o.canada.com Open in urlscan Pro
34.107.199.243  Public Scan

16 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

• https://x.bidswitch.net/sync?ssp=districtm&user_id=287fnFgg8X1AGx92e0t5oQLGsZI HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=districtm&user_id=287fnFgg8X1AGx92e0t5oQLGsZI HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=districtm&bsw_param=e82dbb22-fcaf-4109-b81f-8aaffdc64d5f&google_hm=ZTgyZGJiMjItZmNhZi00MTA5LWI4MWYtOGFhZmZkYzY0ZDVm HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm=&google_sc=&ssp=districtm&bsw_param=e82dbb22-fcaf-4109-b81f-8aaffdc64d5f&google_hm=ZTgyZGJiMjItZmNhZi00MTA5LWI4MWYtOGFhZmZkYzY0ZDVm&google_tc= HTTP 302
• https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESECcrFIhy6SgRqspny6jC7ts&google_cver=1&ssp=districtm&bsw_param=e82dbb22-fcaf-4109-b81f-8aaffdc64d5f HTTP 302
• https://dmx.districtm.io/s/10009/e82dbb22-fcaf-4109-b81f-8aaffdc64d5f

Request Chain 49

• https://districtm-match.dotomi.com/match/bounce/current?version=1&networkId=33921&nuid=287fnFgg8X1AGx92e0t5oQLGsZI&rurl=//dmx.us-east-33.districtm.io/s/10007/ HTTP 302
• https://districtm-match.dotomi.com/match/bounce/current?DotomiTest=7094b43ea7c11234&is_secure=true&version=1&networkId=33921&nuid=287fnFgg8X1AGx92e0t5oQLGsZI&rurl=%2F%2Fdmx.us-east-33.districtm.io%2Fs%2F10007%2F HTTP 302
• https://dmx.us-east-33.districtm.io/s/10007/AAAGdoWUyAeikANzYODoAAAAAAA&expiration=1650659109&nuid=287fnFgg8X1AGx92e0t5oQLGsZI&is_secure=true

Request Chain 50

• https://pixel.advertising.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
• https://pixel.advertising.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
• https://ups.analytics.yahoo.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP23d386d0-c1b1-11ec-aa0d-0ee9993b1ae5 HTTP 302
• https://ups.analytics.yahoo.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP23d386d0-c1b1-11ec-aa0d-0ee9993b1ae5&verify=true HTTP 302
• https://dmx.districtm.io/s/10051/y-m9kPULxE2uHGtrB.R8cwvSjLiHG.m_MF~A~UP23d386d0-c1b1-11ec-aa0d-0ee9993b1ae5

Request Chain 51

• https://match.prod.bidr.io/cookie-sync/districtm HTTP 303
• https://match.prod.bidr.io/cookie-sync/districtm?_bee_ppp=1 HTTP 303
• https://dmx.districtm.io/s/10025/AACVoU7Ew3sAADqTwS4sPw

Request Chain 52

• https://p.rfihub.com/cm?pub=36496&in=1 HTTP 302
• https://dmx.districtm.io/s/10056/1783777312433057177

Request Chain 59

• https://gum.criteo.com/sid/json?origin=publishertag&domain=canada.com&sn=ChromeSyncframe&so=0&topUrl=o.canada.com&cw=1&lsw=1 HTTP 302
• https://mug.criteo.com/sid?cpp=lfsSi3wxVlJlYUdTSmIvMzRlclhPODAzOHBHQzM3SHorQ3hqREZpTVpBY0tyRndTZGIxK3VDWTU5ZTBRQ1VqbmZZVmtXcmt5dDRaWDJWbU9JL2VOOFZTUk4xdzBxKzZNVlVZWTFJbUlNdDFseklHdVR0aU9ET0tSWkgwc0FRQWNZSVlLcjkyWFBBZHI3cjRFSnZFSjdMeXNZdEdFc3B6Ykc1c3E3OTRjdzJERnFna2ZUWFd4c1VVUlFNc2pQZHlsUlgycDJmY2ExR1pzRjhCMGk0VUt5KzNsOGZyckF0WnVRdWVoemh4bG0vYmt3MzdsOVBHWVhHSHRpajVwaER6d0xhRUF1K1U3ZFRZcFZETlBqNEtTOXNtTmtBZz09fA&cppv=2

Request Chain 89

• https://usermatch.krxd.net/um/v2?partner=google HTTP 302
• https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T3l0VGh2bmM HTTP 302
• https://beacon.krxd.net/usermatch.gif?google_gid=CAESEDpJ2lgt9SSW8Xj5_lH7388&google_cver=1

Request Chain 90

• https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T3l0VGh2bmM HTTP 302
• https://beacon.krxd.net/usermatch.gif?google_gid=CAESEDpJ2lgt9SSW8Xj5_lH7388&google_cver=1

Request Chain 92

• https://stags.bluekai.com/site/26357?id=OytThvnc&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOytThvnc%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID HTTP 302
• https://beacon.krxd.net/usermatch.gif?_kuid=OytThvnc&partner=bluekai&bk_uuid=$_BK_UUID

Request Chain 93

• https://sb.scorecardresearch.com/p?c1=9&c2=8188709&cs_xi=OytThvnc&rn=1650572710 HTTP 302
• https://sb.scorecardresearch.com/p2?c1=9&c2=8188709&cs_xi=OytThvnc&rn=1650572710

Request Chain 94

• https://sync-tm.everesttech.net/upi/pid/NC4WTmcy?redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner_id%3Dcb276571-e0d9-4438-9fd4-80a1ff034b01%26puid%3D%24%7BTM_USER_ID%7D HTTP 302
• https://sync-tm.everesttech.net/ct/upi/pid/NC4WTmcy?redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner_id%3Dcb276571-e0d9-4438-9fd4-80a1ff034b01%26puid%3D%24%7BTM_USER_ID%7D&_test=YmG9pgAKKgHg9wA- HTTP 302
• https://beacon.krxd.net/usermatch.gif?partner_id=cb276571-e0d9-4438-9fd4-80a1ff034b01&puid=YmG9pgAKKgHg9wA-&_test=YmG9pgAKKgHg9wA-

Request Chain 95

• https://ps.eyeota.net/match?bid=i0r4o4v&uid=OytThvnc HTTP 302
• https://ps.eyeota.net/match/bounce/?bid=i0r4o4v&uid=OytThvnc

Request Chain 96

• https://usermatch.krxd.net/um/v2?partner=beeswax HTTP 302
• https://match.prod.bidr.io/cookie-sync/krux?partner_user_id=OytThvnc HTTP 303
• https://beacon.krxd.net/usermatch.gif?partner=beeswax&partner_uid=AACVoU7Ew3sAADqTwS4sPw

Request Chain 97

• https://usermatch.krxd.net/um/v2?partner=mediamath HTTP 302
• https://sync.mathtag.com/sync/img?mt_exid=10031&mt_exuid=OytThvnc&redirect=https://beacon.krxd.net/usermatch.gif?partner%3Dmediamath%26partner_id%3D%5BMM_UUID%5D HTTP 302
• https://beacon.krxd.net/usermatch.gif?partner=mediamath&partner_id=a4df6261-bda6-4100-91e5-9e1e13c7178d

Request Chain 99

• https://usermatch.krxd.net/um/v2?partner=neustar HTTP 302
• https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=OytThvnc

Request Chain 100

• https://ssum-sec.casalemedia.com/usermatchredir?s=183716&cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__ HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__&s=183716&C=1 HTTP 302
• https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=YmG9ps95FZguH9VcbagZawAA%26500

Request Chain 101

• https://sync.srv.stackadapt.com/sync?nid=salesforce HTTP 302
• https://beacon.krxd.net/usermatch.gif?partner=stackadapt&partner_uid=okjR06OWTtddP_dXa7NitJU4mbQ

Request Chain 102

• https://usermatch.krxd.net/um/v2?partner=triplelift&gdpr=0&cmp_cs=&us_privacy=undefined HTTP 302
• https://eb2.3lift.com/xuid?mid=3587&xuid=OytThvnc&dongle=13b2&rdir=https://beacon.krxd.net/usermatch.gif?partner%3Dtriplelift%26partner_uid%3D$UID&gdpr=0&cmp_cs=&us_privacy=undefined HTTP 302
• https://eb2.3lift.com/xuid?ld=1&mid=3587&xuid=OytThvnc&dongle=13b2&gdpr=0&cmp_cs=&us_privacy=undefined&rdir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dtriplelift%26partner_uid%3D%24UID HTTP 302
• https://beacon.krxd.net/usermatch.gif?partner=triplelift&partner_uid=357312690691816319093

Request Chain 112

• https://ml314.com/csync.ashx?fp=OytThvnc&person_id=3626672078583234574&eid=748&return=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dmadisonlogic%26partner_uid%3D3626672078583234574 HTTP 302
• https://beacon.krxd.net/usermatch.gif?partner=madisonlogic&partner_uid=3626672078583234574

121 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response o.canada.com/terms-of-service/	223 KB 54 KB	101ms 17ms	Document text/html	34.107.199.243 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://o.canada.com/terms-of-service/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.199.243 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 243.199.107.34.bc.googleusercontent.com Software nginx/1.14.2 / Resource Hash eb92f02e6ef7fc1ebcae40390abc97f87554f021bf6564ee2ca9a73f9bd612d8 Security Headers Name Value Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-dynamic' 'unsafe-inline' data: blob: Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control max-age=300 content-encoding gzip content-security-policy default-src * 'unsafe-eval' 'unsafe-dynamic' 'unsafe-inline' data: blob: content-type text/html; charset=utf-8 date Thu, 21 Apr 2022 20:25:08 GMT expires Thu, 21 Apr 2022 19:54:45 GMT permissions-policy autoplay=(*), camera=(*), display-capture=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), microphone=(*), payment=(*) referrer-policy strict-origin-when-cross-origin server nginx/1.14.2 strict-transport-security max-age=31536000 vary Accept-Encoding Accept-Encoding via 1.1 google x-content-type-options nosniff x-frame-options SAMEORIGIN x-pmd-backend cheetah-nginx pmd-nginx-proxy-798b45f799-55gwq x-pmd-cache STALE
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	84 KB 29 KB	93ms 46ms	Script text/javascript	142.250.80.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: o.canada.com URL: https://o.canada.com/terms-of-service/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.80.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s34-in-f2.1e100.net Software sffe / Resource Hash 0e31e684fe563f2521b0e68e7f711527dd492adda820ec1e2582288fb0ac8af6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 20:25:09 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28697 x-xss-protection 0 server sffe etag "1193 / 934 of 1000 / last-modified: 1650569464" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Thu, 21 Apr 2022 20:25:09 GMT
GET H/1.1	200 OK	184635-232448041313322.js Show response js-sec.indexww.com/ht/p/	153 KB 42 KB	231ms 175ms	Script text/javascript	23.52.162.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://js-sec.indexww.com/ht/p/184635-232448041313322.js Requested by Host: o.canada.com URL: https://o.canada.com/terms-of-service/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-52-162-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash d86f3e9cc289a8baeafedc4d0b0f1f1f82c8a5a60320891f8163f2cb8aca7d58 Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Thu, 21 Apr 2022 20:25:09 GMT Content-Encoding gzip Last-Modified Thu, 21 Apr 2022 20:20:22 GMT Server Apache ETag "903b46-263fa-5dd2fd6e68135" Vary Accept-Encoding P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=3600 Transfer-Encoding chunked Connection keep-alive, Transfer-Encoding Accept-Ranges bytes Content-Type text/javascript Expires Thu, 21 Apr 2022 21:25:09 GMT
GET H2	200	publishertag.js Show response static.criteo.net/js/ld/	128 KB 42 KB	81ms 32ms	Script text/javascript	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.js Requested by Host: o.canada.com URL: https://o.canada.com/terms-of-service/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 3da55e568e702d556e38da13bc5c2d1454743bf4e41e7e9a83ff033d9b027472 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 20:25:09 GMT content-encoding gzip last-modified Tue, 05 Apr 2022 12:58:06 GMT server nginx etag W/"624c3cde-1feac" strict-transport-security max-age=31536000; preload; content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Fri, 22 Apr 2022 20:25:09 GMT
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	135 KB 37 KB	63ms 20ms	Script application/javascript	143.204.137.197 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: o.canada.com URL: https://o.canada.com/terms-of-service/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.137.197 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-137-197.ewr52.r.cloudfront.net Software Server / Resource Hash 06dac66f8ccb6659374711acb6acf073511421ff522d519cc1766746330679ad Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-amz-version-id 7yz_RBbUaUL.c9AHi_yCDNj.QPtoJsmz content-encoding gzip etag ae8d955adf98458335c127f4461070c2 age 84802 x-cache Hit from cloudfront server Server x-amz-rid 0VNCYY8F1699JYXJTFAA date Wed, 20 Apr 2022 20:51:48 GMT vary Accept-Encoding content-type application/javascript via 1.1 ac664c0310f2b9554aba4708107d094c.cloudfront.net (CloudFront) cache-control public, max-age=86400 x-amz-cf-pop EWR52-C2 accept-ranges bytes timing-allow-origin * x-amz-cf-id EKXWCbTdrFBVB2TEg-cZLN_Bc5iCCm75AG1ldTu86I9hCtaD1kBwSw==
GET H2	200	all.postmedia.js Show response hb.districtm.io/prod/100549/	36 KB 13 KB	102ms 59ms	Script application/javascript	104.16.68.69 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hb.districtm.io/prod/100549/all.postmedia.js Requested by Host: o.canada.com URL: https://o.canada.com/terms-of-service/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d5f7c1c0cbec2c27d4165db4cd06b7780f477fc9161008bde67c7a9d62b223aa Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 20:25:09 GMT via 1.1 957a0e737a088bdc07cb5cc9dcc9e826.cloudfront.net (CloudFront) cf-cache-status HIT age 6256 x-cache Miss from cloudfront cf-bgj minify content-encoding br last-modified Thu, 10 Dec 2020 10:37:54 GMT server cloudflare etag W/"5f2e83162e71fb84bb30df8f49e91eee" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=43200 x-amz-cf-pop EWR53-P1 cf-ray 6ff8d8e7cac08ca8-EWR x-amz-cf-id bFT4I-il0g34Vmaug37LHdj2gLNzmqX_Ynexnpd0hhpO4_cj828KOg== expires Fri, 22 Apr 2022 08:25:09 GMT
GET H/1.1	200 OK	iasPET.1.js Show response cdn.adsafeprotected.com/	22 KB 22 KB	59ms 20ms	Script application/javascript	99.84.118.65 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.adsafeprotected.com/iasPET.1.js Requested by Host: o.canada.com URL: https://o.canada.com/terms-of-service/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 99.84.118.65 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-118-65.ewr52.r.cloudfront.net Software AmazonS3 / Resource Hash 2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9 Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Wed, 20 Apr 2022 09:43:39 GMT Via 1.1 fe01b0d08a6c82e83617785283fae2da.cloudfront.net (CloudFront) Connection keep-alive Last-Modified Wed, 02 Jun 2021 17:38:57 GMT Server AmazonS3 Age 124891 ETag "51636de3ce868a2172f9e6996c2934e0" X-Cache Hit from cloudfront Content-Type application/javascript Cache-Control max-age=604800 X-Amz-Cf-Pop EWR52-C3 Accept-Ranges bytes Content-Length 22521 X-Amz-Cf-Id 9Rae7ob1XK1EeGnOkw8UfY4G7d90iA0Dv15LILmDuHx7iX_Ez_iRCA==
GET H2	200	css fonts.googleapis.com/	7 KB 1 KB	82ms 35ms	Stylesheet text/css	2607:f8b0:4006:81d::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap Requested by Host: o.canada.com URL: https://o.canada.com/terms-of-service/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 1cf9d1e0389ed5f4599437e64d4a8ca04c0de09517f407b07907a1a818c3e9c8 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 21 Apr 2022 18:50:13 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Thu, 21 Apr 2022 20:25:09 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 21 Apr 2022 20:25:09 GMT
GET H2	200	LoginRadiusV2.js Show response auth.lrcontent.com/v2/js/	199 KB 47 KB	58ms 23ms	Script application/javascript	2606:4700:10::6816:49e8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://auth.lrcontent.com/v2/js/LoginRadiusV2.js Requested by Host: o.canada.com URL: https://o.canada.com/terms-of-service/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:49e8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 68a335c0d87dce935fee1811892070e78c514828d50bfe2ae21fde739ec1002c Security Headers Name Value Strict-Transport-Security max-age= 63072000; includeSubdomains; preload Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 20:25:09 GMT via 1.1 c1c976b1b60b605adb44f62da9e0bb8a.cloudfront.net (CloudFront) vary Accept-Encoding cf-cache-status HIT age 6533 cf-polished origSize=1238069 x-cache Miss from cloudfront content-encoding gzip last-modified Mon, 13 Dec 2021 05:19:58 GMT server cloudflare etag W/"ae3463c4a59ae100b160ed4dd5dbf4b8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age= 63072000; includeSubdomains; preload content-type application/javascript cache-control max-age=14400 x-amz-cf-pop EWR52-C3 cf-ray 6ff8d8e7aa644bca-YUL x-amz-cf-id UKx_SLTr25mJR9OxZ3Jl1iZpjZMyCaPjbVBPFMpyn7yVrNt_E6CAIg== cf-bgj minify
GET H2	200	spm.v1.min.js Show response ak.sail-horizon.com/spm/	121 KB 43 KB	61ms 20ms	Script application/javascript	52.85.61.107 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ak.sail-horizon.com/spm/spm.v1.min.js Requested by Host: o.canada.com URL: https://o.canada.com/terms-of-service/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.61.107 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-61-107.ewr53.r.cloudfront.net Software AmazonS3 / Resource Hash d06ae5e97e495832fc4526c3e93d7e9440f1faf5f77669b41678c9d564a25faf Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 20:21:56 GMT content-encoding gzip last-modified Tue, 08 Jun 2021 04:22:34 GMT server AmazonS3 age 194 etag W/"b22b4f4738e8722be1636447be239da2" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 3c5c6d0ac004d7cc9b79e2835fc1f6a4.cloudfront.net (CloudFront) cache-control max-age=600; must-revalidate x-amz-cf-pop EWR53-P1 x-amz-cf-id eGy4aCnhGLQTmpeAUKx88YL4-2KChN-L0c5YI19sv4WaQgSOdgs5kg==
GET H2	200	fem.js Show response fem.prod.postmedia.digital/v56.0/	273 KB 81 KB	66ms 22ms	Script application/javascript	13.33.46.72 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fem.prod.postmedia.digital/v56.0/fem.js Requested by Host: o.canada.com URL: https://o.canada.com/terms-of-service/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.46.72 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-46-72.ewr52.r.cloudfront.net Software AmazonS3 / Resource Hash 86e237ed9b364112595b37d570824f5ef46d4617c47bb5471c269893e51d56d6 Request headers Referer https://o.canada.com/ Origin https://o.canada.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 19 Apr 2022 15:44:18 GMT content-encoding gzip vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method age 189652 x-cache Hit from cloudfront access-control-allow-origin * last-modified Mon, 11 Apr 2022 19:12:15 GMT server AmazonS3 etag W/"69a4b05a79afd607adcba34702035d9d" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/javascript via 1.1 27f5831be5a9ad411fca9c84fe627bdc.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop EWR52-C1 x-amz-cf-id O_PM0J2EprvxVlAeTp61Fj1nAdcN4kEgGfSCzHCt-UqIvX3TkP8Njg==
GET H2	200	icon-soc-fb.svg storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/images/share-icons/	775 B 1 KB	71ms 23ms	Image image/svg+xml	2607:f8b0:4006:80c::2010 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/images/share-icons/icon-soc-fb.svg Requested by Host: o.canada.com URL: https://o.canada.com/terms-of-service/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80c::2010 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash 40e562e806ce113ae7879d0dd76db82797b5c274794751c260381f2c8b283641 Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 19:25:55 GMT age 3554 x-guploader-uploadid ADPycdvVYObPzlCDXlVG07YTLXyDmiqdSDe3G0PSgYYlq7GhshKmMfgAHF2ioFajvzMIhzjHVRanOYVbE2egQY6gRjs_qqYTiV1d x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 775 last-modified Tue, 19 Apr 2022 15:48:17 GMT server UploadServer etag "993353c51244defcc16154eac23ff88d" x-goog-hash crc32c=Z/aKUg==, md5=mTNTxRJE3vzBYVTqwj/4jQ== x-goog-generation 1649968646270878 access-control-allow-origin * cache-control max-age=31536000 x-goog-stored-content-length 775 accept-ranges bytes content-type image/svg+xml expires Fri, 21 Apr 2023 19:25:55 GMT
GET H2	200	icon-soc-tw.svg storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/images/share-icons/	2 KB 2 KB	70ms 22ms	Image image/svg+xml	2607:f8b0:4006:80c::2010 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/images/share-icons/icon-soc-tw.svg Requested by Host: o.canada.com URL: https://o.canada.com/terms-of-service/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80c::2010 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash 975a64dc9bbc5e1884ba8ca2e76d9b2791d16d5c9f3619bf30477cd21a8636d2 Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 19:25:55 GMT age 3554 x-guploader-uploadid ADPycdsvo0uTY_r4hEYo-gE4061JFoKN834_yZj6C6dCW7eCrV3bxyw4pS-3H9YoMnzkKAT123AlSLFKi1kfkAsM8_pbyt_jB7Dl x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1698 last-modified Tue, 19 Apr 2022 15:48:16 GMT server UploadServer etag "df82c342c1176b84253c53e6e10eed05" x-goog-hash crc32c=cbPk0w==, md5=34LDQsEXa4QlPFPm4Q7tBQ== x-goog-generation 1649968645435080 access-control-allow-origin * cache-control max-age=31536000 x-goog-stored-content-length 1698 accept-ranges bytes content-type image/svg+xml expires Fri, 21 Apr 2023 19:25:55 GMT
GET H2	200	icon-soc-yt.svg storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/images/share-icons/	744 B 1 KB	70ms 21ms	Image image/svg+xml	2607:f8b0:4006:80c::2010 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/images/share-icons/icon-soc-yt.svg Requested by Host: o.canada.com URL: https://o.canada.com/terms-of-service/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80c::2010 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash 99394b0f6e9f0aefd71dd6a9ad59129ff7852e7734905bead2f2cec5789e3436 Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 19:27:59 GMT age 3430 x-guploader-uploadid ADPycdtgKrKHnfxx8L9SdnLZhj8RojpWxzF9_gGNB0dCc9Guyo-O9neUtQRDeFhf2bfyXx8Phg5RVuJ-Nismo730SYkjYT20pfSK x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 744 last-modified Tue, 19 Apr 2022 15:48:18 GMT server UploadServer etag "c7b3b346ada043e6e241bca3e7f698d0" x-goog-hash crc32c=8iXYKg==, md5=x7OzRq2gQ+biQbyj5/aY0A== x-goog-generation 1649968650517688 access-control-allow-origin * cache-control max-age=31536000 x-goog-stored-content-length 744 accept-ranges bytes content-type image/svg+xml expires Fri, 21 Apr 2023 19:27:59 GMT
GET H2	200	icon-soc-ig.svg storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/images/share-icons/	2 KB 2 KB	71ms 23ms	Image image/svg+xml	2607:f8b0:4006:80c::2010 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/images/share-icons/icon-soc-ig.svg Requested by Host: o.canada.com URL: https://o.canada.com/terms-of-service/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80c::2010 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash 179f43e8abd5e7bd49d05571dc29d22c9f5044eb17ca8253a49e3e28e716af61 Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 19:27:59 GMT age 3430 x-guploader-uploadid ADPycdtY9XkpqwkDBgcOruIiEMcmisqnVJ8DosX9RSD_msh0bRfmiN1Fx1D3HCDsJtX3Z-XJUQvsr5zyqzPi0mfqT-F0nfaO-BbY x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1898 last-modified Tue, 19 Apr 2022 15:48:15 GMT server UploadServer etag "cf38c08bd0b7e49f4550f048b7c4e2cf" x-goog-hash crc32c=bCiZ9w==, md5=zzjAi9C35J9FUPBIt8Tizw== x-goog-generation 1649968649782028 access-control-allow-origin * cache-control max-age=31536000 x-goog-stored-content-length 1898 accept-ranges bytes content-type image/svg+xml expires Fri, 21 Apr 2023 19:27:59 GMT
GET H2	200	shared.bfc093052de2.js Show response storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/CACHE/js/	24 KB 24 KB	68ms 19ms	Script application/javascript	2607:f8b0:4006:80c::2010 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/CACHE/js/shared.bfc093052de2.js Requested by Host: o.canada.com URL: https://o.canada.com/terms-of-service/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80c::2010 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash bfc093052de2b2dbe672ee2c69ff6199d8a31888dc4a6137a2a742f8aa79e963 Request headers Referer https://o.canada.com/ Origin https://o.canada.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 19:26:11 GMT age 3538 x-guploader-uploadid ADPycduIrYXWQrU_oxNqB0HLTGS0dmoWWP-FpGuFcgTS-RkVHiQMY2PWqfCZm8TsnFfoh16KHn__O50ykD3lbfQZY23jfNyJqdsk x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24310 last-modified Tue, 19 Apr 2022 15:58:10 GMT server UploadServer etag "7f0871dff900cfe03d63f3ffc25470a7" x-goog-hash crc32c=fPqPNA==, md5=fwhx3/kAz+A9Y/P/wlRwpw== x-goog-generation 1649969572084118 access-control-allow-origin * access-control-expose-headers Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control max-age=31536000 x-goog-stored-content-length 24310 accept-ranges bytes content-type application/javascript expires Fri, 21 Apr 2023 19:26:11 GMT
GET H2	200	main.a7af1e284075.js Show response storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/CACHE/js/	99 KB 99 KB	85ms 37ms	Script application/javascript	2607:f8b0:4006:80c::2010 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/CACHE/js/main.a7af1e284075.js Requested by Host: o.canada.com URL: https://o.canada.com/terms-of-service/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80c::2010 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash a7af1e284075e490e052157637cad3710458e67cb7ac48d53f712e68b3d76a22 Request headers Referer https://o.canada.com/ Origin https://o.canada.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 19:25:55 GMT age 3554 x-guploader-uploadid ADPycds9_bmytTN99H1vTJpH56zUczL0jLPeDRGckAwPnoc7Ht5VR_ep6KFvNKa-JrKs5wcrevLGq2k1TWdIy9RZXckZag x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 101397 last-modified Tue, 19 Apr 2022 15:58:11 GMT server UploadServer etag "b97fb4797c04f089cf85e787cefd3c5b" x-goog-hash crc32c=x19e3g==, md5=uX+0eXwE8InPheeHzv08Ww== x-goog-generation 1649969572650378 access-control-allow-origin * access-control-expose-headers Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control max-age=31536000 x-goog-stored-content-length 101397 accept-ranges bytes content-type application/javascript expires Fri, 21 Apr 2023 19:25:55 GMT
GET H2	200	advertising.js Show response www.npttech.com/	7 KB 3 KB	62ms 25ms	Script application/javascript	2606:4700:3032::ac43:bf95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.npttech.com/advertising.js Requested by Host: o.canada.com URL: https://o.canada.com/terms-of-service/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:bf95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 20:25:09 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1125 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id JNMEQGQ9NJ9E6X1S x-amz-id-2 fxImh/8M8kos4PfArLZQ66EMsMP9XUBIudAFPFkNaHH9tQrUf3+tzsmbOphXS4daZ7ig6eUbrKc= last-modified Wed, 19 Jun 2019 08:25:01 GMT server cloudflare etag W/"3d6f80c860866175f58a84bbbc9217c6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJas9QY2C0ONUzA2nAxLO83v0IXY0mQfauGg3ixx7L%2BnGdIEKPdU2V6YhNxub5gc3wdlOFQN3AB1ggde6WQNdYbfJCny3YwWKDxzFCOQasY068HfnRjhH1i3hZSAUZZFC5vMx99c5P347r%2B%2FK%2Fc%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=28800 x-amz-version-id hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w cf-ray 6ff8d8e83d3a7133-YUL
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v29/	15 KB 16 KB	66ms 19ms	Font font/woff2	2607:f8b0:4006:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://o.canada.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 15 Apr 2022 01:28:42 GMT x-content-type-options nosniff age 586587 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15828 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:28 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 15 Apr 2023 01:28:42 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v29/	15 KB 15 KB	52ms 24ms	Font font/woff2	2607:f8b0:4006:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://o.canada.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 19 Apr 2022 16:23:56 GMT x-content-type-options nosniff age 187273 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15688 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:19 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 19 Apr 2023 16:23:56 GMT
GET H2	200	xd.html Show response d395dw5zk780j2.cloudfront.net/v56.0/ Frame 87CE	167 B 509 B	58ms 17ms	Document text/html	2600:9000:2140:6c00:8:f216:eb80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d395dw5zk780j2.cloudfront.net/v56.0/xd.html Requested by Host: fem.prod.postmedia.digital URL: https://fem.prod.postmedia.digital/v56.0/fem.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2140:6c00:8:f216:eb80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5fdf5e0a79dca280250218280d513e55e5b585f612b126923756aaf7bea74b79 Request headers Referer https://o.canada.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes age 827980 cache-control max-age=31536000 content-length 167 content-type text/html date Tue, 12 Apr 2022 06:25:30 GMT etag "827f397695d8963bde0d548258df30e5" last-modified Mon, 11 Apr 2022 19:12:15 GMT server AmazonS3 via 1.1 bf5abe06e7e8ddc3963a0afd0a961f74.cloudfront.net (CloudFront) x-amz-cf-id s09vMKTOTiYSobcqUgwBwMVeFA3Dhm4uQzp09r0ojz2HHYQdKgCawA== x-amz-cf-pop EWR52-C1 x-cache Hit from cloudfront
OPTIONS H2	204	appInfo config.lrcontent.com/ciam/ Frame	0 0	59ms 33ms	Preflight	2606:4700:10::6816:49e8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:49e8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers x-requested-with Access-Control-Request-Method GET Origin https://o.canada.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers access-control-allow-headers x-requested-with access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin https://o.canada.com allow GET, OPTIONS cf-cache-status DYNAMIC cf-ray 6ff8d8e89eaa4bb8-YUL date Thu, 21 Apr 2022 20:25:09 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare vary Origin
GET H2	200	appInfo Show response config.lrcontent.com/ciam/	4 KB 1 KB	35ms 35ms	XHR application/json	2606:4700:10::6816:49e8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5 Requested by Host: auth.lrcontent.com URL: https://auth.lrcontent.com/v2/js/LoginRadiusV2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:49e8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bbe74c62945bca0d7d29f9784c7462326fb4f8100313f320468c67a947a267ad Request headers Referer https://o.canada.com/ X-Requested-With XMLHttpRequest accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 20:25:09 GMT content-encoding gzip cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE content-type application/json access-control-allow-origin https://o.canada.com cache-control max-age=86400 cf-ray 6ff8d8e8df114bb8-YUL
GET H2	200	8d5c0be52bb44eac633b.js Show response d395dw5zk780j2.cloudfront.net/v56.0/chunks/	3 KB 2 KB	49ms 18ms	Script application/javascript	2600:9000:2140:6c00:8:f216:eb80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d395dw5zk780j2.cloudfront.net/v56.0/chunks/8d5c0be52bb44eac633b.js Requested by Host: fem.prod.postmedia.digital URL: https://fem.prod.postmedia.digital/v56.0/fem.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2140:6c00:8:f216:eb80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f8b5b98fb22088795f8a5cc17ac968134ae8eb27cf86f9aefb829d41e1fc01be Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 06:25:30 GMT content-encoding gzip last-modified Mon, 11 Apr 2022 19:12:15 GMT server AmazonS3 age 827980 etag W/"f10cc5d5e3e2223a845e258218134283" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 bf5abe06e7e8ddc3963a0afd0a961f74.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop EWR52-C1 x-amz-cf-id ZMR9IFYk0pCTIskNyrz-S-08X2r_AzP1TmDQGJ-_LfCeoH7_Fh0C2w==
GET H2	200	ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 fonts.gstatic.com/s/robotocondensed/v25/	15 KB 15 KB	21ms 20ms	Font font/woff2	2607:f8b0:4006:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://o.canada.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 19 Apr 2022 22:19:25 GMT x-content-type-options nosniff age 165944 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15660 x-xss-protection 0 last-modified Tue, 19 Apr 2022 18:42:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 19 Apr 2023 22:19:25 GMT
GET H2	204	config Show response c.amazon-adsystem.com/cdn/prod/	0 308 B	21ms 21ms	XHR text/plain	143.204.137.197 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=3528&u=https%3A%2F%2Fo.canada.com Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.137.197 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-137-197.ewr52.r.cloudfront.net Software Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 15:31:47 GMT via 1.1 ac664c0310f2b9554aba4708107d094c.cloudfront.net (CloudFront) server Server age 17601 x-cache Hit from cloudfront access-control-allow-origin https://o.canada.com cache-control max-age=21550, s-maxage=21600 access-control-allow-credentials true x-amz-cf-pop EWR52-C2 x-amz-cf-id wkND7PdHG9pny92jIpo-y30PNrrnToR8Pb6QgZ0s81KgkHJokTqumA==
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	59ms 19ms	XHR application/javascript	143.204.137.197 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.137.197 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-137-197.ewr52.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 00:15:28 GMT content-encoding gzip vary Accept-Encoding,Origin age 72582 x-cache Hit from cloudfront access-control-allow-origin * last-modified Thu, 17 Mar 2022 02:21:48 GMT server AmazonS3 etag W/"a4d296427fc806b21335359e398c025c" access-control-max-age 3000 access-control-allow-methods GET x-amz-version-id khsXo6Z3HSo5bHNWbmb1eMp88IHhxPc. via 1.1 31b4da0406d8b733add8a3131335a500.cloudfront.net (CloudFront) cache-control public, max-age=86400 x-amz-cf-pop EWR52-C2 content-type application/javascript x-amz-cf-id fWIAWL-XTRziOvEkEqyGaihML6kn3_FcC20OMQ9wxB9gCinIUqEI5g==
GET H3	200	pubads_impl_2022041801.js Show response securepubads.g.doubleclick.net/gpt/	362 KB 123 KB	44ms 18ms	Script text/javascript	142.250.80.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.80.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s34-in-f2.1e100.net Software sffe / Resource Hash e79ff5fb403dfd221e1b8a531424bb7579536c61b54839ab8e77ba322a9b212a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 10:32:24 GMT content-encoding gzip x-content-type-options nosniff age 294765 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 125970 x-xss-protection 0 last-modified Mon, 18 Apr 2022 08:34:56 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Tue, 18 Apr 2023 10:32:24 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	215 B 152 B	64ms 37ms	XHR application/json	142.250.80.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=o.canada.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.80.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s34-in-f2.1e100.net Software cafe / Resource Hash a9e3dba2aa1a96b4df0f27bca97f817ba4783a895cee58607f9b9eda65d7d039 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers timing-allow-origin * date Thu, 21 Apr 2022 20:25:09 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 127 x-xss-protection 0 expires Thu, 21 Apr 2022 20:25:09 GMT
GET H2	200	index.html Show response cdn.districtm.io/ids/ Frame 9B95	116 B 316 B	41ms 40ms	Document text/html	104.16.68.69 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.districtm.io/ids/index.html Requested by Host: hb.districtm.io URL: https://hb.districtm.io/prod/100549/all.postmedia.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e Request headers Referer https://o.canada.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers age 80160 cf-cache-status DYNAMIC cf-ray 6ff8d8e95da88ca8-EWR content-encoding br content-type text/html date Thu, 21 Apr 2022 20:25:09 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" last-modified Thu, 20 May 2021 02:18:27 GMT server cloudflare vary Accept-Encoding via 1.1 a3553fd14d7dc73d33a5426ee64abf1c.cloudfront.net (CloudFront) x-amz-cf-id e_NU4YqYLZ0yNPZdOWjtwSU3ODiLR1QEktLJLxiZN32-GQxeawFoUg== x-amz-cf-pop PHL50-C1 x-cache Hit from cloudfront
POST H2	204	v1 Show response dmx.districtm.io/b/	0 202 B	69ms 67ms	XHR text/plain	104.16.68.69 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dmx.districtm.io/b/v1 Requested by Host: hb.districtm.io URL: https://hb.districtm.io/prod/100549/all.postmedia.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://o.canada.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Thu, 21 Apr 2022 20:25:09 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary origin, Accept-Encoding access-control-allow-methods OPTIONS, POST access-control-allow-origin https://o.canada.com access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains; preload cf-ray 6ff8d8e95da98ca8-EWR access-control-allow-headers origin, content-type
POST H2	204	v1 Show response dmx.districtm.io/b/	0 38 B	69ms 68ms	XHR text/plain	104.16.68.69 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dmx.districtm.io/b/v1 Requested by Host: hb.districtm.io URL: https://hb.districtm.io/prod/100549/all.postmedia.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://o.canada.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Thu, 21 Apr 2022 20:25:09 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary origin, Accept-Encoding access-control-allow-methods OPTIONS, POST access-control-allow-origin https://o.canada.com access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains; preload cf-ray 6ff8d8e95daa8ca8-EWR access-control-allow-headers origin, content-type
GET H2	200	xd.js Show response d395dw5zk780j2.cloudfront.net/v56.0/ Frame 87CE	36 KB 12 KB	21ms 19ms	Script application/javascript	2600:9000:2140:6c00:8:f216:eb80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d395dw5zk780j2.cloudfront.net/v56.0/xd.js Requested by Host: d395dw5zk780j2.cloudfront.net URL: https://d395dw5zk780j2.cloudfront.net/v56.0/xd.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2140:6c00:8:f216:eb80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash cf99d92a8013ff9e10a23176b5dccb8375bd02dbd4deb73e8482c22b5e22d744 Request headers accept-language en-CA,en;q=0.9 Referer https://d395dw5zk780j2.cloudfront.net/v56.0/xd.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 06:25:30 GMT content-encoding gzip last-modified Mon, 11 Apr 2022 19:12:15 GMT server AmazonS3 age 827980 etag W/"961a090e729bbf98305766f97e510224" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 bf5abe06e7e8ddc3963a0afd0a961f74.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop EWR52-C1 x-amz-cf-id Bx-UX7g4NpEfLOoEBHppLgDY-v6Dwct6ZgZB5sgBrsqgOh8vSFwtSw==
GET H3	200	bb441d432069977701460.js Show response storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/	7 KB 7 KB	53ms 26ms	Script application/javascript	2607:f8b0:4006:80c::2010 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/bb441d432069977701460.js Requested by Host: storage.googleapis.com URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/CACHE/js/shared.bfc093052de2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80c::2010 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash abcb7b0fd4d08ef06c1ce93f88750ba5cad340ae2f7254af8711b75d7567c429 Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 19:26:15 GMT age 3534 x-guploader-uploadid ADPycduo_hGLO0cvt53SgtLv3rWTrJmaM9q78OCpNi44qXNjzpg392lP0fLsNivpKJ62bYZ6UmDDiowVDCEKNpyrUELPbJGCc6OJ x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6786 last-modified Tue, 19 Apr 2022 15:54:32 GMT server UploadServer etag "6598d9092123769c0f06147cc367e79d" x-goog-hash crc32c=rPZatw==, md5=ZZjZCSEjdpwPBhR8w2fnnQ== x-goog-generation 1649969396484449 access-control-allow-origin * cache-control max-age=31536000 x-goog-stored-content-length 6786 accept-ranges bytes content-type application/javascript expires Fri, 21 Apr 2023 19:26:15 GMT
GET H3	200	d36ca6ec7863d36a800c21.js Show response storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/	10 KB 10 KB	48ms 22ms	Script application/javascript	2607:f8b0:4006:80c::2010 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/d36ca6ec7863d36a800c21.js Requested by Host: storage.googleapis.com URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/CACHE/js/shared.bfc093052de2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80c::2010 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash 34e9e99f036b499a93627f9d49594646260545f6ebaa660cd7b81d49982b48bd Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 19:26:15 GMT age 3534 x-guploader-uploadid ADPycduZzGLpGI7ruQTnvW1x6Sf_qddDYuPkiF7manzkgYS_gG42TYue5Lvticj3GKgyrFlBHco-Q9Xwkfn78kRUp38DWeJcNKfs x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10035 last-modified Tue, 19 Apr 2022 15:56:27 GMT server UploadServer etag "b90908ed75aa9d3f251241cc852728f5" x-goog-hash crc32c=dFX3Aw==, md5=uQkI7XWqnT8lEkHMhSco9Q== x-goog-generation 1649969459052798 access-control-allow-origin * cache-control max-age=31536000 x-goog-stored-content-length 10035 accept-ranges bytes content-type application/javascript expires Fri, 21 Apr 2023 19:26:15 GMT
GET H3	200	bdd029405c81b7549b531.js Show response storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/	15 KB 16 KB	54ms 28ms	Script application/javascript	2607:f8b0:4006:80c::2010 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/bdd029405c81b7549b531.js Requested by Host: storage.googleapis.com URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/CACHE/js/shared.bfc093052de2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80c::2010 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash b907a4645c6ff50b8e4bac06d98d03c2e2fb11282c8758a90fb32642082255c6 Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 19:29:21 GMT age 3348 x-guploader-uploadid ADPycdvoilSwrS9lWI8pzvNdyhnydTZ2RGEHqTPvab3SDav2pZoullF-IcjIc5RktBeNexknGcO6CLQiYgLa8_wxxuOc_YBc7nzj x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15859 last-modified Tue, 19 Apr 2022 15:52:57 GMT server UploadServer etag "1688f341b4de86a6075f59034c5abc25" x-goog-hash crc32c=bzY7wQ==, md5=FojzQbTehqYHX1kDTFq8JQ== x-goog-generation 1650383577341258 access-control-allow-origin * cache-control max-age=31536000 x-goog-stored-content-length 15859 accept-ranges bytes content-type application/javascript expires Fri, 21 Apr 2023 19:29:21 GMT
GET H3	200	7d0672b4b17ef21d640a2.js Show response storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/	50 KB 50 KB	79ms 53ms	Script application/javascript	2607:f8b0:4006:80c::2010 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/7d0672b4b17ef21d640a2.js Requested by Host: storage.googleapis.com URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/CACHE/js/shared.bfc093052de2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80c::2010 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash 9b9d16e4eb38f3b62a5a66b6b7652da069c41e608df26477b1dcee4152f820d8 Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 19:26:15 GMT age 3534 x-guploader-uploadid ADPycdtS0wFjfg24G6MJxdERuA1DbTeuxoYob4a1ALsWkb8DlA8tsxE9DiA2TwtQrjZT7ABlL66dnPaCmgusYm0BDqhHww x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 50945 last-modified Tue, 19 Apr 2022 15:54:35 GMT server UploadServer etag "577cf34d04d7a0d596aca7011e69f555" x-goog-hash crc32c=b4Kmpw==, md5=V3zzTQTXoNWWrKcBHmn1VQ== x-goog-generation 1649969217931272 access-control-allow-origin * cache-control max-age=31536000 x-goog-stored-content-length 50945 accept-ranges bytes content-type application/javascript expires Fri, 21 Apr 2023 19:26:15 GMT
GET H3	200	33d0e5b570a9541270f410.js Show response storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/	10 KB 10 KB	74ms 48ms	Script application/javascript	2607:f8b0:4006:80c::2010 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/33d0e5b570a9541270f410.js Requested by Host: storage.googleapis.com URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/CACHE/js/shared.bfc093052de2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80c::2010 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash c7b050f6c3726aea7b16cf1d3ec6dd6fe31382d20bb8c4e1f5178d8513a4e0cc Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 19:26:15 GMT age 3534 x-guploader-uploadid ADPycducDYf5kozfQMPaDg-F8JT1NbbBF4_5_5LJ9kNbb5HgWHEys6X_dMOHqg8-UZydBkB5qwesbjZ-DNwq-oVdRy93ZA x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10642 last-modified Tue, 19 Apr 2022 15:56:55 GMT server UploadServer etag "fe9745792209a5ac0d186c407d514090" x-goog-hash crc32c=wzD3QQ==, md5=/pdFeSIJpawNGGxAfVFAkA== x-goog-generation 1649969465849208 access-control-allow-origin * cache-control max-age=31536000 x-goog-stored-content-length 10642 accept-ranges bytes content-type application/javascript expires Fri, 21 Apr 2023 19:26:15 GMT
GET H3	200	98e96f7ceec5a9ee49f320.js Show response storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/	4 KB 4 KB	67ms 42ms	Script application/javascript	2607:f8b0:4006:80c::2010 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/98e96f7ceec5a9ee49f320.js Requested by Host: storage.googleapis.com URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/CACHE/js/shared.bfc093052de2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80c::2010 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash e94e6d0a088b0a061d180d095d10defaded5999df172e3a7494a313a448f5513 Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 19:26:15 GMT age 3534 x-guploader-uploadid ADPycds52M-KXau9XcBcbG8zNzve6DDiwKFfPClTVtRHK-3T4dD6KW4BCddIJHv3FrG46DTXt_4I8yAWWv4uqxe6RTlO3A x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4527 last-modified Tue, 19 Apr 2022 15:54:17 GMT server UploadServer etag "bfd5e2d5502802db1e7d67a0205dd6e6" x-goog-hash crc32c=Ol03wA==, md5=v9Xi1VAoAtsefWegIF3W5g== x-goog-generation 1649969456958859 access-control-allow-origin * cache-control max-age=31536000 x-goog-stored-content-length 4527 accept-ranges bytes content-type application/javascript expires Fri, 21 Apr 2023 19:26:15 GMT
GET H3	200	049fe9cf0ad83f36446e7.js Show response storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/	8 KB 8 KB	69ms 44ms	Script application/javascript	2607:f8b0:4006:80c::2010 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/049fe9cf0ad83f36446e7.js Requested by Host: storage.googleapis.com URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/CACHE/js/shared.bfc093052de2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80c::2010 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash 06db09952ea7c3b22578f98d78f7e459a6fc8a929dfd35107d98549f9b38eb11 Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 19:25:55 GMT age 3554 x-guploader-uploadid ADPycdsjxUfRX33pJWSY2gzvoENckfCv_ac6jEa7a9_RXHQsT7XBX2mhojIS3joBjnUEP7M5X5LaJixVIwuvspsHXLhlQbWvwKZJ x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7850 last-modified Tue, 19 Apr 2022 15:54:58 GMT server UploadServer etag "1dff48b4f84301780f1ebf3bf15b8020" x-goog-hash crc32c=jux7JA==, md5=Hf9ItPhDAXgPHr878VuAIA== x-goog-generation 1649969420536387 access-control-allow-origin * cache-control max-age=31536000 x-goog-stored-content-length 7850 accept-ranges bytes content-type application/javascript expires Fri, 21 Apr 2023 19:25:55 GMT
GET H3	200	545637e9e6ae55ee162c9.js Show response storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/	20 KB 20 KB	60ms 34ms	Script application/javascript	2607:f8b0:4006:80c::2010 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/545637e9e6ae55ee162c9.js Requested by Host: storage.googleapis.com URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/CACHE/js/shared.bfc093052de2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80c::2010 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash edcc72e58692cb93f0dad13f3776596f36f1e7d6d7a98f0994302b232da0e66a Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 19:25:55 GMT age 3554 x-guploader-uploadid ADPycdvlJOX9lzo4UUghFS1_l84AmbbighU-yPJz8_-xH57wcbDeSL6uVhiyzhvImFwU6Chhkx9C1h0ubDnJhhVCVUwB x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20411 last-modified Tue, 19 Apr 2022 15:53:16 GMT server UploadServer etag "f3ee24e5b882ba802058580c9fe75429" x-goog-hash crc32c=hQt4bg==, md5=8+4k5biCuoAgWFgMn+dUKQ== x-goog-generation 1649969243791048 access-control-allow-origin * cache-control max-age=31536000 x-goog-stored-content-length 20411 accept-ranges bytes content-type application/javascript expires Fri, 21 Apr 2023 19:25:55 GMT
GET H3	200	19902571f52cab897a3215.js Show response storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/	52 KB 52 KB	82ms 57ms	Script application/javascript	2607:f8b0:4006:80c::2010 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/19902571f52cab897a3215.js Requested by Host: storage.googleapis.com URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/CACHE/js/shared.bfc093052de2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80c::2010 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash 24feb80c51aed43a0c5c52126fb1feea57f3f695e7bfa2e234a94bcb10463696 Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 19:25:55 GMT age 3554 x-guploader-uploadid ADPycdsGuxvg7zn_t30qe-C1twXYgiLo6VnmhqhKuxLQ1l3VePR1bVJsGNn0I6BwJ05aEweMr9Iepc32nXSYtR7IYi3a1Q x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 52829 last-modified Tue, 19 Apr 2022 15:52:48 GMT server UploadServer etag "c5967b9463190e2aad66fc948c2f45b6" x-goog-hash crc32c=7mCLeA==, md5=xZZ7lGMZDiqtZvyUjC9Ftg== x-goog-generation 1649969387142713 access-control-allow-origin * cache-control max-age=31536000 x-goog-stored-content-length 52829 accept-ranges bytes content-type application/javascript expires Fri, 21 Apr 2023 19:25:55 GMT
GET H/1.1	200 OK	any Show response idx.liadm.com/idex/ie/	54 B 584 B	115ms 26ms	XHR application/json	34.198.184.125 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://idx.liadm.com/idex/ie/any Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.198.184.125 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-198-184-125.compute-1.amazonaws.com Software nginx/1.18.0 / Resource Hash 36c7ec620aa2bdab2185c44a2b8c8bf3ea3d6639510d81f83a5c885bb1219658 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://o.canada.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Thu, 21 Apr 2022 20:25:09 GMT Vary Origin Server nginx/1.18.0 Request-Time 2 Content-Type application/json Access-Control-Allow-Origin https://o.canada.com Connection keep-alive Access-Control-Allow-Credentials true Strict-Transport-Security max-age=31536000; includeSubDomains trace-id a7e00a4ec10be983 Content-Length 54
GET H2	200	rid Show response match.adsrvr.org/track/	109 B 541 B	77ms 25ms	XHR application/json	3.33.220.150 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=184635 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.33.220.150 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software / Resource Hash 5b610e36f9783974dba15f3e9db4be0eba3eb78e82740d216a86c85294889d25 Request headers Referer https://o.canada.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Thu, 21 Apr 2022 20:25:09 GMT x-aspnet-version 4.0.30319 vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://o.canada.com cache-control private access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept content-length 109 expires Sat, 21 May 2022 20:25:09 GMT
GET H/1.1	200 OK	login Show response postmedia.hub.loginradius.com/ssologin/	38 B 546 B	87ms 40ms	Fetch application/json	35.169.125.112 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://postmedia.hub.loginradius.com/ssologin/login Requested by Host: fem.prod.postmedia.digital URL: https://fem.prod.postmedia.digital/v56.0/fem.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 35.169.125.112 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-169-125-112.compute-1.amazonaws.com Software nginx / Resource Hash f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://o.canada.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 content-type application/json Response headers Date Thu, 21 Apr 2022 20:25:09 GMT Server nginx Strict-Transport-Security max-age=31536000; includeSubDomains; preload Access-Control-Allow-Methods HEAD,GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE Content-Type application/json Access-Control-Allow-Origin https://o.canada.com X-LoginRadius-Server Primary - IDX - AWS Access-Control-Allow-Credentials true Connection keep-alive X-Server ms_idx_primary Content-Length 38
OPTIONS H/1.1	204 No Content	login postmedia.hub.loginradius.com/ssologin/ Frame	0 0	81ms 30ms	Preflight	35.169.125.112 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://postmedia.hub.loginradius.com/ssologin/login Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 35.169.125.112 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-169-125-112.compute-1.amazonaws.com Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://o.canada.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers content-type Access-Control-Allow-Methods HEAD,GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE Access-Control-Allow-Origin https://o.canada.com Connection keep-alive Date Thu, 21 Apr 2022 20:25:09 GMT Server nginx Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-LoginRadius-Server Primary - IDX - AWS X-Server ms_idx_primary
GET H2	200	idsync.d5cb6b96.js Show response cdn.districtm.io/ids/ Frame 9B95	3 KB 2 KB	39ms 39ms	Script application/javascript	104.16.68.69 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.districtm.io/ids/idsync.d5cb6b96.js Requested by Host: cdn.districtm.io URL: https://cdn.districtm.io/ids/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50 Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.districtm.io/ids/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 20:25:09 GMT via 1.1 fb134201578e9706e0dd8abdab0f2abf.cloudfront.net (CloudFront) cf-cache-status HIT age 133733 cf-polished origSize=3302 x-cache Miss from cloudfront cf-bgj minify content-encoding br last-modified Thu, 20 May 2021 02:18:27 GMT server cloudflare etag W/"74ede07ef946dc2316f86b2661cf2dd3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=172800 x-amz-cf-pop JFK51-C1 cf-ray 6ff8d8e9df038ca8-EWR x-amz-cf-id eAFQyvDpP0PzfMELvLEVR-hml06ux82vdQ9KWW3mKynTylzMM2bdbw== expires Sat, 23 Apr 2022 20:25:09 GMT
GET H2	200	buyers Show response dmx.districtm.io/s/v1/ Frame 9B95	578 B 762 B	68ms 67ms	XHR application/json	104.16.68.69 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dmx.districtm.io/s/v1/buyers Requested by Host: cdn.districtm.io URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 015b53fc09e4a9b7fce76975688c0dd908582e63cd22ea84c79b5af199e4f94e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.districtm.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 20:25:09 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods DELETE, GET, OPTIONS, POST content-type application/json access-control-allow-origin https://cdn.districtm.io access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains; preload cf-ray 6ff8d8ea1f878ca8-EWR access-control-allow-headers Origin, Content-Type
GET H2	200	syncframe Show response gum.criteo.com/ Frame 948A	13 KB 5 KB	73ms 25ms	Document text/html	2620:100:a001::c AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertag&topUrl=o.canada.com Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software / Resource Hash ae22c6869c91312b5361930ac0e1cff89cb54b6a3eec5d7bc4a913e8831b1028 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://o.canada.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers cache-control private, max-age=3600 content-encoding gzip content-length 5134 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Thu, 21 Apr 2022 20:25:09 GMT server-processing-duration-in-ticks 2249 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	e82dbb22-fcaf-4109-b81f-8aaffdc64d5f Show response dmx.districtm.io/s/10009/ Frame 9B95 Redirect Chain https://x.bidswitch.net/sync?ssp=districtm&user_id=287fnFgg8X1AGx92e0t5oQLGsZI https://x.bidswitch.net/ul_cb/sync?ssp=districtm&user_id=287fnFgg8X1AGx92e0t5oQLGsZI https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=districtm&bsw_param=e82dbb22-fcaf-4109-b81f-8aaffdc64d5f&google_hm=ZTgyZGJiMjItZmNhZi00MTA5LWI4MWYtOGFhZmZkYzY0ZDVm https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm=&google_sc=&ssp=districtm&bsw_param=e82dbb22-fcaf-4109-b81f-8aaffdc64d5f&google_hm=ZTgyZGJiMjItZmNhZi00MTA5LWI4MWYtOGFhZmZkYzY0... https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESECcrFIhy6SgRqspny6jC7ts&google_cver=1&ssp=districtm&bsw_param=e82dbb22-fcaf-4109-b81f-8aaffdc64d5f https://dmx.districtm.io/s/10009/e82dbb22-fcaf-4109-b81f-8aaffdc64d5f	92 B 162 B	59ms 59ms	Script application/javascript	104.16.68.69 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dmx.districtm.io/s/10009/e82dbb22-fcaf-4109-b81f-8aaffdc64d5f Protocol H2 Server 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cc6f1ecdaffb9867bfb3e858042176ce769561cde97fe32319e254f0710578a7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.districtm.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br cf-cache-status DYNAMIC server cloudflare date Thu, 21 Apr 2022 20:25:10 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 cf-ray 6ff8d8eddf578ca8-EWR Redirect headers Location //dmx.districtm.io/s/10009/e82dbb22-fcaf-4109-b81f-8aaffdc64d5f Date Thu, 21 Apr 2022 20:25:09 GMT Cache-Control no-cache, no-store, must-revalidate Server nginx Connection keep-alive Content-Length 0
GET H2	200	AAAGdoWUyAeikANzYODoAAAAAAA&expiration=1650659109&nuid=287fnFgg8X1AGx92e0t5oQLGsZI&is_secure=true Show response dmx.us-east-33.districtm.io/s/10007/ Frame 9B95 Redirect Chain https://districtm-match.dotomi.com/match/bounce/current?version=1&networkId=33921&nuid=287fnFgg8X1AGx92e0t5oQLGsZI&rurl=//dmx.us-east-33.districtm.io/s/10007/ https://districtm-match.dotomi.com/match/bounce/current?DotomiTest=7094b43ea7c11234&is_secure=true&version=1&networkId=33921&nuid=287fnFgg8X1AGx92e0t5oQLGsZI&rurl=%2F%2Fdmx.us-east-33.districtm.io%... https://dmx.us-east-33.districtm.io/s/10007/AAAGdoWUyAeikANzYODoAAAAAAA&expiration=1650659109&nuid=287fnFgg8X1AGx92e0t5oQLGsZI&is_secure=true	153 B 291 B	132ms 37ms	Script application/javascript	35.231.227.177 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://dmx.us-east-33.districtm.io/s/10007/AAAGdoWUyAeikANzYODoAAAAAAA&expiration=1650659109&nuid=287fnFgg8X1AGx92e0t5oQLGsZI&is_secure=true Protocol H2 Server 35.231.227.177 North Charleston, United States, ASN15169 (GOOGLE, US), Reverse DNS 177.227.231.35.bc.googleusercontent.com Software / Resource Hash eadcda11a77df7d202fe8f50edb1dd3fee8a4db7d5992838b805031636b6c717 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.districtm.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 20:25:09 GMT content-length 153 strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 Redirect headers pragma no-cache date Thu, 21 Apr 2022 20:25:09 GMT server nginx p3p policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP" location //dmx.us-east-33.districtm.io/s/10007/AAAGdoWUyAeikANzYODoAAAAAAA&expiration=1650659109&nuid=287fnFgg8X1AGx92e0t5oQLGsZI&is_secure=true cache-control no-cache, private, max-age=0, no-store content-length 0 expires 0
GET H2	200	y-m9kPULxE2uHGtrB.R8cwvSjLiHG.m_MF~A~UP23d386d0-c1b1-11ec-aa0d-0ee9993b1ae5 Show response dmx.districtm.io/s/10051/ Frame 9B95 Redirect Chain https://pixel.advertising.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true https://pixel.advertising.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&verify=true https://ups.analytics.yahoo.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP23d386d0-c1b1-11ec-aa0d-0ee9993b1ae5 https://ups.analytics.yahoo.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP23d386d0-c1b1-11ec-aa0d-0ee9993b1ae5&verify=true https://dmx.districtm.io/s/10051/y-m9kPULxE2uHGtrB.R8cwvSjLiHG.m_MF~A~UP23d386d0-c1b1-11ec-aa0d-0ee9993b1ae5	131 B 176 B	63ms 62ms	Script application/javascript	104.16.68.69 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dmx.districtm.io/s/10051/y-m9kPULxE2uHGtrB.R8cwvSjLiHG.m_MF~A~UP23d386d0-c1b1-11ec-aa0d-0ee9993b1ae5 Protocol H2 Server 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccbfb2c83196b45137cd5263f811c7f46fe5829db2816f387f6cb54ae761637d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.districtm.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br cf-cache-status DYNAMIC server cloudflare date Thu, 21 Apr 2022 20:25:09 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 cf-ray 6ff8d8ec5c308ca8-EWR Redirect headers location https://dmx.districtm.io/s/10051/y-m9kPULxE2uHGtrB.R8cwvSjLiHG.m_MF~A~UP23d386d0-c1b1-11ec-aa0d-0ee9993b1ae5 date Thu, 21 Apr 2022 20:25:09 GMT server ATS/9.1.0.46 age 0 content-length 0 strict-transport-security max-age=31536000 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H2	200	AACVoU7Ew3sAADqTwS4sPw Show response dmx.districtm.io/s/10025/ Frame 9B95 Redirect Chain https://match.prod.bidr.io/cookie-sync/districtm https://match.prod.bidr.io/cookie-sync/districtm?_bee_ppp=1 https://dmx.districtm.io/s/10025/AACVoU7Ew3sAADqTwS4sPw	78 B 132 B	67ms 65ms	Script application/javascript	104.16.68.69 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dmx.districtm.io/s/10025/AACVoU7Ew3sAADqTwS4sPw Protocol H2 Server 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ee38322f0a466054508e935af2511176d7fbdc39d7fea28fc0a3118599342a39 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.districtm.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br cf-cache-status DYNAMIC server cloudflare date Thu, 21 Apr 2022 20:25:09 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 cf-ray 6ff8d8ebbaf18ca8-EWR Redirect headers location https://dmx.districtm.io/s/10025/AACVoU7Ew3sAADqTwS4sPw Date Thu, 21 Apr 2022 20:25:09 GMT Server nginx Connection keep-alive Content-Length 0 strict-transport-security max-age=2592000; includeSubDomains
GET H2	200	1783777312433057177 Show response dmx.districtm.io/s/10056/ Frame 9B95 Redirect Chain https://p.rfihub.com/cm?pub=36496&in=1 https://dmx.districtm.io/s/10056/1783777312433057177	75 B 155 B	66ms 64ms	Script application/javascript	104.16.68.69 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dmx.districtm.io/s/10056/1783777312433057177 Protocol H2 Server 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a349d04ce86d092cc6885209b2c9c2baf542a43916f6b451b19fbc127a63b9c1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.districtm.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br cf-cache-status DYNAMIC server cloudflare date Thu, 21 Apr 2022 20:25:09 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 cf-ray 6ff8d8eb29c48ca8-EWR Redirect headers Location https://dmx.districtm.io/s/10056/1783777312433057177 Date Thu, 21 Apr 2022 20:25:09 GMT Server Jetty(9.3.29.v20201019) Content-Length 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	gtm.js Show response www.googletagmanager.com/	113 KB 35 KB	108ms 57ms	Script application/javascript	2607:f8b0:4006:80d::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WC74WBX&l=dataLayer Requested by Host: fem.prod.postmedia.digital URL: https://fem.prod.postmedia.digital/v56.0/fem.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80d::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 249faa90c86b76bb0b47544093fa55436c6315ce70df8a2516fc6125bc0e35bd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 20:25:09 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36201 x-xss-protection 0 last-modified Thu, 21 Apr 2022 20:06:58 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 21 Apr 2022 20:25:09 GMT
GET H2	200	beacon.js Show response sb.scorecardresearch.com/	1 KB 1 KB	56ms 19ms	Script application/javascript	13.33.46.48 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sb.scorecardresearch.com/beacon.js Requested by Host: fem.prod.postmedia.digital URL: https://fem.prod.postmedia.digital/v56.0/fem.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.46.48 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-46-48.ewr52.r.cloudfront.net Software AmazonS3 / Resource Hash a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79 Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 08:32:23 GMT content-encoding gzip etag W/"1827f116c73f319409b97f10b8a58ade" last-modified Fri, 26 Feb 2021 14:35:05 GMT server AmazonS3 age 42784 x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 caeaab1dec28e8247466740025a521a6.cloudfront.net (CloudFront) x-amz-cf-pop EWR52-C1 x-amz-cf-id uJ92O58G2wyjhVNj02bFIZFil2b3p9aCKLuicZDqI9fnU_WrB49nVA==
GET H2	200	mparticle.js Show response jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/	184 KB 48 KB	36ms 10ms	Script application/javascript	2a04:4e42:600::645 FASTLY
General Check archive.org Show headers Download Go to Full URL https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js Requested by Host: fem.prod.postmedia.digital URL: https://fem.prod.postmedia.digital/v56.0/fem.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Kestrel / Resource Hash e5888d09417b9ed66594c53074ffd494c506d1f642c617f958777179ef06bf23 Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 20:25:09 GMT via 1.1 varnish, 1.1 varnish server Kestrel age 287 x-origin-name fastlyshield--shield_ssl_cache_iad_kjyo7100159_IAD x-served-by cache-iad-kjyo7100159-IAD, cache-yul12828-YUL vary Accept, Accept-Encoding x-cache HIT, HIT content-type application/javascript content-encoding gzip cache-control public, max-age=3600 accept-ranges bytes x-timer S1650572710.579052,VS0,VE0 content-length 48607 x-cache-hits 1, 46
GET H2	200	uep04wp3s.js Show response cdn.krxd.net/controltag/	29 KB 7 KB	40ms 11ms	Script text/javascript	151.101.2.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.krxd.net/controltag/uep04wp3s.js Requested by Host: fem.prod.postmedia.digital URL: https://fem.prod.postmedia.digital/v56.0/fem.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.2.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 0abcd97f1c3ea08ef675d53a2756a5340e05e20a022c749edd9f76fbf478ebe8 Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-cdn-backend 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod date Thu, 21 Apr 2022 20:25:09 GMT via 1.1 varnish, 1.1 varnish age 1062 x-cache MISS, HIT, HIT x-app-cache HIT x-age 0 content-encoding gzip content-length 6649 x-served-by config-service-a004-ash-prod.krxd.net, cache-iad-kiad7000107-IAD, cache-yul12829-YUL x-response-time 1 x-do-esi esi x-timer S1650572710.584881,VS0,VE1 etag "0038f593d0df6695d1be7f074950b4eb9828e6ec" vary Accept-Encoding content-type text/javascript; charset=utf-8 cache-control public, max-age=1200 accept-ranges bytes x-cache-hits 0, 2, 1
GET H2	200	gtm.js Show response www.googletagmanager.com/	118 KB 36 KB	77ms 34ms	Script application/javascript	2607:f8b0:4006:80d::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer Requested by Host: fem.prod.postmedia.digital URL: https://fem.prod.postmedia.digital/v56.0/fem.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80d::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 114a501c8ed1a01813d7fbc9df3dbffa7bba1fdae31a27243b3b7f8d3371c69f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 20:25:09 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36737 x-xss-protection 0 last-modified Thu, 21 Apr 2022 20:06:58 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 21 Apr 2022 20:25:09 GMT
GET H2	200	23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js Show response 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/	246 KB 68 KB	54ms 29ms	Script application/javascript	2606:4700::6812:551 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js Requested by Host: fem.prod.postmedia.digital URL: https://fem.prod.postmedia.digital/v56.0/fem.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:551 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2ad02e4a6cca7ca570c447fefe0d5c6c98cf28c7ff362ecd0bdcee4505084b8c Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 20:25:09 GMT content-encoding br cf-cache-status HIT x-goog-meta-oid 23dc09d6-b664-425a-a76e-0eed6a6cc102 age 2382 x-guploader-uploadid ADPycdt0w35uc84EcEGJvm_1B875vcS22C_WD0SpyYZkJffoLvgvONvIPa6nRZBbx1lum9WBMqCTdLC0ogmGa8MA7zOwxPEshxVM x-goog-storage-class REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip content-type application/javascript last-modified Thu, 21 Apr 2022 16:45:19 GMT server cloudflare etag W/"741cf44af5e65269225167697dbce59c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-goog-hash crc32c=ywvHVA==, md5=dBz0SvXmUmkiUWdpfbzlnA== x-goog-generation 1650559519338668 cache-control public, max-age=900 x-goog-stored-content-length 71150 cf-ray 6ff8d8eaea5e4bb8-YUL expires Thu, 21 Apr 2022 20:40:09 GMT
GET H2	200	sid Show response mug.criteo.com/ Frame 948A Redirect Chain https://gum.criteo.com/sid/json?origin=publishertag&domain=canada.com&sn=ChromeSyncframe&so=0&topUrl=o.canada.com&cw=1&lsw=1 https://mug.criteo.com/sid?cpp=lfsSi3wxVlJlYUdTSmIvMzRlclhPODAzOHBHQzM3SHorQ3hqREZpTVpBY0tyRndTZGIxK3VDWTU5ZTBRQ1VqbmZZVmtXcmt5dDRaWDJWbU9JL2VOOFZTUk4xdzBxKzZNVlVZWTFJbUlNdDFseklHdVR0aU9ET0tSWkgwc0...	430 B 636 B	77ms 26ms	Fetch application/json	74.119.119.139 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=lfsSi3wxVlJlYUdTSmIvMzRlclhPODAzOHBHQzM3SHorQ3hqREZpTVpBY0tyRndTZGIxK3VDWTU5ZTBRQ1VqbmZZVmtXcmt5dDRaWDJWbU9JL2VOOFZTUk4xdzBxKzZNVlVZWTFJbUlNdDFseklHdVR0aU9ET0tSWkgwc0FRQWNZSVlLcjkyWFBBZHI3cjRFSnZFSjdMeXNZdEdFc3B6Ykc1c3E3OTRjdzJERnFna2ZUWFd4c1VVUlFNc2pQZHlsUlgycDJmY2ExR1pzRjhCMGk0VUt5KzNsOGZyckF0WnVRdWVoemh4bG0vYmt3MzdsOVBHWVhHSHRpajVwaER6d0xhRUF1K1U3ZFRZcFZETlBqNEtTOXNtTmtBZz09fA&cppv=2 Protocol H2 Server 74.119.119.139 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software / Resource Hash fd4c8f599b8f202d18eeb4544aee6f0b4d9763d4e3931fea61a9347aa794fa5d Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-CA,en;q=0.9 Referer https://gum.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Thu, 21 Apr 2022 20:25:09 GMT content-encoding gzip vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://gum.criteo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 5299 strict-transport-security max-age=31536000; preload; expires 0 Redirect headers pragma no-cache date Thu, 21 Apr 2022 20:25:08 GMT strict-transport-security max-age=31536000; preload; content-type text/html; charset=utf-8 location https://mug.criteo.com/sid?cpp=lfsSi3wxVlJlYUdTSmIvMzRlclhPODAzOHBHQzM3SHorQ3hqREZpTVpBY0tyRndTZGIxK3VDWTU5ZTBRQ1VqbmZZVmtXcmt5dDRaWDJWbU9JL2VOOFZTUk4xdzBxKzZNVlVZWTFJbUlNdDFseklHdVR0aU9ET0tSWkgwc0FRQWNZSVlLcjkyWFBBZHI3cjRFSnZFSjdMeXNZdEdFc3B6Ykc1c3E3OTRjdzJERnFna2ZUWFd4c1VVUlFNc2pQZHlsUlgycDJmY2ExR1pzRjhCMGk0VUt5KzNsOGZyckF0WnVRdWVoemh4bG0vYmt3MzdsOVBHWVhHSHRpajVwaER6d0xhRUF1K1U3ZFRZcFZETlBqNEtTOXNtTmtBZz09fA&cppv=2 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 1874 content-length 541 expires 0
GET H2	200	controltag.js.f5d7048d3841bccb4f5d92333c20b066 Show response cdn.krxd.net/ctjs/	259 KB 83 KB	11ms 11ms	Script application/javascript	151.101.2.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.krxd.net/ctjs/controltag.js.f5d7048d3841bccb4f5d92333c20b066 Requested by Host: cdn.krxd.net URL: https://cdn.krxd.net/controltag/uep04wp3s.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.2.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash c22fbbe4bf63288095e3c83d2858a1f4b65b1acdc77ac28785824b184953f0d4 Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-cdn-backend 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3 date Thu, 21 Apr 2022 20:25:09 GMT content-encoding gzip age 1758126 x-amz-server-side-encryption AES256 x-cache HIT x-cache-hits 519626 content-length 84741 x-served-by cache-yul12829-YUL last-modified Fri, 01 Apr 2022 11:47:20 GMT x-timer S1650572710.602329,VS0,VE0 etag "f5d7048d3841bccb4f5d92333c20b066" content-type application/javascript via 1.1 varnish cache-control public, max-age=315360000 accept-ranges bytes expires Mon, 29 Mar 2032 11:47:19 GMT
OPTIONS H2	204	identify identity.mparticle.com/v1/ Frame	0 0	37ms 10ms	Preflight	2a04:4e42:400::645 FASTLY
General Check archive.org Show headers Download Go to Full URL https://identity.mparticle.com/v1/identify Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=900 Request headers Accept */* Access-Control-Request-Headers content-type,x-mp-key Access-Control-Request-Method POST Origin https://o.canada.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers accept-ranges bytes access-control-allow-headers content-type,x-mp-key access-control-allow-methods POST access-control-allow-origin * age 3271 date Thu, 21 Apr 2022 20:25:09 GMT server Kestrel strict-transport-security max-age=900 via 1.1 varnish x-cache HIT x-cache-hits 1852 x-origin-name 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin x-served-by cache-yul12824-YUL x-timer S1650572710.639507,VS0,VE0
POST H2	200	identify Show response identity.mparticle.com/v1/	175 B 277 B	42ms 42ms	XHR application/json	2a04:4e42:400::645 FASTLY
General Check archive.org Show headers Download Go to Full URL https://identity.mparticle.com/v1/identify Requested by Host: jssdkcdns.mparticle.com URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Kestrel / Resource Hash 0f9e7a3a14ae544da25fa19ddf9f62dfb242a3df9f477f760e2f794a2676ee43 Security Headers Name Value Strict-Transport-Security max-age=900 Request headers x-mp-key us1-99b65fde89a1a145894d2d51d283cc83 Referer https://o.canada.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type application/json Response headers date Thu, 21 Apr 2022 20:25:09 GMT content-encoding gzip server Kestrel x-timer S1650572710.651279,VS0,VE31 x-origin-name 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin x-served-by cache-yul12824-YUL vary Accept-Encoding x-cache MISS content-type application/json; charset=utf-8 access-control-allow-origin * strict-transport-security max-age=900 accept-ranges bytes via 1.1 varnish x-cache-hits 0
GET H2	200	pxid Show response 23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/	46 B 390 B	143ms 95ms	XHR application/json	35.241.9.51 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/pxid?k=21ec23a2-b38a-456e-b801-e5877a041482 Requested by Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 51.9.241.35.bc.googleusercontent.com Software Permutive / Resource Hash e76a5ca0e2edbd05a75b14c85e9c261062e799a5541dbe7c1247ea6e81a68d28 Request headers Referer https://o.canada.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 content-type text/plain Response headers date Thu, 21 Apr 2022 20:25:09 GMT content-encoding gzip server Permutive vary Origin content-type application/json access-control-allow-origin https://o.canada.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 66 via 1.1 google
GET H/1.1	200 OK	getuidj Show response ib.adnxs.com/	11 B 700 B	60ms 23ms	XHR application/json	68.67.179.164 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/getuidj Requested by Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 68.67.179.164 Secaucus, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.21.3 / Resource Hash 31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://o.canada.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 content-type text/plain Response headers Pragma no-cache Date Thu, 21 Apr 2022 20:25:09 GMT X-Proxy-Origin 149.56.153.180; 149.56.153.180; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com AN-X-Request-Uuid ca10f90f-1dbd-4f46-8c93-ca012c6be292 Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://o.canada.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 11 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	geoip Show response api.permutive.com/v2.0/	229 B 358 B	120ms 96ms	XHR application/json	34.107.254.252 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=21ec23a2-b38a-456e-b801-e5877a041482 Requested by Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 252.254.107.34.bc.googleusercontent.com Software Permutive / Resource Hash 989d94d8baba214a6dcc1ba6795c35dc9ce9cf94863248b8970cd8e864674347 Request headers Referer https://o.canada.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 content-type text/plain Response headers date Thu, 21 Apr 2022 20:25:09 GMT content-encoding gzip server Permutive vary Origin content-type application/json access-control-allow-origin https://o.canada.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 166 via 1.1 google
GET BLOB	200 OK	c8fb5c85-5ff7-4ab0-adb2-aae9ef3f4604 https://o.canada.com/	52 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://o.canada.com/c8fb5c85-5ff7-4ab0-adb2-aae9ef3f4604 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 5eb247d50c79ece9c00d0c3206421e426500f567f8ec8465e66bb073ec5a7d42 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Content-Length 53731
GET BLOB	200 OK	de39d941-69fe-41d3-bc6a-4b8c79cc0fad https://o.canada.com/	19 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://o.canada.com/de39d941-69fe-41d3-bc6a-4b8c79cc0fad Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 87c55c63c2e41506556db72938b07312d1a8e3ccf4da4024fa4bea6b2147c31d Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Content-Length 19782
GET H2	200	proxy.3d2100fd7107262ecb55ce6847f01fa5.html Show response cdn.krxd.net/partnerjs/xdi/ Frame 24C7	805 B 827 B	10ms 10ms	Document text/html	151.101.2.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html Requested by Host: cdn.krxd.net URL: https://cdn.krxd.net/ctjs/controltag.js.f5d7048d3841bccb4f5d92333c20b066 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.2.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9 Request headers Referer https://o.canada.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes age 27423229 cache-control public, max-age=315360000 content-encoding gzip content-length 525 content-type text/html date Thu, 21 Apr 2022 20:25:09 GMT etag "3d2100fd7107262ecb55ce6847f01fa5" expires Fri, 19 Feb 2027 17:50:50 GMT last-modified Tue, 21 Feb 2017 17:50:54 GMT p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" vary Accept-Encoding via 1.1 varnish x-cache HIT x-cache-hits 163367 x-cdn-backend 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3 x-served-by cache-yul12829-YUL x-timer S1650572710.704029,VS0,VE0
GET H2	200	optout_check Show response beacon.krxd.net/	63 B 223 B	93ms 24ms	Script text/javascript	3.89.214.221 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://beacon.krxd.net/optout_check?callback=Krux.ns.postmedia.kxjsonp_optOutCheck Requested by Host: cdn.krxd.net URL: https://cdn.krxd.net/ctjs/controltag.js.f5d7048d3841bccb4f5d92333c20b066 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.89.214.221 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-89-214-221.compute-1.amazonaws.com Software / Resource Hash 68910a4e5f85bcaf85782e3e6779e311e94ebff60a39fc8df48c5b1b071e05ea Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 20:25:09 GMT cache-control private, max-age=0, s-max-age=0 x-request-time D=38 t=1650572709 x-served-by beacon-n037-ash-prod.krxd.net content-type text/javascript
GET H2	200	42fb57ac-2013-45a6-8dad-332d53e17c1b Show response consumer.krxd.net/consent/get/	239 B 431 B	36ms 10ms	Script text/javascript	151.101.66.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://consumer.krxd.net/consent/get/42fb57ac-2013-45a6-8dad-332d53e17c1b?idt=device&dt=kxcookie&callback=Krux.ns.postmedia.kxjsonp_consent_get_0 Requested by Host: cdn.krxd.net URL: https://cdn.krxd.net/ctjs/controltag.js.f5d7048d3841bccb4f5d92333c20b066 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.66.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 8ddf9e8fa96d1bbbeaf292ca94fc082dde61e4a6be90c87f8b2609fd88edbd4d Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 20:25:09 GMT via 1.1 varnish age 13 x-served-by consumer-a012-ash-prod.krxd.net, cache-yul12832-YUL vary Accept-Encoding x-cache MISS, HIT content-type text/javascript; charset=UTF-8 content-encoding gzip cache-control max-age=1800 x-age 0 accept-ranges bytes x-timer S1650572710.787405,VS0,VE0 content-length 193 x-cache-hits 0, 1
GET H3	200	gtm.js Show response www.googletagmanager.com/	78 KB 31 KB	83ms 41ms	Script application/javascript	2607:f8b0:4006:80d::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NHPWKCD&l=gtm_data_layer Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80d::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 79e246f648a9fa78f330bb2c76e1c850e004b6d777fbeb3d9e82601fa114d0c6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 20:25:09 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31559 x-xss-protection 0 last-modified Thu, 21 Apr 2022 19:36:06 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 21 Apr 2022 20:25:09 GMT
GET H3	200	gtm.js Show response www.googletagmanager.com/	239 KB 70 KB	78ms 38ms	Script application/javascript	2607:f8b0:4006:80d::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80d::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 8613493336c4799556e357bea5aa46cbc06af8b708d0578683a8c252d7b1e066 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 20:25:09 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 71586 x-xss-protection 0 last-modified Thu, 21 Apr 2022 20:06:58 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 21 Apr 2022 20:25:09 GMT
OPTIONS H2	204	identify identity.mparticle.com/v1/ Frame	0 0	11ms 10ms	Preflight	2a04:4e42:400::645 FASTLY
General Check archive.org Show headers Download Go to Full URL https://identity.mparticle.com/v1/identify Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=900 Request headers Accept */* Access-Control-Request-Headers content-type,x-mp-key Access-Control-Request-Method POST Origin https://o.canada.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers accept-ranges bytes access-control-allow-headers content-type,x-mp-key access-control-allow-methods POST access-control-allow-origin * age 3272 date Thu, 21 Apr 2022 20:25:09 GMT server Kestrel strict-transport-security max-age=900 via 1.1 varnish x-cache HIT x-cache-hits 1853 x-origin-name 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin x-served-by cache-yul12824-YUL x-timer S1650572710.780051,VS0,VE0
POST H2	200	identify Show response identity.mparticle.com/v1/	175 B 228 B	56ms 55ms	XHR application/json	2a04:4e42:400::645 FASTLY
General Check archive.org Show headers Download Go to Full URL https://identity.mparticle.com/v1/identify Requested by Host: jssdkcdns.mparticle.com URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Kestrel / Resource Hash 3c11c6f55e96763acc4c95cf7569684775cf3f3efc16e2b6402e4b3a65226145 Security Headers Name Value Strict-Transport-Security max-age=900 Request headers x-mp-key us1-99b65fde89a1a145894d2d51d283cc83 Referer https://o.canada.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type application/json Response headers date Thu, 21 Apr 2022 20:25:09 GMT content-encoding gzip server Kestrel x-timer S1650572710.792413,VS0,VE44 x-origin-name 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin x-served-by cache-yul12824-YUL vary Accept-Encoding x-cache MISS content-type application/json; charset=utf-8 access-control-allow-origin * strict-transport-security max-age=900 accept-ranges bytes via 1.1 varnish x-cache-hits 0
GET H2	200	uep04wp3s.js Show response cdn.krxd.net/controltag/ Frame 24C7	29 KB 7 KB	12ms 11ms	Script text/javascript	151.101.2.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.krxd.net/controltag/uep04wp3s.js Requested by Host: cdn.krxd.net URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.2.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 0abcd97f1c3ea08ef675d53a2756a5340e05e20a022c749edd9f76fbf478ebe8 Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-cdn-backend 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod date Thu, 21 Apr 2022 20:25:09 GMT via 1.1 varnish, 1.1 varnish age 1062 x-cache MISS, HIT, HIT x-app-cache HIT x-age 0 content-encoding gzip content-length 6649 x-served-by config-service-a004-ash-prod.krxd.net, cache-iad-kiad7000107-IAD, cache-yul12829-YUL x-response-time 1 x-do-esi esi x-timer S1650572710.788007,VS0,VE0 etag "0038f593d0df6695d1be7f074950b4eb9828e6ec" vary Accept-Encoding content-type text/javascript; charset=utf-8 cache-control public, max-age=1200 accept-ranges bytes x-cache-hits 0, 2, 2
POST H3	200	identify Show response api.permutive.com/v2.0/	50 B 88 B	126ms 103ms	XHR application/json	34.107.254.252 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://api.permutive.com/v2.0/identify?k=21ec23a2-b38a-456e-b801-e5877a041482 Requested by Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 252.254.107.34.bc.googleusercontent.com Software Permutive / Resource Hash 1bc3dc4ee7e46e3d9370a747b51a104e2b116667877b170b0cd49552ae74871d Request headers Referer https://o.canada.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 content-type text/plain Response headers date Thu, 21 Apr 2022 20:25:09 GMT content-encoding gzip server Permutive vary Origin content-type application/json access-control-allow-origin https://o.canada.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 70 via 1.1 google
GET H2	200	42fb57ac-2013-45a6-8dad-332d53e17c1b Show response consumer.krxd.net/consent/get/	239 B 293 B	11ms 10ms	Script text/javascript	151.101.66.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://consumer.krxd.net/consent/get/42fb57ac-2013-45a6-8dad-332d53e17c1b?idt=device&dt=kxcookie&callback=Krux.ns.postmedia.kxjsonp_consent_get_1 Requested by Host: cdn.krxd.net URL: https://cdn.krxd.net/ctjs/controltag.js.f5d7048d3841bccb4f5d92333c20b066 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.66.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash ad27e9e87b75a750b0bd9d26576b3d356ce2478183947309b853103631284c84 Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 20:25:09 GMT via 1.1 varnish age 13 x-served-by consumer-a001-ash-prod.krxd.net, cache-yul12832-YUL vary Accept-Encoding x-cache MISS, HIT content-type text/javascript; charset=UTF-8 content-encoding gzip cache-control max-age=1800 x-age 0 accept-ranges bytes x-timer S1650572710.829354,VS0,VE0 content-length 194 x-cache-hits 0, 1
GET H2	200	controltag.js.f5d7048d3841bccb4f5d92333c20b066 Show response cdn.krxd.net/ctjs/ Frame 24C7	259 KB 83 KB	12ms 12ms	Script application/javascript	151.101.2.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.krxd.net/ctjs/controltag.js.f5d7048d3841bccb4f5d92333c20b066 Requested by Host: cdn.krxd.net URL: https://cdn.krxd.net/controltag/uep04wp3s.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.2.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash c22fbbe4bf63288095e3c83d2858a1f4b65b1acdc77ac28785824b184953f0d4 Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-cdn-backend 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3 date Thu, 21 Apr 2022 20:25:09 GMT content-encoding gzip age 1758127 x-amz-server-side-encryption AES256 x-cache HIT x-cache-hits 519627 content-length 84741 x-served-by cache-yul12829-YUL last-modified Fri, 01 Apr 2022 11:47:20 GMT x-timer S1650572710.834528,VS0,VE0 etag "f5d7048d3841bccb4f5d92333c20b066" content-type application/javascript via 1.1 varnish cache-control public, max-age=315360000 accept-ranges bytes expires Mon, 29 Mar 2032 11:47:19 GMT
GET H2	200	get Show response cdn.krxd.net/userdata/	322 B 454 B	16ms 16ms	Script text/javascript	151.101.2.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.krxd.net/userdata/get?pub=42fb57ac-2013-45a6-8dad-332d53e17c1b&technographics=1&callback=Krux.ns.postmedia.kxjsonp_userdata Requested by Host: cdn.krxd.net URL: https://cdn.krxd.net/ctjs/controltag.js.f5d7048d3841bccb4f5d92333c20b066 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.2.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 28cc80ac3045d5b4a7ffbbbfeea8b2f4cbe6ef69b751cdfb825b237013a55368 Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-cdn-backend 4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2 date Thu, 21 Apr 2022 20:25:09 GMT content-encoding gzip age 13 x-served-by userdata-a010-ash-prod.krxd.net, cache-yul12829-YUL vary Accept-Encoding x-cache MISS, HIT content-type text/javascript via 1.1 varnish cache-control private, max-age=3600 x-age 0 accept-ranges bytes x-timer S1650572710.835461,VS0,VE0 content-length 249 x-cache-hits 0, 1
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	99 KB 27 KB	57ms 18ms	Script application/x-javascript	2a03:2880:f012:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: o.canada.com URL: https://o.canada.com/terms-of-service/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 26311 x-xss-protection 0 pragma public x-fb-debug Yaf7qeSowbJM/vGsRs9+Z6/cOaejrcxCCw34yE1M9KMA5kG44rYwqfTaNkpcEDm45FMV5mXbYmM/3OeXwa/QHA== x-fb-trip-id 1512268381 x-frame-options DENY cross-origin-opener-policy same-origin-allow-popups cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Thu, 21 Apr 2022 20:25:09 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	42fb57ac-2013-45a6-8dad-332d53e17c1b Show response consumer.krxd.net/consent/get/ Frame 24C7	224 B 303 B	31ms 31ms	Script text/javascript	151.101.66.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://consumer.krxd.net/consent/get/42fb57ac-2013-45a6-8dad-332d53e17c1b?idt=device&dt=kxcookie&callback=Krux.ns.postmedia.kxjsonp_consent_get_0 Requested by Host: cdn.krxd.net URL: https://cdn.krxd.net/ctjs/controltag.js.f5d7048d3841bccb4f5d92333c20b066 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.66.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash b1d5c2e258e5fe7eca41b388d6293629d6261d6ddda4f37f3867bab9f9cd4381 Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.krxd.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 20:25:09 GMT via 1.1 varnish age 0 x-served-by consumer-a002-ash-prod.krxd.net, cache-yul12832-YUL vary Accept-Encoding x-cache MISS, MISS content-type text/javascript; charset=UTF-8 content-encoding gzip cache-control max-age=1800 x-age 0 accept-ranges bytes x-timer S1650572710.883988,VS0,VE21 content-length 185 x-cache-hits 0, 0
GET H3	200	js Show response www.googletagmanager.com/gtag/	167 KB 61 KB	42ms 41ms	Script application/javascript	2607:f8b0:4006:80d::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-CBS6P3K53Q&l=gtm_data_layer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80d::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 09ef349896678b7dc146bdd548350efc706175c92d36c758d5560ae878525b7f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 20:25:09 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 62703 x-xss-protection 0 expires Thu, 21 Apr 2022 20:25:09 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	65ms 19ms	Script text/javascript	2607:f8b0:4006:822::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 5867 date Thu, 21 Apr 2022 18:47:22 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Thu, 21 Apr 2022 20:47:22 GMT
GET H2	200	p.js Show response cdn.parsely.com/keys/o.canada.com/	56 KB 21 KB	73ms 23ms	Script application/javascript	99.84.112.62 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.parsely.com/keys/o.canada.com/p.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.112.62 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-112-62.ewr52.r.cloudfront.net Software nginx / Resource Hash b1999e376b9efaf872e3076f9a9f4d7e7f2af4d20238a553a99ce6f6c8a86cd1 Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma public date Thu, 21 Apr 2022 00:38:56 GMT content-encoding gzip last-modified Fri, 29 Oct 2021 18:49:12 GMT server nginx age 71173 etag W/"617c4228-df40" x-cache Hit from cloudfront content-type application/javascript via 1.1 b9e793c57a48521c3ff94fb625d228a0.cloudfront.net (CloudFront) cache-control max-age=86400, public x-amz-cf-pop EWR52-C3 x-amz-cf-id 71fZ6aUQvpQoNxR9AMJuAeAUyu7t4TEkgYv5E6hi5-w18UfccZRc_g== expires Fri, 22 Apr 2022 00:38:56 GMT
GET H3	200	1685973801652415 Show response connect.facebook.net/signals/config/	308 KB 88 KB	43ms 22ms	Script application/x-javascript	2a03:2880:f012:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1685973801652415?v=2.9.57&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 5b6a197fb2868e493c28a9b59660289216fee9ecfcafcfa1660ec4189219cef3 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 89833 x-xss-protection 0 pragma public x-fb-debug U9pPFP+9SxQmyjvGlqSe2aqPGGfO+FO/FCwRSqSzRgj2kO65ve0sbRBdhCjIv035csoYaxyXADY2MubJnm4lNw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Thu, 21 Apr 2022 20:25:09 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
POST H3	200	tpd Show response api.permutive.com/v2.0/	2 B 39 B	110ms 96ms	XHR application/json	34.107.254.252 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://api.permutive.com/v2.0/tpd?k=21ec23a2-b38a-456e-b801-e5877a041482 Requested by Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 252.254.107.34.bc.googleusercontent.com Software Permutive / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers Referer https://o.canada.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 content-type text/plain Response headers date Thu, 21 Apr 2022 20:25:10 GMT content-encoding gzip server Permutive vary Origin content-type application/json access-control-allow-origin https://o.canada.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 22 via 1.1 google
POST H2	204	users Show response dmx.districtm.io/s/v1/ Frame 9B95	0 628 B	68ms 66ms	XHR text/plain	104.16.68.69 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dmx.districtm.io/s/v1/users Requested by Host: cdn.districtm.io URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://cdn.districtm.io/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type application/json Response headers date Thu, 21 Apr 2022 20:25:10 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods DELETE, GET, OPTIONS, POST access-control-allow-origin https://cdn.districtm.io access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains; preload cf-ray 6ff8d8edef898ca8-EWR access-control-allow-headers Origin, Content-Type
OPTIONS H2	204	users dmx.districtm.io/s/v1/ Frame	0 0	104ms 63ms	Preflight	104.16.68.69 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dmx.districtm.io/s/v1/users Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://cdn.districtm.io Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Origin, Content-Type access-control-allow-methods DELETE, GET, OPTIONS, POST access-control-allow-origin https://cdn.districtm.io access-control-max-age 14400 cf-cache-status DYNAMIC cf-ray 6ff8d8ed893b32fa-EWR date Thu, 21 Apr 2022 20:25:10 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept-Encoding
GET H2	204	usermatch.gif beacon.krxd.net/ Frame 24C7 Redirect Chain https://usermatch.krxd.net/um/v2?partner=google https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T3l0VGh2bmM https://beacon.krxd.net/usermatch.gif?google_gid=CAESEDpJ2lgt9SSW8Xj5_lH7388&google_cver=1	0 336 B	24ms 24ms	Image text/plain	3.89.214.221 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?google_gid=CAESEDpJ2lgt9SSW8Xj5_lH7388&google_cver=1 Protocol H2 Server 3.89.214.221 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-89-214-221.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.krxd.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 20:25:10 GMT cache-control private, no-cache, no-store x-request-time D=49 t=1650572710 x-served-by beacon-n025-ash-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers pragma no-cache date Thu, 21 Apr 2022 20:25:10 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://beacon.krxd.net/usermatch.gif?google_gid=CAESEDpJ2lgt9SSW8Xj5_lH7388&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 291 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	usermatch.gif beacon.krxd.net/ Frame 24C7 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T3l0VGh2bmM https://beacon.krxd.net/usermatch.gif?google_gid=CAESEDpJ2lgt9SSW8Xj5_lH7388&google_cver=1	0 336 B	25ms 24ms	Image text/plain	3.89.214.221 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?google_gid=CAESEDpJ2lgt9SSW8Xj5_lH7388&google_cver=1 Protocol H2 Server 3.89.214.221 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-89-214-221.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.krxd.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 20:25:10 GMT cache-control private, no-cache, no-store x-request-time D=65 t=1650572710 x-served-by beacon-n013-ash-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers pragma no-cache date Thu, 21 Apr 2022 20:25:09 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://beacon.krxd.net/usermatch.gif?google_gid=CAESEDpJ2lgt9SSW8Xj5_lH7388&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 291 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	379708.gif idsync.rlcdn.com/ Frame 24C7	42 B 447 B	70ms 39ms	Image image/gif	35.190.60.146 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/379708.gif?partner_uid=OytThvnc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 146.60.190.35.bc.googleusercontent.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.krxd.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers timing-allow-origin * date Thu, 21 Apr 2022 20:25:10 GMT via 1.1 google p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" cache-control no-cache, no-store content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42
GET H2	204	usermatch.gif beacon.krxd.net/ Frame 24C7 Redirect Chain https://stags.bluekai.com/site/26357?id=OytThvnc&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOytThvnc%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID https://beacon.krxd.net/usermatch.gif?_kuid=OytThvnc&partner=bluekai&bk_uuid=$_BK_UUID	0 336 B	25ms 25ms	Image text/plain	3.89.214.221 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?_kuid=OytThvnc&partner=bluekai&bk_uuid=$_BK_UUID Protocol H2 Server 3.89.214.221 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-89-214-221.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.krxd.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 20:25:10 GMT cache-control private, no-cache, no-store x-request-time D=38 t=1650572710 x-served-by beacon-n020-ash-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers Location https://beacon.krxd.net/usermatch.gif?_kuid=OytThvnc&partner=bluekai&bk_uuid=$_BK_UUID Date Thu, 21 Apr 2022 20:25:10 GMT Connection keep-alive Content-Length 0 P3P CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
GET H2	200	p2 sb.scorecardresearch.com/ Frame 24C7 Redirect Chain https://sb.scorecardresearch.com/p?c1=9&c2=8188709&cs_xi=OytThvnc&rn=1650572710 https://sb.scorecardresearch.com/p2?c1=9&c2=8188709&cs_xi=OytThvnc&rn=1650572710	43 B 263 B	27ms 26ms	Image image/gif	13.33.46.48 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sb.scorecardresearch.com/p2?c1=9&c2=8188709&cs_xi=OytThvnc&rn=1650572710 Protocol H2 Server 13.33.46.48 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-46-48.ewr52.r.cloudfront.net Software / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.krxd.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 20:25:10 GMT via 1.1 caeaab1dec28e8247466740025a521a6.cloudfront.net (CloudFront) x-amz-cf-pop EWR52-C1 content-length 43 x-amz-cf-id Pc07LDAZC6mq6SzcnN_DItN8_9jCsm8ca2bNOejDJqzEQY2vB_blwg== x-cache Miss from cloudfront content-type image/gif Redirect headers location /p2?c1=9&c2=8188709&cs_xi=OytThvnc&rn=1650572710 date Thu, 21 Apr 2022 20:25:09 GMT via 1.1 caeaab1dec28e8247466740025a521a6.cloudfront.net (CloudFront) x-amz-cf-pop EWR52-C1 content-length 0 x-amz-cf-id -hh62SobG0fYUuKznCWMaljkQVEKB_giaoDiaSl4x5lKSlGZi66-Yw== x-cache Miss from cloudfront
GET H2	204	usermatch.gif beacon.krxd.net/ Frame 24C7 Redirect Chain https://sync-tm.everesttech.net/upi/pid/NC4WTmcy?redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner_id%3Dcb276571-e0d9-4438-9fd4-80a1ff034b01%26puid%3D%24%7BTM_USER_ID%7D https://sync-tm.everesttech.net/ct/upi/pid/NC4WTmcy?redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner_id%3Dcb276571-e0d9-4438-9fd4-80a1ff034b01%26puid%3D%24%7BTM_USER_ID%7D&_test=YmG9pg... https://beacon.krxd.net/usermatch.gif?partner_id=cb276571-e0d9-4438-9fd4-80a1ff034b01&puid=YmG9pgAKKgHg9wA-&_test=YmG9pgAKKgHg9wA-	0 335 B	25ms 25ms	Image text/plain	3.89.214.221 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner_id=cb276571-e0d9-4438-9fd4-80a1ff034b01&puid=YmG9pgAKKgHg9wA-&_test=YmG9pgAKKgHg9wA- Protocol H2 Server 3.89.214.221 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-89-214-221.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.krxd.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 20:25:10 GMT cache-control private, no-cache, no-store x-request-time D=23 t=1650572710 x-served-by beacon-n032-ash-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers pragma no-cache date Thu, 21 Apr 2022 20:25:10 GMT via 1.1 varnish server Varnish x-timer S1650572710.113200,VS0,VE0 x-served-by cache-yul12830-YUL x-cache HIT location https://beacon.krxd.net/usermatch.gif?partner_id=cb276571-e0d9-4438-9fd4-80a1ff034b01&puid=YmG9pgAKKgHg9wA-&_test=YmG9pgAKKgHg9wA- cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H/1.1	200 OK	/ ps.eyeota.net/match/bounce/ Frame 24C7 Redirect Chain https://ps.eyeota.net/match?bid=i0r4o4v&uid=OytThvnc https://ps.eyeota.net/match/bounce/?bid=i0r4o4v&uid=OytThvnc	70 B 440 B	318ms 318ms	Image image/gif	54.156.26.12 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match/bounce/?bid=i0r4o4v&uid=OytThvnc Protocol HTTP/1.1 Server 54.156.26.12 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-156-26-12.compute-1.amazonaws.com Software / Resource Hash de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98 Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.krxd.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Thu, 21 Apr 2022 20:25:10 GMT Content-Type image/gif Content-Length 70 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Redirect headers Location /match/bounce/?bid=i0r4o4v&uid=OytThvnc Date Thu, 21 Apr 2022 20:25:10 GMT Content-Length 0 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
GET H2	204	usermatch.gif beacon.krxd.net/ Frame 24C7 Redirect Chain https://usermatch.krxd.net/um/v2?partner=beeswax https://match.prod.bidr.io/cookie-sync/krux?partner_user_id=OytThvnc https://beacon.krxd.net/usermatch.gif?partner=beeswax&partner_uid=AACVoU7Ew3sAADqTwS4sPw	0 335 B	24ms 24ms	Image text/plain	3.89.214.221 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner=beeswax&partner_uid=AACVoU7Ew3sAADqTwS4sPw Protocol H2 Server 3.89.214.221 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-89-214-221.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.krxd.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 20:25:10 GMT cache-control private, no-cache, no-store x-request-time D=42 t=1650572710 x-served-by beacon-n028-ash-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers location https://beacon.krxd.net/usermatch.gif?partner=beeswax&partner_uid=AACVoU7Ew3sAADqTwS4sPw Date Thu, 21 Apr 2022 20:25:10 GMT Server nginx Connection keep-alive Content-Length 0 strict-transport-security max-age=2592000; includeSubDomains
GET H2	204	usermatch.gif beacon.krxd.net/ Frame 24C7 Redirect Chain https://usermatch.krxd.net/um/v2?partner=mediamath https://sync.mathtag.com/sync/img?mt_exid=10031&mt_exuid=OytThvnc&redirect=https://beacon.krxd.net/usermatch.gif?partner%3Dmediamath%26partner_id%3D%5BMM_UUID%5D https://beacon.krxd.net/usermatch.gif?partner=mediamath&partner_id=a4df6261-bda6-4100-91e5-9e1e13c7178d	0 335 B	25ms 25ms	Image text/plain	3.89.214.221 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner=mediamath&partner_id=a4df6261-bda6-4100-91e5-9e1e13c7178d Protocol H2 Server 3.89.214.221 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-89-214-221.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.krxd.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 20:25:10 GMT cache-control private, no-cache, no-store x-request-time D=17 t=1650572710 x-served-by beacon-n002-ash-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers Date Thu, 21 Apr 2022 20:25:10 GMT Server MT3 4335 2c68c00 master ord-pixel-x10 config:1.0.0 Access-Control-Allow-Origin * P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://beacon.krxd.net/usermatch.gif?partner=mediamath&partner_id=a4df6261-bda6-4100-91e5-9e1e13c7178d Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Thu, 21 Apr 2022 20:25:09 GMT
GET H2	200	tag.aspx Show response ml314.com/ Frame 24C7	31 KB 32 KB	40ms 13ms	Script application/javascript	34.111.234.236 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ml314.com/tag.aspx?2132022 Requested by Host: o.canada.com URL: https://o.canada.com/terms-of-service/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.111.234.236 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 236.234.111.34.bc.googleusercontent.com Software UploadServer / Resource Hash 75d893335a1d25db1bf02e25ab904d97a3af743128850d8566b93d197e56e9e9 Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.krxd.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 19:34:25 GMT age 3044 x-guploader-uploadid ADPycdv_ItQtZ030L--HPiWOIjegOZscV2YD6k8Y5pxjkYywSi-yVPZgho1t9VYBHIbnC7ZaGKy86GreNUR3djWnhAlXUA x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 32025 last-modified Mon, 04 Apr 2022 15:43:44 GMT server UploadServer cache-control public,max-age=3600 etag "25b1f355dd487bdf5381a749056080c4" x-goog-hash crc32c=dPpbog==, md5=JbHzVd1Ie99TgadJBWCAxA== x-goog-generation 1649087024620619 cache-id YUL-7d0cee4c x-cache-hit hit x-goog-stored-content-length 32025 accept-ranges bytes content-type application/javascript
GET H2	200	g.js aa.agkn.com/adscores/ Frame 24C7 Redirect Chain https://usermatch.krxd.net/um/v2?partner=neustar https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=OytThvnc	43 B 653 B	70ms 29ms	Image image/gif	143.204.146.34 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=OytThvnc Protocol H2 Server 143.204.146.34 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-146-34.ewr52.r.cloudfront.net Software AAWebServer / Resource Hash 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.krxd.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Thu, 21 Apr 2022 20:25:10 GMT via 1.1 b078462cffa3a81b6e262ef7f6040412.cloudfront.net (CloudFront) server AAWebServer x-amz-cf-pop EWR52-C2 access-control-allow-methods GET, POST, OPTIONS p3p policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID" access-control-allow-origin * cache-control no-cache, no-store, must-revalidate x-cache Miss from cloudfront content-type image/gif access-control-allow-headers accept, cache-control, origin, x-requested-with, x-file-name, content-type content-length 43 x-amz-cf-id hbOXVA1uahFds17IPxHdxyKwedsAF5LCq3OU7NrNvy0jqy9HODuvYA== expires 0 Redirect headers location https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=OytThvnc date Thu, 21 Apr 2022 20:25:10 GMT x-cache-hits 0 x-age 0 content-length 0 x-cache MISS x-served-by usermatch-a010-ash-prod.krxd.net
GET H2	204	usermatch.gif beacon.krxd.net/ Frame 24C7 Redirect Chain https://ssum-sec.casalemedia.com/usermatchredir?s=183716&cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__ https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__&s=183716&C=1 https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=YmG9ps95FZguH9VcbagZawAA%26500	0 335 B	25ms 24ms	Image text/plain	3.89.214.221 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=YmG9ps95FZguH9VcbagZawAA%26500 Protocol H2 Server 3.89.214.221 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-89-214-221.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.krxd.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 20:25:10 GMT cache-control private, no-cache, no-store x-request-time D=28 t=1650572710 x-served-by beacon-n019-ash-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers Pragma no-cache Date Thu, 21 Apr 2022 20:25:10 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=YmG9ps95FZguH9VcbagZawAA%26500 Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type text/html; charset=iso-8859-1 Content-Length 283 Expires Thu, 21 Apr 2022 20:25:10 GMT
GET H2	204	usermatch.gif beacon.krxd.net/ Frame 24C7 Redirect Chain https://sync.srv.stackadapt.com/sync?nid=salesforce https://beacon.krxd.net/usermatch.gif?partner=stackadapt&partner_uid=okjR06OWTtddP_dXa7NitJU4mbQ	0 336 B	25ms 24ms	Image text/plain	3.89.214.221 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner=stackadapt&partner_uid=okjR06OWTtddP_dXa7NitJU4mbQ Protocol H2 Server 3.89.214.221 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-89-214-221.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.krxd.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 20:25:10 GMT cache-control private, no-cache, no-store x-request-time D=34 t=1650572710 x-served-by beacon-n037-ash-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers Location https://beacon.krxd.net/usermatch.gif?partner=stackadapt&partner_uid=okjR06OWTtddP_dXa7NitJU4mbQ Date Thu, 21 Apr 2022 20:25:10 GMT Connection keep-alive Content-Length 123 Content-Type text/html; charset=utf-8
GET H2	204	usermatch.gif beacon.krxd.net/ Frame 24C7 Redirect Chain https://usermatch.krxd.net/um/v2?partner=triplelift&gdpr=0&cmp_cs=&us_privacy=undefined https://eb2.3lift.com/xuid?mid=3587&xuid=OytThvnc&dongle=13b2&rdir=https://beacon.krxd.net/usermatch.gif?partner%3Dtriplelift%26partner_uid%3D$UID&gdpr=0&cmp_cs=&us_privacy=undefined https://eb2.3lift.com/xuid?ld=1&mid=3587&xuid=OytThvnc&dongle=13b2&gdpr=0&cmp_cs=&us_privacy=undefined&rdir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dtriplelift%26partner_uid%3D%24UID https://beacon.krxd.net/usermatch.gif?partner=triplelift&partner_uid=357312690691816319093	0 336 B	25ms 24ms	Image text/plain	3.89.214.221 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner=triplelift&partner_uid=357312690691816319093 Protocol H2 Server 3.89.214.221 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-89-214-221.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.krxd.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 20:25:10 GMT cache-control private, no-cache, no-store x-request-time D=33 t=1650572710 x-served-by beacon-n017-ash-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers location https://beacon.krxd.net/usermatch.gif?partner=triplelift&partner_uid=357312690691816319093 date Thu, 21 Apr 2022 20:25:10 GMT cache-control no-cache, no-store, must-revalidate content-length 0 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
POST H3	204	collect www.google-analytics.com/g/	0 17 B	75ms 33ms	Ping text/plain	2607:f8b0:4006:822::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-CBS6P3K53Q&gtm=2oe4i1&_p=1820087139&_z=ccd.NbB&cid=834801964.1650572710&ul=en-us&sr=1600x1200&ir=1&_s=1&dl=https%3A%2F%2Fo.canada.com%2Fterms-of-service%2F&sid=1650572710&sct=1&seg=0&dt=Terms%20Of%20Service%20%7C%20Canada.Com&en=page_view&_fv=1&_nsi=1&_ss=1&_eu=Q&ep.debug_mode=false&ep.gtm_version=26&ep.gtm_container_id=GTM-P3Q4QHW&ep.ad_blocker_enabled=false&ep.user_status=anonymous&ep.page_type=terms-of-service&ep.session_uuid=593A19F1-9F1F-402E-BE06-E2E4F795E110&ep.platform=Cheetah&ep.platform_version=10.3.1&ep.fem_version=v56.0&ep.mp_id=8965949993774096909&ep.brand=canada.com&ep.timestamp=2022-04-21T20%3A25%3A10.008%2B00%3A00&ep.ga_client_id=40317639.1650572710&ep.metered_content=false&up.mp_id=8965949993774096909&up.client_id=40317639.1650572710 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-CBS6P3K53Q&l=gtm_data_layer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Thu, 21 Apr 2022 20:25:10 GMT server Golfe2 content-type text/plain access-control-allow-origin https://o.canada.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	53ms 34ms	XHR text/plain	2607:f8b0:4006:822::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1820087139&t=pageview&_s=1&dl=https%3A%2F%2Fo.canada.com%2Fterms-of-service%2F&ul=en-us&de=UTF-8&dt=Terms%20Of%20Service%20%7C%20Canada.Com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACAABBAAAAC~&jid=1966010840&gjid=192191767&cid=834801964.1650572710&tid=UA-213173459-10&_gid=2073181909.1650572710&_r=1&gtm=2wg4i1P3Q4QHW&cd2=2022-04-21T20%3A25%3A09.903%2B00%3A00&cd7=anonymous&cd17=0&cd23=canada.com&cd24=Cheetah&cd25=10.3.1&cd26=v56.0&cd27=0&cd28=GTM-P3Q4QHW&cd29=26&cd31=terms-of-service&cd65=false&cd1=834801964.1650572710&z=2088946754 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://o.canada.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 21 Apr 2022 20:25:10 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://o.canada.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	1 B 21 B	45ms 32ms	XHR text/plain	2607:f8b0:4006:822::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1820087139&t=pageview&_s=1&dl=https%3A%2F%2Fo.canada.com%2Fterms-of-service%2F&ul=en-us&de=UTF-8&dt=Terms%20Of%20Service%20%7C%20Canada.Com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACAABBAAAAC~&jid=1957567603&gjid=1840820916&cid=834801964.1650572710&tid=UA-138335866-21&_gid=2073181909.1650572710&_r=1&gtm=2wg4i1P3Q4QHW&z=1794019510 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://o.canada.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 21 Apr 2022 20:25:10 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://o.canada.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	/ p1.parsely.com/plogger/	43 B 259 B	96ms 23ms	Image image/gif	52.205.167.202 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://p1.parsely.com/plogger/?rand=1650572710085&plid=14890624&idsite=o.canada.com&url=https%3A%2F%2Fo.canada.com%2Fterms-of-service%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fo.canada.com%2Fterms-of-service%2F&sref=&sts=1650572710078&slts=0&title=Terms+Of+Service+%7C+Canada.Com&date=Thu+Apr+21+2022+20%3A25%3A10+GMT%2B0000+(GMT)&action=pageview&pvid=11484554&u=pid%3D5af2835a673d2d952b1e7f9ccbd368d5 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.205.167.202 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-205-167-202.compute-1.amazonaws.com Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Thu, 21 Apr 2022 20:25:10 GMT Cache-Control no-cache Last-Modified Thursday, 21-Apr-2022 20:25:10 GMT Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif
GET H2	200	/ www.facebook.com/tr/	44 B 410 B	57ms 18ms	Image image/gif	2a03:2880:f112:182:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1685973801652415&ev=PageView&dl=https%3A%2F%2Fo.canada.com%2Fterms-of-service%2F&rl=&if=false&ts=1650572710104&sw=1600&sh=1200&v=2.9.57&r=stable&a=tmsalesforce&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22514537319740368%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22503487844400487%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%221042784969583558%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%22858678751523779%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[4]=%7B%22extractorID%22%3A%221127243281129742%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[5]=%7B%22extractorID%22%3A%22497819211464386%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1650572710103.52480398&it=1650572709939&coo=false&exp=p0&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 20:25:10 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 44 expires Thu, 21 Apr 2022 20:25:10 GMT
GET H3	200	utsync.ashx Show response ml314.com/ Frame 24C7	270 B 292 B	42ms 29ms	Script application/javascript	34.111.234.236 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=748&ct=js&pi=&fp=&clid=&if=1&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fcdn.krxd.net%2Fpartnerjs%2Fxdi%2Fproxy.3d2100fd7107262ecb55ce6847f01fa5.html%23!kxcid%3Duep04wp3s%26kxt%3Dhttps%253A%252F%252Fo.canada.com%26kxcl%3Dcdn%26kxp%3D&pv=1650572710110_tx2q7icgq&bl=en-us&cb=4343306&return=https%3A%2F%2Fml314.com%2Fcsync.ashx%3Ffp%3DOytThvnc%26person_id%3D%5BPersonID%5D%26eid%3D748%26return%3Dhttps%253A%252F%252Fbeacon.krxd.net%252Fusermatch.gif%253Fpartner%253Dmadisonlogic%2526partner_uid%253D%5BPersonID%5D&ht=&d=&dc=&si=1650572710110_tx2q7icgq&cid=&s=1600x1200&rp=https%3A%2F%2Fo.canada.com%2F&v=2.5.1.2 Requested by Host: ml314.com URL: https://ml314.com/tag.aspx?2132022 Protocol H3 Security QUIC, , AES_128_GCM Server 34.111.234.236 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 236.234.111.34.bc.googleusercontent.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 128733f9611e7c214e7e26c6a4278f58c68abb585e7235b5470ed538cf24eb86 Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.krxd.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Thu, 21 Apr 2022 20:25:09 GMT via 1.1 google server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 x-powered-by ASP.NET p3p CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA" cache-control private content-type application/javascript; charset=utf-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 270 expires 0
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 439 B	85ms 32ms	XHR text/plain	2607:f8b0:4004:c06::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-213173459-10&cid=834801964.1650572710&jid=1966010840&gjid=192191767&_gid=2073181909.1650572710&_u=YCDACAAABAAAAC~&z=234085095 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://o.canada.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Thu, 21 Apr 2022 20:25:10 GMT content-type text/plain access-control-allow-origin https://o.canada.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	users Show response dmx.districtm.io/s/v1/ Frame 9B95	0 692 B	72ms 72ms	XHR text/plain	104.16.68.69 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dmx.districtm.io/s/v1/users Requested by Host: cdn.districtm.io URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://cdn.districtm.io/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type application/json Response headers date Thu, 21 Apr 2022 20:25:10 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods DELETE, GET, OPTIONS, POST access-control-allow-origin https://cdn.districtm.io access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains; preload cf-ray 6ff8d8eeb97a8ca8-EWR access-control-allow-headers Origin, Content-Type
OPTIONS H2	204	users dmx.districtm.io/s/v1/ Frame	0 0	64ms 63ms	Preflight	104.16.68.69 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dmx.districtm.io/s/v1/users Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://cdn.districtm.io Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Origin, Content-Type access-control-allow-methods DELETE, GET, OPTIONS, POST access-control-allow-origin https://cdn.districtm.io access-control-max-age 14400 cf-cache-status DYNAMIC cf-ray 6ff8d8ee5b2532fa-EWR date Thu, 21 Apr 2022 20:25:10 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept-Encoding
GET H2	204	usermatch.gif beacon.krxd.net/ Frame 24C7 Redirect Chain https://ml314.com/csync.ashx?fp=OytThvnc&person_id=3626672078583234574&eid=748&return=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dmadisonlogic%26partner_uid%3D3626672078583234574 https://beacon.krxd.net/usermatch.gif?partner=madisonlogic&partner_uid=3626672078583234574	0 336 B	25ms 25ms	Image text/plain	3.89.214.221 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner=madisonlogic&partner_uid=3626672078583234574 Protocol H2 Server 3.89.214.221 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-89-214-221.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.krxd.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 20:25:10 GMT cache-control private, no-cache, no-store x-request-time D=36 t=1650572710 x-served-by beacon-n015-ash-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers date Thu, 21 Apr 2022 20:25:09 GMT via 1.1 google server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 x-powered-by ASP.NET content-type text/html; charset=utf-8 location https://beacon.krxd.net/usermatch.gif?partner=madisonlogic&partner_uid=3626672078583234574 cache-control private alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 211 expires Fri, 22 Apr 2022 16:25:10 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 501 B	86ms 38ms	Image image/gif	2607:f8b0:4006:81c::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-213173459-10&cid=834801964.1650572710&jid=1966010840&_u=YCDACAAABAAAAC~&z=1132007819 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Thu, 21 Apr 2022 20:25:10 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.ca/ads/	42 B 501 B	84ms 38ms	Image image/gif	2607:f8b0:4006:824::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-213173459-10&cid=834801964.1650572710&jid=1966010840&_u=YCDACAAABAAAAC~&z=1132007819 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Thu, 21 Apr 2022 20:25:10 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	pixel.gif beacon.krxd.net/	0 335 B	25ms 25ms	Image text/plain	3.89.214.221 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/pixel.gif?source=smarttag&fired=user_data_timeout&confid=uep04wp3s&_kpid=42fb57ac-2013-45a6-8dad-332d53e17c1b&_kcp_s=canada.com_desktop&_kcp_d=o.canada.com&_knifr=4&_kua_kx_tz=0&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_mpid=8965949993774096909&_kua_ad_light_user=false&_kua_kx_whistle=1&_kpa_canada_com_desktop_url_path_1=terms-of-service&_kpa_domain=canada.com&_kpa_url_path_1=terms-of-service&_kpa_page_type=terms-of-service&_kpa_canada_com_desktop_page_type=terms-of-service&_kpa_view_type=HTML&_kpa_env=prod&_kpa_paywall_whitelist=false&t_navigation_type=0&t_dns=42&t_tcp=41&t_http_request=-1&t_http_response=17&t_content_ready=273&t_window_load=561&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=false&sview=1&kplt0=41818&kplt1=42920&kplt2=42921&kplt3=42922&kplt4=44981&kplt5=45977&kplt6=46302&jsonp_requests=https%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C94%2Chttps%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F42fb57ac-2013-45a6-8dad-332d53e17c1b%2C50%2Chttps%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F42fb57ac-2013-45a6-8dad-332d53e17c1b%2C12%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C49 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.89.214.221 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-89-214-221.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 20:25:10 GMT cache-control private, no-cache, no-store x-request-time D=62 t=1650572710 x-served-by beacon-n021-ash-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
POST H3	200	events Show response api.permutive.com/v2.0/batch/	101 B 129 B	97ms 96ms	XHR application/json	34.107.254.252 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482 Requested by Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 252.254.107.34.bc.googleusercontent.com Software Permutive / Resource Hash 8c2e788e49d79764fab71745933a1486d6eb3b878a4c312b57be94979d7d2354 Request headers Referer https://o.canada.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 content-type text/plain Response headers date Thu, 21 Apr 2022 20:25:10 GMT content-encoding gzip server Permutive vary Origin content-type application/json access-control-allow-origin https://o.canada.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 111 via 1.1 google
POST H3	200	/ Show response www.facebook.com/tr/ Frame D812	0 18 B	38ms 18ms	Document text/plain	2a03:2880:f112:182:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/tr/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Content-Type application/x-www-form-urlencoded Origin https://o.canada.com Referer https://o.canada.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers access-control-allow-credentials true access-control-allow-origin https://o.canada.com alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 content-type text/plain cross-origin-resource-policy cross-origin date Thu, 21 Apr 2022 20:25:10 GMT priority u=0 server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains
GET H2	200	optout_check Show response beacon.krxd.net/	82 B 240 B	25ms 25ms	Script text/javascript	3.89.214.221 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://beacon.krxd.net/optout_check?callback=Krux.ns.postmedia.kxjsonp_optOutCheck Requested by Host: cdn.krxd.net URL: https://cdn.krxd.net/ctjs/controltag.js.f5d7048d3841bccb4f5d92333c20b066 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.89.214.221 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-89-214-221.compute-1.amazonaws.com Software / Resource Hash 2ade019f77bb268fb2d0f039eb0ee6746e92740ace1367737f6e0242a9bd600b Request headers accept-language en-CA,en;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 20:25:10 GMT cache-control private, max-age=0, s-max-age=0 x-request-time D=30 t=1650572710 x-served-by beacon-n006-ash-prod.krxd.net content-type text/javascript
POST H3	200	state Show response api.permutive.com/v1.0/	0 34 B	102ms 101ms	XHR text/plain	34.107.254.252 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://api.permutive.com/v1.0/state?fetch_unseen=true&k=21ec23a2-b38a-456e-b801-e5877a041482 Requested by Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 252.254.107.34.bc.googleusercontent.com Software Permutive / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://o.canada.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 content-type text/plain Response headers access-control-allow-origin * date Thu, 21 Apr 2022 20:25:11 GMT content-encoding gzip server Permutive alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20 via 1.1 google