o.canada.com
Open in
urlscan Pro
34.107.199.243
Public Scan
Submission: On April 21 via api from CA — Scanned from CA
Summary
TLS certificate: Issued by GTS CA 1D4 on March 2nd 2022. Valid for: 3 months.
This is the only time o.canada.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN15169 (GOOGLE, US)
PTR: 243.199.107.34.bc.googleusercontent.com
o.canada.com |
ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net
securepubads.g.doubleclick.net |
ASN16625 (AKAMAI-AS, US)
PTR: a23-52-162-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com | |
ssum-sec.casalemedia.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-137-197.ewr52.r.cloudfront.net
c.amazon-adsystem.com |
ASN13335 (CLOUDFLARENET, US)
hb.districtm.io | |
cdn.districtm.io | |
dmx.districtm.io |
ASN16509 (AMAZON-02, US)
PTR: server-99-84-118-65.ewr52.r.cloudfront.net
cdn.adsafeprotected.com |
ASN13335 (CLOUDFLARENET, US)
auth.lrcontent.com | |
config.lrcontent.com |
ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-107.ewr53.r.cloudfront.net
ak.sail-horizon.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-33-46-72.ewr52.r.cloudfront.net
fem.prod.postmedia.digital |
ASN16509 (AMAZON-02, US)
d395dw5zk780j2.cloudfront.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-184-125.compute-1.amazonaws.com
idx.liadm.com |
ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org |
ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-125-112.compute-1.amazonaws.com
postmedia.hub.loginradius.com |
ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net |
ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net
cm.g.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: 177.227.231.35.bc.googleusercontent.com
dmx.us-east-33.districtm.io |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-246-49.compute-1.amazonaws.com
pixel.advertising.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-90-66.compute-1.amazonaws.com
ups.analytics.yahoo.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-191-164.compute-1.amazonaws.com
match.prod.bidr.io |
ASN16509 (AMAZON-02, US)
PTR: server-13-33-46-48.ewr52.r.cloudfront.net
sb.scorecardresearch.com |
ASN13335 (CLOUDFLARENET, US)
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app |
ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co |
ASN29990 (ASN-APPNEX, US)
PTR: 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com |
ASN15169 (GOOGLE, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-89-214-221.compute-1.amazonaws.com
beacon.krxd.net |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN16509 (AMAZON-02, US)
PTR: server-99-84-112-62.ewr52.r.cloudfront.net
cdn.parsely.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-116-207.compute-1.amazonaws.com
usermatch.krxd.net |
ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com |
ASN16625 (AKAMAI-AS, US)
PTR: a173-223-56-123.deploy.static.akamaitechnologies.com
stags.bluekai.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-26-12.compute-1.amazonaws.com
ps.eyeota.net |
ASN15169 (GOOGLE, US)
PTR: 236.234.111.34.bc.googleusercontent.com
ml314.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-146-34.ewr52.r.cloudfront.net
aa.agkn.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-192-123.compute-1.amazonaws.com
sync.srv.stackadapt.com |
ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-167-202.compute-1.amazonaws.com
p1.parsely.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
27 |
krxd.net
5 redirects
cdn.krxd.net — Cisco Umbrella Rank: 1448 beacon.krxd.net — Cisco Umbrella Rank: 440 consumer.krxd.net — Cisco Umbrella Rank: 1852 usermatch.krxd.net — Cisco Umbrella Rank: 1217 |
187 KB |
16 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46 storage.googleapis.com — Cisco Umbrella Rank: 492 |
307 KB |
15 |
districtm.io
hb.districtm.io — Cisco Umbrella Rank: 118600 cdn.districtm.io — Cisco Umbrella Rank: 1572 dmx.districtm.io — Cisco Umbrella Rank: 1674 dmx.us-east-33.districtm.io — Cisco Umbrella Rank: 22939 |
18 KB |
8 |
doubleclick.net
4 redirects
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193 cm.g.doubleclick.net — Cisco Umbrella Rank: 211 stats.g.doubleclick.net — Cisco Umbrella Rank: 95 |
153 KB |
5 |
permutive.com
api.permutive.com — Cisco Umbrella Rank: 1834 |
648 B |
5 |
mparticle.com
jssdkcdns.mparticle.com — Cisco Umbrella Rank: 5669 identity.mparticle.com — Cisco Umbrella Rank: 2606 |
48 KB |
5 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71 |
234 KB |
4 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37 |
20 KB |
3 |
ml314.com
1 redirects
ml314.com — Cisco Umbrella Rank: 1582 |
32 KB |
3 |
scorecardresearch.com
1 redirects
sb.scorecardresearch.com — Cisco Umbrella Rank: 137 |
2 KB |
3 |
bidr.io
3 redirects
match.prod.bidr.io — Cisco Umbrella Rank: 503 |
1 KB |
3 |
bidswitch.net
3 redirects
x.bidswitch.net — Cisco Umbrella Rank: 289 |
2 KB |
3 |
criteo.com
1 redirects
gum.criteo.com — Cisco Umbrella Rank: 383 mug.criteo.com — Cisco Umbrella Rank: 2668 |
7 KB |
3 |
cloudfront.net
d395dw5zk780j2.cloudfront.net |
14 KB |
3 |
gstatic.com
fonts.gstatic.com |
47 KB |
3 |
lrcontent.com
auth.lrcontent.com — Cisco Umbrella Rank: 49661 config.lrcontent.com — Cisco Umbrella Rank: 19807 |
48 KB |
3 |
amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 302 |
40 KB |
2 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 100 |
428 B |
2 |
3lift.com
2 redirects
eb2.3lift.com — Cisco Umbrella Rank: 400 |
794 B |
2 |
casalemedia.com
2 redirects
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 556 |
2 KB |
2 |
eyeota.net
1 redirects
ps.eyeota.net — Cisco Umbrella Rank: 960 |
1 KB |
2 |
everesttech.net
2 redirects
sync-tm.everesttech.net — Cisco Umbrella Rank: 576 |
669 B |
2 |
parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 2749 p1.parsely.com — Cisco Umbrella Rank: 2214 |
21 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 138 |
115 KB |
2 |
yahoo.com
2 redirects
ups.analytics.yahoo.com — Cisco Umbrella Rank: 300 |
686 B |
2 |
advertising.com
2 redirects
pixel.advertising.com — Cisco Umbrella Rank: 371 |
674 B |
2 |
dotomi.com
2 redirects
districtm-match.dotomi.com — Cisco Umbrella Rank: 8601 |
684 B |
2 |
loginradius.com
postmedia.hub.loginradius.com — Cisco Umbrella Rank: 169385 |
546 B |
1 |
google.ca
www.google.ca — Cisco Umbrella Rank: 8069 |
501 B |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 4 |
501 B |
1 |
stackadapt.com
1 redirects
sync.srv.stackadapt.com — Cisco Umbrella Rank: 835 |
579 B |
1 |
agkn.com
aa.agkn.com — Cisco Umbrella Rank: 431 |
653 B |
1 |
mathtag.com
1 redirects
sync.mathtag.com — Cisco Umbrella Rank: 445 |
662 B |
1 |
bluekai.com
1 redirects
stags.bluekai.com — Cisco Umbrella Rank: 481 |
716 B |
1 |
rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 327 |
447 B |
1 |
adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 248 |
700 B |
1 |
prmutv.co
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co — Cisco Umbrella Rank: 179423 |
390 B |
1 |
permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app — Cisco Umbrella Rank: 138853 |
68 KB |
1 |
rfihub.com
1 redirects
p.rfihub.com — Cisco Umbrella Rank: 718 |
743 B |
1 |
adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 355 |
541 B |
1 |
liadm.com
idx.liadm.com — Cisco Umbrella Rank: 5390 |
584 B |
1 |
npttech.com
www.npttech.com — Cisco Umbrella Rank: 4128 |
3 KB |
1 |
postmedia.digital
fem.prod.postmedia.digital — Cisco Umbrella Rank: 134619 |
81 KB |
1 |
sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 2830 |
43 KB |
1 |
adsafeprotected.com
cdn.adsafeprotected.com — Cisco Umbrella Rank: 3314 |
22 KB |
1 |
criteo.net
static.criteo.net — Cisco Umbrella Rank: 632 |
42 KB |
1 |
indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 723 |
42 KB |
1 |
canada.com
o.canada.com — Cisco Umbrella Rank: 407124 |
54 KB |
121 | 48 |
Domain | Requested by | |
---|---|---|
15 | storage.googleapis.com |
o.canada.com
storage.googleapis.com |
13 | beacon.krxd.net |
cdn.krxd.net
|
11 | dmx.districtm.io |
hb.districtm.io
cdn.districtm.io |
6 | cdn.krxd.net |
fem.prod.postmedia.digital
cdn.krxd.net |
5 | usermatch.krxd.net | 5 redirects |
5 | api.permutive.com |
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
|
5 | www.googletagmanager.com |
fem.prod.postmedia.digital
www.googletagmanager.com |
4 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
4 | identity.mparticle.com |
jssdkcdns.mparticle.com
|
4 | cm.g.doubleclick.net | 4 redirects |
3 | ml314.com |
1 redirects
o.canada.com
ml314.com |
3 | consumer.krxd.net |
cdn.krxd.net
|
3 | sb.scorecardresearch.com |
1 redirects
fem.prod.postmedia.digital
|
3 | match.prod.bidr.io | 3 redirects |
3 | x.bidswitch.net | 3 redirects |
3 | d395dw5zk780j2.cloudfront.net |
fem.prod.postmedia.digital
d395dw5zk780j2.cloudfront.net |
3 | fonts.gstatic.com |
fonts.googleapis.com
|
3 | c.amazon-adsystem.com |
o.canada.com
c.amazon-adsystem.com |
3 | securepubads.g.doubleclick.net |
o.canada.com
securepubads.g.doubleclick.net |
2 | www.facebook.com | |
2 | eb2.3lift.com | 2 redirects |
2 | ssum-sec.casalemedia.com | 2 redirects |
2 | ps.eyeota.net | 1 redirects |
2 | sync-tm.everesttech.net | 2 redirects |
2 | connect.facebook.net |
o.canada.com
connect.facebook.net |
2 | ups.analytics.yahoo.com | 2 redirects |
2 | pixel.advertising.com | 2 redirects |
2 | districtm-match.dotomi.com | 2 redirects |
2 | gum.criteo.com |
1 redirects
static.criteo.net
|
2 | postmedia.hub.loginradius.com |
fem.prod.postmedia.digital
|
2 | cdn.districtm.io |
hb.districtm.io
cdn.districtm.io |
2 | config.lrcontent.com |
auth.lrcontent.com
|
1 | www.google.ca | |
1 | www.google.com | |
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | p1.parsely.com | |
1 | sync.srv.stackadapt.com | 1 redirects |
1 | aa.agkn.com | |
1 | sync.mathtag.com | 1 redirects |
1 | stags.bluekai.com | 1 redirects |
1 | idsync.rlcdn.com | |
1 | cdn.parsely.com |
www.googletagmanager.com
|
1 | ib.adnxs.com |
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
|
1 | 23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co |
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
|
1 | mug.criteo.com | |
1 | 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app |
fem.prod.postmedia.digital
|
1 | jssdkcdns.mparticle.com |
fem.prod.postmedia.digital
|
1 | p.rfihub.com | 1 redirects |
1 | dmx.us-east-33.districtm.io | |
1 | match.adsrvr.org |
js-sec.indexww.com
|
1 | idx.liadm.com |
js-sec.indexww.com
|
1 | www.npttech.com |
o.canada.com
|
1 | fem.prod.postmedia.digital |
o.canada.com
|
1 | ak.sail-horizon.com |
o.canada.com
|
1 | auth.lrcontent.com |
o.canada.com
|
1 | fonts.googleapis.com |
o.canada.com
|
1 | cdn.adsafeprotected.com |
o.canada.com
|
1 | hb.districtm.io |
o.canada.com
|
1 | static.criteo.net |
o.canada.com
|
1 | js-sec.indexww.com |
o.canada.com
|
1 | o.canada.com | |
121 | 61 |
This site contains links to these domains. Also see Links.
Domain |
---|
nationalpost.com |
www.working.com |
www.remembering.ca |
www.postmedia.com |
www.youtube.com |
www.facebook.com |
twitter.com |
www.instagram.com |
www.postmediasolutions.com |
adregistry.postmedia.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
canada.com GTS CA 1D4 |
2022-03-02 - 2022-05-31 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-03-28 - 2022-06-20 |
3 months | crt.sh |
san.casalemedia.com GeoTrust RSA CA 2018 |
2021-12-12 - 2022-12-13 |
a year | crt.sh |
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-04-11 - 2022-07-13 |
3 months | crt.sh |
c.amazon-adsystem.com Amazon |
2021-07-06 - 2022-06-27 |
a year | crt.sh |
districtm.io Cloudflare Inc ECC CA-3 |
2021-06-02 - 2022-06-01 |
a year | crt.sh |
*.adsafeprotected.com Amazon |
2021-07-21 - 2022-08-19 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-04-11 - 2022-07-04 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-06-29 - 2022-06-28 |
a year | crt.sh |
ak.sail-horizon.com Amazon |
2022-01-06 - 2023-02-02 |
a year | crt.sh |
fem.prod.postmedia.digital Amazon |
2021-11-08 - 2022-12-06 |
a year | crt.sh |
*.storage.googleapis.com GTS CA 1C3 |
2022-03-28 - 2022-06-20 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-04-11 - 2022-07-04 |
3 months | crt.sh |
*.cloudfront.net Amazon |
2022-02-01 - 2023-01-31 |
a year | crt.sh |
*.liadm.com Amazon |
2021-10-31 - 2022-11-28 |
a year | crt.sh |
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020 |
2022-03-31 - 2023-05-02 |
a year | crt.sh |
*.loginradius.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-12-13 - 2022-12-13 |
a year | crt.sh |
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-04-11 - 2022-07-07 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-04-11 - 2022-07-04 |
3 months | crt.sh |
*.scorecardresearch.com Amazon |
2022-01-29 - 2023-02-27 |
a year | crt.sh |
jssdkcdns.mparticle.com R3 |
2022-02-25 - 2022-05-26 |
3 months | crt.sh |
cdn.krxd.net DigiCert TLS RSA SHA256 2020 CA1 |
2021-12-30 - 2022-12-29 |
a year | crt.sh |
permutive.app Cloudflare Inc ECC CA-3 |
2022-03-17 - 2022-06-15 |
3 months | crt.sh |
identity.mparticle.com Go Daddy Secure Certificate Authority - G2 |
2021-07-07 - 2022-08-08 |
a year | crt.sh |
*.prmutv.co R3 |
2022-04-12 - 2022-07-11 |
3 months | crt.sh |
*.adnxs.com GeoTrust ECC CA 2018 |
2022-02-11 - 2023-03-14 |
a year | crt.sh |
api.permutive.com R3 |
2022-02-18 - 2022-05-19 |
3 months | crt.sh |
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1 |
2021-11-03 - 2022-11-02 |
a year | crt.sh |
consumer.krxd.net DigiCert TLS RSA SHA256 2020 CA1 |
2021-07-13 - 2022-07-12 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-01-29 - 2022-04-29 |
3 months | crt.sh |
*.parsely.com Amazon |
2021-07-05 - 2022-08-03 |
a year | crt.sh |
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA |
2022-02-03 - 2023-02-25 |
a year | crt.sh |
*.ml314.com GoGetSSL RSA DV CA |
2022-03-29 - 2023-03-29 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2022-04-11 - 2022-07-04 |
3 months | crt.sh |
*.google.ca GTS CA 1C3 |
2022-03-28 - 2022-06-20 |
3 months | crt.sh |
This page contains 6 frames:
Primary Page:
https://o.canada.com/terms-of-service/
Frame ID: 1850CBAF9D455D86C401E2533C8572F8
Requests: 80 HTTP requests in this frame
Frame:
https://d395dw5zk780j2.cloudfront.net/v56.0/xd.html
Frame ID: 87CEB98C60FC936AF780C75935A86442
Requests: 2 HTTP requests in this frame
Frame:
https://cdn.districtm.io/ids/index.html
Frame ID: 9B9513712F201E173C9D0F7118921DFF
Requests: 10 HTTP requests in this frame
Frame:
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=o.canada.com
Frame ID: 948ABF8D4F2DAE8F19AE7566184F574E
Requests: 2 HTTP requests in this frame
Frame:
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 24C7E8DE903A464ED13BD95BED881FAA
Requests: 20 HTTP requests in this frame
Frame:
https://www.facebook.com/tr/
Frame ID: D8127330D0968ECBCA7F649EF6DBCCA3
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Terms Of Service | Canada.ComCanada.comUserDetected technologies
AppNexus (Advertising Networks) ExpandDetected patterns
- adnxs\.(?:net|com)
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
comScore (Analytics) Expand
Detected patterns
- \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Page Statistics
16 Outgoing links
These are links going to different origins than the main page.
Title: New York Times Crossword
Search URL Search Domain Scan URL
Title: Puzzles
Search URL Search Domain Scan URL
Title: Comics
Search URL Search Domain Scan URL
Title: Advice
Search URL Search Domain Scan URL
Title: Jobs
Search URL Search Domain Scan URL
Title: Obituaries
Search URL Search Domain Scan URL
Title: Place a Notice
Search URL Search Domain Scan URL
Title: Postmedia Sites
Search URL Search Domain Scan URL
Title: here
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Advertise With Us
Search URL Search Domain Scan URL
Title: Digital Ad Registry
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 48- https://x.bidswitch.net/sync?ssp=districtm&user_id=287fnFgg8X1AGx92e0t5oQLGsZI HTTP 302
- https://x.bidswitch.net/ul_cb/sync?ssp=districtm&user_id=287fnFgg8X1AGx92e0t5oQLGsZI HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=districtm&bsw_param=e82dbb22-fcaf-4109-b81f-8aaffdc64d5f&google_hm=ZTgyZGJiMjItZmNhZi00MTA5LWI4MWYtOGFhZmZkYzY0ZDVm HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm=&google_sc=&ssp=districtm&bsw_param=e82dbb22-fcaf-4109-b81f-8aaffdc64d5f&google_hm=ZTgyZGJiMjItZmNhZi00MTA5LWI4MWYtOGFhZmZkYzY0ZDVm&google_tc= HTTP 302
- https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESECcrFIhy6SgRqspny6jC7ts&google_cver=1&ssp=districtm&bsw_param=e82dbb22-fcaf-4109-b81f-8aaffdc64d5f HTTP 302
- https://dmx.districtm.io/s/10009/e82dbb22-fcaf-4109-b81f-8aaffdc64d5f
- https://districtm-match.dotomi.com/match/bounce/current?version=1&networkId=33921&nuid=287fnFgg8X1AGx92e0t5oQLGsZI&rurl=//dmx.us-east-33.districtm.io/s/10007/ HTTP 302
- https://districtm-match.dotomi.com/match/bounce/current?DotomiTest=7094b43ea7c11234&is_secure=true&version=1&networkId=33921&nuid=287fnFgg8X1AGx92e0t5oQLGsZI&rurl=%2F%2Fdmx.us-east-33.districtm.io%2Fs%2F10007%2F HTTP 302
- https://dmx.us-east-33.districtm.io/s/10007/AAAGdoWUyAeikANzYODoAAAAAAA&expiration=1650659109&nuid=287fnFgg8X1AGx92e0t5oQLGsZI&is_secure=true
- https://pixel.advertising.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
- https://pixel.advertising.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
- https://ups.analytics.yahoo.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP23d386d0-c1b1-11ec-aa0d-0ee9993b1ae5 HTTP 302
- https://ups.analytics.yahoo.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP23d386d0-c1b1-11ec-aa0d-0ee9993b1ae5&verify=true HTTP 302
- https://dmx.districtm.io/s/10051/y-m9kPULxE2uHGtrB.R8cwvSjLiHG.m_MF~A~UP23d386d0-c1b1-11ec-aa0d-0ee9993b1ae5
- https://match.prod.bidr.io/cookie-sync/districtm HTTP 303
- https://match.prod.bidr.io/cookie-sync/districtm?_bee_ppp=1 HTTP 303
- https://dmx.districtm.io/s/10025/AACVoU7Ew3sAADqTwS4sPw
- https://p.rfihub.com/cm?pub=36496&in=1 HTTP 302
- https://dmx.districtm.io/s/10056/1783777312433057177
- https://gum.criteo.com/sid/json?origin=publishertag&domain=canada.com&sn=ChromeSyncframe&so=0&topUrl=o.canada.com&cw=1&lsw=1 HTTP 302
- https://mug.criteo.com/sid?cpp=lfsSi3wxVlJlYUdTSmIvMzRlclhPODAzOHBHQzM3SHorQ3hqREZpTVpBY0tyRndTZGIxK3VDWTU5ZTBRQ1VqbmZZVmtXcmt5dDRaWDJWbU9JL2VOOFZTUk4xdzBxKzZNVlVZWTFJbUlNdDFseklHdVR0aU9ET0tSWkgwc0FRQWNZSVlLcjkyWFBBZHI3cjRFSnZFSjdMeXNZdEdFc3B6Ykc1c3E3OTRjdzJERnFna2ZUWFd4c1VVUlFNc2pQZHlsUlgycDJmY2ExR1pzRjhCMGk0VUt5KzNsOGZyckF0WnVRdWVoemh4bG0vYmt3MzdsOVBHWVhHSHRpajVwaER6d0xhRUF1K1U3ZFRZcFZETlBqNEtTOXNtTmtBZz09fA&cppv=2
- https://usermatch.krxd.net/um/v2?partner=google HTTP 302
- https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T3l0VGh2bmM HTTP 302
- https://beacon.krxd.net/usermatch.gif?google_gid=CAESEDpJ2lgt9SSW8Xj5_lH7388&google_cver=1
- https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T3l0VGh2bmM HTTP 302
- https://beacon.krxd.net/usermatch.gif?google_gid=CAESEDpJ2lgt9SSW8Xj5_lH7388&google_cver=1
- https://stags.bluekai.com/site/26357?id=OytThvnc&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOytThvnc%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID HTTP 302
- https://beacon.krxd.net/usermatch.gif?_kuid=OytThvnc&partner=bluekai&bk_uuid=$_BK_UUID
- https://sb.scorecardresearch.com/p?c1=9&c2=8188709&cs_xi=OytThvnc&rn=1650572710 HTTP 302
- https://sb.scorecardresearch.com/p2?c1=9&c2=8188709&cs_xi=OytThvnc&rn=1650572710
- https://sync-tm.everesttech.net/upi/pid/NC4WTmcy?redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner_id%3Dcb276571-e0d9-4438-9fd4-80a1ff034b01%26puid%3D%24%7BTM_USER_ID%7D HTTP 302
- https://sync-tm.everesttech.net/ct/upi/pid/NC4WTmcy?redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner_id%3Dcb276571-e0d9-4438-9fd4-80a1ff034b01%26puid%3D%24%7BTM_USER_ID%7D&_test=YmG9pgAKKgHg9wA- HTTP 302
- https://beacon.krxd.net/usermatch.gif?partner_id=cb276571-e0d9-4438-9fd4-80a1ff034b01&puid=YmG9pgAKKgHg9wA-&_test=YmG9pgAKKgHg9wA-
- https://ps.eyeota.net/match?bid=i0r4o4v&uid=OytThvnc HTTP 302
- https://ps.eyeota.net/match/bounce/?bid=i0r4o4v&uid=OytThvnc
- https://usermatch.krxd.net/um/v2?partner=beeswax HTTP 302
- https://match.prod.bidr.io/cookie-sync/krux?partner_user_id=OytThvnc HTTP 303
- https://beacon.krxd.net/usermatch.gif?partner=beeswax&partner_uid=AACVoU7Ew3sAADqTwS4sPw
- https://usermatch.krxd.net/um/v2?partner=mediamath HTTP 302
- https://sync.mathtag.com/sync/img?mt_exid=10031&mt_exuid=OytThvnc&redirect=https://beacon.krxd.net/usermatch.gif?partner%3Dmediamath%26partner_id%3D%5BMM_UUID%5D HTTP 302
- https://beacon.krxd.net/usermatch.gif?partner=mediamath&partner_id=a4df6261-bda6-4100-91e5-9e1e13c7178d
- https://usermatch.krxd.net/um/v2?partner=neustar HTTP 302
- https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=OytThvnc
- https://ssum-sec.casalemedia.com/usermatchredir?s=183716&cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__ HTTP 302
- https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__&s=183716&C=1 HTTP 302
- https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=YmG9ps95FZguH9VcbagZawAA%26500
- https://sync.srv.stackadapt.com/sync?nid=salesforce HTTP 302
- https://beacon.krxd.net/usermatch.gif?partner=stackadapt&partner_uid=okjR06OWTtddP_dXa7NitJU4mbQ
- https://usermatch.krxd.net/um/v2?partner=triplelift&gdpr=0&cmp_cs=&us_privacy=undefined HTTP 302
- https://eb2.3lift.com/xuid?mid=3587&xuid=OytThvnc&dongle=13b2&rdir=https://beacon.krxd.net/usermatch.gif?partner%3Dtriplelift%26partner_uid%3D$UID&gdpr=0&cmp_cs=&us_privacy=undefined HTTP 302
- https://eb2.3lift.com/xuid?ld=1&mid=3587&xuid=OytThvnc&dongle=13b2&gdpr=0&cmp_cs=&us_privacy=undefined&rdir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dtriplelift%26partner_uid%3D%24UID HTTP 302
- https://beacon.krxd.net/usermatch.gif?partner=triplelift&partner_uid=357312690691816319093
- https://ml314.com/csync.ashx?fp=OytThvnc&person_id=3626672078583234574&eid=748&return=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dmadisonlogic%26partner_uid%3D3626672078583234574 HTTP 302
- https://beacon.krxd.net/usermatch.gif?partner=madisonlogic&partner_uid=3626672078583234574
121 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
o.canada.com/terms-of-service/ |
223 KB 54 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpt.js
securepubads.g.doubleclick.net/tag/js/ |
84 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
184635-232448041313322.js
js-sec.indexww.com/ht/p/ |
153 KB 42 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
publishertag.js
static.criteo.net/js/ld/ |
128 KB 42 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
apstag.js
c.amazon-adsystem.com/aax2/ |
135 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.postmedia.js
hb.districtm.io/prod/100549/ |
36 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iasPET.1.js
cdn.adsafeprotected.com/ |
22 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LoginRadiusV2.js
auth.lrcontent.com/v2/js/ |
199 KB 47 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spm.v1.min.js
ak.sail-horizon.com/spm/ |
121 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fem.js
fem.prod.postmedia.digital/v56.0/ |
273 KB 81 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-soc-fb.svg
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/images/share-icons/ |
775 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-soc-tw.svg
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/images/share-icons/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-soc-yt.svg
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/images/share-icons/ |
744 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-soc-ig.svg
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/images/share-icons/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shared.bfc093052de2.js
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/CACHE/js/ |
24 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.a7af1e284075.js
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/CACHE/js/ |
99 KB 99 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
advertising.js
www.npttech.com/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xd.html
d395dw5zk780j2.cloudfront.net/v56.0/ Frame 87CE |
167 B 509 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
appInfo
config.lrcontent.com/ciam/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
appInfo
config.lrcontent.com/ciam/ |
4 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8d5c0be52bb44eac633b.js
d395dw5zk780j2.cloudfront.net/v56.0/chunks/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config
c.amazon-adsystem.com/cdn/prod/ |
0 308 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ |
6 KB 3 KB |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pubads_impl_2022041801.js
securepubads.g.doubleclick.net/gpt/ |
362 KB 123 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ppub_config
securepubads.g.doubleclick.net/pagead/ |
215 B 152 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.html
cdn.districtm.io/ids/ Frame 9B95 |
116 B 316 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
v1
dmx.districtm.io/b/ |
0 202 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
v1
dmx.districtm.io/b/ |
0 38 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xd.js
d395dw5zk780j2.cloudfront.net/v56.0/ Frame 87CE |
36 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bb441d432069977701460.js
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/ |
7 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
d36ca6ec7863d36a800c21.js
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/ |
10 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bdd029405c81b7549b531.js
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/ |
15 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
7d0672b4b17ef21d640a2.js
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/ |
50 KB 50 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
33d0e5b570a9541270f410.js
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/ |
10 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
98e96f7ceec5a9ee49f320.js
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/ |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
049fe9cf0ad83f36446e7.js
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/ |
8 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
545637e9e6ae55ee162c9.js
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/ |
20 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
19902571f52cab897a3215.js
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/ |
52 KB 52 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
any
idx.liadm.com/idex/ie/ |
54 B 584 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rid
match.adsrvr.org/track/ |
109 B 541 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login
postmedia.hub.loginradius.com/ssologin/ |
38 B 546 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
login
postmedia.hub.loginradius.com/ssologin/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
idsync.d5cb6b96.js
cdn.districtm.io/ids/ Frame 9B95 |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
buyers
dmx.districtm.io/s/v1/ Frame 9B95 |
578 B 762 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
syncframe
gum.criteo.com/ Frame 948A |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e82dbb22-fcaf-4109-b81f-8aaffdc64d5f
dmx.districtm.io/s/10009/ Frame 9B95 Redirect Chain
|
92 B 162 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AAAGdoWUyAeikANzYODoAAAAAAA&expiration=1650659109&nuid=287fnFgg8X1AGx92e0t5oQLGsZI&is_secure=true
dmx.us-east-33.districtm.io/s/10007/ Frame 9B95 Redirect Chain
|
153 B 291 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
y-m9kPULxE2uHGtrB.R8cwvSjLiHG.m_MF~A~UP23d386d0-c1b1-11ec-aa0d-0ee9993b1ae5
dmx.districtm.io/s/10051/ Frame 9B95 Redirect Chain
|
131 B 176 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AACVoU7Ew3sAADqTwS4sPw
dmx.districtm.io/s/10025/ Frame 9B95 Redirect Chain
|
78 B 132 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1783777312433057177
dmx.districtm.io/s/10056/ Frame 9B95 Redirect Chain
|
75 B 155 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
113 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
beacon.js
sb.scorecardresearch.com/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mparticle.js
jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/ |
184 KB 48 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uep04wp3s.js
cdn.krxd.net/controltag/ |
29 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
118 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/ |
246 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sid
mug.criteo.com/ Frame 948A Redirect Chain
|
430 B 636 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
controltag.js.f5d7048d3841bccb4f5d92333c20b066
cdn.krxd.net/ctjs/ |
259 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
identify
identity.mparticle.com/v1/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
identify
identity.mparticle.com/v1/ |
175 B 277 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxid
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/ |
46 B 390 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
getuidj
ib.adnxs.com/ |
11 B 700 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
geoip
api.permutive.com/v2.0/ |
229 B 358 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
c8fb5c85-5ff7-4ab0-adb2-aae9ef3f4604
https://o.canada.com/ |
52 KB 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
de39d941-69fe-41d3-bc6a-4b8c79cc0fad
https://o.canada.com/ |
19 KB 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proxy.3d2100fd7107262ecb55ce6847f01fa5.html
cdn.krxd.net/partnerjs/xdi/ Frame 24C7 |
805 B 827 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
optout_check
beacon.krxd.net/ |
63 B 223 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
42fb57ac-2013-45a6-8dad-332d53e17c1b
consumer.krxd.net/consent/get/ |
239 B 431 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gtm.js
www.googletagmanager.com/ |
78 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gtm.js
www.googletagmanager.com/ |
239 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
identify
identity.mparticle.com/v1/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
identify
identity.mparticle.com/v1/ |
175 B 228 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uep04wp3s.js
cdn.krxd.net/controltag/ Frame 24C7 |
29 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
identify
api.permutive.com/v2.0/ |
50 B 88 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
42fb57ac-2013-45a6-8dad-332d53e17c1b
consumer.krxd.net/consent/get/ |
239 B 293 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
controltag.js.f5d7048d3841bccb4f5d92333c20b066
cdn.krxd.net/ctjs/ Frame 24C7 |
259 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
get
cdn.krxd.net/userdata/ |
322 B 454 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
99 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
42fb57ac-2013-45a6-8dad-332d53e17c1b
consumer.krxd.net/consent/get/ Frame 24C7 |
224 B 303 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
167 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.js
cdn.parsely.com/keys/o.canada.com/ |
56 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1685973801652415
connect.facebook.net/signals/config/ |
308 KB 88 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
tpd
api.permutive.com/v2.0/ |
2 B 39 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
users
dmx.districtm.io/s/v1/ Frame 9B95 |
0 628 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
users
dmx.districtm.io/s/v1/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usermatch.gif
beacon.krxd.net/ Frame 24C7 Redirect Chain
|
0 336 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usermatch.gif
beacon.krxd.net/ Frame 24C7 Redirect Chain
|
0 336 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
379708.gif
idsync.rlcdn.com/ Frame 24C7 |
42 B 447 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usermatch.gif
beacon.krxd.net/ Frame 24C7 Redirect Chain
|
0 336 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p2
sb.scorecardresearch.com/ Frame 24C7 Redirect Chain
|
43 B 263 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usermatch.gif
beacon.krxd.net/ Frame 24C7 Redirect Chain
|
0 335 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
ps.eyeota.net/match/bounce/ Frame 24C7 Redirect Chain
|
70 B 440 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usermatch.gif
beacon.krxd.net/ Frame 24C7 Redirect Chain
|
0 335 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usermatch.gif
beacon.krxd.net/ Frame 24C7 Redirect Chain
|
0 335 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.aspx
ml314.com/ Frame 24C7 |
31 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
g.js
aa.agkn.com/adscores/ Frame 24C7 Redirect Chain
|
43 B 653 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usermatch.gif
beacon.krxd.net/ Frame 24C7 Redirect Chain
|
0 335 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usermatch.gif
beacon.krxd.net/ Frame 24C7 Redirect Chain
|
0 336 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usermatch.gif
beacon.krxd.net/ Frame 24C7 Redirect Chain
|
0 336 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/g/ |
0 17 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
1 B 21 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
p1.parsely.com/plogger/ |
43 B 259 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 410 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
utsync.ashx
ml314.com/ Frame 24C7 |
270 B 292 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 439 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
users
dmx.districtm.io/s/v1/ Frame 9B95 |
0 692 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
users
dmx.districtm.io/s/v1/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usermatch.gif
beacon.krxd.net/ Frame 24C7 Redirect Chain
|
0 336 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.ca/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel.gif
beacon.krxd.net/ |
0 335 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
events
api.permutive.com/v2.0/batch/ |
101 B 129 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
/
www.facebook.com/tr/ Frame D812 |
0 18 B |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
optout_check
beacon.krxd.net/ |
82 B 240 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
state
api.permutive.com/v1.0/ |
0 34 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
77 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| setNptTechAdblockerCookie object| script object| LRNameSpace object| LoginRadiusDefaults function| LoginRadiusUtility function| LoginRadiusApiFramework function| setLoginRadiusDefaultSchema function| setLoginRadiusModuleFunctions function| LoginRadiusHooksModel function| SetLoginRadiusCommonFunctions function| LoginRadiusControllers function| LoginRadiusV2 function| FormValidator object| hash object| modern_script_elem object| legacy_script_elem object| ytAdTargetingLoadEvent function| script_onload string| locSrc object| ytVideoAdTargetingConfig object| webpackJsonpFrontEndModules object| tp object| FrontEndModules object| googletag object| aax object| apstag function| Krux boolean| apstagLOADED object| districtmHeader object| ggeac object| google_tag_data object| google_js_reporting_queue function| BlockAdBlock object| blockAdBlock object| webpackChunkdjango_content_services object| headertag object| Criteo function| headertag_render object| pbjs function| sovrn_render object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_122 object| Criteo_122 undefined| google_measure_js_timing object| vf object| vfQ object| dataLayer object| KruxDataLayer object| permutive object| mParticle object| gtm_data_layer object| regeneratorRuntime function| udm_ object| _comscore object| COMSCORE object| google_tag_manager function| fbq function| _fbq string| GoogleAnalyticsObject function| ga function| autotrack function| gtag object| gaGlobal object| gaplugins object| gaData function| _ga_originalSendHitTask function| _typeof object| PARSELY52 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
o.canada.com/ | Name: political-ad-opt-out Value: {"data":false,"exp":604800000,"ts":1650572709424,"mac":-435097775} |
|
.adsrvr.org/ | Name: TDID Value: dc5fdbb3-6d0d-4886-a836-629f40bd0b2d |
|
.liadm.com/ | Name: lidid Value: 42bf08d2-225b-48b1-8695-33308f3b196a |
|
o.canada.com/ | Name: __adblocker Value: false |
|
.criteo.com/ | Name: uid Value: 538b5a6d-c618-410b-949e-29f13e3d59bb |
|
o.canada.com/ | Name: x-id Value: {"data":{"adLight":false,"id":"tgdvz2ijf4tlfsntnl0zd243w58ku5zu","updated":1650572709542},"exp":604800000,"ts":1650572709542,"mac":1011191832} |
|
d395dw5zk780j2.cloudfront.net/ | Name: x-id Value: {"data":{"adLight":false,"id":"tgdvz2ijf4tlfsntnl0zd243w58ku5zu","updated":1650572709542},"exp":604800000,"ts":1650572709567,"mac":1011193909} |
|
.rfihub.com/ | Name: eud Value: H4sIAAAAAAAAAGsS5DU0MzUwNTcyN7A0tbAEAKQ1peYQAAAA |
|
.rfihub.com/ | Name: ruds Value: H4sIAAAAAAAAAOMSNjS3MDY3Nzc2NDIxNjYwNTc0NxfiM9TNd8_NTAt1d3IzSckEAFQAdbMlAAAA |
|
.rfihub.com/ | Name: rud Value: H4sIAAAAAAAAAOMSNjS3MDY3Nzc2NDIxNjYwNTc0NxfiM9TNd8_NTAt1d3IzScmU4jU0MwVKGZkbWJpaWAIArdYqeDQAAAA |
|
.advertising.com/ | Name: APID Value: UP23d386d0-c1b1-11ec-aa0d-0ee9993b1ae5 |
|
.canada.com/ | Name: permutive-id Value: 51c5d016-82a0-4d90-b201-a04b9c4dc6c5 |
|
.bidr.io/ | Name: bito Value: AACVoU7Ew3sAADqTwS4sPw |
|
.bidr.io/ | Name: bitoIsSecure Value: ok |
|
.yahoo.com/ | Name: A3 Value: d=AQABBKW9YWICEKhlJpT9bwUZ7DLsqhknCr8FEgEBAQEPY2JrYgAAAAAA_eMAAA&S=AQAAAlWgso8LcLNzmtc1F-k5zQo |
|
.bidswitch.net/ | Name: tuuid Value: e82dbb22-fcaf-4109-b81f-8aaffdc64d5f |
|
.bidswitch.net/ | Name: c Value: 1650572709 |
|
.bidswitch.net/ | Name: tuuid_lu Value: 1650572709 |
|
.canada.com/ | Name: cto_bundle Value: WQ4NGV9xV1dDNHozY3hXSVRrZVNBZTNLT29Zb2VsZms1UzJvd2plNTA0Y2FkZWJTREw4MkRnQlZmM0hGRiUyQkp3SGVpQnltSm10TXZrNWtXU2Nvb1QlMkJFa3RmNnc3bG4zVjlKJTJCbjJmUXVQdiUyQkNxdXJncTRNSkdEaTQyZUNXQmc1TSUyRjcyb0V4N2hTNCUyQlFlSzRVeUcyWWhqRlhvT3clM0QlM0Q |
|
.analytics.yahoo.com/ | Name: IDSYNC Value: 18ym~24gk |
|
.23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/ | Name: pxid Value: 3daab990-7b0a-4c35-9db5-4fbc48be83ba |
|
.dotomi.com/ | Name: DotomiTest Value: 7094b43ea7c11234 |
|
.canada.com/ | Name: mprtcl-v4_4662F03F Value: {'gs':{'ie':1|'dt':'us1-99b65fde89a1a145894d2d51d283cc83'|'av':'1.0.0'|'cgid':'b2383239-2684-4ffb-9bcb-812531c1ada1'|'das':'88164d23-525a-405b-97d0-064b06d37289'|'csm':'WyI4OTY1OTQ5OTkzNzc0MDk2OTA5Il0='|'sid':'593A19F1-9F1F-402E-BE06-E2E4F795E110'|'les':1650572709776|'ssd':1650572709606}|'l':1|'8965949993774096909':{'fst':1650572709711|'ui':'eyIwIjoidGdkdnoyaWpmNHRsZnNudG5sMHpkMjQzdzU4a3U1enUifQ=='}|'cu':'8965949993774096909'} |
|
.krxd.net/ | Name: _kuid_ Value: OytThvnc |
|
.scorecardresearch.com/ | Name: UID Value: 12185562ccb00f2e247bc061650572709 |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUnktHKh7sbaTn1jOO9AATNu9BhZLA9aX7hNjKu1JBPlydegqMVkirMoPW6cDTA |
|
.rlcdn.com/ | Name: rlas3 Value: S8TdUnrHP0exVJr6j86ngUFN9guignufnLYQef/Ch1A= |
|
.rlcdn.com/ | Name: pxrc Value: CAA= |
|
.canada.com/ | Name: _ga_CBS6P3K53Q Value: GS1.1.1650572710.1.0.1650572710.0 |
|
.everesttech.net/ | Name: everest_g_v2 Value: g_surferid~YmG9pgAKKgHg9wA- |
|
.canada.com/ | Name: _ga Value: GA1.2.834801964.1650572710 |
|
.canada.com/ | Name: _gid Value: GA1.2.2073181909.1650572710 |
|
.canada.com/ | Name: _gat_UA-213173459-10 Value: 1 |
|
.casalemedia.com/ | Name: CMID Value: YmG9ps95FZguH9VcbagZawAA |
|
.casalemedia.com/ | Name: CMPS Value: 462 |
|
.canada.com/ | Name: _gat_UA-138335866-21 Value: 1 |
|
.canada.com/ | Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://o.canada.com/terms-of-service/%22%2C%22sref%22:%22%22%2C%22sts%22:1650572710078%2C%22slts%22:0} |
|
.canada.com/ | Name: _parsely_visitor Value: {%22id%22:%22pid=5af2835a673d2d952b1e7f9ccbd368d5%22%2C%22session_count%22:1%2C%22last_session_ts%22:1650572710078} |
|
.canada.com/ | Name: _fbp Value: fb.1.1650572710103.52480398 |
|
.casalemedia.com/ | Name: CMPRO Value: 500 |
|
.casalemedia.com/ | Name: CMST Value: YmG9pmJhvaYA |
|
sync.srv.stackadapt.com/ | Name: sa-user-id Value: s%3A0-a248d1d3-a396-4ed7-5d3f-f7576bb362b4.gE311eBE%2Bwo8%2B6OWR0s9E1LOsqJItrtAMxgzkpuCSq4 |
|
.srv.stackadapt.com/ | Name: sa-user-id-v2 Value: s%3AokjR06OWTtddP_dXa7NitJU4mbQ.OS5ST5S9RcEQDCvBhS7NEm03u3XKvElc2Mf5s848jEE |
|
.ml314.com/ | Name: u Value: aHR0cHM6Ly9jZG4ua3J4ZC5uZXQvcGFydG5lcmpzL3hkaS9wcm94eS4zZDIxMDBmZDcxMDcyNjJlY2I1NWNlNjg0N2YwMWZhNS5odG1sIyFreGNpZD11ZXAwNHdwM3Mma3h0PWh0dHBzJTNBJTJGJTJGby5jYW5hZGEuY29tJmt4Y2w9Y2RuJmt4cD0= |
|
.ml314.com/ | Name: pi Value: 3626672078583234574 |
|
.facebook.com/ | Name: fr Value: 0NvUYqFFEnNLurnhw..BiYb2m...1.0.BiYb2m. |
|
.3lift.com/ | Name: tluid Value: 357312690691816319093 |
|
.agkn.com/ | Name: ab Value: 0001%3A566Kpttc1jVydLF4vmP8qEtgAPCjBnnt |
|
.mathtag.com/ | Name: uuid Value: a4df6261-bda6-4100-91e5-9e1e13c7178d |
|
.eyeota.net/ | Name: mako_uid Value: 1804dccd148-75d90000010a470b |
|
.eyeota.net/ | Name: SERVERID Value: 18187~DM |
|
.districtm.io/ | Name: _dm_uid Value: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAwLCJ1c3IiOiJxZ2FMQXJJR0d6STROMlp1Um1kbk9GZ3hRVWQ0T1RKbE1IUTFiMUZNUjNOYVNib0dJQWlYVGhJYlFVRkJSMlJ2VjFWNVFXVnBhMEZPZWxsUFJHOUJRVUZCUVVGQnVnWXBDSmxPRWlSbE9ESmtZbUl5TWkxbVkyRm1MVFF4TURrdFlqZ3haaTA0WVdGbVptUmpOalJrTldhNkJoc0lxVTRTRmtGQlExWnZWVGRGZHpOelFVRkVjVlIzVXpSelVIZTZCZ01JcWs2NkJnTUlyazY2QmdNSXNFNjZCbEFJdzA0U1Mza3RiVGxyVUZWTWVFVXlkVWhIZEhKQ0xsSTRZM2QyVTJwTWFVaEhMbTFmVFVaK1FYNVZVREl6WkRNNE5tUXdMV014WWpFdE1URmxZeTFoWVRCa0xUQmxaVGs1T1ROaU1XRmxOYm9HR0FqSVRoSVRNVGM0TXpjM056TXhNalF6TXpBMU56RTNOdz09IiwiaWF0IjoxNjUwNTcyNzEwfQ.KAsYu0AcDXVtiYhAx_CIUMHjRFRKYLLDphCiJO5oe-A4Pf67ZX3e4UgVpKxVLBvXaTkc4VDTlGXqe6eiI35Bpg |
11 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src * 'unsafe-eval' 'unsafe-dynamic' 'unsafe-inline' data: blob: |
Strict-Transport-Security | max-age=31536000 |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co
aa.agkn.com
ak.sail-horizon.com
api.permutive.com
auth.lrcontent.com
beacon.krxd.net
c.amazon-adsystem.com
cdn.adsafeprotected.com
cdn.districtm.io
cdn.krxd.net
cdn.parsely.com
cm.g.doubleclick.net
config.lrcontent.com
connect.facebook.net
consumer.krxd.net
d395dw5zk780j2.cloudfront.net
districtm-match.dotomi.com
dmx.districtm.io
dmx.us-east-33.districtm.io
eb2.3lift.com
fem.prod.postmedia.digital
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
hb.districtm.io
ib.adnxs.com
identity.mparticle.com
idsync.rlcdn.com
idx.liadm.com
js-sec.indexww.com
jssdkcdns.mparticle.com
match.adsrvr.org
match.prod.bidr.io
ml314.com
mug.criteo.com
o.canada.com
p.rfihub.com
p1.parsely.com
pixel.advertising.com
postmedia.hub.loginradius.com
ps.eyeota.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
stags.bluekai.com
static.criteo.net
stats.g.doubleclick.net
storage.googleapis.com
sync-tm.everesttech.net
sync.mathtag.com
sync.srv.stackadapt.com
ups.analytics.yahoo.com
usermatch.krxd.net
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.npttech.com
x.bidswitch.net
104.16.68.69
13.33.46.48
13.33.46.72
142.250.72.98
142.250.80.34
143.204.137.197
143.204.146.34
151.101.194.49
151.101.2.133
151.101.66.133
173.223.56.123
199.38.167.131
2001:438:65:12::2040
216.200.232.249
23.52.162.21
2600:9000:2140:6c00:8:f216:eb80:93a1
2606:4700:10::6816:49e8
2606:4700:3032::ac43:bf95
2606:4700::6812:551
2607:f8b0:4004:c06::9c
2607:f8b0:4006:80c::2010
2607:f8b0:4006:80d::2008
2607:f8b0:4006:81c::2003
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81d::200a
2607:f8b0:4006:822::200e
2607:f8b0:4006:824::2003
2620:100:a001::4
2620:100:a001::c
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42:400::645
2a04:4e42:600::645
3.218.90.66
3.220.246.49
3.33.220.150
3.89.214.221
34.107.199.243
34.107.254.252
34.111.234.236
34.198.184.125
34.231.116.207
35.169.125.112
35.190.60.146
35.211.178.172
35.231.227.177
35.241.9.51
52.205.167.202
52.223.22.214
52.85.61.107
54.156.26.12
54.243.191.164
54.87.192.123
68.67.179.164
74.119.119.139
99.84.112.62
99.84.118.65
015b53fc09e4a9b7fce76975688c0dd908582e63cd22ea84c79b5af199e4f94e
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06dac66f8ccb6659374711acb6acf073511421ff522d519cc1766746330679ad
06db09952ea7c3b22578f98d78f7e459a6fc8a929dfd35107d98549f9b38eb11
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
09ef349896678b7dc146bdd548350efc706175c92d36c758d5560ae878525b7f
0abcd97f1c3ea08ef675d53a2756a5340e05e20a022c749edd9f76fbf478ebe8
0e31e684fe563f2521b0e68e7f711527dd492adda820ec1e2582288fb0ac8af6
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f9e7a3a14ae544da25fa19ddf9f62dfb242a3df9f477f760e2f794a2676ee43
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
114a501c8ed1a01813d7fbc9df3dbffa7bba1fdae31a27243b3b7f8d3371c69f
128733f9611e7c214e7e26c6a4278f58c68abb585e7235b5470ed538cf24eb86
179f43e8abd5e7bd49d05571dc29d22c9f5044eb17ca8253a49e3e28e716af61
1bc3dc4ee7e46e3d9370a747b51a104e2b116667877b170b0cd49552ae74871d
1cf9d1e0389ed5f4599437e64d4a8ca04c0de09517f407b07907a1a818c3e9c8
249faa90c86b76bb0b47544093fa55436c6315ce70df8a2516fc6125bc0e35bd
24feb80c51aed43a0c5c52126fb1feea57f3f695e7bfa2e234a94bcb10463696
28cc80ac3045d5b4a7ffbbbfeea8b2f4cbe6ef69b751cdfb825b237013a55368
2ad02e4a6cca7ca570c447fefe0d5c6c98cf28c7ff362ecd0bdcee4505084b8c
2ade019f77bb268fb2d0f039eb0ee6746e92740ace1367737f6e0242a9bd600b
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
34e9e99f036b499a93627f9d49594646260545f6ebaa660cd7b81d49982b48bd
36c7ec620aa2bdab2185c44a2b8c8bf3ea3d6639510d81f83a5c885bb1219658
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9
3c11c6f55e96763acc4c95cf7569684775cf3f3efc16e2b6402e4b3a65226145
3da55e568e702d556e38da13bc5c2d1454743bf4e41e7e9a83ff033d9b027472
40e562e806ce113ae7879d0dd76db82797b5c274794751c260381f2c8b283641
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
5b610e36f9783974dba15f3e9db4be0eba3eb78e82740d216a86c85294889d25
5b6a197fb2868e493c28a9b59660289216fee9ecfcafcfa1660ec4189219cef3
5eb247d50c79ece9c00d0c3206421e426500f567f8ec8465e66bb073ec5a7d42
5fdf5e0a79dca280250218280d513e55e5b585f612b126923756aaf7bea74b79
68910a4e5f85bcaf85782e3e6779e311e94ebff60a39fc8df48c5b1b071e05ea
68a335c0d87dce935fee1811892070e78c514828d50bfe2ae21fde739ec1002c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
75d893335a1d25db1bf02e25ab904d97a3af743128850d8566b93d197e56e9e9
79e246f648a9fa78f330bb2c76e1c850e004b6d777fbeb3d9e82601fa114d0c6
8613493336c4799556e357bea5aa46cbc06af8b708d0578683a8c252d7b1e066
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
86e237ed9b364112595b37d570824f5ef46d4617c47bb5471c269893e51d56d6
87c55c63c2e41506556db72938b07312d1a8e3ccf4da4024fa4bea6b2147c31d
8c2e788e49d79764fab71745933a1486d6eb3b878a4c312b57be94979d7d2354
8ddf9e8fa96d1bbbeaf292ca94fc082dde61e4a6be90c87f8b2609fd88edbd4d
975a64dc9bbc5e1884ba8ca2e76d9b2791d16d5c9f3619bf30477cd21a8636d2
989d94d8baba214a6dcc1ba6795c35dc9ce9cf94863248b8970cd8e864674347
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99394b0f6e9f0aefd71dd6a9ad59129ff7852e7734905bead2f2cec5789e3436
9b9d16e4eb38f3b62a5a66b6b7652da069c41e608df26477b1dcee4152f820d8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a349d04ce86d092cc6885209b2c9c2baf542a43916f6b451b19fbc127a63b9c1
a7af1e284075e490e052157637cad3710458e67cb7ac48d53f712e68b3d76a22
a9e3dba2aa1a96b4df0f27bca97f817ba4783a895cee58607f9b9eda65d7d039
abcb7b0fd4d08ef06c1ce93f88750ba5cad340ae2f7254af8711b75d7567c429
ad27e9e87b75a750b0bd9d26576b3d356ce2478183947309b853103631284c84
ae22c6869c91312b5361930ac0e1cff89cb54b6a3eec5d7bc4a913e8831b1028
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1999e376b9efaf872e3076f9a9f4d7e7f2af4d20238a553a99ce6f6c8a86cd1
b1d5c2e258e5fe7eca41b388d6293629d6261d6ddda4f37f3867bab9f9cd4381
b907a4645c6ff50b8e4bac06d98d03c2e2fb11282c8758a90fb32642082255c6
bbe74c62945bca0d7d29f9784c7462326fb4f8100313f320468c67a947a267ad
bfc093052de2b2dbe672ee2c69ff6199d8a31888dc4a6137a2a742f8aa79e963
c22fbbe4bf63288095e3c83d2858a1f4b65b1acdc77ac28785824b184953f0d4
c7b050f6c3726aea7b16cf1d3ec6dd6fe31382d20bb8c4e1f5178d8513a4e0cc
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc6f1ecdaffb9867bfb3e858042176ce769561cde97fe32319e254f0710578a7
ccbfb2c83196b45137cd5263f811c7f46fe5829db2816f387f6cb54ae761637d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf99d92a8013ff9e10a23176b5dccb8375bd02dbd4deb73e8482c22b5e22d744
d06ae5e97e495832fc4526c3e93d7e9440f1faf5f77669b41678c9d564a25faf
d5f7c1c0cbec2c27d4165db4cd06b7780f477fc9161008bde67c7a9d62b223aa
d86f3e9cc289a8baeafedc4d0b0f1f1f82c8a5a60320891f8163f2cb8aca7d58
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5888d09417b9ed66594c53074ffd494c506d1f642c617f958777179ef06bf23
e76a5ca0e2edbd05a75b14c85e9c261062e799a5541dbe7c1247ea6e81a68d28
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e79ff5fb403dfd221e1b8a531424bb7579536c61b54839ab8e77ba322a9b212a
e94e6d0a088b0a061d180d095d10defaded5999df172e3a7494a313a448f5513
eadcda11a77df7d202fe8f50edb1dd3fee8a4db7d5992838b805031636b6c717
eb92f02e6ef7fc1ebcae40390abc97f87554f021bf6564ee2ca9a73f9bd612d8
edcc72e58692cb93f0dad13f3776596f36f1e7d6d7a98f0994302b232da0e66a
ee38322f0a466054508e935af2511176d7fbdc39d7fea28fc0a3118599342a39
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
f8b5b98fb22088795f8a5cc17ac968134ae8eb27cf86f9aefb829d41e1fc01be
fd4c8f599b8f202d18eeb4544aee6f0b4d9763d4e3931fea61a9347aa794fa5d