www.hometowin.ca Open in urlscan Pro
108.138.17.54 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://naviform.info/
Effective URL:
https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/
Submission: On October 14 via api (October 14th 2022, 2:04:07 am UTC) from US — Scanned from FR

Summary HTTP 149 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 49 IPs in 7 countries across 40 domains to perform 149 HTTP transactions. The main IP is 108.138.17.54, located in United States and belongs to AMAZON-02, US. The main domain is www.hometowin.ca.
TLS certificate: Issued by Amazon on November 5th 2021. Valid for: a year.

This is the only time www.hometowin.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	54.37.123.164 54.37.123.164	16276 (OVH) (OVH)
31	108.138.17.54 108.138.17.54	16509 (AMAZON-02) (AMAZON-02)
1	13.32.121.74 13.32.121.74	16509 (AMAZON-02) (AMAZON-02)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2a8::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	93.184.220.66 93.184.220.66	15133 (EDGECAST) (EDGECAST)
2	2a02:26f0:6c0... 2a02:26f0:6c00:28b::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	18.66.97.21 18.66.97.21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1 3	13.32.99.105 13.32.99.105	16509 (AMAZON-02) (AMAZON-02)
5	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
1 12	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1 3	52.30.136.248 52.30.136.248	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:8800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	34.242.80.80 34.242.80.80	16509 (AMAZON-02) (AMAZON-02)
2	15.188.95.229 15.188.95.229	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
2	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 2	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::20	60068 (CDN77 ^_^) (CDN77 ^_^)
14	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1 8	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	54.155.40.229 54.155.40.229	16509 (AMAZON-02) (AMAZON-02)
1	52.48.197.119 52.48.197.119	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	23.35.237.151 23.35.237.151	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
11	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.128.84 151.101.128.84	54113 (FASTLY) (FASTLY)
2 2	35.156.218.165 35.156.218.165	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	37.157.4.39 37.157.4.39	198622 (ADFORM) (ADFORM)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	63.251.14.14 63.251.14.14	14744 (INTERNAP-...) (INTERNAP-BLOCK-4)
2 2	54.216.33.171 54.216.33.171	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	95.131.136.1 95.131.136.1	47841 (OXALIDE) (OXALIDE)
1	192.229.220.129 192.229.220.129	15133 (EDGECAST) (EDGECAST)
1	23.205.253.64 23.205.253.64	16625 (AKAMAI-AS) (AKAMAI-AS)
149	49

2 54.37.123.164 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ip164.ip-54-37-123.eu

naviform.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 108.138.17.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-54.fra56.r.cloudfront.net

www.hometowin.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-74.fra60.r.cloudfront.net

videoplayer.smdg.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2a8::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 93.184.220.66 (London, United Kingdom)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:28b::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-21.fra56.r.cloudfront.net

adchoices.corusdigitaldev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.99.105 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-105.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.30.136.248 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-136-248.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:8800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.242.80.80 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-80-80.eu-west-1.compute.amazonaws.com

shaw.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

smetrics.corus.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.254.47 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::20 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.23.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.155.40.229 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-40-229.eu-west-1.compute.amazonaws.com

corus.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.197.119 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-197-119.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.128.84 (United States)

ASN54113 (FASTLY, US)

log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.218.165 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-218-165.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Schopfheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.39 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.251.14.14 (United States) 2 redirects

ASN14744 (INTERNAP-BLOCK-4, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.216.33.171 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-33-171.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.131.136.1 (France) 1 redirects

ASN47841 (OXALIDE, FR)
PTR: front.netaffiliation.net

jpp.aircaraibes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
action.metaffiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.220.129 (United States)

ASN15133 (EDGECAST, US)

img.metaffiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.205.253.64 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-253-64.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	hometowin.ca www.hometowin.ca	706 KB
23	googlesyndication.com 029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 147 pagead2.googlesyndication.com — Cisco Umbrella Rank: 104	94 KB
21	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188 cm.g.doubleclick.net — Cisco Umbrella Rank: 215	180 KB
13	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 29898 ad4m.at — Cisco Umbrella Rank: 9937 assets.ad4m.at — Cisco Umbrella Rank: 38774	441 KB
8	krxd.net cdn.krxd.net — Cisco Umbrella Rank: 1662 consumer.krxd.net — Cisco Umbrella Rank: 2206 beacon.krxd.net — Cisco Umbrella Rank: 528	182 KB
6	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 78	2 KB
5	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 214 shaw.demdex.net — Cisco Umbrella Rank: 211684 corus.demdex.net	10 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	167 KB
3	moatads.com z.moatads.com — Cisco Umbrella Rank: 404 px.moatads.com — Cisco Umbrella Rank: 481	209 KB
3	exelator.com 2 redirects loadm.exelator.com — Cisco Umbrella Rank: 1466 load77.exelator.com — Cisco Umbrella Rank: 3202	2 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 156	3 KB
3	pinterest.com assets.pinterest.com — Cisco Umbrella Rank: 2663 log.pinterest.com — Cisco Umbrella Rank: 3737	19 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 731 syndication.twitter.com — Cisco Umbrella Rank: 1061	133 KB
2	metaffiliation.com 1 redirects action.metaffiliation.com — Cisco Umbrella Rank: 116107 img.metaffiliation.com — Cisco Umbrella Rank: 55185	135 KB
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 2893	787 B
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 599	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 627	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 765	2 KB
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 111868 static-de.ad4mat.net — Cisco Umbrella Rank: 149616	4 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	222 B
2	corus.ca smetrics.corus.ca — Cisco Umbrella Rank: 901986	667 B
2	google.fr www.google.fr — Cisco Umbrella Rank: 15283 adservice.google.fr — Cisco Umbrella Rank: 30859	1 KB
2	gstatic.com fonts.gstatic.com	71 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	111 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	20 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 948 pixel.quantserve.com — Cisco Umbrella Rank: 516	10 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 306 fonts.googleapis.com — Cisco Umbrella Rank: 44	8 KB
2	naviform.info 2 redirects naviform.info	458 B
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 16153	702 B
1	aircaraibes.com jpp.aircaraibes.com — Cisco Umbrella Rank: 922838	2 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 347	456 B
1	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 671	166 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1500	584 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 876	2 KB
1	corusdigitaldev.com adchoices.corusdigitaldev.com — Cisco Umbrella Rank: 961281	4 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 131	17 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 720	11 KB
1	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 714	44 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 677	29 KB
1	smdg.ca videoplayer.smdg.ca — Cisco Umbrella Rank: 268981	6 KB
149	40

	Domain	Requested by
31	www.hometowin.ca	www.hometowin.ca
14	tpc.googlesyndication.com	029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
12	securepubads.g.doubleclick.net	1 redirects www.googletagservices.com securepubads.g.doubleclick.net www.hometowin.ca
8	cm.g.doubleclick.net	1 redirects 029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com www.googletagservices.com
5	assets.ad4m.at	as.ad4m.at
5	www.google.com	www.hometowin.ca tpc.googlesyndication.com securepubads.g.doubleclick.net 029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com
5	cdn.krxd.net	www.hometowin.ca cdn.krxd.net
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com as.ad4m.at ad4m.at
4	www.googletagservices.com	www.hometowin.ca securepubads.g.doubleclick.net 029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com
3	029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	dpm.demdex.net	1 redirects www.hometowin.ca
3	sb.scorecardresearch.com	1 redirects www.hometowin.ca
2	match.360yield.com	2 redirects
2	ap.lijit.com	2 redirects
2	c1.adform.net	2 redirects
2	pm.w55c.net	2 redirects
2	z.moatads.com	securepubads.g.doubleclick.net
2	loadm.exelator.com	2 redirects
2	www.facebook.com	www.hometowin.ca
2	consumer.krxd.net	cdn.krxd.net
2	smetrics.corus.ca	www.hometowin.ca
2	fonts.gstatic.com	fonts.googleapis.com
2	connect.facebook.net	www.hometowin.ca connect.facebook.net
2	www.google-analytics.com	www.hometowin.ca www.google-analytics.com
2	assets.pinterest.com	www.hometowin.ca assets.pinterest.com
2	platform.twitter.com	www.hometowin.ca platform.twitter.com
2	naviform.info	2 redirects
1	www.awin1.com	as.ad4m.at
1	img.metaffiliation.com	as.ad4m.at
1	action.metaffiliation.com	1 redirects
1	jpp.aircaraibes.com	as.ad4m.at
1	static-de.ad4mat.net	as.ad4m.at
1	pixel.rubiconproject.com	1 redirects
1	image6.pubmatic.com	029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com
1	dsp.adfarm1.adition.com	1 redirects
1	log.pinterest.com
1	px.moatads.com
1	prod-rtb.ad4mat.net	www.hometowin.ca
1	beacon.krxd.net	cdn.krxd.net
1	corus.demdex.net	www.hometowin.ca
1	pixel.quantserve.com	www.hometowin.ca
1	load77.exelator.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.fr	securepubads.g.doubleclick.net
1	shaw.demdex.net	www.hometowin.ca
1	www.google.fr	www.hometowin.ca
1	rules.quantcount.com	secure.quantserve.com
1	syndication.twitter.com	platform.twitter.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	secure.quantserve.com	www.hometowin.ca
1	fonts.googleapis.com	ajax.googleapis.com
1	adchoices.corusdigitaldev.com	www.hometowin.ca
1	www.googleadservices.com	www.hometowin.ca
1	maxcdn.bootstrapcdn.com	www.hometowin.ca
1	ajax.googleapis.com	www.hometowin.ca
1	cdn.optimizely.com	www.hometowin.ca
1	code.jquery.com	www.hometowin.ca
1	videoplayer.smdg.ca	www.hometowin.ca
149	60

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.pinterest.com
hgtv.ca
www.hgtv.ca
www.corusent.com
architect-films.com
stitch.media

Subject Issuer	Validity	Valid
hometowin.ca Amazon	`2021-11-05` - `2022-12-03`	a year	crt.sh
smdg.ca Amazon	`2022-05-25` - `2023-06-23`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-12-24` - `2022-12-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
adchoices.corusdigitaldev.com Amazon	`2022-09-23` - `2023-10-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
cdn.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-12-30` - `2022-12-29`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-23` - `2022-10-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-01` - `2023-10-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
smetrics.corus.ca DigiCert TLS RSA SHA256 2020 CA1	`2022-07-28` - `2023-08-28`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
consumer.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-08` - `2023-06-07`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-08-16` - `2022-11-14`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
jpp.aircaraibes.com Gandi Standard SSL CA 2	`2022-08-18` - `2023-09-02`	a year	crt.sh
www.awin1.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-18` - `2023-04-19`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/
Frame ID: 8B8C07EBE39CB7ADF61AF61565464749
Requests: 80 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fwww.hometowin.ca
Frame ID: A4615D003F5FC97E12105C948147E1D9
Requests: 2 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 3E909458AAB6588F8924E1536778C61F
Requests: 4 HTTP requests in this frame

Frame: https://shaw.demdex.net/dest5.html?d_nsid=undefined
Frame ID: E568DEE5E516949CA6A5DEEB2FB1A110
Requests: 3 HTTP requests in this frame

Frame: https://029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5401B5F7463608E2526C383490E03357
Requests: 1 HTTP requests in this frame

Frame: https://029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4E0748C991970ED14FAA1F21C4FC3EC2
Requests: 4 HTTP requests in this frame

Frame: https://corus.demdex.net/dest5.html?d_nsid=0
Frame ID: F8903BCD1F0C735A787A2F869F10FB80
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F730792DC7B9ED5EA7284C6C41BECC53
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1684C595AD7D60AF55351C76460289CE
Requests: 2 HTTP requests in this frame

Frame: https://029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2A208D0D7B82323E8727947DC8DEE0BD
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvmdsQ8Y9kEyYnTGFS4yjcGVgCCf3tVIv1Vt6-7MZK9RijM29H6wbBjgmPOpiyC3AqRT2_IECAI87evaIseoLnY78UU8_VoI6MV02gygP_fGR1G69ngmsyfoXdM9BLw3UY8F66YXLBzs8vUuhnZW0jqvLEDro88Xkmdq3pgZp2-9x-pc67J6bgkPa-v45BpsA_UI1yDJDqFJN_01N0xlu38l3myNe6xReuORmi9zO2er8ZrJinsmctlS5wHlFNmFZ_D41s7ARCZUgaUn-NeXVaXqdIPX28V4t-rMd0h6DTaiyM6ARYdhs0jSg_I-Ws0GUdLFDmiVyv5e0yN1VwHXjT21tRaVl9W4RAloojWaMPZ2-feNtllY8FaM_SVWzYSB9DAJgpKWgvl8S3CFfk_NkH8lZUR5DcUTnyY6KiKb1cs&sai=AMfl-YRwhR0NFtA6Cq1wcgKQ41yaIWtu_vWfKX1OI3-3cGLDh5ZOXoiSEiuw-aTd7EScB03BoNREdvzzLFU1XLmdRmobhFaRvPB6jNg1d0Zg-nGOk3JjXBGWUQx4dNcWeDTA&sig=Cg0ArKJSzGqBwJ_SRlgyEAE&uach_m=[UACH]&adurl=
Frame ID: C506885120C6FC0B72B50662AE28594F
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss7uJM2Y0uCeg1zI2_-5J2zwNa0k9l33dky9O2jtOUPZbZq9-9qzQqNUkQq4B645POHeMVRZwZhjVf7ya9zELN_KxnJ4pY7dak8cNt-qOQMP_9NRV-L_wJUAMcxHRxPcPgkjs-mhXN7BnKCn6neSGPMzXwYAFN58P5Y3VgSoUA8EF_q2LOYCMEmXZsPL5Y3dMXqmP5VD1L-bBGTNJK7Y-djd3S8u24G1F4Wgtd3NiiCNSDK3HDJBftfKJWszqsfqb02g6IRDtRZ31lO2Tr_yQO9YiJHuO7543SB7Z_E4L1lqSxgDO15omJEhab5yCOGu_DGiC-YAXI7iGGZ0KIlrzWvg_eWYg1QPY8pBkB23Mg1IAxODwfvTo6oAWZjnJGlfx6_S3fFL-b4Ssp2EZAcgkxlpocqE25C9Y2FmyeCGssG&sai=AMfl-YQ-Mh9VZzg3YvKPB7i2ZyuTh2NfGjHs80YRAosx6r_wdPqAEcP9xMU3K52PAWPc-x_LfU1nPLivxx_fSzbiOx0R5uP0zxCCxb96-r_cKuNS89_3MwCLXe7tkXR7cxa69g&sig=Cg0ArKJSzCrkw2nXWIFBEAE&uach_m=[UACH]&adurl=
Frame ID: B42192763B98CBDD0C0020E01882EA53
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1j9jny67cfp1hxt2v0aqd7412vdyc0n96hmz2dpk72pdpa5tag0vsan4c81mm06edadkh7xdk16df96847gea00q8e1hw10zwm6djs6d8m3v0jnsp1zvwy0my8e5f9pjkpn01mh1mxyegajnya0zdead1z24kczdpfkaxjby3gntcz48xaek35sv6akpwj2h0t3m3akksm2rdcs3r7qqpw8p67m9nxv4k73fvn2wzjwmm6cm73pepgrz311t984tyrzk16qfaqpcvrbgw5rb2b4c29wwb7dv150gbab7760v3bh72zx328z6g50xvcnawzem0keqhghp1675244jgjy4cnz84a9xdweeag8539v5wbjcg7e3hr88x00d4kna3jdtc1ykve8wbvr991vvfx0d7s15vk71w6n2z7qpc7v3zkjyv1sfvvg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1TcPkMNIY77QLb_77_UPg-qsuAbi0rL2YcexjoqOCMCNtwEQASAAYPuBgICcCoIBF2NhLXB1Yi0xNTk5Nzc3MTY3NzE1NzA0yAEJqQK9jZ-0omewPuACAKgDAaoE-gJP0J-6pVl36Cqn81c3Tgzc4pUIa552l-xSta93rfH4AdwRnhDHScdMQz8ZaJ6mNgPnqBzhf1pXpt93H8G53sDZJjw8izh3HUevcjdoLU5CCTBJ-EeEzu44TiXwIIflzDiTmm7C_lNrobIysbTE2DpPCD5ibpb9HWx2bDelz_GND5Wj7V6kGmLVa-26Us49kK3RNNAp7SHSPdtBUj3ds1YUzYdc2xOhha2bHHC9krjOSITKgt4E6GxhiXrkEM8BKjkdfUHP9-DMVpZhXX0ww00GNU5BcXzx8fIs2SOVVP37RO8nFEO_DXIQVOjx_4KIARlhnhUtjzn5yVYS5A5i0pTAUBasROu0jM1AYGgQEJLadFXyFre72z3PUS1Glbar0xoL-fgWF-AzNO6mHbZ89Zzr_OcQMKS1Cn21p6ZbvKA5y-H0zNLHf83_uMGhMDQS9gpbAK3CelUCDSFg1insCV5HFZSzm9KoXM9-YVxCvE4l146VrzZkooIJNjrgBAGABvjMiNHHpbHPI6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1987ylV7JaslEJG22zaLDIWdQZhw%26client%3Dca-pub-1599777167715704%26adurl%3D
Frame ID: C2048EC9FAE80A4C4C0F13BFB04854AD
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1025FB729930B1484B54C0C196EFF1D8
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 621D592D76E8B7854F9759420380DD69
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C311476&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=5f835dad94db43a5c235f4b1c0ac6425%2F4626887171977844298&i=30425%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1665713041809&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gf8nzpvjzgxg5yhx4067vqtefddq7ajh642n35jd2jcpqt2bzt7zfxvrvxbjnms1d37ne0txfxfkdb27e8az6n4drs80k5ejec3cznmkznhk4swr2hq9skr4ejqb8b533vpj6e5w3ag5tnf2hmgrz3ysxkf5344j890cwdnvjbpfn39mnjb16vyrq0ds8myknnrt07deexfw45668st6fcmba4ndppd659t822qhggpa1ph0zvr2semngd8a0zvqnzh87qyt3y4ed1yndhg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1TcPkMNIY77QLb_77_UPg-qsuAbi0rL2YcexjoqOCMCNtwEQASAAYPuBgICcCoIBF2NhLXB1Yi0xNTk5Nzc3MTY3NzE1NzA0yAEJqQK9jZ-0omewPuACAKgDAaoE-gJP0J-6pVl36Cqn81c3Tgzc4pUIa552l-xSta93rfH4AdwRnhDHScdMQz8ZaJ6mNgPnqBzhf1pXpt93H8G53sDZJjw8izh3HUevcjdoLU5CCTBJ-EeEzu44TiXwIIflzDiTmm7C_lNrobIysbTE2DpPCD5ibpb9HWx2bDelz_GND5Wj7V6kGmLVa-26Us49kK3RNNAp7SHSPdtBUj3ds1YUzYdc2xOhha2bHHC9krjOSITKgt4E6GxhiXrkEM8BKjkdfUHP9-DMVpZhXX0ww00GNU5BcXzx8fIs2SOVVP37RO8nFEO_DXIQVOjx_4KIARlhnhUtjzn5yVYS5A5i0pTAUBasROu0jM1AYGgQEJLadFXyFre72z3PUS1Glbar0xoL-fgWF-AzNO6mHbZ89Zzr_OcQMKS1Cn21p6ZbvKA5y-H0zNLHf83_uMGhMDQS9gpbAK3CelUCDSFg1insCV5HFZSzm9KoXM9-YVxCvE4l146VrzZkooIJNjrgBAGABvjMiNHHpbHPI6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1987ylV7JaslEJG22zaLDIWdQZhw%2526client%253Dca-pub-1599777167715704%2526adurl%253D&y=1&s=&z=0
Frame ID: B9549F0FFCD2D5B58ACC07BB11A5F5D2
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Find Out What Bryan and Sarah Baeumler Love Most About The Season 3 House - Home to Win

Page URL History Show full URLs

http://naviform.info/ HTTP 301
https://naviform.info/ HTTP 301
https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

Pinterest (Widgets) Expand

Overall confidence: 100%
Detected patterns

//assets\.pinterest\.com/js/pinit\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

149
Requests

92 %
HTTPS

48 %
IPv6

40
Domains

60
Subdomains

49
IPs

7
Countries

2620 kB
Transfer

5764 kB
Size

42
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/hgtv.ca
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/HGTVCANADA
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/hgtvcanada/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/hgtvcanada/
Title: Pinterest

Search URL Search Domain Scan URL

URL: http://hgtv.ca/
Title: HGTV

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/share?app_id=797651060379917&display=popup&href=https%3A%2F%2Fwww.hometowin.ca%2Fbehind-the-design%2Farticle%2Fbryan-and-sarah-baeumler-home-to-win-season-3%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Find%20Out%20What%20Bryan%20and%20Sarah%20Baeumler%20Love%20Most%20About%20The%20Season%203%20House%20-%20Home%20to%20Win%20https%3A%2F%2Fwww.hometowin.ca%2Fbehind-the-design%2Farticle%2Fbryan-and-sarah-baeumler-home-to-win-season-3%2F
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.hgtv.ca/shows/bryan-inc/videos/jojos-wiggly-teeth-1196230723733/
Title: b-team videos

Search URL Search Domain Scan URL

URL: http://www.hgtv.ca/shows/island-of-bryan/
Title: here

Search URL Search Domain Scan URL

URL: http://www.hgtv.ca/
Title: HGTV

Search URL Search Domain Scan URL

URL: http://www.corusent.com/
Title: Corus Entertainment

Search URL Search Domain Scan URL

URL: http://architect-films.com/
Title: Architect Films

Search URL Search Domain Scan URL

URL: http://stitch.media/
Title: Stitch Media

Search URL Search Domain Scan URL

URL: http://www.hgtv.ca/info/about-us/
Title: About Us

Search URL Search Domain Scan URL

URL: http://www.hgtv.ca/info/faq/#contact
Title: Contact

Search URL Search Domain Scan URL

URL: http://www.corusent.com/terms-of-use/
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: http://www.hgtv.ca/info/faq/
Title: FAQs

Search URL Search Domain Scan URL

URL: http://www.corusent.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.corusent.com/privacy-policy/#adchoices
Title: Ad Choices

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://naviform.info/ HTTP 301
https://naviform.info/ HTTP 301
https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://dpm.demdex.net/id?d_visid_ver=1.10.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5F34123F5245B4A70A490D45%40AdobeOrg&d_nsid=0&ts=1665713040354 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=1.10.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5F34123F5245B4A70A490D45%40AdobeOrg&d_nsid=0&ts=1665713040354

Request Chain 58

https://sb.scorecardresearch.com/b?c1=2&c2=3005670&cs_it=b3&cv=3.8.0.210223&ns__t=1665713040373&ns_c=UTF-8&c7=https%3A%2F%2Fwww.hometowin.ca%2Fbehind-the-design%2Farticle%2Fbryan-and-sarah-baeumler-home-to-win-season-3%2F&c8=Find%20Out%20What%20Bryan%20and%20Sarah%20Baeumler%20Love%20Most%20About%20The%20Season%203%20House%20-%20Home%20to%20Win&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=3005670&cs_it=b3&cv=3.8.0.210223&ns__t=1665713040373&ns_c=UTF-8&c7=https%3A%2F%2Fwww.hometowin.ca%2Fbehind-the-design%2Farticle%2Fbryan-and-sarah-baeumler-home-to-win-season-3%2F&c8=Find%20Out%20What%20Bryan%20and%20Sarah%20Baeumler%20Love%20Most%20About%20The%20Season%203%20House%20-%20Home%20to%20Win&c9=

Request Chain 80

https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=65937188998136662710074523577167349350 HTTP 302
https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=65937188998136662710074523577167349350&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 82

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOrqJA4A6ohYe0WZsVqcdc-XcdNulOrY1vbinfuUdHU1Y7duE5x2-8x8ESp0l-CkcdRJXCtxCzcz7WiUh0pRPwK7zjlMte2fQv6Mh4ONs4sbCfR9roqiM7fMOKqn7EBMhY_AT4QhAAPWWB-F2rmTr2zBh4Q4k9cn-MBK_KGPjYe8-WuYTkjWwebIfpEzy007rrZ9lFSI12VP9TGvj3AO_MOgNerd8BBg5hpBjsa7ej3vOiWC7PdocEZ9nit9WeeVs8pYNHPpSIrN35QjS3EShLsFCbT0eUW2urwH7JRPzEWu9rYb1_oteUb9eyvrJw3XUKqc-lSnItCw7plQHyUXAajvyN1ErpK2ZlC7nbFhCURltIM5R2iyAlra12Dctg6O_QoLk8xnKbqGFLiRKWZ1xh7K4x24KKmdpNnRBIR8FH&sai=AMfl-YSq6mxqJReNaFkfGAy4Re0p3EPL0vFfClpnhPSo_Td5b2lgYOZYQIrEbZJKykm5Inuszq-O6t-BWK_M9eYRQhkqxFF9UpwlkrJrUUPZSfwq5uA1NBkUSLIwGdZgV4ZX&sig=Cg0ArKJSzCWYKmBQjTLfEAE&uach_m=[UACH]&urlfix=1&adurl=https://tpc.googlesyndication.com/simgad/9129637316153660709?%20style=%22display:none HTTP 302
https://tpc.googlesyndication.com/simgad/9129637316153660709?%20style=%22display:none

Request Chain 83

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjU5MzcxODg5OTgxMzY2NjI3MTAwNzQ1MjM1NzcxNjczNDkzNTA= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEGC32Ck16xjBO332Pfgb08I&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 128

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPfK_T4w4CeBodwfLmixQEg&google_cver=1&google_push=AZmPxg9T-1ZwdaAtVukbX-pDGQnbQyaehpry91ac39QK3EvvWDQBZjc6Q4UmxTiEVOeN0Wq3H2_4y-SiaBtPBOQ8pKNpL_XA4V2A HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPfK_T4w4CeBodwfLmixQEg&google_cver=1&google_push=AZmPxg9T-1ZwdaAtVukbX-pDGQnbQyaehpry91ac39QK3EvvWDQBZjc6Q4UmxTiEVOeN0Wq3H2_4y-SiaBtPBOQ8pKNpL_XA4V2A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dUJsUXBGalQxT0phM241&google_gid=CAESEPfK_T4w4CeBodwfLmixQEg&google_cver=1&google_push=AZmPxg9T-1ZwdaAtVukbX-pDGQnbQyaehpry91ac39QK3EvvWDQBZjc6Q4UmxTiEVOeN0Wq3H2_4y-SiaBtPBOQ8pKNpL_XA4V2A

Request Chain 129

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEJbH08Z7hzBIq2hwhjpkRtE&google_cver=1&google_push=AZmPxg8qwdXH2BXrAKbNSWl051IS860aAUDpxJuE4xvH8eU-VZE6ujv5yW9f9wtp77yQVBnp7BqWjooHKbhlDFrsIe7-uQGEIZIX HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE1NDE4MzAzNTYyODQ4NDc1Nw%3D%3D&google_push=AZmPxg8qwdXH2BXrAKbNSWl051IS860aAUDpxJuE4xvH8eU-VZE6ujv5yW9f9wtp77yQVBnp7BqWjooHKbhlDFrsIe7-uQGEIZIX

Request Chain 130

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGvyfsDVFhDuPeNFreIoYyE&google_cver=1&google_push=AZmPxg920qnHy-vKFwzOgFM_ayrwUHHGhEeItKBIC2KroaJ3Cp0BafWplE7q4TiTmPBpo84cxQ7cQFj3M7C5dSTodid3grEt7Qn3 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGvyfsDVFhDuPeNFreIoYyE&google_cver=1&google_push=AZmPxg920qnHy-vKFwzOgFM_ayrwUHHGhEeItKBIC2KroaJ3Cp0BafWplE7q4TiTmPBpo84cxQ7cQFj3M7C5dSTodid3grEt7Qn3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA0NzY1OTUwNDUxNzE3OTkxNA&google_push=AZmPxg920qnHy-vKFwzOgFM_ayrwUHHGhEeItKBIC2KroaJ3Cp0BafWplE7q4TiTmPBpo84cxQ7cQFj3M7C5dSTodid3grEt7Qn3

Request Chain 132

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPuTxGwoOuwLZBM_-gxw0Sw&google_cver=1&google_push=AZmPxg8zx50CZTuY3ha4-3J6IhiCjnfwAMzTIjC8YnUhn2BpBI0t_yCwern7vhm2gcFw6gxxxmGsfreMZojOidRaFhtwy_cJQOA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk3VUpDUVEtTi02N1FD&google_push=AZmPxg8zx50CZTuY3ha4-3J6IhiCjnfwAMzTIjC8YnUhn2BpBI0t_yCwern7vhm2gcFw6gxxxmGsfreMZojOidRaFhtwy_cJQOA

Request Chain 133

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEM5-OsP5HpFfKn3BO0g2nL0&google_cver=1&google_push=AZmPxg_chiLsPhlU1H3_lGchDMg-Xfy-APeihkSUeSna7T6imdgishfEkYNEvrrloVrMtTGG_Pnd4ytGRVaJx-VvT80-T80O8Kg HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEM5-OsP5HpFfKn3BO0g2nL0&google_cver=1&google_push=AZmPxg_chiLsPhlU1H3_lGchDMg-Xfy-APeihkSUeSna7T6imdgishfEkYNEvrrloVrMtTGG_Pnd4ytGRVaJx-VvT80-T80O8Kg&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg_chiLsPhlU1H3_lGchDMg-Xfy-APeihkSUeSna7T6imdgishfEkYNEvrrloVrMtTGG_Pnd4ytGRVaJx-VvT80-T80O8Kg&google_hm=FeicJGZHKDpiYM9ARxOpam4g

Request Chain 134

https://match.360yield.com/match/ebda?google_gid=CAESEB6JbXOwRGO521_sjnAjNBI&google_cver=1&google_push=AZmPxg-CDrTTGjUt_K2bCKzb00AZx6xv191TmoBQQyw0895AnNfQPYSa4kYtyQnp7ZCKnljCVaoF4bCFb1xqaadP70V5i6PI-prz HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEB6JbXOwRGO521_sjnAjNBI&google_cver=1&google_push=AZmPxg-CDrTTGjUt_K2bCKzb00AZx6xv191TmoBQQyw0895AnNfQPYSa4kYtyQnp7ZCKnljCVaoF4bCFb1xqaadP70V5i6PI-prz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=S3TEll_zT0CTuAgeONMKwA&google_push=AZmPxg-CDrTTGjUt_K2bCKzb00AZx6xv191TmoBQQyw0895AnNfQPYSa4kYtyQnp7ZCKnljCVaoF4bCFb1xqaadP70V5i6PI-prz

Request Chain 148

https://action.metaffiliation.com/trk.php?maff=P4E34356C8631D13&argsite=oneidY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphroneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://img.metaffiliation.com/4/58179/img_13_13_23.gif

149 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/
Redirect Chain

http://naviform.info/
https://naviform.info/
https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/

43 KB
12 KB

454ms
353ms

Document
text/html

108.138.17.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-54.fra56.r.cloudfront.net
Software: nginx / PHP/7.1.33 cloud66
Resource Hash: 1b978bda38401c89ef9c01e3eb01de3c7433e524f9f44e2cdb171c0928c251f2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: max-age=600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 11635
Content-Type: text/html; charset=UTF-8
Date: Fri, 14 Oct 2022 02:03:59 GMT
Expires: Fri, 14 Oct 2022 02:13:59 GMT
Server: nginx
Vary: Accept-Encoding
Via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
X-Amz-Cf-Id: RUegekQVAboKqIgjjL8p9a2jXUSV3imZwm5VkpsjjEpzujjSc2Nabw==
X-Amz-Cf-Pop: FRA56-P7
X-Cache: Miss from cloudfront
X-Powered-By: PHP/7.1.33 cloud66

Redirect headers

cache-control: no-store,no-cache,must-revalidate,max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 14 Oct 2022 02:03:59 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/
pragma: no-cache
server: Nginx 1.17

GET
H/1.1 200
OK style.css
www.hometowin.ca/wp-content/themes/hometowin3/ 218 KB
33 KB 23ms
23ms Stylesheet
text/css 108.138.17.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hometowin.ca/wp-content/themes/hometowin3/style.css?v=a29d259f1bc4b4789814125093e56ed9
Requested by: Host: www.hometowin.ca
URL: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-54.fra56.r.cloudfront.net
Software: nginx / cloud66
Resource Hash: 2c47728aeb3a63114e20a04d0a758d133526f6bdc0160b64eddd5cbd60f92241

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 18:14:42 GMT
Content-Encoding: gzip
Via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P7
Age: 19640957
X-Powered-By: cloud66
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 32711
Last-Modified: Wed, 27 Nov 2019 00:21:51 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Amz-Cf-Id: vbEFEm5pcO2ee8mG4YbRO6g14x_4j9WGEAcPrrbgxh9QvVgJ5-kNig==
Expires: Tue, 28 Feb 2023 18:14:42 GMT

GET
H/1.1 200
OK style.min.css
www.hometowin.ca/wp-includes/css/dist/block-library/ 40 KB
7 KB 55ms
24ms Stylesheet
text/css 108.138.17.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hometowin.ca/wp-includes/css/dist/block-library/style.min.css?ver=5.3
Requested by: Host: www.hometowin.ca
URL: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-54.fra56.r.cloudfront.net
Software: nginx / cloud66
Resource Hash: d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 14:12:55 GMT
Content-Encoding: gzip
Via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P7
Age: 4276264
X-Powered-By: cloud66
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 6163
Last-Modified: Tue, 05 Nov 2019 22:06:04 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Amz-Cf-Id: Jyqkj0cFA5r91OmqhHPttLbDpBgpXGkQMb_tsio91_aqdLBpH5bjbA==
Expires: Fri, 25 Aug 2023 14:12:55 GMT

GET
H2 200 corus-theme.css
videoplayer.smdg.ca/3.12.9/ 32 KB
6 KB 99ms
23ms Stylesheet
text/css 13.32.121.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://videoplayer.smdg.ca/3.12.9/corus-theme.css?ver=5.3
Requested by: Host: www.hometowin.ca
URL: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-74.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eae118aa11ef1c3f50c483cab76f5df624c8b7dbce1a8f91f377a863dc80c482

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 21 May 2022 03:41:25 GMT
content-encoding: gzip
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
last-modified: Thu, 23 May 2019 13:50:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 12608555
etag: W/"a2d640383e76ae9b0e9f764b374db784"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=2592000, s-maxage=31536000
x-amz-cf-id: WvGgg-r_vJhejOi39440Dx7wUHhc4sDbncalco1mg7p8-IQAhJtZ-A==

GET
H/1.1 200
OK videoplayer.css
www.hometowin.ca/wp-content/mu-plugins/corus-wpp-video-player/public/css/ 378 B
815 B 70ms
24ms Stylesheet
text/css 108.138.17.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hometowin.ca/wp-content/mu-plugins/corus-wpp-video-player/public/css/videoplayer.css?ver=5.3
Requested by: Host: www.hometowin.ca
URL: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-54.fra56.r.cloudfront.net
Software: nginx / cloud66
Resource Hash: 55e0f8023c041a2e0c6033e50ff10bbce4348024a9a91e519c509622d976a1a2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sat, 07 May 2022 16:08:25 GMT
Content-Encoding: gzip
Via: 1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P7
Age: 13773334
X-Powered-By: cloud66
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 238
Last-Modified: Tue, 02 Apr 2019 11:21:56 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Amz-Cf-Id: dmNSnrZE4Rr8lCMKnroqID1p5co5Ep2OoLBccqpsyF1cIYQ-lHLJBg==
Expires: Sun, 07 May 2023 16:08:25 GMT

GET
H2 200 jquery-2.2.4.min.js Show response
code.jquery.com/ 84 KB
29 KB 66ms
21ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.4.min.js?ver=5.3
Requested by: Host: www.hometowin.ca
URL: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 02:03:59 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-14e4a"
vary: Accept-Encoding
x-hw: 1665713039.dop221.pa1.t,1665713039.cds205.pa1.hn,1665713039.cds022.pa1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29811

GET
H2 200 357000011.js Show response
cdn.optimizely.com/js/ 133 KB
44 KB 204ms
129ms Script
text/javascript 2a02:26f0:6c00:2a8::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/357000011.js

Requested by

Host: www.hometowin.ca
URL: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a8::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

dc9ff3f924e172487a894b096fc94dcc4e5d2dea9e33b20cd40a6d52596ddac0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: Olaxsxoo3bb2Pvl2e8KzQYa.9B8ZyZ8.
content-encoding: gzip
date: Fri, 14 Oct 2022 02:03:59 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: 6F41ZDEDY4EJBMEH
x-amz-meta-revision: 636
x-amz-replication-status: COMPLETED
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="23";dur=0,cdnip;desc="2a02:26f0:6c00:2a8::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
content-length: 44604
x-amz-id-2: EzUbP75E2C68QIP+Ti/NSYGw1yOSI0HKP8gY34pfnaoqzjtb+JE5zziztlrfjyvCxl6h0DzH2ps=
last-modified: Wed, 09 May 2018 06:52:35 GMT
server: AmazonS3
etag: "ff5c51489886892fc9d7b705a4677086"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H/1.1 200
OK stylesheet.css
www.hometowin.ca/wp-content/themes/hometowin3/fonts/cooper-hewitt/ 2 KB
874 B 71ms
23ms Stylesheet
text/css 108.138.17.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hometowin.ca/wp-content/themes/hometowin3/fonts/cooper-hewitt/stylesheet.css?v=25f83d313ee4d05594cde3be09e420a6
Requested by: Host: www.hometowin.ca
URL: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-54.fra56.r.cloudfront.net
Software: nginx / cloud66
Resource Hash: 41946f601ff85bdc525d67e1e644418081cbafbef24f47a4749a8e2079075e98

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 21 Apr 2022 13:28:27 GMT
Content-Encoding: gzip
Via: 1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P7
Age: 15165332
X-Powered-By: cloud66
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 297
Last-Modified: Wed, 27 Nov 2019 00:21:54 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Amz-Cf-Id: h2D-m1bHj8OcBujkeVIrXGHoeyTa7QGHubEUIHEDFAyfIMowSEuSqg==
Expires: Fri, 21 Apr 2023 13:28:27 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.5.18/ 16 KB
7 KB 81ms
24ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.5.18/webfont.js

Requested by

Host: www.hometowin.ca
URL: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 07:14:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 586184
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6490
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Oct 2023 07:14:15 GMT

GET
H/1.1 200
OK Bryan-Interview-Hero-V3-1440x0-c-default.jpg
www.hometowin.ca/wp-content/uploads/ 49 KB
49 KB 123ms
123ms Image
image/jpeg 108.138.17.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hometowin.ca/wp-content/uploads/Bryan-Interview-Hero-V3-1440x0-c-default.jpg
Requested by: Host: www.hometowin.ca
URL: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-54.fra56.r.cloudfront.net
Software: nginx / cloud66
Resource Hash: a7976ded9e0ff2784e632e8562a7f92a0ff278df18272b7611026c38111e155b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Fri, 14 Oct 2022 02:04:00 GMT
Via: 1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
Last-Modified: Sat, 19 Feb 2022 22:15:26 GMT
Server: nginx
X-Amz-Cf-Pop: FRA56-P7
X-Powered-By: cloud66
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 49842
X-Amz-Cf-Id: oIGNDOLV4UDWmKoyplPbR9z_Wkg2iRAEWQ_EoKymxe6M_b1TsfLF6Q==
Expires: Sun, 13 Nov 2022 02:04:00 GMT

GET
H/1.1 200
OK HTW3-EP3019-10776B-781x520.jpg
www.hometowin.ca/wp-content/uploads/ 79 KB
80 KB 32ms
31ms Image
image/jpeg 108.138.17.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hometowin.ca/wp-content/uploads/HTW3-EP3019-10776B-781x520.jpg
Requested by: Host: www.hometowin.ca
URL: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-54.fra56.r.cloudfront.net
Software: nginx / cloud66
Resource Hash: a24af868772f38362b445b171f8aeaa5ba214f67b6150fa01606e7481abd5c2b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 19:49:51 GMT
Via: 1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 Jan 2021 21:17:44 GMT
Server: nginx
X-Amz-Cf-Pop: FRA56-P7
Age: 108849
X-Powered-By: cloud66
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 81002
X-Amz-Cf-Id: N8YRQyjyIi_YK--DRoKIf4z9mPCU5G2_j6OplB87TVSQkGTo3RmymQ==
Expires: Fri, 11 Nov 2022 19:49:51 GMT

GET
H/1.1 200
OK Select-613A6170-781x520.jpg
www.hometowin.ca/wp-content/uploads/ 99 KB
99 KB 217ms
217ms Image
image/jpeg 108.138.17.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hometowin.ca/wp-content/uploads/Select-613A6170-781x520.jpg
Requested by: Host: www.hometowin.ca
URL: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-54.fra56.r.cloudfront.net
Software: nginx / cloud66
Resource Hash: cc36006da29e91c7058ef191e6b42baf9715a8277a4d4badcd3d503ce0624037

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Fri, 14 Oct 2022 02:04:00 GMT
Via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
Last-Modified: Wed, 01 Apr 2020 01:30:23 GMT
Server: nginx
X-Amz-Cf-Pop: FRA56-P7
X-Powered-By: cloud66
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 101035
X-Amz-Cf-Id: jr1OvZ0O6BBaucyxSBTSU4t7X3qe8q5iKtay8raX8rNeP5jUnOomTA==
Expires: Sun, 13 Nov 2022 02:04:00 GMT

GET
H/1.1 200
OK feamle-writer-81x0-c-default.jpg
www.hometowin.ca/wp-content/uploads/ 2 KB
2 KB 30ms
30ms Image
image/jpeg 108.138.17.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hometowin.ca/wp-content/uploads/feamle-writer-81x0-c-default.jpg
Requested by: Host: www.hometowin.ca
URL: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-54.fra56.r.cloudfront.net
Software: nginx / cloud66
Resource Hash: 599820fed434e54bb06de1b0ea3cb3e5b8b5f3bdcb1c5652c7eabfd9ae8c91cc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 19:49:53 GMT
Via: 1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront)
Last-Modified: Fri, 18 Feb 2022 13:08:27 GMT
Server: nginx
X-Amz-Cf-Pop: FRA56-P7
Age: 108847
X-Powered-By: cloud66
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1746
X-Amz-Cf-Id: GxS7oCzoOhPu5lEmI_iah7Gy3_mX3G7RPW5Go68z448MUhQxOKQ4PA==
Expires: Fri, 11 Nov 2022 19:49:53 GMT

GET
H/1.1 200
OK wp-embed.min.js Show response
www.hometowin.ca/wp-includes/js/ 1 KB
1 KB 24ms
23ms Script
application/javascript 108.138.17.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hometowin.ca/wp-includes/js/wp-embed.min.js?ver=5.3
Requested by: Host: www.hometowin.ca
URL: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-54.fra56.r.cloudfront.net
Software: nginx / cloud66
Resource Hash: 0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 30 May 2022 02:55:55 GMT
Content-Encoding: gzip
Via: 1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P7
Age: 11833684
X-Powered-By: cloud66
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 740
Last-Modified: Sat, 05 Oct 2019 19:49:10 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Amz-Cf-Id: YE2gzGJYMakacsQ8UiGUFcwUdN-W_CyXb1j_T166ats1qnYMSRsKMg==
Expires: Tue, 30 May 2023 02:55:55 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/ 36 KB
11 KB 71ms
29ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js

Requested by

Host: www.hometowin.ca
URL: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hometowin.ca/
Origin: https://www.hometowin.ca
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 02:04:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 951
cdn-cachedat: 07/25/2022 03:12:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"c5b5b2fa19bd66ff23211d9f844e0131"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 951c23b5aef919044ea88ec448e338e6
timing-allow-origin: *
cdn-requestcountrycode: FR
cdn-status: 200
cf-ray: 759cbde49f63d619-CDG
cdn-requestpullsuccess: True

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 115ms
25ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.hometowin.ca
URL: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (pab/6F96) /
Resource Hash: 9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Fri, 14 Oct 2022 02:04:00 GMT
Content-Encoding: gzip
Age: 1353
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 29223
Last-Modified: Wed, 28 Sep 2022 20:05:37 GMT
Server: ECS (pab/6F96)
Etag: "f26384f93da6974ed577808dfa1fede5+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800

GET
H2 200 pinit.js Show response
assets.pinterest.com/js/ 361 B
448 B 113ms
35ms Script
application/javascript 2a02:26f0:6c00:28b::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit.js
Requested by: Host: www.hometowin.ca
URL: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28b::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-x-true-ttl: 300
content-encoding: br
x-cdn: akamai
etag: "62d32c28f14783b94192cd8d35bc010d"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=285
accept-ranges: bytes
content-length: 203

GET
H/1.1 200
OK vendor.js Show response
www.hometowin.ca/wp-content/themes/hometowin3/ 157 KB
42 KB 193ms
26ms Script
application/javascript 108.138.17.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hometowin.ca/wp-content/themes/hometowin3/vendor.js?v=b4c53f3628439e303656e50c1da0f003
Requested by: Host: www.hometowin.ca
URL: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-54.fra56.r.cloudfront.net
Software: nginx / cloud66
Resource Hash: 61f8962dc71851a9e0abdc652b0023761ca77fe827dcbf416327eb45b9d9def3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 18:14:43 GMT
Content-Encoding: gzip
Via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P7
Age: 19640957
X-Powered-By: cloud66
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 42150
Last-Modified: Wed, 27 Nov 2019 00:21:52 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Amz-Cf-Id: _lpuPey1XF4jH9e4SkbbofQochHI8Khnf-sSMBmt2ouQc-LJJFWarA==
Expires: Tue, 28 Feb 2023 18:14:43 GMT

GET
H/1.1 200
OK main.js Show response
www.hometowin.ca/wp-content/themes/hometowin3/ 138 KB
47 KB 206ms
36ms Script
application/javascript 108.138.17.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hometowin.ca/wp-content/themes/hometowin3/main.js?v=e5beb2bafae92a68da86c53f02a639e9
Requested by: Host: www.hometowin.ca
URL: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-54.fra56.r.cloudfront.net
Software: nginx / cloud66
Resource Hash: 4c6ed831f3a6f0df35a69e1c8124894500f80341a31657cfa8321db4995853b3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Fri, 27 May 2022 01:12:42 GMT
Content-Encoding: gzip
Via: 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P7
Age: 12099077
X-Powered-By: cloud66
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 47206
Last-Modified: Wed, 27 Nov 2019 00:21:53 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Amz-Cf-Id: DfGrH8Iv5NgFvFw1CfDvb4BpcqIeKy6fJ5Jr2ptQj_KLaOPm_hylPA==
Expires: Sat, 27 May 2023 01:12:42 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 45 KB
17 KB 108ms
37ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.hometowin.ca
URL: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

44f327eeeb995eabd2810452b355ca82979280a4d7def1bd980d3897e6999af6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 02:03:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16840
x-xss-protection: 0
server: cafe
etag: 11313833467736987248
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 14 Oct 2022 02:03:59 GMT

GET
H2 200 adchoices.min.js Show response
adchoices.corusdigitaldev.com/ 5 KB
4 KB 116ms
38ms Script
application/javascript 18.66.97.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adchoices.corusdigitaldev.com/adchoices.min.js
Requested by: Host: www.hometowin.ca
URL: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-21.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 367aeb7b548cef94ec1936ec99554a8b91831d6d38c26f4d5f106cdd47db2a84

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 02:04:00 GMT
content-encoding: gzip
via: 1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
last-modified: Thu, 01 Mar 2018 20:27:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 246
etag: W/"5a31fa6854d923e64d339234461eddf5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: YtJeCDltW-HuGwaXHu1InphDIIP2-7Z2W3W7An5qWkrRlQRK5uU86Q==

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
www.hometowin.ca/wp-includes/js/ 14 KB
5 KB 30ms
30ms Script
application/javascript 108.138.17.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hometowin.ca/wp-includes/js/wp-emoji-release.min.js?ver=5.3
Requested by: Host: www.hometowin.ca
URL: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-54.fra56.r.cloudfront.net
Software: nginx / cloud66
Resource Hash: 1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sat, 16 Apr 2022 02:55:51 GMT
Content-Encoding: gzip
Via: 1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P7
Age: 15635289
X-Powered-By: cloud66
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 4626
Last-Modified: Tue, 05 Nov 2019 22:16:02 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Amz-Cf-Id: fTFI3UTs3z1jjSkGF9fmmRdc8CdQY34cc6f1F0EjihknNbwe4oPYmg==
Expires: Sun, 16 Apr 2023 02:55:51 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 100ms
35ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:300,400,700%7CRaleway:400,600

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.5.18/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

246d287b4272dd0bafd02f6edda498e77173c956015dce0aca2b5887d6f64f4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 14 Oct 2022 02:04:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 14 Oct 2022 02:04:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Oct 2022 02:04:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
28 KB 108ms
35ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.hometowin.ca
URL: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f9829c4ff570c637f2afa2c6b837b8b79382d4b001e90891f5d8f09a5b45b4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 02:04:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27654
x-xss-protection: 0
server: sffe
etag: "1363 / 102 of 1000 / last-modified: 1665698735"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 14 Oct 2022 02:04:00 GMT

GET
H/1.1 200
OK h-t-w-small.png
www.hometowin.ca/wp-content/themes/hometowin3/images/common/ 65 KB
66 KB 97ms
32ms Image
image/png 108.138.17.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hometowin.ca/wp-content/themes/hometowin3/images/common/h-t-w-small.png?v=RXZ1rXuk%2B7m049pmQht%2BRw%3D%3D
Requested by: Host: www.hometowin.ca
URL: https://www.hometowin.ca/wp-content/themes/hometowin3/style.css?v=a29d259f1bc4b4789814125093e56ed9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-54.fra56.r.cloudfront.net
Software: nginx / cloud66
Resource Hash: 911fde8fbe0e113b6f3139d63f03804cbdff833d0229611b638b419b424b7456

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/wp-content/themes/hometowin3/style.css?v=a29d259f1bc4b4789814125093e56ed9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 13:53:06 GMT
Via: 1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront)
Last-Modified: Wed, 27 Nov 2019 00:22:01 GMT
Server: nginx
X-Amz-Cf-Pop: FRA56-P7
Age: 2117454
X-Powered-By: cloud66
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66639
X-Amz-Cf-Id: bmYyNIKqMDC8Fgp6XQZjuYZ22KoGkJQ6n42AcT_fKeFrvdm50N34KA==
Expires: Wed, 19 Oct 2022 13:53:06 GMT

GET
H/1.1 200
OK social-facebook.svg
www.hometowin.ca/wp-content/themes/hometowin3/images/common/ 750 B
1019 B 129ms
24ms Image
image/svg+xml 108.138.17.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hometowin.ca/wp-content/themes/hometowin3/images/common/social-facebook.svg?v=8t5oFYCmlnsAlybfJfwIow%3D%3D
Requested by: Host: www.hometowin.ca
URL: https://www.hometowin.ca/wp-content/themes/hometowin3/style.css?v=a29d259f1bc4b4789814125093e56ed9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-54.fra56.r.cloudfront.net
Software: nginx / cloud66
Resource Hash: 5eb24576ec19626622b85979d943e8edbe256e8097fbf8529f924ff9e6afd284

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/wp-content/themes/hometowin3/style.css?v=a29d259f1bc4b4789814125093e56ed9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 20:17:21 GMT
Content-Encoding: gzip
Via: 1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P7
Age: 971199
X-Powered-By: cloud66
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 455
Last-Modified: Wed, 27 Nov 2019 00:22:07 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Amz-Cf-Id: -tc4NQbJ2skRtRB5ZuUqLK2Xaks2L-vf-GvYbJG1u9Jz5WEUNLr3-Q==
Expires: Tue, 01 Nov 2022 20:17:21 GMT

GET
H/1.1 200
OK social-twitter.svg
www.hometowin.ca/wp-content/themes/hometowin3/images/common/ 1 KB
1 KB 96ms
35ms Image
image/svg+xml 108.138.17.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hometowin.ca/wp-content/themes/hometowin3/images/common/social-twitter.svg?v=MzDzoI93nLtJkqedF2%2B9ow%3D%3D
Requested by: Host: www.hometowin.ca
URL: https://www.hometowin.ca/wp-content/themes/hometowin3/style.css?v=a29d259f1bc4b4789814125093e56ed9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-54.fra56.r.cloudfront.net
Software: nginx / cloud66
Resource Hash: e7a0a07ae4349e91e3ae79714b8e3a7978ee02888f599529d132f14117c02cf3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/wp-content/themes/hometowin3/style.css?v=a29d259f1bc4b4789814125093e56ed9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 08:35:56 GMT
Content-Encoding: gzip
Via: 1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P7
Age: 2309284
X-Powered-By: cloud66
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 623
Last-Modified: Wed, 27 Nov 2019 00:22:07 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Amz-Cf-Id: iIjmY1bParvJb-KCcz27P4tLgZ1q7tSYjZbDkmhMdkZO6uRYLtTbCg==
Expires: Mon, 17 Oct 2022 08:35:56 GMT

GET
H/1.1 200
OK social-instagram.svg
www.hometowin.ca/wp-content/themes/hometowin3/images/common/ 988 B
1 KB 151ms
23ms Image
image/svg+xml 108.138.17.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hometowin.ca/wp-content/themes/hometowin3/images/common/social-instagram.svg?v=L7BrADunwwrhWsNE8ukcVQ%3D%3D
Requested by: Host: www.hometowin.ca
URL: https://www.hometowin.ca/wp-content/themes/hometowin3/style.css?v=a29d259f1bc4b4789814125093e56ed9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-54.fra56.r.cloudfront.net
Software: nginx / cloud66
Resource Hash: 1b64a1639679dcdd0fd1e2eab9d9bd8a126221b8dda16e6bef58c54ed18ddf66

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/wp-content/themes/hometowin3/style.css?v=a29d259f1bc4b4789814125093e56ed9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 03:38:10 GMT
Content-Encoding: gzip
Via: 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P7
Age: 1031150
X-Powered-By: cloud66
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 530
Last-Modified: Wed, 27 Nov 2019 00:22:07 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Amz-Cf-Id: QmDCNOcFMu0ACtcB2bgL0DWwK0Dp8N4SostdjV5zCNxxT8L0c--Pow==
Expires: Tue, 01 Nov 2022 03:38:10 GMT

GET
H/1.1 200
OK social-pinterest.svg
www.hometowin.ca/wp-content/themes/hometowin3/images/common/ 1 KB
1 KB 148ms
24ms Image
image/svg+xml 108.138.17.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hometowin.ca/wp-content/themes/hometowin3/images/common/social-pinterest.svg?v=gqgI1LhgnsbL4KR0B6%2FOWg%3D%3D
Requested by: Host: www.hometowin.ca
URL: https://www.hometowin.ca/wp-content/themes/hometowin3/style.css?v=a29d259f1bc4b4789814125093e56ed9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-54.fra56.r.cloudfront.net
Software: nginx / cloud66
Resource Hash: 4e90e3c603ea102432c123af3bb79f9c8b09d24c098ed04329e0a0136a3b3998

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/wp-content/themes/hometowin3/style.css?v=a29d259f1bc4b4789814125093e56ed9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 08:35:56 GMT
Content-Encoding: gzip
Via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P7
Age: 2309284
X-Powered-By: cloud66
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 741
Last-Modified: Wed, 27 Nov 2019 00:22:07 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Amz-Cf-Id: WeihxAoXzic1QslITbFZeagzkhXH4OvY1Z18vYnfUZzO5njXZyziug==
Expires: Mon, 17 Oct 2022 08:35:56 GMT

GET
H/1.1 200
OK hgtv.png
www.hometowin.ca/wp-content/themes/hometowin3/images/common/ 7 KB
8 KB 123ms
40ms Image
image/png 108.138.17.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hometowin.ca/wp-content/themes/hometowin3/images/common/hgtv.png?v=OXbiRYj2oMzlmV1Xz6%2BIVA%3D%3D
Requested by: Host: www.hometowin.ca
URL: https://www.hometowin.ca/wp-content/themes/hometowin3/style.css?v=a29d259f1bc4b4789814125093e56ed9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-54.fra56.r.cloudfront.net
Software: nginx / cloud66
Resource Hash: 109a3b79fc565c70004568e9c590d8a0db8f14e280d1d24492f4073c4c97ac87

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/wp-content/themes/hometowin3/style.css?v=a29d259f1bc4b4789814125093e56ed9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 20:17:21 GMT
Via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
Last-Modified: Wed, 27 Nov 2019 00:22:00 GMT
Server: nginx
X-Amz-Cf-Pop: FRA56-P7
Age: 971199
X-Powered-By: cloud66
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7438
X-Amz-Cf-Id: MYXkBKr0tzbn7jJKByWBydLbyjbyJhdPf_IPkeBo4mt3ggzVmvm3sA==
Expires: Tue, 01 Nov 2022 20:17:21 GMT

GET
H/1.1 200
OK filigree.png
www.hometowin.ca/wp-content/themes/hometowin3/images/common/ 808 B
1 KB 140ms
36ms Image
image/png 108.138.17.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hometowin.ca/wp-content/themes/hometowin3/images/common/filigree.png?v=o%2BSty5UQ%2BgIDgOEyDcLQ7A%3D%3D
Requested by: Host: www.hometowin.ca
URL: https://www.hometowin.ca/wp-content/themes/hometowin3/style.css?v=a29d259f1bc4b4789814125093e56ed9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-54.fra56.r.cloudfront.net
Software: nginx / cloud66
Resource Hash: 07004a25a64ed745d089d8386ff3641f4f7be7b21f60846237f7dcdf8eaa4dde

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/wp-content/themes/hometowin3/style.css?v=a29d259f1bc4b4789814125093e56ed9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 11 Oct 2022 11:42:49 GMT
Via: 1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront)
Last-Modified: Wed, 27 Nov 2019 00:21:59 GMT
Server: nginx
X-Amz-Cf-Pop: FRA56-P7
Age: 224471
X-Powered-By: cloud66
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 808
X-Amz-Cf-Id: H2FB7zwc-PHqaI8EE3Cs4L7QdjvPZNDQHY8ytzkvYUSdzcAnxXmC0A==
Expires: Thu, 10 Nov 2022 11:42:49 GMT

GET
H/1.1 200
OK page-1-copy.png
www.hometowin.ca/wp-content/themes/hometowin3/images/common/ 294 B
808 B 162ms
32ms Image
image/png 108.138.17.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hometowin.ca/wp-content/themes/hometowin3/images/common/page-1-copy.png?v=PZ1FyFJ%2BoJxBG%2BG4pr9BYQ%3D%3D
Requested by: Host: www.hometowin.ca
URL: https://www.hometowin.ca/wp-content/themes/hometowin3/style.css?v=a29d259f1bc4b4789814125093e56ed9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-54.fra56.r.cloudfront.net
Software: nginx / cloud66
Resource Hash: 107eb8b3218160a0592ffab3a03e5be734749fa3f0abf84a1a154077b27b6569

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/wp-content/themes/hometowin3/style.css?v=a29d259f1bc4b4789814125093e56ed9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 03:38:10 GMT
Via: 1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront)
Last-Modified: Wed, 27 Nov 2019 00:22:00 GMT
Server: nginx
X-Amz-Cf-Pop: FRA56-P7
Age: 1031150
X-Powered-By: cloud66
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 294
X-Amz-Cf-Id: 6DYPfXZp0RK9CZ5snXxN0WJr13GVPjRHXTPouB5STKrE4ClLa2e5oQ==
Expires: Tue, 01 Nov 2022 03:38:10 GMT

GET
H/1.1 200
OK social-title-icon.png
www.hometowin.ca/wp-content/themes/hometowin3/images/common/ 3 KB
3 KB 127ms
26ms Image
image/png 108.138.17.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hometowin.ca/wp-content/themes/hometowin3/images/common/social-title-icon.png?v=GLpdrgJueJ5BufRsYD2FxQ%3D%3D
Requested by: Host: www.hometowin.ca
URL: https://www.hometowin.ca/wp-content/themes/hometowin3/style.css?v=a29d259f1bc4b4789814125093e56ed9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-54.fra56.r.cloudfront.net
Software: nginx / cloud66
Resource Hash: 32c66fe594c8b9dc7ea3362da8be093aa4d8c2c971b8f16531cc9c72974c4a19

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/wp-content/themes/hometowin3/style.css?v=a29d259f1bc4b4789814125093e56ed9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 20:21:35 GMT
Via: 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
Last-Modified: Wed, 27 Nov 2019 00:22:02 GMT
Server: nginx
X-Amz-Cf-Pop: FRA56-P7
Age: 106945
X-Powered-By: cloud66
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2738
X-Amz-Cf-Id: y7mxHullr0lQERbBKH8DLuBBixo6XeS5hMtXm9K05XnP1tS_NYrrrA==
Expires: Fri, 11 Nov 2022 20:21:35 GMT

GET
H/1.1 200
OK CooperHewitt-Book.woff
www.hometowin.ca/wp-content/themes/hometowin3/fonts/cooper-hewitt/ 51 KB
52 KB 46ms
23ms Font
application/font-woff 108.138.17.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hometowin.ca/wp-content/themes/hometowin3/fonts/cooper-hewitt/CooperHewitt-Book.woff
Requested by: Host: www.hometowin.ca
URL: https://www.hometowin.ca/wp-content/themes/hometowin3/fonts/cooper-hewitt/stylesheet.css?v=25f83d313ee4d05594cde3be09e420a6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-54.fra56.r.cloudfront.net
Software: nginx / cloud66
Resource Hash: 3bcf6f17d332714cf8d8ab79601b84ec177351cc920cb5af236506853b96836b

Request headers

Referer: https://www.hometowin.ca/wp-content/themes/hometowin3/fonts/cooper-hewitt/stylesheet.css?v=25f83d313ee4d05594cde3be09e420a6
Origin: https://www.hometowin.ca
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 07:57:45 GMT
Via: 1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront)
Last-Modified: Wed, 27 Nov 2019 00:21:53 GMT
Server: nginx
X-Amz-Cf-Pop: FRA56-P7
Age: 2311575
X-Powered-By: cloud66
X-Cache: Hit from cloudfront
Content-Type: application/font-woff
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 52731
X-Amz-Cf-Id: VslTNUyvL1zBuKbfLPY1Hp-KAQ7v-UJYNXIRdE4sjwspOhvLjMWL4Q==
Expires: Mon, 17 Oct 2022 07:57:45 GMT

GET
H/1.1 200
OK CooperHewitt-MediumItalic.woff
www.hometowin.ca/wp-content/themes/hometowin3/fonts/cooper-hewitt/ 52 KB
53 KB 58ms
25ms Font
application/font-woff 108.138.17.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hometowin.ca/wp-content/themes/hometowin3/fonts/cooper-hewitt/CooperHewitt-MediumItalic.woff
Requested by: Host: www.hometowin.ca
URL: https://www.hometowin.ca/wp-content/themes/hometowin3/fonts/cooper-hewitt/stylesheet.css?v=25f83d313ee4d05594cde3be09e420a6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-54.fra56.r.cloudfront.net
Software: nginx / cloud66
Resource Hash: 11c0fbb05bb4a2101a230d4b7adf62f4df24b45a0eeb0c11e519cef1ae5e8f0c

Request headers

Referer: https://www.hometowin.ca/wp-content/themes/hometowin3/fonts/cooper-hewitt/stylesheet.css?v=25f83d313ee4d05594cde3be09e420a6
Origin: https://www.hometowin.ca
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 08:35:55 GMT
Via: 1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront)
Last-Modified: Wed, 27 Nov 2019 00:21:54 GMT
Server: nginx
X-Amz-Cf-Pop: FRA56-P7
Age: 2309284
X-Powered-By: cloud66
X-Cache: Hit from cloudfront
Content-Type: application/font-woff
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 53363
X-Amz-Cf-Id: 17CvZ9pzGViACJsXv94s-d7BfQH_IZRI-qW5K1dIP799E90zNp-tcw==
Expires: Mon, 17 Oct 2022 08:35:55 GMT

GET
H/1.1 200
OK CooperHewitt-Medium.woff
www.hometowin.ca/wp-content/themes/hometowin3/fonts/cooper-hewitt/ 52 KB
53 KB 38ms
24ms Font
application/font-woff 108.138.17.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hometowin.ca/wp-content/themes/hometowin3/fonts/cooper-hewitt/CooperHewitt-Medium.woff
Requested by: Host: www.hometowin.ca
URL: https://www.hometowin.ca/wp-content/themes/hometowin3/fonts/cooper-hewitt/stylesheet.css?v=25f83d313ee4d05594cde3be09e420a6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-54.fra56.r.cloudfront.net
Software: nginx / cloud66
Resource Hash: e5fcd47740334669e7dcb22ffafbd2a422e2325dd5f3a4d9ad0562fe28b948e8

Request headers

Referer: https://www.hometowin.ca/wp-content/themes/hometowin3/fonts/cooper-hewitt/stylesheet.css?v=25f83d313ee4d05594cde3be09e420a6
Origin: https://www.hometowin.ca
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sat, 24 Sep 2022 02:44:15 GMT
Via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
Last-Modified: Wed, 27 Nov 2019 00:21:54 GMT
Server: nginx
X-Amz-Cf-Pop: FRA56-P7
Age: 1725585
X-Powered-By: cloud66
X-Cache: Hit from cloudfront
Content-Type: application/font-woff
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 53331
X-Amz-Cf-Id: sslYaVD6D1-f6j_lmquVjbFqGkpsM0gcLcxuwb0CHmGNejc9Mbj0zw==
Expires: Mon, 24 Oct 2022 02:44:15 GMT

GET
H/1.1 200
OK diagonallines-2.png
www.hometowin.ca/wp-content/themes/hometowin3/images/common/ 723 B
1 KB 133ms
30ms Image
image/png 108.138.17.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hometowin.ca/wp-content/themes/hometowin3/images/common/diagonallines-2.png?v=2JH4QrgLPgHe60eivoU%2BpQ%3D%3D
Requested by: Host: www.hometowin.ca
URL: https://www.hometowin.ca/wp-content/themes/hometowin3/style.css?v=a29d259f1bc4b4789814125093e56ed9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-54.fra56.r.cloudfront.net
Software: nginx / cloud66
Resource Hash: 0ba2b92f645a130f9665669d31d32057af09d18ac353ea9d56e057d7193482b8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/wp-content/themes/hometowin3/style.css?v=a29d259f1bc4b4789814125093e56ed9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 12:59:15 GMT
Via: 1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront)
Last-Modified: Wed, 27 Nov 2019 00:21:59 GMT
Server: nginx
X-Amz-Cf-Pop: FRA56-P7
Age: 1429485
X-Powered-By: cloud66
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 723
X-Amz-Cf-Id: mcVDFvEWSZbyganU3f2IucGsUAIPUDEsG6q1i043L3ac5r6SPHKOLQ==
Expires: Thu, 27 Oct 2022 12:59:15 GMT

GET
H/1.1 200
OK sponsors-lg.png
www.hometowin.ca/wp-content/themes/hometowin3/images/common/ 28 KB
28 KB 30ms
29ms Image
image/png 108.138.17.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hometowin.ca/wp-content/themes/hometowin3/images/common/sponsors-lg.png?v=tGl55ka3n5xwjMtMMyFsEg%3D%3D
Requested by: Host: www.hometowin.ca
URL: https://www.hometowin.ca/wp-content/themes/hometowin3/style.css?v=a29d259f1bc4b4789814125093e56ed9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-54.fra56.r.cloudfront.net
Software: nginx / cloud66
Resource Hash: 31dcb06768580e5d58ffc4395e7f62cad8c7ec757bbe678d1b10808444e7490c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/wp-content/themes/hometowin3/style.css?v=a29d259f1bc4b4789814125093e56ed9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 11 Oct 2022 20:16:24 GMT
Via: 1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront)
Last-Modified: Wed, 27 Nov 2019 00:22:03 GMT
Server: nginx
X-Amz-Cf-Pop: FRA56-P7
Age: 193656
X-Powered-By: cloud66
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28261
X-Amz-Cf-Id: RimsE7-uPZK5tyH_DTQgqJxe81FyJsR_zSh21KodWu3HBLIW_RkC3g==
Expires: Thu, 10 Nov 2022 20:16:24 GMT

GET
H/1.1 200
OK CooperHewitt-Semibold.woff
www.hometowin.ca/wp-content/themes/hometowin3/fonts/cooper-hewitt/ 53 KB
53 KB 29ms
27ms Font
application/font-woff 108.138.17.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hometowin.ca/wp-content/themes/hometowin3/fonts/cooper-hewitt/CooperHewitt-Semibold.woff
Requested by: Host: www.hometowin.ca
URL: https://www.hometowin.ca/wp-content/themes/hometowin3/fonts/cooper-hewitt/stylesheet.css?v=25f83d313ee4d05594cde3be09e420a6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-54.fra56.r.cloudfront.net
Software: nginx / cloud66
Resource Hash: f4f69e0fe16a962370bebdc294d508bb95c0f95f7f78d144561c0ad05f75ba03

Request headers

Referer: https://www.hometowin.ca/wp-content/themes/hometowin3/fonts/cooper-hewitt/stylesheet.css?v=25f83d313ee4d05594cde3be09e420a6
Origin: https://www.hometowin.ca
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 08:35:56 GMT
Via: 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
Last-Modified: Wed, 27 Nov 2019 00:21:54 GMT
Server: nginx
X-Amz-Cf-Pop: FRA56-P7
Age: 2309284
X-Powered-By: cloud66
X-Cache: Hit from cloudfront
Content-Type: application/font-woff
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 54091
X-Amz-Cf-Id: 3cMmW_RlGWngfVweZUm6pKWFbUwNfY0j7zFyg7VaZe3zc1LCP--2UQ==
Expires: Mon, 17 Oct 2022 08:35:56 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 26 KB
10 KB 112ms
25ms Script
application/javascript 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.hometowin.ca
URL: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e7aaa31aec9d6a9f88c0af5d361aff3e7828ace0fb0c55ab35922025e12700b1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 02:04:00 GMT
content-encoding: gzip
etag: "cbFpuah7ilcpMTJLYeCgng=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 21 Oct 2022 02:04:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 98ms
31ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.hometowin.ca
URL: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 14 Oct 2022 01:15:57 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2883
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 14 Oct 2022 03:15:57 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 118ms
23ms Script
application/javascript 13.32.99.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.hometowin.ca
URL: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-105.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 07:52:51 GMT
content-encoding: gzip
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 65470
x-amz-server-side-encryption: AES256
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: IvJGoV0C3xo_5EWRKBwSSp52E3djTsIH9_hp7FgaXrt__KtxcK0PqA==

GET
H2 200 KmMyHchJ.js Show response
cdn.krxd.net/controltag/ 31 KB
7 KB 169ms
105ms Script
text/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/KmMyHchJ.js
Requested by: Host: www.hometowin.ca
URL: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d1646bada4bc33af0799de13d75d5456e1dbbe8d59477073db01b1d8e8241afc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Fri, 14 Oct 2022 02:04:00 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 536
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-length: 7119
x-served-by: config-service-a003-ash-prod.krxd.net, cache-iad-kcgs7200105-IAD, cache-cdg20720-CDG
x-response-time: 1
x-do-esi: esi
x-timer: S1665713040.246988,VS0,VE81
etag: "ae0ec66974b748649a8deabbcae4537b748dd38a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 4, 1

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 87ms
34ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.hometowin.ca
URL: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b81cc6d28cbf3df9c6127a05a865bef0842d917507cce946712974e748110957

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 14 Oct 2022 02:04:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26852
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: jmzftHt8joHeAnl2C2UMQjOekPRmF5ikNg16QVceD/bACnkzB572SeDeMeyRRJ6VlqlMq0+sc4jw+O8LTWkyaA==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1062274932/ 2 KB
2 KB 122ms
51ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1062274932/?random=1665713040113&cv=9&fst=1665713040113&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.hometowin.ca%2Fbehind-the-design%2Farticle%2Fbryan-and-sarah-baeumler-home-to-win-season-3%2F&tiba=Find%20Out%20What%20Bryan%20and%20Sarah%20Baeumler%20Love%20Most%20About%20The%20Season%203%20House%20-%20Home%20to%20Win&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

592212ae7e38efff429c4fbf0109e4f76c9581ded370cd5b4929a20df8190e37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 02:04:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1102
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK corus.png
www.hometowin.ca/wp-content/themes/hometowin3/images/common/ 2 KB
2 KB 26ms
26ms Image
image/png 108.138.17.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hometowin.ca/wp-content/themes/hometowin3/images/common/corus.png?v=FNB9EZdVO%2F9u0xdF%2BSq7qA%3D%3D
Requested by: Host: www.hometowin.ca
URL: https://www.hometowin.ca/wp-content/themes/hometowin3/style.css?v=a29d259f1bc4b4789814125093e56ed9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-54.fra56.r.cloudfront.net
Software: nginx / cloud66
Resource Hash: 73423969445cbc7c3b028f5cd89e2d32444dd6fcfa1a082121c68ea9ce3213f3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/wp-content/themes/hometowin3/style.css?v=a29d259f1bc4b4789814125093e56ed9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 08:35:56 GMT
Via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
Last-Modified: Wed, 27 Nov 2019 00:21:59 GMT
Server: nginx
X-Amz-Cf-Pop: FRA56-P7
Age: 2309284
X-Powered-By: cloud66
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1726
X-Amz-Cf-Id: ENwW8Dp6F_ClNFAyxm10pnjq68-aqhZ86T6JN6chy22aadxVjg7j-Q==
Expires: Mon, 17 Oct 2022 08:35:56 GMT

GET
H/1.1 200
OK architect.png
www.hometowin.ca/wp-content/themes/hometowin3/images/common/ 1 KB
2 KB 26ms
26ms Image
image/png 108.138.17.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hometowin.ca/wp-content/themes/hometowin3/images/common/architect.png?v=of9ICj9oY8MPXbv6PYrcCA%3D%3D
Requested by: Host: www.hometowin.ca
URL: https://www.hometowin.ca/wp-content/themes/hometowin3/style.css?v=a29d259f1bc4b4789814125093e56ed9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-54.fra56.r.cloudfront.net
Software: nginx / cloud66
Resource Hash: bd2160022bb7349ed10885c4d75ec54dbfb240c7ad2ce00a603a3d087ef87f8f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/wp-content/themes/hometowin3/style.css?v=a29d259f1bc4b4789814125093e56ed9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 08:35:56 GMT
Via: 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
Last-Modified: Wed, 27 Nov 2019 00:21:56 GMT
Server: nginx
X-Amz-Cf-Pop: FRA56-P7
Age: 2309284
X-Powered-By: cloud66
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1186
X-Amz-Cf-Id: fpHvE3Tsy7RcXNGzyyiJq5d4PBZaw3nmkSjxNBkao-R_hSoCjj6Fvw==
Expires: Mon, 17 Oct 2022 08:35:56 GMT

GET
H/1.1 200
OK stitch.png
www.hometowin.ca/wp-content/themes/hometowin3/images/common/ 2 KB
2 KB 24ms
23ms Image
image/png 108.138.17.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hometowin.ca/wp-content/themes/hometowin3/images/common/stitch.png?v=7wQKZSlkyo1QBzCyqRay7g%3D%3D
Requested by: Host: www.hometowin.ca
URL: https://www.hometowin.ca/wp-content/themes/hometowin3/style.css?v=a29d259f1bc4b4789814125093e56ed9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-54.fra56.r.cloudfront.net
Software: nginx / cloud66
Resource Hash: 9098d7ff9e02db978b70164b0082bdb14d306fba41f5e4d0f24ad314df3fe183

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/wp-content/themes/hometowin3/style.css?v=a29d259f1bc4b4789814125093e56ed9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 04 Oct 2022 09:03:03 GMT
Via: 1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront)
Last-Modified: Wed, 27 Nov 2019 00:22:04 GMT
Server: nginx
X-Amz-Cf-Pop: FRA56-P7
Age: 838857
X-Powered-By: cloud66
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1613
X-Amz-Cf-Id: 4fR7ZK9hJDEeW0GfktulLKFxtHhvr070CK-uA7QQLryHSGhuLDgj1w==
Expires: Thu, 03 Nov 2022 09:03:03 GMT

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v49/ 25 KB
25 KB 99ms
33ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:300,400,700%7CRaleway:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hometowin.ca
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 21:13:14 GMT
x-content-type-options: nosniff
age: 276646
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25372
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Oct 2023 21:13:14 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ 45 KB
46 KB 116ms
57ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:300,400,700%7CRaleway:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hometowin.ca
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 21:06:52 GMT
x-content-type-options: nosniff
age: 277028
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46524
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Oct 2023 21:06:52 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f837a69a20e6f66ed1478571ccd0c1a335d6b40e7f3605319adc3c4fb716565

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK widget_iframe.7dae38096d06923d683a2a807172322a.html Show response
platform.twitter.com/widgets/ Frame A461 320 KB
104 KB 20ms
18ms Document
text/html 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fwww.hometowin.ca
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (pab/6FA4) /
Resource Hash: 8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer: https://www.hometowin.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 42154
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105445
Content-Type: text/html; charset=utf-8
Date: Fri, 14 Oct 2022 02:04:00 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 28 Sep 2022 20:04:27 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (pab/6FA4)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 pinit_main.js Show response
assets.pinterest.com/js/ 66 KB
19 KB 32ms
31ms Script
application/javascript 2a02:26f0:6c00:28b::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js?0.6305815501257133
Requested by: Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28b::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-x-true-ttl: 300
content-encoding: br
x-cdn: akamai
etag: "3725764cf05d1a0938de73d398772331"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=285
accept-ranges: bytes
content-length: 18679

GET
H2 200 settings Show response
syndication.twitter.com/ Frame A461 851 B
677 B 189ms
129ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=e67c722107e0962eb66db0b0ab91e9f443bfbf42

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fwww.hometowin.ca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

45bc75820c2292bf64b74af20b9785c4a053608816b7d0c05bdc968e8e9de805

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-response-time: 107
date: Fri, 14 Oct 2022 02:04:00 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Fri, 14 Oct 2022 02:04:00 GMT
server: tsa_f
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 063b8a458deae1c8
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 7dcccfa77c83fb6407047a75e40a3556e51077b954427ae351bfa925f4441dac
content-length: 355

GET
H2 200 pubads_impl_2022101101.js Show response
securepubads.g.doubleclick.net/gpt/ 380 KB
129 KB 115ms
27ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070373

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0adb253f1936a498f71414d7807eb2feb8fc7269a8eda6146ef73627aa0ea898

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:19:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27896
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131337
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 08:35:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 13 Oct 2023 18:19:04 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 91 B
720 B 121ms
34ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.hometowin.ca

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43415a151fb04dd779a6fa43f8bfb2ec6698957edb7a4f7530651e3bf61510cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 02:04:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84
x-xss-protection: 0
expires: Fri, 14 Oct 2022 02:04:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
208 B 32ms
31ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=561225844&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hometowin.ca%2Fbehind-the-design%2Farticle%2Fbryan-and-sarah-baeumler-home-to-win-season-3%2F&ul=en-us&de=UTF-8&dt=Find%20Out%20What%20Bryan%20and%20Sarah%20Baeumler%20Love%20Most%20About%20The%20Season%203%20House%20-%20Home%20to%20Win&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1009336444&gjid=1778750958&cid=850242716.1665713040&tid=UA-19331976-2&_gid=702648131.1665713040&_r=1&_slc=1&z=390036476

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hometowin.ca/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 02:04:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hometowin.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=1.10.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5F34123F5245B4A70A490D45%40AdobeOrg&d_nsid=0&ts=1665713040354
https://dpm.demdex.net/id/rd?d_visid_ver=1.10.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5F34123F5245B4A70A490D45%40AdobeOrg&d_nsid=0&ts=1665713040354

601 B
1 KB

31ms
30ms

XHR
application/json

52.30.136.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=1.10.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5F34123F5245B4A70A490D45%40AdobeOrg&d_nsid=0&ts=1665713040354

Requested by

Host: www.hometowin.ca
URL: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/

Protocol

HTTP/1.1

Server

52.30.136.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-136-248.eu-west-1.compute.amazonaws.com

Software

Resource Hash

9797ef746acff32e324a1f398a5237e4245f7247f5819f8cb89675ec487b0341

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v044-0cba3cc62.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: n32hTCpvTRA=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.hometowin.ca
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 441
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v044-00915bc04.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 58u5QxeWRf4=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.hometowin.ca
Location: https://dpm.demdex.net/id/rd?d_visid_ver=1.10.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5F34123F5245B4A70A490D45%40AdobeOrg&d_nsid=0&ts=1665713040354
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 rules-p-3bxjqmRs6G6CD.js Show response
rules.quantcount.com/ 4 KB
2 KB 497ms
434ms Script
application/javascript 2600:9000:2057:8800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-3bxjqmRs6G6CD.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea0bfda3f5df6408eb356ccaa25142c34ab16a533a6bd7ec2006e64944ea3334

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 02:04:01 GMT
content-encoding: gzip
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Fri, 14 Oct 2022 00:25:45 GMT
server: AmazonS3
etag: W/"de75ae9337989e0c63243119bb12186f"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: FHbVj1pnuoBtgrsOOh6jX3zop5EvycxrdqTt94dvMGZ2BOxlsrPCcQ==

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=3005670&cs_it=b3&cv=3.8.0.210223&ns__t=1665713040373&ns_c=UTF-8&c7=https%3A%2F%2Fwww.hometowin.ca%2Fbehind-the-design%2Farticle%2Fbryan-and-sarah-baeumler...
https://sb.scorecardresearch.com/b2?c1=2&c2=3005670&cs_it=b3&cv=3.8.0.210223&ns__t=1665713040373&ns_c=UTF-8&c7=https%3A%2F%2Fwww.hometowin.ca%2Fbehind-the-design%2Farticle%2Fbryan-and-sarah-baeumle...

0
191 B

23ms
23ms

Image
text/plain

13.32.99.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=3005670&cs_it=b3&cv=3.8.0.210223&ns__t=1665713040373&ns_c=UTF-8&c7=https%3A%2F%2Fwww.hometowin.ca%2Fbehind-the-design%2Farticle%2Fbryan-and-sarah-baeumler-home-to-win-season-3%2F&c8=Find%20Out%20What%20Bryan%20and%20Sarah%20Baeumler%20Love%20Most%20About%20The%20Season%203%20House%20-%20Home%20to%20Win&c9=
Requested by: Host: www.hometowin.ca
URL: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/
Protocol: H2
Server: 13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-105.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 02:04:00 GMT
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: 7PWpOOGTvjn4IbtOIQLcZzI9-1JhNXdwARFRaPAWCwAhAFbq0Q2ATA==
x-cache: Miss from cloudfront

Redirect headers

location: /b2?c1=2&c2=3005670&cs_it=b3&cv=3.8.0.210223&ns__t=1665713040373&ns_c=UTF-8&c7=https%3A%2F%2Fwww.hometowin.ca%2Fbehind-the-design%2Farticle%2Fbryan-and-sarah-baeumler-home-to-win-season-3%2F&c8=Find%20Out%20What%20Bryan%20and%20Sarah%20Baeumler%20Love%20Most%20About%20The%20Season%203%20House%20-%20Home%20to%20Win&c9=
date: Fri, 14 Oct 2022 02:04:00 GMT
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
content-length: 0
x-amz-cf-id: bvNITM87uKNT-OjWqVG6xqPadd4NR4EBEJCiqgJvJJ1pCEoXIcUdzA==
x-cache: Miss from cloudfront

GET
H3 200 1490677941144840 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 106ms
80ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1490677941144840?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4358efb33aef01c70d4e685c6b92b7ba46b398dbbd2e1719fbd57b3d50b61730

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 14 Oct 2022 02:04:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ddqfPZK/wPzZ72FwGTsEyuuPU/KDi70eesBF17kJEgrmZkDaTtWSwpKp1OByfxDN9a2JYnNboFdS5ZuG8pTynA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1062274932/ 42 B
548 B 98ms
37ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1062274932/?random=1665713040113&cv=9&fst=1665712800000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.hometowin.ca%2Fbehind-the-design%2Farticle%2Fbryan-and-sarah-baeumler-home-to-win-season-3%2F&tiba=Find%20Out%20What%20Bryan%20and%20Sarah%20Baeumler%20Love%20Most%20About%20The%20Season%203%20House%20-%20Home%20to%20Win&fmt=3&is_vtc=1&random=3894462528&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.hometowin.ca
URL: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 02:04:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.fr/pagead/1p-user-list/1062274932/ 42 B
548 B 99ms
38ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-user-list/1062274932/?random=1665713040113&cv=9&fst=1665712800000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.hometowin.ca%2Fbehind-the-design%2Farticle%2Fbryan-and-sarah-baeumler-home-to-win-season-3%2F&tiba=Find%20Out%20What%20Bryan%20and%20Sarah%20Baeumler%20Love%20Most%20About%20The%20Season%203%20House%20-%20Home%20to%20Win&fmt=3&is_vtc=1&random=3894462528&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.hometowin.ca
URL: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 02:04:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response
cdn.krxd.net/ctjs/ 259 KB
83 KB 18ms
17ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/KmMyHchJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Fri, 14 Oct 2022 02:04:00 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 8495
age: 3899329
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 84509
x-served-by: cache-cdg20720-CDG
last-modified: Mon, 02 Aug 2021 12:06:17 GMT
x-timer: S1665713040.459505,VS0,VE0
etag: "a1705c5ac5f06cf0c202ff70908fc042"
content-type: application/javascript
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Jul 2031 12:06:16 GMT

GET
H2 200 proxy.3d2100fd7107262ecb55ce6847f01fa5.html Show response
cdn.krxd.net/partnerjs/xdi/ Frame 3E90 805 B
826 B 18ms
18ms Document
text/html 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Referer: https://www.hometowin.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 18149946
cache-control: public, max-age=315360000
content-encoding: gzip
content-length: 525
content-type: text/html
date: Fri, 14 Oct 2022 02:04:00 GMT
etag: "3d2100fd7107262ecb55ce6847f01fa5"
expires: Fri, 19 Feb 2027 17:50:50 GMT
last-modified: Tue, 21 Feb 2017 17:50:54 GMT
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 63842
x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
x-served-by: cache-cdg20720-CDG
x-timer: S1665713041.533250,VS0,VE0

GET
H/1.1 200
OK dest5.html Show response
shaw.demdex.net/ Frame E568 7 KB
3 KB 213ms
31ms Document
text/html 34.242.80.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://shaw.demdex.net/dest5.html?d_nsid=undefined

Requested by

Host: www.hometowin.ca
URL: https://www.hometowin.ca/wp-content/themes/hometowin3/main.js?v=e5beb2bafae92a68da86c53f02a639e9

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.80.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-80-80.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.hometowin.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: text/html;charset=UTF-8
DCS: dcscanary-prod-irl1-1-v051-0d443fb62.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: CLBZWbchREk=
content-encoding: gzip
date: Fri, 14 Oct 2022 02:04:00 GMT
last-modified: Thu, 29 Sep 2022 12:57:29 GMT
transfer-encoding: chunked
vary: accept-encoding

GET
H2 200 id Show response
smetrics.corus.ca/ 48 B
457 B 98ms
20ms XHR
application/x-javascript 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.corus.ca/id?d_visid_ver=1.10.0&d_fieldgroup=A&mcorgid=5F34123F5245B4A70A490D45%40AdobeOrg&mid=66171455382260880750098384734871692082&ts=1665713040556

Requested by

Host: www.hometowin.ca
URL: https://www.hometowin.ca/wp-content/themes/hometowin3/main.js?v=e5beb2bafae92a68da86c53f02a639e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

878305f1ee00940ce88748dbb9744c2131c2bd3c5d0a61f76ce01c939c590b48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hometowin.ca/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 14 Oct 2022 02:04:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.hometowin.ca
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
792 B 127ms
36ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=www.hometowin.ca

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 02:04:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 110ms
49ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.hometowin.ca

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 02:04:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 541ms
488ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1725843925998771&correlator=2696804253143839&eid=31070373%2C31068367&output=ldjh&gdfp_req=1&vrg=2022101101&ptt=17&impl=fif&iu_parts=6872%2Cshaw.hgtv.ca%2Chometowin%2Cbehind-the-design%2Carticle%2Cbryan-and-sarah-baeumler-home-to-win-season-3&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=728x90&ifi=1&adks=1763073269&sfv=1-0-38&fsapi=false&prev_scp=pos%3D1&cust_params=section%3Dbehind-the-design%26page%3Darticle%252Cbryan-and-sarah-baeumler-home-to-win-season-3%26env%3Dpreprod&sc=1&cookie_enabled=1&abxe=1&dt=1665713040627&lmt=1665713040&dlt=1665713039745&idt=844&adxs=436&adys=15&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.hometowin.ca%2Fbehind-the-design%2Farticle%2Fbryan-and-sarah-baeumler-home-to-win-season-3%2F&frm=20&vis=1&psz=1600x120&msz=1600x0&fws=4&ohw=1600&ga_vid=850242716.1665713040&ga_sid=1665713041&ga_hid=561225844&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

222b3c2568f763ded5ef3e263af9d40b1505b467799df29045f489b9773b8691

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 02:04:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12127
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.hometowin.ca
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
16 KB 545ms
492ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1725843925998771&correlator=2696804253143839&eid=31070373%2C31068367&output=ldjh&gdfp_req=1&vrg=2022101101&ptt=17&impl=fif&iu_parts=6872%2Cshaw.hgtv.ca%2Chometowin%2Cbehind-the-design%2Carticle%2Cbryan-and-sarah-baeumler-home-to-win-season-3&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250&ifi=2&adks=659921349&sfv=1-0-38&fsapi=false&prev_scp=pos%3D1&cust_params=section%3Dbehind-the-design%26page%3Darticle%252Cbryan-and-sarah-baeumler-home-to-win-season-3%26env%3Dpreprod&sc=1&cookie_enabled=1&abxe=1&dt=1665713040634&lmt=1665713040&dlt=1665713039745&idt=844&adxs=1077&adys=633&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.hometowin.ca%2Fbehind-the-design%2Farticle%2Fbryan-and-sarah-baeumler-home-to-win-season-3%2F&frm=20&vis=1&psz=406x84&msz=406x0&fws=4&ohw=406&ga_vid=850242716.1665713040&ga_sid=1665713041&ga_hid=561225844&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21f07b6ea082b55aba2c2a591a736a703d5f9b0d7b454a79375ec636f32df344

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 02:04:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16247
x-xss-protection: 0
google-lineitem-id: 4661220659
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138232163289
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.hometowin.ca
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
16 KB 554ms
502ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1725843925998771&correlator=2696804253143839&eid=31070373%2C31068367&output=ldjh&gdfp_req=1&vrg=2022101101&ptt=17&impl=fif&iu_parts=6872%2Cshaw.hgtv.ca%2Chometowin%2Cbehind-the-design%2Carticle%2Cbryan-and-sarah-baeumler-home-to-win-season-3&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250&ifi=3&adks=2784943597&sfv=1-0-38&fsapi=false&prev_scp=pos%3D2&cust_params=section%3Dbehind-the-design%26page%3Darticle%252Cbryan-and-sarah-baeumler-home-to-win-season-3%26env%3Dpreprod&sc=1&cookie_enabled=1&abxe=1&dt=1665713040637&lmt=1665713040&dlt=1665713039745&idt=844&adxs=1077&adys=986&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.hometowin.ca%2Fbehind-the-design%2Farticle%2Fbryan-and-sarah-baeumler-home-to-win-season-3%2F&frm=20&vis=1&psz=406x84&msz=406x0&fws=4&ohw=406&ga_vid=850242716.1665713040&ga_sid=1665713041&ga_hid=561225844&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1380c5812640f06b6fffe1d09e74f8e312413abae0690f4c00ad1424ac0bce55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 02:04:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16248
x-xss-protection: 0
google-lineitem-id: 4661220659
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138233951568
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.hometowin.ca
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
3 KB 123ms
72ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1725843925998771&correlator=2696804253143839&eid=31070373%2C31068367&output=ldjh&gdfp_req=1&vrg=2022101101&ptt=17&impl=fif&iu_parts=6872%2Cshaw.hgtv.ca%2Chometowin%2Cbehind-the-design%2Carticle%2Cbryan-and-sarah-baeumler-home-to-win-season-3&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&ifi=4&adks=1236790216&sfv=1-0-38&ists=1&fsapi=false&prev_scp=pos%3Dwallpaper&cust_params=section%3Dbehind-the-design%26page%3Darticle%252Cbryan-and-sarah-baeumler-home-to-win-season-3%26env%3Dpreprod&sc=1&cookie_enabled=1&abxe=1&dt=1665713040640&lmt=1665713040&dlt=1665713039745&idt=844&adxs=0&adys=3185&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.hometowin.ca%2Fbehind-the-design%2Farticle%2Fbryan-and-sarah-baeumler-home-to-win-season-3%2F&frm=20&vis=1&psz=1600x3184&msz=1600x0&fws=4&ohw=1600&ga_vid=850242716.1665713040&ga_sid=1665713041&ga_hid=561225844&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11f5eeb12fded484e890acdb055f62191325aa3002370d8cfe9c81683030601e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 02:04:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3006
x-xss-protection: 0
google-lineitem-id: 4661359341
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138232623158
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.hometowin.ca
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5401 6 KB
4 KB 141ms
32ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hometowin.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 02:04:00 GMT
expires: Sat, 14 Oct 2023 02:04:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 5ae63e71-9e73-4e84-8290-050992b9610c Show response
consumer.krxd.net/consent/get/ 233 B
426 B 87ms
39ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/5ae63e71-9e73-4e84-8290-050992b9610c?idt=device&dt=kxcookie&callback=Krux.ns.corus.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c8abb66fe5706e4dc89c5ed5ad20cdc2fabfc67f3615ce5dc6cce57f84777db4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by: consumer-a010-dub-prod.krxd.net, cache-cdg20742-CDG
date: Fri, 14 Oct 2022 02:04:00 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-timer: S1665713041.707493,VS0,VE20
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
content-length: 187
x-cache-hits: 0, 0

GET
H2 200 KmMyHchJ.js Show response
cdn.krxd.net/controltag/ Frame 3E90 31 KB
7 KB 28ms
27ms Script
text/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/KmMyHchJ.js
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d1646bada4bc33af0799de13d75d5456e1dbbe8d59477073db01b1d8e8241afc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Fri, 14 Oct 2022 02:04:00 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 536
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-length: 7119
x-served-by: config-service-a003-ash-prod.krxd.net, cache-iad-kcgs7200105-IAD, cache-cdg20720-CDG
x-response-time: 1
x-do-esi: esi
x-timer: S1665713041.668665,VS0,VE0
etag: "ae0ec66974b748649a8deabbcae4537b748dd38a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 4, 2

GET
H2 200 /
www.facebook.com/tr/ 0
204 B 97ms
24ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1490677941144840&ev=PageView&dl=https%3A%2F%2Fwww.hometowin.ca%2Fbehind-the-design%2Farticle%2Fbryan-and-sarah-baeumler-home-to-win-season-3%2F&rl=&if=false&ts=1665713040673&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1665713040672.536442349&it=1665713040399&coo=false&rqm=GET

Requested by

Host: www.hometowin.ca
URL: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 14 Oct 2022 02:04:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 s28028199555367 Show response
smetrics.corus.ca/b/ss/corus-testing-hgtv/10/JS-1.7.0/ 70 B
210 B 20ms
20ms Script
application/x-javascript 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.corus.ca/b/ss/corus-testing-hgtv/10/JS-1.7.0/s28028199555367?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=14%2F9%2F2022%202%3A4%3A0%205%200&d.&nsid=0&jsonv=1&.d&mid=66171455382260880750098384734871692082&aamlh=6&ce=UTF-8&g=https%3A%2F%2Fwww.hometowin.ca%2Fbehind-the-design%2Farticle%2Fbryan-and-sarah-baeumler-home-to-win-season-3%2F&c.&omn.&visitorapi=VisitorAPI%20Present&.omn&corus.&site=hgtv&pagename=shows%7Chome-to-win%7Cbehind-the-design%7Carticle%7Cfind%20out%20what%20bryan%20and%20sarah%20baeumler%20love%20most%20about%20the%20season%203%20house&sitesection=shows&sitesubsection=shows%7Chome-to-win&sitesubsection2=shows%7Chome-to-win%7Cbehind-the-design&sitesubsection3=shows%7Chome-to-win%7Cbehind-the-design%7Carticle&sitesubsection4=shows%7Chome-to-win%7Cbehind-the-design%7Carticle%7Cfind%20out%20what%20bryan%20and%20sarah%20baeumler%20love%20most%20about%20the%20season%203%20house&contenttitle=Find%20Out%20What%20Bryan%20and%20Sarah%20Baeumler%20Love%20Most%20About%20The%20Season%203%20House%20-%20Home%20to%20Win&hourofday=2&dayofweek=Friday&weekdayweekend=Weekday&.corus&.c&server=www.hometowin.ca&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

Requested by

Host: www.hometowin.ca
URL: https://www.hometowin.ca/wp-content/themes/hometowin3/main.js?v=e5beb2bafae92a68da86c53f02a639e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

dc3385d41c8e2dc3cebe6e96d70a078259df09e1da29fbc0d629193d0bb28081

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 02:04:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Sat, 15 Oct 2022 02:04:00 GMT
server: jag
etag: 3577091517181100032-4619755640174389169
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: application/x-javascript;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 70
x-xss-protection: 1; mode=block
expires: Thu, 13 Oct 2022 02:04:00 GMT

GET
H2 200 controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response
cdn.krxd.net/ctjs/ Frame 3E90 259 KB
83 KB 29ms
28ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/KmMyHchJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Fri, 14 Oct 2022 02:04:00 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 8496
age: 3899329
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 84509
x-served-by: cache-cdg20720-CDG
last-modified: Mon, 02 Aug 2021 12:06:17 GMT
x-timer: S1665713041.704866,VS0,VE0
etag: "a1705c5ac5f06cf0c202ff70908fc042"
content-type: application/javascript
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Jul 2031 12:06:16 GMT

GET
H2 200 5ae63e71-9e73-4e84-8290-050992b9610c Show response
consumer.krxd.net/consent/get/ Frame 3E90 218 B
240 B 39ms
39ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/5ae63e71-9e73-4e84-8290-050992b9610c?idt=device&dt=kxcookie&callback=Krux.ns.corus.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e9fa8d78b8070bb6023378b3cfb6b8e897cdef2153dcc02e67b78ba3c61ad11b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by: consumer-a010-dub-prod.krxd.net, cache-cdg20742-CDG
date: Fri, 14 Oct 2022 02:04:00 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-timer: S1665713041.778095,VS0,VE22
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
content-length: 179
x-cache-hits: 0, 0

GET
H2 200 container.html Show response
029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4E07 6 KB
3 KB 25ms
24ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hometowin.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 02:04:00 GMT
expires: Sat, 14 Oct 2023 02:04:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

pixel.gif
load77.exelator.com/ Frame E568
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=65937188998136662710074523577167349350
https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=65937188998136662710074523577167349350&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
330 B

176ms
21ms

Image
image/gif

2a02:6ea0:c700::20
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Protocol: H2
Server: 2a02:6ea0:c700::20 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://shaw.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-77-nzt: AdRmOI3slOn/d7EAAA
x-accel-expires: @1666704410
date: Fri, 14 Oct 2022 02:04:01 GMT
x-77-pop: frankfurtDE
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
etag: "59f0c3fc-2b"
x-77-nzt-ray: YWtGrtm337k
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
x-77-cache: HIT
x-age: 45431
accept-ranges: bytes
content-length: 43

Redirect headers

date: Fri, 14 Oct 2022 02:04:01 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 4E07 22 KB
7 KB 82ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com
URL: https://029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 09:55:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 230910
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 11 Oct 2023 09:55:30 GMT

GET
H2

200

9129637316153660709
tpc.googlesyndication.com/simgad/ Frame 4E07
Redirect Chain

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOrqJA4A6ohYe0WZsVqcdc-XcdNulOrY1vbinfuUdHU1Y7duE5x2-8x8ESp0l-CkcdRJXCtxCzcz7WiUh0pRPwK7zjlMte2fQv6Mh4ONs4sbCfR9roqiM7fMOKqn7EBMhY_AT4QhAAP...
https://tpc.googlesyndication.com/simgad/9129637316153660709?%20style=%22display:none

119 B
426 B

25ms
25ms

Image
image/png

2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9129637316153660709?%20style=%22display:none

Requested by

Host: 029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com
URL: https://029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

603506996b902b8797cbc1dc4bf350440caad5c59feb97c39344fd7648403b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 09:42:39 GMT
x-content-type-options: nosniff
age: 577281
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119
x-xss-protection: 0
last-modified: Wed, 02 May 2018 20:31:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Oct 2023 09:42:39 GMT

Redirect headers

date: Fri, 14 Oct 2022 02:04:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
location: https://tpc.googlesyndication.com/simgad/9129637316153660709?%20style=%22display:none
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEGC32Ck16xjBO332Pfgb08I&google_cver=1
dpm.demdex.net/ Frame E568
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjU5MzcxODg5OTgxMzY2NjI3MTAwNzQ1MjM1NzcxNjczNDkzNTA=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEGC32Ck16xjBO332Pfgb08I&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

31ms
30ms

Image
image/gif

52.30.136.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEGC32Ck16xjBO332Pfgb08I&google_cver=1?gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

52.30.136.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-136-248.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://shaw.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v044-00b67553b.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: SWzaEje9SQo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 02:04:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEGC32Ck16xjBO332Pfgb08I&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=843821585;labels=_fp.event.Home%20Towin%20Behind%20the%20Design;rf=0;a=p-3bxjqmRs6G6CD;url=https%3A%2F%2Fwww.hometowin.ca%2Fbehind-the-design%2Farticle%2Fbryan-and-sarah-baeumler-home-to-wi...
pixel.quantserve.com/ 35 B
371 B 36ms
26ms Image
image/gif 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=843821585;labels=_fp.event.Home%20Towin%20Behind%20the%20Design;rf=0;a=p-3bxjqmRs6G6CD;url=https%3A%2F%2Fwww.hometowin.ca%2Fbehind-the-design%2Farticle%2Fbryan-and-sarah-baeumler-home-to-win-season-3%2F;uht=2;fpan=1;fpa=P0-1054542303-1665713040873;pbc=;ns=0;ce=1;qjs=1;qv=7a1cba14-20221011131736;cm=;gdpr=0;ref=;d=hometowin.ca;dst=0;et=1665713040873;tzo=0;ogl=type.article%2Ctitle.Find%20Out%20What%20Bryan%20and%20Sarah%20Baeumler%20Love%20Most%20About%20The%20Season%203%20House%20-%20Home%2Cdescription.%2Clocale.en_US%2Csite_name.Home%20to%20Win%2Curl.https%3A%2F%2Fwww%252Ehometowin%252Eca%2Fbehind-the-design%2Farticle%2Fbryan-and-sarah-baeumler-home%2Cimage.https%3A%2F%2Fwww%252Ehometowin%252Eca%2Fwp-content%2Fuploads%2FBryan-Interview-Hero-V3%252Ejpg;ses=22f89351-4bae-4573-8290-56a902db8221

Requested by

Host: www.hometowin.ca
URL: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 02:04:00 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 4E07 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5efed598d84227942fe0dc35a86d2385e0c044e8b9937bc977e149a212fbee88

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dest5.html Show response
corus.demdex.net/ Frame F890 7 KB
3 KB 128ms
29ms Document
text/html 54.155.40.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://corus.demdex.net/dest5.html?d_nsid=0

Requested by

Host: www.hometowin.ca
URL: https://www.hometowin.ca/wp-content/themes/hometowin3/main.js?v=e5beb2bafae92a68da86c53f02a639e9

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.155.40.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-155-40-229.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.hometowin.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-1-v044-0f3529585.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: ij681diATCE=
content-encoding: gzip
date: Fri, 14 Oct 2022 02:04:01 GMT
last-modified: Thu, 29 Sep 2022 16:18:55 GMT
transfer-encoding: chunked
vary: accept-encoding

GET
H2 200 optout_check Show response
beacon.krxd.net/ 78 B
238 B 90ms
28ms Script
text/javascript 52.48.197.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.corus.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.197.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-197-119.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d44d37d3e369564eac72c6f2b303302a7a49e4e227440f293ee53a666c94f8b9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by: beacon-n018-dub-prod.krxd.net
date: Fri, 14 Oct 2022 02:04:01 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=59 t=1665713041
content-type: text/javascript

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 96ms
38ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022101101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a68d0503c608c277de273b6284320200053761870d62c355a6b1a32807742b37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 02:04:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11066
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 88ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 02:04:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Oct 2022 02:04:01 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F730 13 KB
5 KB 24ms
24ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hometowin.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 7524
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 23:58:37 GMT
expires: Fri, 13 Oct 2023 23:58:37 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1684 783 B
537 B 89ms
35ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d0d3c462f6a42096b96a198c54ca91b6a81cf8a46a77347796dc774196494956

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-B0OKks3UBCZi9fwJQG7W3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hometowin.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-B0OKks3UBCZi9fwJQG7W3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 02:04:01 GMT
expires: Fri, 14 Oct 2022 02:04:01 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 48ms
22ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1490677941144840&ev=Microdata&dl=https%3A%2F%2Fwww.hometowin.ca%2Fbehind-the-design%2Farticle%2Fbryan-and-sarah-baeumler-home-to-win-season-3%2F&rl=&if=false&ts=1665713041177&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Find%20Out%20What%20Bryan%20and%20Sarah%20Baeumler%20Love%20Most%20About%20The%20Season%203%20House%20-%20Home%20to%20Win%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22Find%20Out%20What%20Bryan%20and%20Sarah%20Baeumler%20Love%20Most%20About%20The%20Season%203%20House%20-%20Home%20to%20Win%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Asite_name%22%3A%22Home%20to%20Win%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.hometowin.ca%2Fbehind-the-design%2Farticle%2Fbryan-and-sarah-baeumler-home-to-win-season-3%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.hometowin.ca%2Fwp-content%2Fuploads%2FBryan-Interview-Hero-V3.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.1.1665713040672.536442349&it=1665713040399&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 14 Oct 2022 02:04:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 cfKUDseLxMX_VMI_uao_rq0MKOaeCrg8GZjSFxmotG8.js Show response
pagead2.googlesyndication.com/bg/ Frame F730 36 KB
16 KB 76ms
25ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cfKUDseLxMX_VMI_uao_rq0MKOaeCrg8GZjSFxmotG8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71f2940ec78bc4c5ff54c23fb9aa3faead0c28e69e0ab83c1998d21719a8b46f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:22:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20503
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16112
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 13 Oct 2023 20:22:18 GMT

GET
H3 200 container.html Show response
029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2A20 6 KB
3 KB 75ms
25ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hometowin.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 02:04:00 GMT
expires: Sat, 14 Oct 2023 02:04:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C506 0
0 64ms
64ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvmdsQ8Y9kEyYnTGFS4yjcGVgCCf3tVIv1Vt6-7MZK9RijM29H6wbBjgmPOpiyC3AqRT2_IECAI87evaIseoLnY78UU8_VoI6MV02gygP_fGR1G69ngmsyfoXdM9BLw3UY8F66YXLBzs8vUuhnZW0jqvLEDro88Xkmdq3pgZp2-9x-pc67J6bgkPa-v45BpsA_UI1yDJDqFJN_01N0xlu38l3myNe6xReuORmi9zO2er8ZrJinsmctlS5wHlFNmFZ_D41s7ARCZUgaUn-NeXVaXqdIPX28V4t-rMd0h6DTaiyM6ARYdhs0jSg_I-Ws0GUdLFDmiVyv5e0yN1VwHXjT21tRaVl9W4RAloojWaMPZ2-feNtllY8FaM_SVWzYSB9DAJgpKWgvl8S3CFfk_NkH8lZUR5DcUTnyY6KiKb1cs&sai=AMfl-YRwhR0NFtA6Cq1wcgKQ41yaIWtu_vWfKX1OI3-3cGLDh5ZOXoiSEiuw-aTd7EScB03BoNREdvzzLFU1XLmdRmobhFaRvPB6jNg1d0Zg-nGOk3JjXBGWUQx4dNcWeDTA&sig=Cg0ArKJSzGqBwJ_SRlgyEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.hometowin.ca
URL: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 02:04:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/ Frame C506 23 KB
9 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:58:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25517
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:58:44 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame C506 3 KB
1 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25595
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:57:26 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C506 0
0 33ms
32ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTyZIJetXRTSm7v8ESfV-d9-m26285zzOyiOgAC6TNKLoyedlby0wzOsyK7N2h7O7_Sdz3Ng91SnEMGkk2LalBrgfkOkQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070373
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C506 152 KB
46 KB 116ms
64ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 02:04:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Oct 2022 02:04:01 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/shawmedia183027258601/ Frame C506 304 KB
104 KB 83ms
24ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/shawmedia183027258601/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070373
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: bf4e84ac3d9e49aacb60658aea0a09a1ca8493d047bc2b82cd99d00909e29d3f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 02:04:01 GMT
content-encoding: gzip
last-modified: Tue, 11 Oct 2022 16:52:42 GMT
server: AmazonS3
x-amz-request-id: ZYMCZ7SJNX5NP8HP
etag: "ddf8306f8b720c9305965584eaaabfc6"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=53559
accept-ranges: bytes
content-length: 106289
x-amz-id-2: Toj4nUxr1m5qCLFOQxQIZ3cFsjZpiVt7h0mvW5nV0ZHvmyhyrlPprx93/nhHUd7MNEqI8AdSCDQ=

GET
H3 200 11885643988731137303
tpc.googlesyndication.com/simgad/ Frame C506 119 B
146 B 25ms
24ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11885643988731137303

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

603506996b902b8797cbc1dc4bf350440caad5c59feb97c39344fd7648403b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 22:07:09 GMT
x-content-type-options: nosniff
age: 187012
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119
x-xss-protection: 0
last-modified: Wed, 02 May 2018 13:19:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Oct 2023 22:07:09 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B421 0
0 65ms
62ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss7uJM2Y0uCeg1zI2_-5J2zwNa0k9l33dky9O2jtOUPZbZq9-9qzQqNUkQq4B645POHeMVRZwZhjVf7ya9zELN_KxnJ4pY7dak8cNt-qOQMP_9NRV-L_wJUAMcxHRxPcPgkjs-mhXN7BnKCn6neSGPMzXwYAFN58P5Y3VgSoUA8EF_q2LOYCMEmXZsPL5Y3dMXqmP5VD1L-bBGTNJK7Y-djd3S8u24G1F4Wgtd3NiiCNSDK3HDJBftfKJWszqsfqb02g6IRDtRZ31lO2Tr_yQO9YiJHuO7543SB7Z_E4L1lqSxgDO15omJEhab5yCOGu_DGiC-YAXI7iGGZ0KIlrzWvg_eWYg1QPY8pBkB23Mg1IAxODwfvTo6oAWZjnJGlfx6_S3fFL-b4Ssp2EZAcgkxlpocqE25C9Y2FmyeCGssG&sai=AMfl-YQ-Mh9VZzg3YvKPB7i2ZyuTh2NfGjHs80YRAosx6r_wdPqAEcP9xMU3K52PAWPc-x_LfU1nPLivxx_fSzbiOx0R5uP0zxCCxb96-r_cKuNS89_3MwCLXe7tkXR7cxa69g&sig=Cg0ArKJSzCrkw2nXWIFBEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.hometowin.ca
URL: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 02:04:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 11885643988731137303
tpc.googlesyndication.com/simgad/ Frame B421 119 B
146 B 26ms
24ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11885643988731137303

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

603506996b902b8797cbc1dc4bf350440caad5c59feb97c39344fd7648403b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 22:07:09 GMT
x-content-type-options: nosniff
age: 187012
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119
x-xss-protection: 0
last-modified: Wed, 02 May 2018 13:19:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Oct 2023 22:07:09 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/ Frame B421 23 KB
9 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:58:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25517
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:58:44 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame B421 3 KB
1 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25595
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:57:26 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B421 0
0 35ms
34ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRwJjpYrR921vNdMu-PkZoTIpRpqqjiC9DNOJ3zpGIX7JLLs_9xQNkJebr_izaKG-R_quMzU1VF1d17pekUEIXNepsFjA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070373
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B421 152 KB
46 KB 93ms
58ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 02:04:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Oct 2022 02:04:01 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/shawmedia183027258601/ Frame B421 304 KB
104 KB 95ms
54ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/shawmedia183027258601/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070373
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: bf4e84ac3d9e49aacb60658aea0a09a1ca8493d047bc2b82cd99d00909e29d3f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 02:04:01 GMT
content-encoding: gzip
last-modified: Tue, 11 Oct 2022 16:52:42 GMT
server: AmazonS3
x-amz-request-id: ZYMCZ7SJNX5NP8HP
etag: "ddf8306f8b720c9305965584eaaabfc6"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=53559
accept-ranges: bytes
content-length: 106289
x-amz-id-2: Toj4nUxr1m5qCLFOQxQIZ3cFsjZpiVt7h0mvW5nV0ZHvmyhyrlPprx93/nhHUd7MNEqI8AdSCDQ=

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1684 0
0 62ms
62ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022101101&jk=1725843925998771&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame C506 203 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc81cad8fe6658025ad98084d647a6a17ae63eaf4ffe6b31dcacd46f3beb56d4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B421 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8275e03eb05dcf106398ba2a09daf898faa0634b5754981d1cce74371070784a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2A20 0
0 73ms
72ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CrrCSkMNIY77QLb_77_UPg-qsuAbi0rL2YcexjoqOCMCNtwEQASAAYPuBgICcCoIBF2NhLXB1Yi0xNTk5Nzc3MTY3NzE1NzA0yAEJqQK9jZ-0omewPuACAKgDAaoE9wJP0J-6pVl36Cqn81c3Tgzc4pUIa552l-xSta93rfH4AdwRnhDHScdMQz8ZaJ6mNgPnqBzhf1pXpt93H8G53sDZJjw8izh3HUevcjdoLU5CCTBJ-EeEzu44TiXwIIflzDiTmm7C_lNrobIysbTE2DpPCD5ibpb9HWx2bDelz_GND5Wj7V6kGmLVa-26Us49kK3RNNAp7SHSPdtBUj3ds1YUzYdc2xOhha2bHHC9krjOSITKgt4E6GxhiXrkEM8BKjkdfUHP9-DMVpZhXX0ww00GNU5BcXzx8fIs2SOVVP37RO8nFEO_DXIQVOjx_4KIARlhnhUtjzn5yVYS5A5i0pTAUBasROu0jM1AYGgQEJLadFXyFre72z3PUS1Glbar0xoL-fgWF-AzNO6mHbZ89Zzr_OcQMKS1Cn21p6ZbvKA5y-H0zNLHf83_uMGhMDQS9gpbQq_j6IL7imGoUTUkqD6EnNCokX-ictf3v-Uif83MxqKNeur74krgBAGABvjMiNHHpbHPI6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMTU5OTc3NzE2NzcxNTcwNBif_BE&sigh=tRUZ6dJdIsU&uach_m=[UACH]&cid=CAQSPACsnQUx2h5woMIKcc2729LPRpFQaz1FNuqEYB6RG4P6Mto-NrO5-U6U1ZMbkylYl_UoLxuAbgoNCP1jlRgBIBM
Requested by: Host: www.hometowin.ca
URL: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 2A20 0
0 79ms
26ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1j46j27p7psk2j23wsvy57y1aa9yn2eeeqq0c7q11cdf42c3nvrf4appa3yprmx0atctt7j83ya536zw3hb71w75ffvj56sqx861vzmam3d8g0vzzq6q473qtgw5qctg5hpzd4bs79y18jqnzvaaftsye12qw5sxq3bphzdmpbck32q3j1hpjjq0j0vwr6meew81vy4jjkn6000he2eycyz2cncj1xxav94vc11wn8d9eqq5a1c81vepfqskr26kggskpr1d040v8ja7knz3zw59m613w998qkgjmr90aqvehmwp5ja5h61bpeh8t29kmf9g1wfzge5ywmayfcgn98nfk5s75v3tbspnbzsw5vyb16dhy065gz2a58jyb2x1dfgesdpc19rh9dk316z8kfjx0y4r7ay5&b=Y0jDkAALaD4Iu_2_AAs1A6DNkrDN0OLqPhGJ4g
Requested by: Host: www.hometowin.ca
URL: https://www.hometowin.ca/behind-the-design/article/bryan-and-sarah-baeumler-home-to-win-season-3/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 14 Oct 2022 02:04:01 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame C204 2 KB
3 KB 116ms
50ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1j9jny67cfp1hxt2v0aqd7412vdyc0n96hmz2dpk72pdpa5tag0vsan4c81mm06edadkh7xdk16df96847gea00q8e1hw10zwm6djs6d8m3v0jnsp1zvwy0my8e5f9pjkpn01mh1mxyegajnya0zdead1z24kczdpfkaxjby3gntcz48xaek35sv6akpwj2h0t3m3akksm2rdcs3r7qqpw8p67m9nxv4k73fvn2wzjwmm6cm73pepgrz311t984tyrzk16qfaqpcvrbgw5rb2b4c29wwb7dv150gbab7760v3bh72zx328z6g50xvcnawzem0keqhghp1675244jgjy4cnz84a9xdweeag8539v5wbjcg7e3hr88x00d4kna3jdtc1ykve8wbvr991vvfx0d7s15vk71w6n2z7qpc7v3zkjyv1sfvvg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1TcPkMNIY77QLb_77_UPg-qsuAbi0rL2YcexjoqOCMCNtwEQASAAYPuBgICcCoIBF2NhLXB1Yi0xNTk5Nzc3MTY3NzE1NzA0yAEJqQK9jZ-0omewPuACAKgDAaoE-gJP0J-6pVl36Cqn81c3Tgzc4pUIa552l-xSta93rfH4AdwRnhDHScdMQz8ZaJ6mNgPnqBzhf1pXpt93H8G53sDZJjw8izh3HUevcjdoLU5CCTBJ-EeEzu44TiXwIIflzDiTmm7C_lNrobIysbTE2DpPCD5ibpb9HWx2bDelz_GND5Wj7V6kGmLVa-26Us49kK3RNNAp7SHSPdtBUj3ds1YUzYdc2xOhha2bHHC9krjOSITKgt4E6GxhiXrkEM8BKjkdfUHP9-DMVpZhXX0ww00GNU5BcXzx8fIs2SOVVP37RO8nFEO_DXIQVOjx_4KIARlhnhUtjzn5yVYS5A5i0pTAUBasROu0jM1AYGgQEJLadFXyFre72z3PUS1Glbar0xoL-fgWF-AzNO6mHbZ89Zzr_OcQMKS1Cn21p6ZbvKA5y-H0zNLHf83_uMGhMDQS9gpbAK3CelUCDSFg1insCV5HFZSzm9KoXM9-YVxCvE4l146VrzZkooIJNjrgBAGABvjMiNHHpbHPI6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1987ylV7JaslEJG22zaLDIWdQZhw%26client%3Dca-pub-1599777167715704%26adurl%3D

Requested by

Host: 029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com
URL: https://029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b02cd5f37bae3e39a2ea7750e9a468a6ba7ea50f9f07ce049edce5f08ed5ecc3

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 759cbdec9d81d71e-CDG
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 02:04:01 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 2A20 3 KB
1 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js

Requested by

Host: 029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com
URL: https://029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25595
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:57:26 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1025 1 KB
749 B 47ms
25ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com
URL: https://029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 19012
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 20:47:09 GMT
etag: 48472445140208031
expires: Fri, 14 Oct 2022 20:47:09 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 2A20 17 KB
7 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com
URL: https://029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:57:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25591
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:57:30 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2A20 0
0 36ms
35ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaThrjxyAAjGoRN-wLAVvKnHsJTyvS7QJ6l07XywLQ4MDKaqRURrDRsCExkzb6W8kXAWxW80_a1zh6Hr7GVkXBZT8GUG_g
Requested by: Host: 029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com
URL: https://029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 2A20 22 KB
7 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com
URL: https://029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 09:55:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 230911
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 11 Oct 2023 09:55:30 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2A20 152 KB
46 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com
URL: https://029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 02:04:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Oct 2022 02:04:01 GMT

GET
DATA 200
OK truncated
/ Frame 2A20 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 55f2c6ff32b5baa4325b034c4562f84ceaf3fb122ef4b02b2d0873673ab8555a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 39ms
32ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=SHAWMEDIA1&hp=1&wf=1&ra=1&pxm=7&sgs=3&vb=6&cm=2&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1665713041429&de=463314614389&m=0&ar=e27dbc83ae5-clean&iw=051a851&q=2&cb=0&ym=0&cu=1665713041429&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=18076511%3A2300087174%3A4661220659%3A138232163289&zMoatSZ=1x1&zMoatOrigSlicer1=110284631&zMoatOrigSlicer2=338972951&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.hometowin.ca%2Fbehind-the-design%2Farticle%2Fbryan-and-sarah-baeumler-home-to-win-season-3%2F&id=1&ii=4&bo=110284631&bd=338972951&dfp=0%2C1&la=338972951&gw=shawmedia183027258601&fd=1&it=500&ti=0&ih=2&pe=1%3A1746%3A1746%3A2239%3A1425&fs=200656&na=2002541899&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 02:04:01 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 14 Oct 2022 02:04:01 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C506 0
0 112ms
62ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstp2ek58GrE5dFqytSSvoFh9zWgjAwk2mU7fCJJQsrjiRSuZ0z4OG1XsKPcQ4XnglQaRrmmvjaQV52OR5NZOfelfU1RmX1TZHEn6BL7DN9FwgNuqTIelkRIGX1ILrJnAPqTec93Vavlrrd2Xh7xClP25DngdyLN7tBW_WafGpnCnJHe3wJgkRBirKMzOw0eAyqzDV7XVa0sWw4CkQazObNwk-rT6HBbOz64BSJngW5ADoNFl2gwqRBvG7nZUySrG3n9Pq8P9A1ODALTtqB42v6AfqIe6ZzD1ejpFK-G1eIWBHmouuDPk41cS3h4iBHoOYKiajFe_hVQVKTHAf_ZT1xLr_S_sFtxjTmYZ8sXDzuEQcP03kOrJTBrvAEP1U4hJwpjrNVL_9TFLQuHn2Vb4q7-UVcGBsVshqby0Fa6w3kUs4s&sai=AMfl-YSKpvere_2e6tpuvCIK5S_i1-qiOK5-4BwPtf67U8pb5f_JkZs7l1KjbB-2UMSBm4GpY2TuVlfzZ8CnuFi4bNLt_Isi-042gxboclqO4jlbu2udpPUGuDJpjI6jXoex&sig=Cg0ArKJSzN2DJx_SHDaNEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 02:04:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 14 Oct 2022 02:04:01 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.23/one-ad/ Frame C204 85 KB
11 KB 56ms
32ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1j9jny67cfp1hxt2v0aqd7412vdyc0n96hmz2dpk72pdpa5tag0vsan4c81mm06edadkh7xdk16df96847gea00q8e1hw10zwm6djs6d8m3v0jnsp1zvwy0my8e5f9pjkpn01mh1mxyegajnya0zdead1z24kczdpfkaxjby3gntcz48xaek35sv6akpwj2h0t3m3akksm2rdcs3r7qqpw8p67m9nxv4k73fvn2wzjwmm6cm73pepgrz311t984tyrzk16qfaqpcvrbgw5rb2b4c29wwb7dv150gbab7760v3bh72zx328z6g50xvcnawzem0keqhghp1675244jgjy4cnz84a9xdweeag8539v5wbjcg7e3hr88x00d4kna3jdtc1ykve8wbvr991vvfx0d7s15vk71w6n2z7qpc7v3zkjyv1sfvvg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1TcPkMNIY77QLb_77_UPg-qsuAbi0rL2YcexjoqOCMCNtwEQASAAYPuBgICcCoIBF2NhLXB1Yi0xNTk5Nzc3MTY3NzE1NzA0yAEJqQK9jZ-0omewPuACAKgDAaoE-gJP0J-6pVl36Cqn81c3Tgzc4pUIa552l-xSta93rfH4AdwRnhDHScdMQz8ZaJ6mNgPnqBzhf1pXpt93H8G53sDZJjw8izh3HUevcjdoLU5CCTBJ-EeEzu44TiXwIIflzDiTmm7C_lNrobIysbTE2DpPCD5ibpb9HWx2bDelz_GND5Wj7V6kGmLVa-26Us49kK3RNNAp7SHSPdtBUj3ds1YUzYdc2xOhha2bHHC9krjOSITKgt4E6GxhiXrkEM8BKjkdfUHP9-DMVpZhXX0ww00GNU5BcXzx8fIs2SOVVP37RO8nFEO_DXIQVOjx_4KIARlhnhUtjzn5yVYS5A5i0pTAUBasROu0jM1AYGgQEJLadFXyFre72z3PUS1Glbar0xoL-fgWF-AzNO6mHbZ89Zzr_OcQMKS1Cn21p6ZbvKA5y-H0zNLHf83_uMGhMDQS9gpbAK3CelUCDSFg1insCV5HFZSzm9KoXM9-YVxCvE4l146VrzZkooIJNjrgBAGABvjMiNHHpbHPI6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1987ylV7JaslEJG22zaLDIWdQZhw%26client%3Dca-pub-1599777167715704%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1j9jny67cfp1hxt2v0aqd7412vdyc0n96hmz2dpk72pdpa5tag0vsan4c81mm06edadkh7xdk16df96847gea00q8e1hw10zwm6djs6d8m3v0jnsp1zvwy0my8e5f9pjkpn01mh1mxyegajnya0zdead1z24kczdpfkaxjby3gntcz48xaek35sv6akpwj2h0t3m3akksm2rdcs3r7qqpw8p67m9nxv4k73fvn2wzjwmm6cm73pepgrz311t984tyrzk16qfaqpcvrbgw5rb2b4c29wwb7dv150gbab7760v3bh72zx328z6g50xvcnawzem0keqhghp1675244jgjy4cnz84a9xdweeag8539v5wbjcg7e3hr88x00d4kna3jdtc1ykve8wbvr991vvfx0d7s15vk71w6n2z7qpc7v3zkjyv1sfvvg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1TcPkMNIY77QLb_77_UPg-qsuAbi0rL2YcexjoqOCMCNtwEQASAAYPuBgICcCoIBF2NhLXB1Yi0xNTk5Nzc3MTY3NzE1NzA0yAEJqQK9jZ-0omewPuACAKgDAaoE-gJP0J-6pVl36Cqn81c3Tgzc4pUIa552l-xSta93rfH4AdwRnhDHScdMQz8ZaJ6mNgPnqBzhf1pXpt93H8G53sDZJjw8izh3HUevcjdoLU5CCTBJ-EeEzu44TiXwIIflzDiTmm7C_lNrobIysbTE2DpPCD5ibpb9HWx2bDelz_GND5Wj7V6kGmLVa-26Us49kK3RNNAp7SHSPdtBUj3ds1YUzYdc2xOhha2bHHC9krjOSITKgt4E6GxhiXrkEM8BKjkdfUHP9-DMVpZhXX0ww00GNU5BcXzx8fIs2SOVVP37RO8nFEO_DXIQVOjx_4KIARlhnhUtjzn5yVYS5A5i0pTAUBasROu0jM1AYGgQEJLadFXyFre72z3PUS1Glbar0xoL-fgWF-AzNO6mHbZ89Zzr_OcQMKS1Cn21p6ZbvKA5y-H0zNLHf83_uMGhMDQS9gpbAK3CelUCDSFg1insCV5HFZSzm9KoXM9-YVxCvE4l146VrzZkooIJNjrgBAGABvjMiNHHpbHPI6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1987ylV7JaslEJG22zaLDIWdQZhw%26client%3Dca-pub-1599777167715704%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 02:04:01 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status: HIT
age: 301601
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86781
surrogate-control: no-store
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 26 Sep 2022 14:17:17 GMT
cross-origin-opener-policy: unsafe-none
server: cloudflare
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 759cbdee1d13d64a-CDG
expires: 0

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame C204 36 KB
12 KB 37ms
28ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1j9jny67cfp1hxt2v0aqd7412vdyc0n96hmz2dpk72pdpa5tag0vsan4c81mm06edadkh7xdk16df96847gea00q8e1hw10zwm6djs6d8m3v0jnsp1zvwy0my8e5f9pjkpn01mh1mxyegajnya0zdead1z24kczdpfkaxjby3gntcz48xaek35sv6akpwj2h0t3m3akksm2rdcs3r7qqpw8p67m9nxv4k73fvn2wzjwmm6cm73pepgrz311t984tyrzk16qfaqpcvrbgw5rb2b4c29wwb7dv150gbab7760v3bh72zx328z6g50xvcnawzem0keqhghp1675244jgjy4cnz84a9xdweeag8539v5wbjcg7e3hr88x00d4kna3jdtc1ykve8wbvr991vvfx0d7s15vk71w6n2z7qpc7v3zkjyv1sfvvg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1TcPkMNIY77QLb_77_UPg-qsuAbi0rL2YcexjoqOCMCNtwEQASAAYPuBgICcCoIBF2NhLXB1Yi0xNTk5Nzc3MTY3NzE1NzA0yAEJqQK9jZ-0omewPuACAKgDAaoE-gJP0J-6pVl36Cqn81c3Tgzc4pUIa552l-xSta93rfH4AdwRnhDHScdMQz8ZaJ6mNgPnqBzhf1pXpt93H8G53sDZJjw8izh3HUevcjdoLU5CCTBJ-EeEzu44TiXwIIflzDiTmm7C_lNrobIysbTE2DpPCD5ibpb9HWx2bDelz_GND5Wj7V6kGmLVa-26Us49kK3RNNAp7SHSPdtBUj3ds1YUzYdc2xOhha2bHHC9krjOSITKgt4E6GxhiXrkEM8BKjkdfUHP9-DMVpZhXX0ww00GNU5BcXzx8fIs2SOVVP37RO8nFEO_DXIQVOjx_4KIARlhnhUtjzn5yVYS5A5i0pTAUBasROu0jM1AYGgQEJLadFXyFre72z3PUS1Glbar0xoL-fgWF-AzNO6mHbZ89Zzr_OcQMKS1Cn21p6ZbvKA5y-H0zNLHf83_uMGhMDQS9gpbAK3CelUCDSFg1insCV5HFZSzm9KoXM9-YVxCvE4l146VrzZkooIJNjrgBAGABvjMiNHHpbHPI6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1987ylV7JaslEJG22zaLDIWdQZhw%26client%3Dca-pub-1599777167715704%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9b060fea5d40ed1a199f9ffec8eedb296149c1c5289e65818742d16f24f4dc4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 02:04:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 237138
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 27 Jul 2022 10:39:11 GMT
server: cloudflare
etag: W/"a69f5acd9289c65e67397be142bc2c3f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CF68i91lu3qduHwhzi9o0GanwvAKQ3SyTK3Xll9SKot%2FC7vbU%2F4HLKoqaVmvtLZCpoGq2HJyHIOJ%2BMOGz%2FoYeFrw5IY3ch3xZvqKUdoI3xcABAUANiarsxl35AAXxU0j9jFmkgc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 759cbdee0e84d71e-CDG
expires: Tue, 04 Oct 2022 10:40:03 GMT

GET
H2 200 /
log.pinterest.com/ 0
333 B 152ms
104ms Image
text/plain 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.pinterest.com/?type=pidget&guid=DyB1XFeNDsng&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fwww.hometowin.ca%2Fbehind-the-design%2Farticle%2Fbryan-and-sarah-baeumler-home-to-win-season-3&viaSrc=canonical
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 14 Oct 2022 02:04:01 GMT
via: 1.1 varnish
x-cache: MISS
x-envoy-upstream-service-time: 3
x-pinterest-rid: 7471542507453455
content-length: 0
x-served-by: cache-cdg20721-CDG
pragma: no-cache
server: envoy
x-timer: S1665713042.653332,VS0,VE84
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
accept-ranges: bytes
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B421 0
0 64ms
63ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfT4JvK-ej3PzUpNwPHcOUbEW9TO5ZJmhSJeLzrMD89NkNlOcbXl2ngsc95_CHjSlZ1JepwwtYYrafAdo9Cvmo6u9G1WYLyf2Z1iPpMBNvhP-uwL96I_1jVLat3tC19E0pZWlPuUyTT6rC0sNplnr_Z6FZaIdX9EnQFQ4ua28hjkUMtWgNAwlYFxzXmZlLzSIcx_xqGLsKXzzDFMOuLVBlbX8etqNKZff88TC7Lhv2kD9gcJ26YnLD-YM8Hhe3tx2NTj9UU314n3j9sIyBHK1LREzfN6fQ6WfKNkucqSuux60KE8I8FcrrYsGkje46ncM053UJ981vhQevZuJaUVw3-03bbZtP2blY9j_pII1VdUiHHw2xq7mnYL1MexiIhcQTKRrxz7M5nmE1rjbv8xV486wBFOMEcqVK9SEkybPFcFs&sai=AMfl-YRJXxUMREujcR_65zWnIz9L-OCGVBr_2Fh3H199_2SH0O4vwkD3qghVu_hjIjhmY62LgX716HOpUyu6MQeutQw_g-kU7nfLy33PCi33ecu4V-NrqlioFbvG-jXHigWMig&sig=Cg0ArKJSzIO7o1Zo2JrxEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 02:04:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 14 Oct 2022 02:04:01 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1025
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPfK_T4w4CeBodwfLmixQEg&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPfK_T4w4CeBodwfLmixQEg&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dUJsUXBGalQxT0phM241&google_gid=CAESEPfK_T4w4CeBodwfLmixQEg&google_cver=1&google_push=AZmPxg9T-1ZwdaAtVukbX-pDGQnbQyaehpry91ac39QK3Ev...

170 B
188 B

35ms
35ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dUJsUXBGalQxT0phM241&google_gid=CAESEPfK_T4w4CeBodwfLmixQEg&google_cver=1&google_push=AZmPxg9T-1ZwdaAtVukbX-pDGQnbQyaehpry91ac39QK3EvvWDQBZjc6Q4UmxTiEVOeN0Wq3H2_4y-SiaBtPBOQ8pKNpL_XA4V2A

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 02:04:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 02:04:01 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-0a4402c7ccc8b73ba@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dUJsUXBGalQxT0phM241&google_gid=CAESEPfK_T4w4CeBodwfLmixQEg&google_cver=1&google_push=AZmPxg9T-1ZwdaAtVukbX-pDGQnbQyaehpry91ac39QK3EvvWDQBZjc6Q4UmxTiEVOeN0Wq3H2_4y-SiaBtPBOQ8pKNpL_XA4V2A
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1025
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEJbH08Z7hzBIq2hwhjpkRtE&google_cver=1&google_push=AZmPxg8qwdXH2BXrAKbNSWl051IS860aAUDpxJuE4xvH8eU-VZE6ujv5yW9f9wtp77yQVBnp7BqWjooHKbhlDF...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE1NDE4MzAzNTYyODQ4NDc1Nw%3D%3D&google_push=AZmPxg8qwdXH2BXrAKbNSWl051IS860aAUDpxJuE4xvH8eU-VZE6ujv5yW9f9wtp77yQVBnp7BqWjooHKbhlDFrsIe...

170 B
188 B

36ms
36ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE1NDE4MzAzNTYyODQ4NDc1Nw%3D%3D&google_push=AZmPxg8qwdXH2BXrAKbNSWl051IS860aAUDpxJuE4xvH8eU-VZE6ujv5yW9f9wtp77yQVBnp7BqWjooHKbhlDFrsIe7-uQGEIZIX

Requested by

Host: 029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com
URL: https://029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 02:04:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE1NDE4MzAzNTYyODQ4NDc1Nw%3D%3D&google_push=AZmPxg8qwdXH2BXrAKbNSWl051IS860aAUDpxJuE4xvH8eU-VZE6ujv5yW9f9wtp77yQVBnp7BqWjooHKbhlDFrsIe7-uQGEIZIX
Date: Fri, 14 Oct 2022 02:04:01 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1025
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGvyfsDVFhDuPeNFreIoYyE&google_cver=1&google_push=AZmPxg920qnHy-vKFwzOgFM_ayrwUHHGhEeItKBIC2KroaJ3Cp0BafWplE7q4TiTmPBpo84cxQ7cQFj3...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGvyfsDVFhDuPeNFreIoYyE&google_cver=1&google_push=AZmPxg920qnHy-vKFwzOgFM_ayrwUHHGhEeItKBIC2KroaJ3Cp0BafWplE7q4TiTmPBpo84cxQ7...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA0NzY1OTUwNDUxNzE3OTkxNA&google_push=AZmPxg920qnHy-vKFwzOgFM_ayrwUHHGhEeItKBIC2KroaJ3Cp0BafWplE7q4TiTmPBpo84cxQ7cQF...

170 B
188 B

42ms
42ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA0NzY1OTUwNDUxNzE3OTkxNA&google_push=AZmPxg920qnHy-vKFwzOgFM_ayrwUHHGhEeItKBIC2KroaJ3Cp0BafWplE7q4TiTmPBpo84cxQ7cQFj3M7C5dSTodid3grEt7Qn3

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 02:04:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 02:04:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA0NzY1OTUwNDUxNzE3OTkxNA&google_push=AZmPxg920qnHy-vKFwzOgFM_ayrwUHHGhEeItKBIC2KroaJ3Cp0BafWplE7q4TiTmPBpo84cxQ7cQFj3M7C5dSTodid3grEt7Qn3
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 1025 0
166 B 62ms
18ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDLf4vcyU_KNU0u3Jpq2Nq8&google_cver=1&google_push=AZmPxg8pSyky9x2n0JnMWvENOxSX-viTPZs80-RFBkZZI8yf3kpj55k2Jj5ZRUW2wI9lAEr9Tybh9DhvSxlXdJNfgxxCEiZy5SE
Requested by: Host: 029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com
URL: https://029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Fri, 14 Oct 2022 02:04:01 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1025
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPuTxGwoOuwLZBM_-gxw0Sw&google_cver=1&google_push=AZmPxg8zx50CZTuY3ha4-3J6IhiCjnfwAMzTIjC8YnUhn2BpBI0t_yCwern7vhm2gcFw6gxxxmG...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk3VUpDUVEtTi02N1FD&google_push=AZmPxg8zx50CZTuY3ha4-3J6IhiCjnfwAMzTIjC8YnUhn2BpBI0t_yCwern7vhm2gcFw6gxxxmGsfreMZojOidRaFhtwy_cJQOA

170 B
188 B

34ms
34ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk3VUpDUVEtTi02N1FD&google_push=AZmPxg8zx50CZTuY3ha4-3J6IhiCjnfwAMzTIjC8YnUhn2BpBI0t_yCwern7vhm2gcFw6gxxxmGsfreMZojOidRaFhtwy_cJQOA

Requested by

Host: 029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com
URL: https://029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 02:04:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk3VUpDUVEtTi02N1FD&google_push=AZmPxg8zx50CZTuY3ha4-3J6IhiCjnfwAMzTIjC8YnUhn2BpBI0t_yCwern7vhm2gcFw6gxxxmGsfreMZojOidRaFhtwy_cJQOA
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1025
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEM5-OsP5HpFfKn3BO0g2nL0&google_cver=1&google_push=AZmPxg_chiLsPhlU1H3_lGchDMg-Xfy-APeihkSUeSna7T6imdgishfEkYNEvrrloVrMtTGG_Pnd4ytGRVaJx-VvT...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEM5-OsP5HpFfKn3BO0g2nL0&google_cver=1&google_push=AZmPxg_chiLsPhlU1H3_lGchDMg-Xfy-APeihkSUeSna7T6imdgishfEkYNEvrrloVrMtTGG_Pnd4ytGRVaJx-VvT...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg_chiLsPhlU1H3_lGchDMg-Xfy-APeihkSUeSna7T6imdgishfEkYNEvrrloVrMtTGG_Pnd4ytGRVaJx-VvT80-T80O8Kg&google_hm=FeicJGZHKDpiYM9ARxOpam4g

170 B
188 B

35ms
34ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg_chiLsPhlU1H3_lGchDMg-Xfy-APeihkSUeSna7T6imdgishfEkYNEvrrloVrMtTGG_Pnd4ytGRVaJx-VvT80-T80O8Kg&google_hm=FeicJGZHKDpiYM9ARxOpam4g

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 02:04:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 14 Oct 2022 02:04:03 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg_chiLsPhlU1H3_lGchDMg-Xfy-APeihkSUeSna7T6imdgishfEkYNEvrrloVrMtTGG_Pnd4ytGRVaJx-VvT80-T80O8Kg&google_hm=FeicJGZHKDpiYM9ARxOpam4g
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap1sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1025
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEB6JbXOwRGO521_sjnAjNBI&google_cver=1&google_push=AZmPxg-CDrTTGjUt_K2bCKzb00AZx6xv191TmoBQQyw0895AnNfQPYSa4kYtyQnp7ZCKnljCVaoF4bCFb1xqaadP70V5i6...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEB6JbXOwRGO521_sjnAjNBI&google_cver=1&google_push=AZmPxg-CDrTTGjUt_K2bCKzb00AZx6xv191TmoBQQyw0895AnNfQPYSa4kYtyQnp7ZCKnljCVaoF4bCFb1xqaadP...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=S3TEll_zT0CTuAgeONMKwA&google_push=AZmPxg-CDrTTGjUt_K2bCKzb00AZx6xv191TmoBQQyw0895AnNfQPYSa4kYtyQnp7ZCKnljCVaoF4bCFb1xqaad...

170 B
188 B

35ms
35ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=S3TEll_zT0CTuAgeONMKwA&google_push=AZmPxg-CDrTTGjUt_K2bCKzb00AZx6xv191TmoBQQyw0895AnNfQPYSa4kYtyQnp7ZCKnljCVaoF4bCFb1xqaadP70V5i6PI-prz

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 02:04:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=S3TEll_zT0CTuAgeONMKwA&google_push=AZmPxg-CDrTTGjUt_K2bCKzb00AZx6xv191TmoBQQyw0895AnNfQPYSa4kYtyQnp7ZCKnljCVaoF4bCFb1xqaadP70V5i6PI-prz
access-control-allow-origin: *
date: Fri, 14 Oct 2022 02:04:01 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 1025 0
12 B 84ms
32ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JpsRLs0D5OLBS68Kf0nMfX4l3ZOAYCmMdaEwwr6q2yU124gteVb0u4IyfKxjAQK6vfPTAA

Requested by

Host: 029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com
URL: https://029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 02:04:01 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame C204 3 KB
4 KB 82ms
29ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 02:04:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 593
x-guploader-uploadid: ADPycduKQNVDY0CSOYWWI89vgO5oPEyInaT9LxSJr_kKlz8fnDNOqSCOqPyzFTyyqbQAN96VmVGSJI7gybz1kQBZZAATgUe6fRWC
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uKW1WpRZuAgXPfEcUsZv0HCGb3m%2FXdBnb0LfMW9Hl56xcuw0SJMBVJQoEn6zXRA3AgTJY9urS%2BsEGBPCWR2D938mxjvFTp2HuUAY5yUT9dxMsVD8jXVQxB6EPsGVhW0bHbTxhFjwh6VoIKghB6xvhPBW"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 759cbdeecb3ed239-CDG
expires: Fri, 14 Oct 2022 02:54:08 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 621D 2 KB
1 KB 28ms
27ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 1576666
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 759cbdee8d56d64a-CDG
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Fri, 14 Oct 2022 02:04:01 GMT
expires: Sun, 25 Sep 2022 21:03:20 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sKzbSBY9%2BZw9Qo6WUkePbsSW1IsW6xM8D11lyhUcDGR%2Ft7S8XT%2FTmGxtpYy4CdzI6xhONriaxBhkH%2BYewPAadjFhXqtcLR7yxrpORfuOwbTOPWUeK%2B2WMYjsrnJWC%2BkHpAHRxRs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F730 0
10 B 24ms
24ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?v8dOeA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 02:04:01 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 200 rs Show response
ad4m.at/ Frame C204 2 KB
2 KB 45ms
44ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40e05151590fdc01a16e813cdd0b44c12ff83584fa72f15cdf9fbf282067fcd1

Request headers

Referer
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 14 Oct 2022 02:04:01 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p2NSFfhELwDgmpq0ivE0fbnIXQSAw55MfOkB8%2F639VFM7QsLP1zFUiRiW%2B0C%2FLMicmJSKDzxGnFEjGUOQ359UVwmfbo0v%2BgBv0W5wHasttBa0HGu%2BiA%2Bc9ANttQZ%2B4H%2FlnEZWjw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 759cbdef3c45f128-CDG
x-backend-server: aa-reachservice-group-europe-west1-2p34
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 65ms
42ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 759cbdeefb67f128-CDG
content-length: 24
content-type: text/plain
date: Fri, 14 Oct 2022 02:04:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DspDnjvn2Ne%2F%2FAEU8WxuLD4VYh42%2FqnVXYbhBctoXFQcSthBjYlaH9LJS5vfBCzZBTYhOJDtVE%2FZeoHAgquR8ecn7bf1y8kTsX86EIkhG9zP%2FCWFxiWgspnEv42HNUCwjPlBHU8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-2p34

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame B954 9 KB
4 KB 53ms
53ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=119648%2C15737%2C311476&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=5f835dad94db43a5c235f4b1c0ac6425%2F4626887171977844298&i=30425%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1665713041809&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gf8nzpvjzgxg5yhx4067vqtefddq7ajh642n35jd2jcpqt2bzt7zfxvrvxbjnms1d37ne0txfxfkdb27e8az6n4drs80k5ejec3cznmkznhk4swr2hq9skr4ejqb8b533vpj6e5w3ag5tnf2hmgrz3ysxkf5344j890cwdnvjbpfn39mnjb16vyrq0ds8myknnrt07deexfw45668st6fcmba4ndppd659t822qhggpa1ph0zvr2semngd8a0zvqnzh87qyt3y4ed1yndhg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1TcPkMNIY77QLb_77_UPg-qsuAbi0rL2YcexjoqOCMCNtwEQASAAYPuBgICcCoIBF2NhLXB1Yi0xNTk5Nzc3MTY3NzE1NzA0yAEJqQK9jZ-0omewPuACAKgDAaoE-gJP0J-6pVl36Cqn81c3Tgzc4pUIa552l-xSta93rfH4AdwRnhDHScdMQz8ZaJ6mNgPnqBzhf1pXpt93H8G53sDZJjw8izh3HUevcjdoLU5CCTBJ-EeEzu44TiXwIIflzDiTmm7C_lNrobIysbTE2DpPCD5ibpb9HWx2bDelz_GND5Wj7V6kGmLVa-26Us49kK3RNNAp7SHSPdtBUj3ds1YUzYdc2xOhha2bHHC9krjOSITKgt4E6GxhiXrkEM8BKjkdfUHP9-DMVpZhXX0ww00GNU5BcXzx8fIs2SOVVP37RO8nFEO_DXIQVOjx_4KIARlhnhUtjzn5yVYS5A5i0pTAUBasROu0jM1AYGgQEJLadFXyFre72z3PUS1Glbar0xoL-fgWF-AzNO6mHbZ89Zzr_OcQMKS1Cn21p6ZbvKA5y-H0zNLHf83_uMGhMDQS9gpbAK3CelUCDSFg1insCV5HFZSzm9KoXM9-YVxCvE4l146VrzZkooIJNjrgBAGABvjMiNHHpbHPI6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1987ylV7JaslEJG22zaLDIWdQZhw%2526client%253Dca-pub-1599777167715704%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e1960e2965093c11b3e7285137bd33c551da5a17584b84fd665864df9dc80e9

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1j9jny67cfp1hxt2v0aqd7412vdyc0n96hmz2dpk72pdpa5tag0vsan4c81mm06edadkh7xdk16df96847gea00q8e1hw10zwm6djs6d8m3v0jnsp1zvwy0my8e5f9pjkpn01mh1mxyegajnya0zdead1z24kczdpfkaxjby3gntcz48xaek35sv6akpwj2h0t3m3akksm2rdcs3r7qqpw8p67m9nxv4k73fvn2wzjwmm6cm73pepgrz311t984tyrzk16qfaqpcvrbgw5rb2b4c29wwb7dv150gbab7760v3bh72zx328z6g50xvcnawzem0keqhghp1675244jgjy4cnz84a9xdweeag8539v5wbjcg7e3hr88x00d4kna3jdtc1ykve8wbvr991vvfx0d7s15vk71w6n2z7qpc7v3zkjyv1sfvvg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1TcPkMNIY77QLb_77_UPg-qsuAbi0rL2YcexjoqOCMCNtwEQASAAYPuBgICcCoIBF2NhLXB1Yi0xNTk5Nzc3MTY3NzE1NzA0yAEJqQK9jZ-0omewPuACAKgDAaoE-gJP0J-6pVl36Cqn81c3Tgzc4pUIa552l-xSta93rfH4AdwRnhDHScdMQz8ZaJ6mNgPnqBzhf1pXpt93H8G53sDZJjw8izh3HUevcjdoLU5CCTBJ-EeEzu44TiXwIIflzDiTmm7C_lNrobIysbTE2DpPCD5ibpb9HWx2bDelz_GND5Wj7V6kGmLVa-26Us49kK3RNNAp7SHSPdtBUj3ds1YUzYdc2xOhha2bHHC9krjOSITKgt4E6GxhiXrkEM8BKjkdfUHP9-DMVpZhXX0ww00GNU5BcXzx8fIs2SOVVP37RO8nFEO_DXIQVOjx_4KIARlhnhUtjzn5yVYS5A5i0pTAUBasROu0jM1AYGgQEJLadFXyFre72z3PUS1Glbar0xoL-fgWF-AzNO6mHbZ89Zzr_OcQMKS1Cn21p6ZbvKA5y-H0zNLHf83_uMGhMDQS9gpbAK3CelUCDSFg1insCV5HFZSzm9KoXM9-YVxCvE4l146VrzZkooIJNjrgBAGABvjMiNHHpbHPI6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1987ylV7JaslEJG22zaLDIWdQZhw%26client%3Dca-pub-1599777167715704%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 759cbdef8df9d64a-CDG
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 02:04:01 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.23/one-ad/ Frame B954 85 KB
11 KB 29ms
28ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C311476&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=5f835dad94db43a5c235f4b1c0ac6425%2F4626887171977844298&i=30425%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1665713041809&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gf8nzpvjzgxg5yhx4067vqtefddq7ajh642n35jd2jcpqt2bzt7zfxvrvxbjnms1d37ne0txfxfkdb27e8az6n4drs80k5ejec3cznmkznhk4swr2hq9skr4ejqb8b533vpj6e5w3ag5tnf2hmgrz3ysxkf5344j890cwdnvjbpfn39mnjb16vyrq0ds8myknnrt07deexfw45668st6fcmba4ndppd659t822qhggpa1ph0zvr2semngd8a0zvqnzh87qyt3y4ed1yndhg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1TcPkMNIY77QLb_77_UPg-qsuAbi0rL2YcexjoqOCMCNtwEQASAAYPuBgICcCoIBF2NhLXB1Yi0xNTk5Nzc3MTY3NzE1NzA0yAEJqQK9jZ-0omewPuACAKgDAaoE-gJP0J-6pVl36Cqn81c3Tgzc4pUIa552l-xSta93rfH4AdwRnhDHScdMQz8ZaJ6mNgPnqBzhf1pXpt93H8G53sDZJjw8izh3HUevcjdoLU5CCTBJ-EeEzu44TiXwIIflzDiTmm7C_lNrobIysbTE2DpPCD5ibpb9HWx2bDelz_GND5Wj7V6kGmLVa-26Us49kK3RNNAp7SHSPdtBUj3ds1YUzYdc2xOhha2bHHC9krjOSITKgt4E6GxhiXrkEM8BKjkdfUHP9-DMVpZhXX0ww00GNU5BcXzx8fIs2SOVVP37RO8nFEO_DXIQVOjx_4KIARlhnhUtjzn5yVYS5A5i0pTAUBasROu0jM1AYGgQEJLadFXyFre72z3PUS1Glbar0xoL-fgWF-AzNO6mHbZ89Zzr_OcQMKS1Cn21p6ZbvKA5y-H0zNLHf83_uMGhMDQS9gpbAK3CelUCDSFg1insCV5HFZSzm9KoXM9-YVxCvE4l146VrzZkooIJNjrgBAGABvjMiNHHpbHPI6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1987ylV7JaslEJG22zaLDIWdQZhw%2526client%253Dca-pub-1599777167715704%2526adurl%253D&y=1&s=&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C311476&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=5f835dad94db43a5c235f4b1c0ac6425%2F4626887171977844298&i=30425%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1665713041809&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gf8nzpvjzgxg5yhx4067vqtefddq7ajh642n35jd2jcpqt2bzt7zfxvrvxbjnms1d37ne0txfxfkdb27e8az6n4drs80k5ejec3cznmkznhk4swr2hq9skr4ejqb8b533vpj6e5w3ag5tnf2hmgrz3ysxkf5344j890cwdnvjbpfn39mnjb16vyrq0ds8myknnrt07deexfw45668st6fcmba4ndppd659t822qhggpa1ph0zvr2semngd8a0zvqnzh87qyt3y4ed1yndhg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1TcPkMNIY77QLb_77_UPg-qsuAbi0rL2YcexjoqOCMCNtwEQASAAYPuBgICcCoIBF2NhLXB1Yi0xNTk5Nzc3MTY3NzE1NzA0yAEJqQK9jZ-0omewPuACAKgDAaoE-gJP0J-6pVl36Cqn81c3Tgzc4pUIa552l-xSta93rfH4AdwRnhDHScdMQz8ZaJ6mNgPnqBzhf1pXpt93H8G53sDZJjw8izh3HUevcjdoLU5CCTBJ-EeEzu44TiXwIIflzDiTmm7C_lNrobIysbTE2DpPCD5ibpb9HWx2bDelz_GND5Wj7V6kGmLVa-26Us49kK3RNNAp7SHSPdtBUj3ds1YUzYdc2xOhha2bHHC9krjOSITKgt4E6GxhiXrkEM8BKjkdfUHP9-DMVpZhXX0ww00GNU5BcXzx8fIs2SOVVP37RO8nFEO_DXIQVOjx_4KIARlhnhUtjzn5yVYS5A5i0pTAUBasROu0jM1AYGgQEJLadFXyFre72z3PUS1Glbar0xoL-fgWF-AzNO6mHbZ89Zzr_OcQMKS1Cn21p6ZbvKA5y-H0zNLHf83_uMGhMDQS9gpbAK3CelUCDSFg1insCV5HFZSzm9KoXM9-YVxCvE4l146VrzZkooIJNjrgBAGABvjMiNHHpbHPI6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1987ylV7JaslEJG22zaLDIWdQZhw%2526client%253Dca-pub-1599777167715704%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 02:04:01 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status: HIT
age: 301601
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86781
surrogate-control: no-store
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 26 Sep 2022 14:17:17 GMT
cross-origin-opener-policy: unsafe-none
server: cloudflare
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 759cbdefee37d64a-CDG
expires: 0

GET
H2 200 B0EDC68C309BDDA02F64C4991062A43B14E72A0AA73A6F51E7A8455BC4EFF483B071BD9AB1B71EF32E77D6EDA267FA58388EA510B235554069E6779802922590.
assets.ad4m.at/logo/ Frame B954 3 KB
4 KB 36ms
27ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B0EDC68C309BDDA02F64C4991062A43B14E72A0AA73A6F51E7A8455BC4EFF483B071BD9AB1B71EF32E77D6EDA267FA58388EA510B235554069E6779802922590.
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C311476&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=5f835dad94db43a5c235f4b1c0ac6425%2F4626887171977844298&i=30425%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1665713041809&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gf8nzpvjzgxg5yhx4067vqtefddq7ajh642n35jd2jcpqt2bzt7zfxvrvxbjnms1d37ne0txfxfkdb27e8az6n4drs80k5ejec3cznmkznhk4swr2hq9skr4ejqb8b533vpj6e5w3ag5tnf2hmgrz3ysxkf5344j890cwdnvjbpfn39mnjb16vyrq0ds8myknnrt07deexfw45668st6fcmba4ndppd659t822qhggpa1ph0zvr2semngd8a0zvqnzh87qyt3y4ed1yndhg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1TcPkMNIY77QLb_77_UPg-qsuAbi0rL2YcexjoqOCMCNtwEQASAAYPuBgICcCoIBF2NhLXB1Yi0xNTk5Nzc3MTY3NzE1NzA0yAEJqQK9jZ-0omewPuACAKgDAaoE-gJP0J-6pVl36Cqn81c3Tgzc4pUIa552l-xSta93rfH4AdwRnhDHScdMQz8ZaJ6mNgPnqBzhf1pXpt93H8G53sDZJjw8izh3HUevcjdoLU5CCTBJ-EeEzu44TiXwIIflzDiTmm7C_lNrobIysbTE2DpPCD5ibpb9HWx2bDelz_GND5Wj7V6kGmLVa-26Us49kK3RNNAp7SHSPdtBUj3ds1YUzYdc2xOhha2bHHC9krjOSITKgt4E6GxhiXrkEM8BKjkdfUHP9-DMVpZhXX0ww00GNU5BcXzx8fIs2SOVVP37RO8nFEO_DXIQVOjx_4KIARlhnhUtjzn5yVYS5A5i0pTAUBasROu0jM1AYGgQEJLadFXyFre72z3PUS1Glbar0xoL-fgWF-AzNO6mHbZ89Zzr_OcQMKS1Cn21p6ZbvKA5y-H0zNLHf83_uMGhMDQS9gpbAK3CelUCDSFg1insCV5HFZSzm9KoXM9-YVxCvE4l146VrzZkooIJNjrgBAGABvjMiNHHpbHPI6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1987ylV7JaslEJG22zaLDIWdQZhw%2526client%253Dca-pub-1599777167715704%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6662a88e91de4223a31c5ea17534f89906d0e40d33e5f07e84d5700b2836bbad

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 02:04:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1750286
cf-polished: origFmt=png, origSize=14458
content-disposition: inline; filename="B0EDC68C309BDDA02F64C4991062A43B14E72A0AA73A6F51E7A8455BC4EFF483B071BD9AB1B71EF32E77D6EDA267FA58388EA510B235554069E6779802922590.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3490
cf-bgj: imgq:85,h2pri
last-modified: Fri, 07 May 2021 10:01:33 GMT
server: cloudflare
etag: "dab6e07cc0ddae30cee97f47f1ed718c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D61Qs%2F4acMS%2BeC2dU5QwgS%2BkK6O76sSMuqHD0p1EN7ywHlqsBaT7LqZ8kOknTfebn9jHOGk5TWRR27qeAMR0OhYZ3dibacBMA7fJW47NcNm1gBUZDRqhUgtGbdd5pFkOmFrmOjN9rm4qPXWO"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 759cbdefffe3d71e-CDG
expires: Sat, 15 Oct 2022 02:04:01 GMT

GET
H2 200 E9568BF16A4CF16F4C3D6132693718A938BB4E733CD0FEFA608F1AADCD73C1EF1DAE8494C29C63AAD70B63F0CAE3AF121DC5C5FA887CD79B3430024006F84E87.
assets.ad4m.at/product_image/ Frame B954 66 KB
67 KB 55ms
47ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/E9568BF16A4CF16F4C3D6132693718A938BB4E733CD0FEFA608F1AADCD73C1EF1DAE8494C29C63AAD70B63F0CAE3AF121DC5C5FA887CD79B3430024006F84E87.
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C311476&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=5f835dad94db43a5c235f4b1c0ac6425%2F4626887171977844298&i=30425%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1665713041809&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gf8nzpvjzgxg5yhx4067vqtefddq7ajh642n35jd2jcpqt2bzt7zfxvrvxbjnms1d37ne0txfxfkdb27e8az6n4drs80k5ejec3cznmkznhk4swr2hq9skr4ejqb8b533vpj6e5w3ag5tnf2hmgrz3ysxkf5344j890cwdnvjbpfn39mnjb16vyrq0ds8myknnrt07deexfw45668st6fcmba4ndppd659t822qhggpa1ph0zvr2semngd8a0zvqnzh87qyt3y4ed1yndhg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1TcPkMNIY77QLb_77_UPg-qsuAbi0rL2YcexjoqOCMCNtwEQASAAYPuBgICcCoIBF2NhLXB1Yi0xNTk5Nzc3MTY3NzE1NzA0yAEJqQK9jZ-0omewPuACAKgDAaoE-gJP0J-6pVl36Cqn81c3Tgzc4pUIa552l-xSta93rfH4AdwRnhDHScdMQz8ZaJ6mNgPnqBzhf1pXpt93H8G53sDZJjw8izh3HUevcjdoLU5CCTBJ-EeEzu44TiXwIIflzDiTmm7C_lNrobIysbTE2DpPCD5ibpb9HWx2bDelz_GND5Wj7V6kGmLVa-26Us49kK3RNNAp7SHSPdtBUj3ds1YUzYdc2xOhha2bHHC9krjOSITKgt4E6GxhiXrkEM8BKjkdfUHP9-DMVpZhXX0ww00GNU5BcXzx8fIs2SOVVP37RO8nFEO_DXIQVOjx_4KIARlhnhUtjzn5yVYS5A5i0pTAUBasROu0jM1AYGgQEJLadFXyFre72z3PUS1Glbar0xoL-fgWF-AzNO6mHbZ89Zzr_OcQMKS1Cn21p6ZbvKA5y-H0zNLHf83_uMGhMDQS9gpbAK3CelUCDSFg1insCV5HFZSzm9KoXM9-YVxCvE4l146VrzZkooIJNjrgBAGABvjMiNHHpbHPI6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1987ylV7JaslEJG22zaLDIWdQZhw%2526client%253Dca-pub-1599777167715704%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8adfb6325b9f5e2692f750d016484c154ee4c0ef5fa804f511a5932683612ff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 02:04:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1749572
cf-polished: origFmt=png, origSize=142926
content-disposition: inline; filename="E9568BF16A4CF16F4C3D6132693718A938BB4E733CD0FEFA608F1AADCD73C1EF1DAE8494C29C63AAD70B63F0CAE3AF121DC5C5FA887CD79B3430024006F84E87.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 67486
cf-bgj: imgq:85,h2pri
last-modified: Fri, 07 May 2021 09:55:07 GMT
server: cloudflare
etag: "094f912bcc63eefcc3e544b9efc88d5b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0sydQAhuIBkREwqyGFWnn9N4sXe%2BcCAnQB5uwsYgXyviUsO2Z2%2BATKZz%2FJaL%2FDBaf2wSk2240U89oEbK9NutJOg22uK6JwrPQVfbgJxi2y5kRRFE%2FIUPWtiK0B2lH1poz%2FlOFTu9Zl4LH6%2B5"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 759cbdefffe6d71e-CDG
expires: Sat, 15 Oct 2022 02:04:01 GMT

GET
H/1.1 200
OK /
jpp.aircaraibes.com/ Frame B954 43 B
2 KB 97ms
37ms Image
image/gif 95.131.136.1
OXALIDE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jpp.aircaraibes.com/?t=P51125B56C8632157&argsite=oneidpAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCEoneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C311476&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=5f835dad94db43a5c235f4b1c0ac6425%2F4626887171977844298&i=30425%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1665713041809&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gf8nzpvjzgxg5yhx4067vqtefddq7ajh642n35jd2jcpqt2bzt7zfxvrvxbjnms1d37ne0txfxfkdb27e8az6n4drs80k5ejec3cznmkznhk4swr2hq9skr4ejqb8b533vpj6e5w3ag5tnf2hmgrz3ysxkf5344j890cwdnvjbpfn39mnjb16vyrq0ds8myknnrt07deexfw45668st6fcmba4ndppd659t822qhggpa1ph0zvr2semngd8a0zvqnzh87qyt3y4ed1yndhg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1TcPkMNIY77QLb_77_UPg-qsuAbi0rL2YcexjoqOCMCNtwEQASAAYPuBgICcCoIBF2NhLXB1Yi0xNTk5Nzc3MTY3NzE1NzA0yAEJqQK9jZ-0omewPuACAKgDAaoE-gJP0J-6pVl36Cqn81c3Tgzc4pUIa552l-xSta93rfH4AdwRnhDHScdMQz8ZaJ6mNgPnqBzhf1pXpt93H8G53sDZJjw8izh3HUevcjdoLU5CCTBJ-EeEzu44TiXwIIflzDiTmm7C_lNrobIysbTE2DpPCD5ibpb9HWx2bDelz_GND5Wj7V6kGmLVa-26Us49kK3RNNAp7SHSPdtBUj3ds1YUzYdc2xOhha2bHHC9krjOSITKgt4E6GxhiXrkEM8BKjkdfUHP9-DMVpZhXX0ww00GNU5BcXzx8fIs2SOVVP37RO8nFEO_DXIQVOjx_4KIARlhnhUtjzn5yVYS5A5i0pTAUBasROu0jM1AYGgQEJLadFXyFre72z3PUS1Glbar0xoL-fgWF-AzNO6mHbZ89Zzr_OcQMKS1Cn21p6ZbvKA5y-H0zNLHf83_uMGhMDQS9gpbAK3CelUCDSFg1insCV5HFZSzm9KoXM9-YVxCvE4l146VrzZkooIJNjrgBAGABvjMiNHHpbHPI6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1987ylV7JaslEJG22zaLDIWdQZhw%2526client%253Dca-pub-1599777167715704%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.131.136.1 , France, ASN47841 (OXALIDE, FR),
Reverse DNS: front.netaffiliation.net
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Fri, 14 Oct 2022 02:04:01 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.010420083999634
Connection: close
X-TRK-PROC: 70235
Pragma: no-cache
X-TRK-SRV: 2
Server: nginx
Last-Modified: Fri, 14 Oct 2022 02:04:01 GMT
X-TRK-DECISION: 7
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 428B4F86A38145D669F90866C84A73C58435858F83697B5B6D22512EF73005EAE84F90ABCEA7772B8F8DE919A137DE18FAB6D754D4F2B3999316EE0F11152295
assets.ad4m.at/logo/ Frame B954 14 KB
15 KB 54ms
47ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/428B4F86A38145D669F90866C84A73C58435858F83697B5B6D22512EF73005EAE84F90ABCEA7772B8F8DE919A137DE18FAB6D754D4F2B3999316EE0F11152295
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C311476&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=5f835dad94db43a5c235f4b1c0ac6425%2F4626887171977844298&i=30425%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1665713041809&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gf8nzpvjzgxg5yhx4067vqtefddq7ajh642n35jd2jcpqt2bzt7zfxvrvxbjnms1d37ne0txfxfkdb27e8az6n4drs80k5ejec3cznmkznhk4swr2hq9skr4ejqb8b533vpj6e5w3ag5tnf2hmgrz3ysxkf5344j890cwdnvjbpfn39mnjb16vyrq0ds8myknnrt07deexfw45668st6fcmba4ndppd659t822qhggpa1ph0zvr2semngd8a0zvqnzh87qyt3y4ed1yndhg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1TcPkMNIY77QLb_77_UPg-qsuAbi0rL2YcexjoqOCMCNtwEQASAAYPuBgICcCoIBF2NhLXB1Yi0xNTk5Nzc3MTY3NzE1NzA0yAEJqQK9jZ-0omewPuACAKgDAaoE-gJP0J-6pVl36Cqn81c3Tgzc4pUIa552l-xSta93rfH4AdwRnhDHScdMQz8ZaJ6mNgPnqBzhf1pXpt93H8G53sDZJjw8izh3HUevcjdoLU5CCTBJ-EeEzu44TiXwIIflzDiTmm7C_lNrobIysbTE2DpPCD5ibpb9HWx2bDelz_GND5Wj7V6kGmLVa-26Us49kK3RNNAp7SHSPdtBUj3ds1YUzYdc2xOhha2bHHC9krjOSITKgt4E6GxhiXrkEM8BKjkdfUHP9-DMVpZhXX0ww00GNU5BcXzx8fIs2SOVVP37RO8nFEO_DXIQVOjx_4KIARlhnhUtjzn5yVYS5A5i0pTAUBasROu0jM1AYGgQEJLadFXyFre72z3PUS1Glbar0xoL-fgWF-AzNO6mHbZ89Zzr_OcQMKS1Cn21p6ZbvKA5y-H0zNLHf83_uMGhMDQS9gpbAK3CelUCDSFg1insCV5HFZSzm9KoXM9-YVxCvE4l146VrzZkooIJNjrgBAGABvjMiNHHpbHPI6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1987ylV7JaslEJG22zaLDIWdQZhw%2526client%253Dca-pub-1599777167715704%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8ca95bea0088adcca0e776307c22c9d9b3d2d34315ad8786dfa06fefdbc4ee2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 02:04:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 715854
cf-polished: qual=85, origFmt=jpeg, origSize=19949
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14750
cf-bgj: imgq:85,h2pri
last-modified: Fri, 17 Jan 2020 09:30:38 GMT
server: cloudflare
etag: "154fb66239e650cf2764a96b35f0d921"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6eFyeyjqzX2fPit9EzjbaawciJH4l2bA1kCY8Km9kH8XAA2%2FCB9Kf9jKCUjaWJwKn3VeI%2BLlA9murHoDV%2FQpamvdK0JOgALvS3KYBDcf%2Bn1KtpljQyIBgCL23FYOJN91L%2F5e%2B%2F2gz6QxhbSK"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 759cbdefffe5d71e-CDG
expires: Sat, 15 Oct 2022 02:04:01 GMT

GET
H2 200 F0432772436E6C2650E58DF5102BE7D3453906115ACEFD48EBE7ED3B341913EECAF487CB8A03037163CBFC62185CA2D7AC7345F7901A61AF74A0A01EB6EDEE85
assets.ad4m.at/ Frame B954 274 KB
275 KB 34ms
28ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/F0432772436E6C2650E58DF5102BE7D3453906115ACEFD48EBE7ED3B341913EECAF487CB8A03037163CBFC62185CA2D7AC7345F7901A61AF74A0A01EB6EDEE85
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C311476&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=5f835dad94db43a5c235f4b1c0ac6425%2F4626887171977844298&i=30425%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1665713041809&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gf8nzpvjzgxg5yhx4067vqtefddq7ajh642n35jd2jcpqt2bzt7zfxvrvxbjnms1d37ne0txfxfkdb27e8az6n4drs80k5ejec3cznmkznhk4swr2hq9skr4ejqb8b533vpj6e5w3ag5tnf2hmgrz3ysxkf5344j890cwdnvjbpfn39mnjb16vyrq0ds8myknnrt07deexfw45668st6fcmba4ndppd659t822qhggpa1ph0zvr2semngd8a0zvqnzh87qyt3y4ed1yndhg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1TcPkMNIY77QLb_77_UPg-qsuAbi0rL2YcexjoqOCMCNtwEQASAAYPuBgICcCoIBF2NhLXB1Yi0xNTk5Nzc3MTY3NzE1NzA0yAEJqQK9jZ-0omewPuACAKgDAaoE-gJP0J-6pVl36Cqn81c3Tgzc4pUIa552l-xSta93rfH4AdwRnhDHScdMQz8ZaJ6mNgPnqBzhf1pXpt93H8G53sDZJjw8izh3HUevcjdoLU5CCTBJ-EeEzu44TiXwIIflzDiTmm7C_lNrobIysbTE2DpPCD5ibpb9HWx2bDelz_GND5Wj7V6kGmLVa-26Us49kK3RNNAp7SHSPdtBUj3ds1YUzYdc2xOhha2bHHC9krjOSITKgt4E6GxhiXrkEM8BKjkdfUHP9-DMVpZhXX0ww00GNU5BcXzx8fIs2SOVVP37RO8nFEO_DXIQVOjx_4KIARlhnhUtjzn5yVYS5A5i0pTAUBasROu0jM1AYGgQEJLadFXyFre72z3PUS1Glbar0xoL-fgWF-AzNO6mHbZ89Zzr_OcQMKS1Cn21p6ZbvKA5y-H0zNLHf83_uMGhMDQS9gpbAK3CelUCDSFg1insCV5HFZSzm9KoXM9-YVxCvE4l146VrzZkooIJNjrgBAGABvjMiNHHpbHPI6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1987ylV7JaslEJG22zaLDIWdQZhw%2526client%253Dca-pub-1599777167715704%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30a24bcc771a3c3b6b5f7e83a9effad604a4f01b8d447a96c101d919b85e6795

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 02:04:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 378466
cf-polished: origFmt=png, origSize=547949
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 280758
cf-bgj: imgq:85,h2pri
last-modified: Mon, 06 Jan 2020 15:34:15 GMT
server: cloudflare
etag: "f649a1d1393c254187d15397a3ff891b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MRXeQfNuB6PECQ778rnpmQFP0F0PtgY93QVEZzLbQLu4b3q5dHzdSjl3oiuzUwgM%2B5bw1Ix79tITppzG1mnhBgKp92GKCt1dmqQRDZFR3MubWyyYLlUkyd7cc5NUgyVCS%2FSo1lbQmMFG%2FPk9"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 759cbdefffe0d71e-CDG
expires: Sat, 15 Oct 2022 02:04:01 GMT

GET
H2

200

img_13_13_23.gif
img.metaffiliation.com/4/58179/ Frame B954
Redirect Chain

https://action.metaffiliation.com/trk.php?maff=P4E34356C8631D13&argsite=oneidY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphroneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0
https://img.metaffiliation.com/4/58179/img_13_13_23.gif

133 KB
133 KB

104ms
20ms

Image
image/gif

192.229.220.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.metaffiliation.com/4/58179/img_13_13_23.gif
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C311476&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=5f835dad94db43a5c235f4b1c0ac6425%2F4626887171977844298&i=30425%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1665713041809&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gf8nzpvjzgxg5yhx4067vqtefddq7ajh642n35jd2jcpqt2bzt7zfxvrvxbjnms1d37ne0txfxfkdb27e8az6n4drs80k5ejec3cznmkznhk4swr2hq9skr4ejqb8b533vpj6e5w3ag5tnf2hmgrz3ysxkf5344j890cwdnvjbpfn39mnjb16vyrq0ds8myknnrt07deexfw45668st6fcmba4ndppd659t822qhggpa1ph0zvr2semngd8a0zvqnzh87qyt3y4ed1yndhg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1TcPkMNIY77QLb_77_UPg-qsuAbi0rL2YcexjoqOCMCNtwEQASAAYPuBgICcCoIBF2NhLXB1Yi0xNTk5Nzc3MTY3NzE1NzA0yAEJqQK9jZ-0omewPuACAKgDAaoE-gJP0J-6pVl36Cqn81c3Tgzc4pUIa552l-xSta93rfH4AdwRnhDHScdMQz8ZaJ6mNgPnqBzhf1pXpt93H8G53sDZJjw8izh3HUevcjdoLU5CCTBJ-EeEzu44TiXwIIflzDiTmm7C_lNrobIysbTE2DpPCD5ibpb9HWx2bDelz_GND5Wj7V6kGmLVa-26Us49kK3RNNAp7SHSPdtBUj3ds1YUzYdc2xOhha2bHHC9krjOSITKgt4E6GxhiXrkEM8BKjkdfUHP9-DMVpZhXX0ww00GNU5BcXzx8fIs2SOVVP37RO8nFEO_DXIQVOjx_4KIARlhnhUtjzn5yVYS5A5i0pTAUBasROu0jM1AYGgQEJLadFXyFre72z3PUS1Glbar0xoL-fgWF-AzNO6mHbZ89Zzr_OcQMKS1Cn21p6ZbvKA5y-H0zNLHf83_uMGhMDQS9gpbAK3CelUCDSFg1insCV5HFZSzm9KoXM9-YVxCvE4l146VrzZkooIJNjrgBAGABvjMiNHHpbHPI6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1987ylV7JaslEJG22zaLDIWdQZhw%2526client%253Dca-pub-1599777167715704%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Server: 192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (paa/6F7F) /
Resource Hash: 66b24eb77aabe2b1fffe8ba0aaec05db13f8e7f5710a52785d99f3b1136a567c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 02:04:02 GMT
content-encoding: gzip
last-modified: Wed, 08 Jan 2020 14:04:52 GMT
server: ECAcc (paa/6F7F)
age: 1144
etag: "5e15e184-21403"
vary: Accept-Encoding
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=600, s-maxage=3600
accept-ranges: bytes
content-length: 135736

Redirect headers

Date: Fri, 14 Oct 2022 02:04:01 GMT
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.0081329345703125
Connection: close
X-TRK-PROC: 58179
Pragma: no-cache
X-TRK-SRV: 6
Server: nginx
Last-Modified: Fri, 14 Oct 2022 02:04:01 GMT
X-TRK-DECISION: 3
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Location: https://img.metaffiliation.com/4/58179/img_13_13_23.gif
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 4152008FA3D646ED4C833EF42E1D50F4EACE2DEE9918F0C3A01B822A121FE7D49B79F3D604D9BB460422C9933408EB8FC024051051B8566807EA89FBAC66EAE6
assets.ad4m.at/product_image/ Frame B954 36 KB
37 KB 53ms
46ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/4152008FA3D646ED4C833EF42E1D50F4EACE2DEE9918F0C3A01B822A121FE7D49B79F3D604D9BB460422C9933408EB8FC024051051B8566807EA89FBAC66EAE6
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C311476&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=5f835dad94db43a5c235f4b1c0ac6425%2F4626887171977844298&i=30425%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1665713041809&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gf8nzpvjzgxg5yhx4067vqtefddq7ajh642n35jd2jcpqt2bzt7zfxvrvxbjnms1d37ne0txfxfkdb27e8az6n4drs80k5ejec3cznmkznhk4swr2hq9skr4ejqb8b533vpj6e5w3ag5tnf2hmgrz3ysxkf5344j890cwdnvjbpfn39mnjb16vyrq0ds8myknnrt07deexfw45668st6fcmba4ndppd659t822qhggpa1ph0zvr2semngd8a0zvqnzh87qyt3y4ed1yndhg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1TcPkMNIY77QLb_77_UPg-qsuAbi0rL2YcexjoqOCMCNtwEQASAAYPuBgICcCoIBF2NhLXB1Yi0xNTk5Nzc3MTY3NzE1NzA0yAEJqQK9jZ-0omewPuACAKgDAaoE-gJP0J-6pVl36Cqn81c3Tgzc4pUIa552l-xSta93rfH4AdwRnhDHScdMQz8ZaJ6mNgPnqBzhf1pXpt93H8G53sDZJjw8izh3HUevcjdoLU5CCTBJ-EeEzu44TiXwIIflzDiTmm7C_lNrobIysbTE2DpPCD5ibpb9HWx2bDelz_GND5Wj7V6kGmLVa-26Us49kK3RNNAp7SHSPdtBUj3ds1YUzYdc2xOhha2bHHC9krjOSITKgt4E6GxhiXrkEM8BKjkdfUHP9-DMVpZhXX0ww00GNU5BcXzx8fIs2SOVVP37RO8nFEO_DXIQVOjx_4KIARlhnhUtjzn5yVYS5A5i0pTAUBasROu0jM1AYGgQEJLadFXyFre72z3PUS1Glbar0xoL-fgWF-AzNO6mHbZ89Zzr_OcQMKS1Cn21p6ZbvKA5y-H0zNLHf83_uMGhMDQS9gpbAK3CelUCDSFg1insCV5HFZSzm9KoXM9-YVxCvE4l146VrzZkooIJNjrgBAGABvjMiNHHpbHPI6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1987ylV7JaslEJG22zaLDIWdQZhw%2526client%253Dca-pub-1599777167715704%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc567bde2ce90dd90e0d3b0bd59021c45a440a12842354e0e026e4069352265b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 02:04:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1337727
cf-polished: qual=85, origFmt=jpeg, origSize=87097
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37370
cf-bgj: imgq:85,h2pri
last-modified: Tue, 27 Sep 2022 13:48:14 GMT
server: cloudflare
etag: "9a6129b7ff41e62364178396f58341a3"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L2gknSfbzwiYq%2B2t4iaeioNU4%2Fse5hRv%2B%2FMsF6nO2e2JKHM7rdnj5liozbl9Oj%2FINZ6zTt%2BF2naAxkMzSiBBISaW%2B0YEZwDnjBecCJZjum62YYHOGV88Id5tZCSk38D7ZWSabPFN9HgIrCXt"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 759cbdefffe1d71e-CDG
expires: Sat, 15 Oct 2022 02:04:01 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame B954 43 B
702 B 161ms
77ms Image
image/gif 23.205.253.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2993007&v=25911&q=423187&r=412871&pv=1&pref3=oneidbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJoneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.205.253.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-253-64.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 02:04:02 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 62ms
61ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022101101&jk=1725843925998771&bg=!PzylPHjNAAYeOJy_Pjg7ACkAdvg8Wvl2xkmnEqrtx1F1Ue0lpYGK1ot0gD9_LKCAIQwzk9BAYxSWdQIAAAGyUgAAAAloAQcKAM5xsjA_A10KorDDt11jrZhXpY9toJ6qxXIwXNg1UQwIgDIJca0IeA3ORTqhkALemySpBwQI-vA3L5mhRC7VuNHQZ37PCc5oClbcWPiMsyc40mBjaLQ2rGKaTKraGbASp72JE8QEjM0t9x0739utEp3dMfUXgzCKmomWmInOpDnCbaFwMdMT0_Bl-RtrNEyTNX8mHOL5p2AleanOLGRdldOaYQPNDSEtHcCXUJLHwvsh3pWHGLgiY3z0UiCU39TeOYlOOpIgXtycCdDzLEYx05kCmu3uXQjuClJV9E_6MdVFQXpcoH_4DUEsabCZqqILrKphX4ub44vcYQGtqfFY01ZQT44RfoPP1uqp2BrSUIiULpoiaXozZ8d_vykpDuo8_ONjbBPjAk6XbPwAuwxINbRfUXqr5WpL0El-m6yFqk2kvPMg-54w5Zkn32S1RW0Bv6_U5X4yLnolezvGxgE_lbDloUVTK_T2884VarSi0RU-ePVeKxTLbsvdjf4_fCzZVEJBEXTJ97eUZMmfDcILbGNOGcZaGDpjgmvlsCk8layM1VHVgrx3PSsmrncoXAwtOHLYOqJ2yWxkprqfYUsPy9p6HoQj2-0DVRo_T4r8TPIgGExC7_bHVO9P9UPv2lq3nRycU0tD6LQzdhqcg2KR70y0Ex8w6UKf0IkQ7JHke7GNHmPFYcUyjeGzPlRI-bS48UZoPoanIxCLGr7zhsg7pOOVG7WvciAumS2Sl0XpqPXkbAHZxJcUIpnWcwU6EIQOX7WHLUho2r0vPWagTAeBnzjPJ_wClqbW9kyGi_smNj0zHrSjwKBTKy4jL-maOxqGuf7x2Vh7unLB8-vcf7L1Dq9ZQ189bj6PR-68u0G53yqd29TdvhuIMIfIMRbzpuKxVcBUCq0uXRKyy8uuOJDf1yySpc-0zZORUgSo3SiNrtBfklRIB-IIhpq8Dk6zQO_EXa2cCoLFq9cBloo2ei8Lz0SQnYz9sDhGgkyg-gyL5AbxTMsXglutda4thIbQRGiIAcx_eUgcMsveGZD9inenxX8w6GlvNf3u4NWnIdUB9K0ZjrykOxaB5pXFDyLGwpP1UicE_WxEIr4VsfGhchM30utF4vb-yG5zCJM7gD09FM_cpJFIv7NyyW0VeV_4rXj4ptLXDylGJi-OT4N4XA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hometowin.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2A20 42 B
64 B 111ms
59ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstXpNH5vBHCisNIZTEcPOj0wxX8O9Lstm2HJNpkJcP8eF8EpkqTAWHwEyUDq_Puab6Yay76JbK06uwXs2Ot_UZ8Ok7h&sig=Cg0ArKJSzEUJX0-EuUSzEAE&cid=CAASF-Ro2-FHPwIgpjTSZpkKXtw0iNkPnoxl&id=lidar2&mcvt=1000&p=15,436,105,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1763073269&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665713041189&rpt=382&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 02:04:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

161 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
naviform.info/	1970-01-20 06:41:53	Name: PHPSESSID Value: f2cf660317e1dbfddfa5997297104824
.hometowin.ca/	1970-01-20 11:01:05	Name: optimizelyEndUserId Value: oeu1665713040000r0.042668907330380756
.hometowin.ca/	1970-01-20 11:01:05	Name: optimizelySegments Value: %7B%22355120346%22%3A%22gc%22%2C%22356040020%22%3A%22direct%22%2C%22356990014%22%3A%22false%22%2C%22868145723%22%3A%22none%22%2C%221416670936%22%3A%22true%22%7D
.hometowin.ca/	1970-01-20 11:01:05	Name: optimizelyBuckets Value: %7B%7D
.hometowin.ca/	1970-01-20 06:41:53	Name: optimizelyPendingLogEvents Value: %5B%5D
.hometowin.ca/	1970-01-20 16:17:53	Name: _ga Value: GA1.2.850242716.1665713040
.hometowin.ca/	1970-01-20 06:43:19	Name: _gid Value: GA1.2.702648131.1665713040
.hometowin.ca/	1970-01-20 06:41:53	Name: _gat Value: 1
.scorecardresearch.com/	1970-01-20 16:03:29	Name: UID Value: 15Bb372d687247d8870ef061665713040
.demdex.net/	1970-01-20 11:01:05	Name: demdex Value: 65937188998136662710074523577167349350
.hometowin.ca/	1969-12-31 23:59:59	Name: AMCVS_5F34123F5245B4A70A490D45%40AdobeOrg Value: 1
.hometowin.ca/	1970-01-20 08:51:29	Name: _fbp Value: fb.1.1665713040672.536442349
.hometowin.ca/	1970-01-20 16:17:53	Name: AMCV_5F34123F5245B4A70A490D45%40AdobeOrg Value: -1330315163%7CMCMID%7C66171455382260880750098384734871692082%7CMCAAMLH-1666317840%7C6%7CMCAAMB-1666317840%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1665720240s%7CNONE%7CMCAID%7CNONE
.hometowin.ca/	1969-12-31 23:59:59	Name: s_cc Value: true
.krxd.net/	1970-01-20 11:01:05	Name: _kuid_ Value: PIvW7oOq
.demdex.net/	1970-01-20 11:01:05	Name: dextp Value: 3-1-1665713040813\|771-1-1665713040826
.quantserve.com/	1970-01-20 16:12:07	Name: mc Value: 6348c390-db4da-1b66d-10a46
.hometowin.ca/	1970-01-20 16:06:21	Name: __qca Value: P0-1054542303-1665713040873
.dpm.demdex.net/	1970-01-20 11:01:05	Name: dpm Value: 65937188998136662710074523577167349350
.exelator.com/	1970-01-20 09:34:41	Name: EE Value: "5c1bb5352cc5ea75b7e2892ae4520135"
.exelator.com/	1970-01-20 09:34:41	Name: ud Value: "eJxrXxzq6XKLQcE02TApydTY1Cg52TQ10dw0yTzVyMLSKDHVxNTIwNDYdHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAbEl%252BUWb6IregxUUpaQyLSopPBR98JQcAli4qMg%253D%253D"
.doubleclick.net/	1970-01-20 16:03:29	Name: IDE Value: AHWqTUmmAsSz9P3iVYI_HhMx7qXTlvKHBXj_JYYycE0e_XxBjidNtDho3WAc1yx4JX0
.hometowin.ca/	1970-01-20 16:03:29	Name: __gads Value: ID=e3bf1abee2e87a9c:T=1665713040:S=ALNI_MbnaBC1FelK71BJKFvVInQbXSxe9A
.hometowin.ca/	1970-01-20 16:03:29	Name: __gpi Value: UID=00000b728426fa52:T=1665713040:RT=1665713040:S=ALNI_MYdgcTEPOevzk7tCqpqN-lHzJM_aQ
.adfarm1.adition.com/	1970-01-20 08:51:29	Name: UserID1 Value: 7154183035628484757
.360yield.com/	1970-01-20 08:51:29	Name: tuuid Value: 4b74c496-5ff3-4f40-93b8-081e38d30ac0
.360yield.com/	1970-01-20 08:51:29	Name: tuuid_lu Value: 1665713041
.adform.net/	1970-01-20 07:26:31	Name: C Value: 1
.w55c.net/	1970-01-20 16:12:07	Name: wfivefivec Value: uBlQpFjT1OJa3n5
.w55c.net/	1970-01-20 07:25:05	Name: matchgoogle Value: 5
.adform.net/	1970-01-20 08:08:17	Name: uid Value: 6047659504517179914
.metaffiliation.com/	1970-01-20 08:08:17	Name: neta_ssc Value: 1877f3xtmvc16b9m9xu7rxpi2k04
.metaffiliation.com/	1969-12-31 23:59:59	Name: netases_ssc Value: 1877f3xtmvc16b9m9xu7rxpi2k04
.metaffiliation.com/	1970-01-20 08:08:17	Name: kwknc_ssc Value: dp4e34356c8631d13-b25laWRZOGdVcmZaeGYxZXpzVkg5SGV0UXRZNkFDQVQxVDRwcGhyb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDYxX1RlY2g%3D
.metaffiliation.com/	1969-12-31 23:59:59	Name: kwkncses_ssc Value: dp4e34356c8631d13-b25laWRZOGdVcmZaeGYxZXpzVkg5SGV0UXRZNkFDQVQxVDRwcGhyb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDYxX1RlY2g%3D
.aircaraibes.com/	1970-01-20 08:08:17	Name: neta_ssc Value: c7cbf3xtmvc1p4kqrze8twh1jmqx
.aircaraibes.com/	1969-12-31 23:59:59	Name: netases_ssc Value: c7cbf3xtmvc1p4kqrze8twh1jmqx
.aircaraibes.com/	1970-01-20 08:08:17	Name: kwknc_ssc Value: dp51125b56c8632197-b25laWRwQVpUMWZNeEZtWmJydWtINEhtdHp0ZDFLYWdUUlRFWFhDRW9uZWlkX19zdWl0ZV9OZXRtaXhfUmVhY2g2MV9UZWNo
.aircaraibes.com/	1969-12-31 23:59:59	Name: kwkncses_ssc Value: dp51125b56c8632197-b25laWRwQVpUMWZNeEZtWmJydWtINEhtdHp0ZDFLYWdUUlRFWFhDRW9uZWlkX19zdWl0ZV9OZXRtaXhfUmVhY2g2MV9UZWNo
.awin1.com/	1970-01-20 06:44:45	Name: awpv25911 Value: 412871\|1665713042\|792f01d0-4b64-11ed-89a3-223851067267
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 423187:2993007
.lijit.com/	1970-01-20 15:27:29	Name: ljt_reader Value: FeicJGZHKDpiYM9ARxOpam4g

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

029ccae1a64d92623e6aa04cccdfdc70.safeframe.googlesyndication.com
action.metaffiliation.com
ad4m.at
adchoices.corusdigitaldev.com
adservice.google.com
adservice.google.fr
ajax.googleapis.com
ap.lijit.com
as.ad4m.at
assets.ad4m.at
assets.pinterest.com
beacon.krxd.net
c1.adform.net
cdn.krxd.net
cdn.optimizely.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
consumer.krxd.net
corus.demdex.net
dpm.demdex.net
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image6.pubmatic.com
img.metaffiliation.com
jpp.aircaraibes.com
load77.exelator.com
loadm.exelator.com
log.pinterest.com
match.360yield.com
maxcdn.bootstrapcdn.com
naviform.info
pagead2.googlesyndication.com
pixel.quantserve.com
pixel.rubiconproject.com
platform.twitter.com
pm.w55c.net
prod-rtb.ad4mat.net
px.moatads.com
rules.quantcount.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
shaw.demdex.net
smetrics.corus.ca
static-de.ad4mat.net
syndication.twitter.com
tpc.googlesyndication.com
videoplayer.smdg.ca
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.fr
www.googleadservices.com
www.googletagservices.com
www.hometowin.ca
z.moatads.com
104.244.42.136
108.138.17.54
13.32.121.74
13.32.99.105
142.250.181.226
15.188.95.229
151.101.128.84
151.101.194.133
151.101.2.133
172.217.23.98
18.66.97.21
185.64.190.78
192.229.220.129
2001:4de0:ac18::1:a:3b
23.205.253.64
23.35.237.151
2600:1901:0:76b9::
2600:9000:2057:8800:6:44e3:f8c0:93a1
2606:4700:20::681a:71b
2606:4700:20::681a:bd1
2606:4700:20::ac43:4a81
2606:4700::6812:bcf
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:800::2002
2a00:1450:4001:802::2004
2a00:1450:4001:803::2003
2a00:1450:4001:80b::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:811::200a
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a02:26f0:6c00:28b::1931
2a02:26f0:6c00:2a8::13b8
2a02:6ea0:c700::20
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.242.80.80
35.156.218.165
37.157.4.39
52.30.136.248
52.48.197.119
54.155.40.229
54.216.33.171
54.37.123.164
54.78.254.47
63.251.14.14
69.173.144.165
85.114.159.118
93.184.220.66
95.131.136.1
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
07004a25a64ed745d089d8386ff3641f4f7be7b21f60846237f7dcdf8eaa4dde
0adb253f1936a498f71414d7807eb2feb8fc7269a8eda6146ef73627aa0ea898
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba2b92f645a130f9665669d31d32057af09d18ac353ea9d56e057d7193482b8
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0f837a69a20e6f66ed1478571ccd0c1a335d6b40e7f3605319adc3c4fb716565
107eb8b3218160a0592ffab3a03e5be734749fa3f0abf84a1a154077b27b6569
109a3b79fc565c70004568e9c590d8a0db8f14e280d1d24492f4073c4c97ac87
11c0fbb05bb4a2101a230d4b7adf62f4df24b45a0eeb0c11e519cef1ae5e8f0c
11f5eeb12fded484e890acdb055f62191325aa3002370d8cfe9c81683030601e
1380c5812640f06b6fffe1d09e74f8e312413abae0690f4c00ad1424ac0bce55
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
1b64a1639679dcdd0fd1e2eab9d9bd8a126221b8dda16e6bef58c54ed18ddf66
1b978bda38401c89ef9c01e3eb01de3c7433e524f9f44e2cdb171c0928c251f2
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
21f07b6ea082b55aba2c2a591a736a703d5f9b0d7b454a79375ec636f32df344
222b3c2568f763ded5ef3e263af9d40b1505b467799df29045f489b9773b8691
246d287b4272dd0bafd02f6edda498e77173c956015dce0aca2b5887d6f64f4a
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2c47728aeb3a63114e20a04d0a758d133526f6bdc0160b64eddd5cbd60f92241
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
30a24bcc771a3c3b6b5f7e83a9effad604a4f01b8d447a96c101d919b85e6795
31dcb06768580e5d58ffc4395e7f62cad8c7ec757bbe678d1b10808444e7490c
32c66fe594c8b9dc7ea3362da8be093aa4d8c2c971b8f16531cc9c72974c4a19
34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
367aeb7b548cef94ec1936ec99554a8b91831d6d38c26f4d5f106cdd47db2a84
3bcf6f17d332714cf8d8ab79601b84ec177351cc920cb5af236506853b96836b
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9
3f9829c4ff570c637f2afa2c6b837b8b79382d4b001e90891f5d8f09a5b45b4d
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
40e05151590fdc01a16e813cdd0b44c12ff83584fa72f15cdf9fbf282067fcd1
41946f601ff85bdc525d67e1e644418081cbafbef24f47a4749a8e2079075e98
43415a151fb04dd779a6fa43f8bfb2ec6698957edb7a4f7530651e3bf61510cb
4358efb33aef01c70d4e685c6b92b7ba46b398dbbd2e1719fbd57b3d50b61730
44f327eeeb995eabd2810452b355ca82979280a4d7def1bd980d3897e6999af6
45bc75820c2292bf64b74af20b9785c4a053608816b7d0c05bdc968e8e9de805
4c6ed831f3a6f0df35a69e1c8124894500f80341a31657cfa8321db4995853b3
4e90e3c603ea102432c123af3bb79f9c8b09d24c098ed04329e0a0136a3b3998
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e0f8023c041a2e0c6033e50ff10bbce4348024a9a91e519c509622d976a1a2
55f2c6ff32b5baa4325b034c4562f84ceaf3fb122ef4b02b2d0873673ab8555a
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4
592212ae7e38efff429c4fbf0109e4f76c9581ded370cd5b4929a20df8190e37
599820fed434e54bb06de1b0ea3cb3e5b8b5f3bdcb1c5652c7eabfd9ae8c91cc
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5e1960e2965093c11b3e7285137bd33c551da5a17584b84fd665864df9dc80e9
5eb24576ec19626622b85979d943e8edbe256e8097fbf8529f924ff9e6afd284
5efed598d84227942fe0dc35a86d2385e0c044e8b9937bc977e149a212fbee88
603506996b902b8797cbc1dc4bf350440caad5c59feb97c39344fd7648403b5d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61f8962dc71851a9e0abdc652b0023761ca77fe827dcbf416327eb45b9d9def3
6662a88e91de4223a31c5ea17534f89906d0e40d33e5f07e84d5700b2836bbad
66b24eb77aabe2b1fffe8ba0aaec05db13f8e7f5710a52785d99f3b1136a567c
71f2940ec78bc4c5ff54c23fb9aa3faead0c28e69e0ab83c1998d21719a8b46f
733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a
73423969445cbc7c3b028f5cd89e2d32444dd6fcfa1a082121c68ea9ce3213f3
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
8275e03eb05dcf106398ba2a09daf898faa0634b5754981d1cce74371070784a
878305f1ee00940ce88748dbb9744c2131c2bd3c5d0a61f76ce01c939c590b48
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
9098d7ff9e02db978b70164b0082bdb14d306fba41f5e4d0f24ad314df3fe183
911fde8fbe0e113b6f3139d63f03804cbdff833d0229611b638b419b424b7456
9797ef746acff32e324a1f398a5237e4245f7247f5819f8cb89675ec487b0341
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a24af868772f38362b445b171f8aeaa5ba214f67b6150fa01606e7481abd5c2b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a68d0503c608c277de273b6284320200053761870d62c355a6b1a32807742b37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7976ded9e0ff2784e632e8562a7f92a0ff278df18272b7611026c38111e155b
b02cd5f37bae3e39a2ea7750e9a468a6ba7ea50f9f07ce049edce5f08ed5ecc3
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12
b81cc6d28cbf3df9c6127a05a865bef0842d917507cce946712974e748110957
b9b060fea5d40ed1a199f9ffec8eedb296149c1c5289e65818742d16f24f4dc4
bc567bde2ce90dd90e0d3b0bd59021c45a440a12842354e0e026e4069352265b
bc81cad8fe6658025ad98084d647a6a17ae63eaf4ffe6b31dcacd46f3beb56d4
bd2160022bb7349ed10885c4d75ec54dbfb240c7ad2ce00a603a3d087ef87f8f
bf4e84ac3d9e49aacb60658aea0a09a1ca8493d047bc2b82cd99d00909e29d3f
c8abb66fe5706e4dc89c5ed5ad20cdc2fabfc67f3615ce5dc6cce57f84777db4
cc36006da29e91c7058ef191e6b42baf9715a8277a4d4badcd3d503ce0624037
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0d3c462f6a42096b96a198c54ca91b6a81cf8a46a77347796dc774196494956
d1646bada4bc33af0799de13d75d5456e1dbbe8d59477073db01b1d8e8241afc
d44d37d3e369564eac72c6f2b303302a7a49e4e227440f293ee53a666c94f8b9
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f
dc3385d41c8e2dc3cebe6e96d70a078259df09e1da29fbc0d629193d0bb28081
dc9ff3f924e172487a894b096fc94dcc4e5d2dea9e33b20cd40a6d52596ddac0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5fcd47740334669e7dcb22ffafbd2a422e2325dd5f3a4d9ad0562fe28b948e8
e7a0a07ae4349e91e3ae79714b8e3a7978ee02888f599529d132f14117c02cf3
e7aaa31aec9d6a9f88c0af5d361aff3e7828ace0fb0c55ab35922025e12700b1
e8adfb6325b9f5e2692f750d016484c154ee4c0ef5fa804f511a5932683612ff
e8ca95bea0088adcca0e776307c22c9d9b3d2d34315ad8786dfa06fefdbc4ee2
e9fa8d78b8070bb6023378b3cfb6b8e897cdef2153dcc02e67b78ba3c61ad11b
ea0bfda3f5df6408eb356ccaa25142c34ab16a533a6bd7ec2006e64944ea3334
eae118aa11ef1c3f50c483cab76f5df624c8b7dbce1a8f91f377a863dc80c482
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4f69e0fe16a962370bebdc294d508bb95c0f95f7f78d144561c0ad05f75ba03

www.hometowin.ca Open in urlscan Pro 108.138.17.54 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

149 Requests

92 %HTTPS

48 %IPv6

40 Domains

60 Subdomains

49 IPs

7 Countries

2620 kBTransfer

5764 kBSize

42 Cookies

19 Outgoing links

Page URL History

Redirected requests

149 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.hometowin.ca Open in urlscan Pro
108.138.17.54 Public Scan

Screenshot
Live screenshot

Full Image

149
Requests

92 %
HTTPS

48 %
IPv6

40
Domains

60
Subdomains

49
IPs

7
Countries

2620 kB
Transfer

5764 kB
Size

42
Cookies

149 HTTP transactions
5 data transactions