aff7febf156c82b8f6ef8f5296115
96600000e134def3d084e36025de36806814fc694e8eb5477b0a8f9fc819688d
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9a47ad1e1cafef6d30dc46bfe1fc136eafcb79a0b8d79cd75de9f658ba468354
9a498fa67baa2666eed28350f8a5c0b49b7d5de7899b1950a68dba7342eaab7a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a05147e4f7621cac26e5103471663549579a0525f3d5326228847b6030f7ecd5
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a3685d0b9189593704de2adbaf3e672cbe61b513a5820a418ddd2275d6cc8f3b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6c19d22586dd9c2ed2d4f7285feabecd3c7065073c29da20799cd1fe5b2ddbf
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa2b420f60a6cd0b5f19bf066403c59bbeb84dd55178832d8ea95a75e19bf5a0
ad4a95c5307273e426dec587c16aee416ac0f630a2108112619ba7f2fd9f3c34
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b0024b0acfefbaf90b14bf0aeb647029bf731260e17f4d706e2523e8d3c5f1a1
b03a5e81c7b1dbec3b476b1651739198697ccd66a159d0abb0004da9486b3d5e
b0b26fb8e1318f612e7bc978307f18fc79b93bc58e8b7311eed80de7b21e45ac
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed
b64b6db6c9030b464fb50d70445fa8632050958f7f0f84fca28ab655fadb022b
b6c8223e6e7bf7d472b5d0c2f4a2b9180ac8c46ab120815aa2803a3cf0148048
b6d0af9909bff7a99572397d4ae9e2cdcd9aa7922a65d0bcf649d59523869483
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
ba1f00a63fa276bd7e04861072fbc5259e508b56f8cd1edd0cc935b5d0145a9f
ba583d00ee53db21480e9d6a9f67cdf4fb2a1da49c4464d23fd16ba4595bed61
bb515805738b590056d42e65fa6034da715cc11b9e214f1d502fc95002993e58
bc3f762083c7c659100377e2ace8b8346418f1be26b5cb5dd6c0dacfc5a43df8
bda3074cd0ab4ba9747eef15def41167cba17adc95c73a7b3abf7acfe9ece320
bebac62c953edf0d0ce8dced28607c288ca4e8edc7e52b2703bb45f8014bca3b
bed23df262795e1d382d54587c93236f10a9063c12fef5af0bfc963833ece6b4
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
c55d43682f88f457c8246beb266b870ee0d0025f3d32912772b581d5fe7feef1
c594517c1ff134ee9b8a63fc25a441c757e40bc021998f5acc0575e047975ac7
c7748101fe9215a0b58c31df76753bc6c18228f6ffae946569d9a87e6c681a2d
c7c1101a9361f5bcd81dc291ad33d56f6f72ac721f18e66f893fd16fd43016de
c93b484f52ff72b6b6c310615b851dd7eda7357da6e5fe27c2076971f51a7d11
c984df63dad3bd35c63ab9828a0f780fbfae029b04695d7232c18379e4f976bf
c9b24ed51e388a24a5297e7dddb82d49c19ce6f5a56b1afb4e8129c431ec584d
cec13747f199fa21272f935cd33b9138587f04e9b4f8be92a4f8fb862b087d8f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff2fddd0382a2f4113ce84ee9e019eb1e60da60f02cd1dbc968d93f9142e17c
d0df6145ba9d154e7c7e68b8a3f40a9f9b00c75db70049a07c3beb96f0a6fed4
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d81980bb8bc8ea1bc0114e5cd385034ea3a4a27eb8aa689294980dbd54488460
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
d8c443940dfbf232229d37f4b9e806534d29da126b80356a24c4295b48c4b577
d95bf7b208c7b065ccfedeaab1b39124dcd0ffc098f04df4739839f79993fcd3
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dbed84e419f10fdf224a5737cf8946b447fe3f132ece8ce4fb8c9588f12a58cb
dc1745a57c602d22b101b6c26872cba914859389bc1652c68b29107a6577f410
e06996d9eff7b6a6fe44e35248366b91be97cc7021a7e34bd00fa11c3e587704
e122abd3c84949dd4d98049ef884aa92f02da643fdc215dc74c55b149a5b625c
e24080a4c68278b7b750ab0afdb20beea8a9dfce46c77515425a80457af40880
e275cb3cc28faac28cf971c5ad647113e8ee048be7c833c46c2f16e15fe7b0db
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e327c4cf3b80e5e5bdea164926c57b871c1b240212065782d28cb22dd60fa51b
e392598ef48998a8a3e7e42d728fdefa6a13b2d2b45cd4a91d51812746c53900
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e42cb1852c100ca44ebf37a76b86d287d2d3fb7e408da1ae8656bfa752731d51
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e551933c7f99fb030414ee2f11b6b871fbc19f782e545db0c19ac33a5b20962b
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e9ad20a74c66287340e224da543e6998185a949b8a6b4a76707f855666871064
eaf33f7c65374bfc2292086bf03d1a9890ad09a93ecbc219ddc658b938ce32ae
eb9b779632120efcf62ae31e31b58177f54fc3d685b7152315a7cabb25bcf2e5
ee3b9afa9e67b0c6afabab0479242b5b098a9b2ec3f35d73b8a08d768b135d34
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e2972287f1528390eec2cdeda7586fd938137fbdc2b43a6252ca50164a5069
f1315f43a24e1326ce79eec64bf054ab30a550917a44fadd18eaa870a3c03230
f1965afdf18f461f3d36e15fcae4f59fd3dda3adaa77f71570d5c525bba33f11
f1f629112c077b1ba53c631699bd5ac3e58305f95e76360e57d09ecd8403eb3c
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f56bb7d57f95112338405d6b896e13b625841f4820c946feda73beee41abbbf4
f6c908a05314f202c10df4d0d01c649bb81c03ff237399180d7f9fde61588e06
f7c758c5fa72559c55f3ab340e4066ece8ed39ead00fa2332da8c9e5663c3998
f9241489f91ae2155b23fbd762c05b9a233c9c7de9d8c56f313ad16275ba8b08
f955a8754576b9d8ee8afb211e5fc63e79ea250aac588a16fa295eaa3a8ba95e
f974af7226f7c3c119e3a530004fd5bd38dac2b9ac1ae5551f0aaff9ed1e43be
fa36c5e1be0de242db43e233e72079e4cc0c047bc73ab74b85432209a0c04aa4
fcb67ace0547b06124c2654c78207299a3e34c5e8a501feb07e4aff221bd89e1
fd6321a73fa53c24f5ac39432a3eaf12305d410b415349e19278548b8a4deb75

etcanada.com Open in urlscan Pro 192.0.66.80 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

274 Requests

90 %HTTPS

36 %IPv6

54 Domains

85 Subdomains

65 IPs

9 Countries

2882 kBTransfer

7440 kBSize

46 Cookies

19 Outgoing links

Redirected requests

274 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

etcanada.com Open in urlscan Pro
192.0.66.80 Public Scan

Screenshot
Live screenshot

Full Image

274
Requests

90 %
HTTPS

36 %
IPv6

54
Domains

85
Subdomains

65
IPs

9
Countries

2882 kB
Transfer

7440 kB
Size

46
Cookies

274 HTTP transactions
5 data transactions