Submitted URL: https://canada.com/
Effective URL: https://o.canada.com/
Submission Tags: analytics-framework
Submission: On April 21 via api from US — Scanned from DE

Summary

This website contacted 110 IPs in 13 countries across 75 domains to perform 390 HTTP transactions. The main IP is 34.111.249.109, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is o.canada.com. The Cisco Umbrella rank of the primary domain is 405778.
TLS certificate: Issued by GTS CA 1D4 on April 17th 2023. Valid for: 3 months.
This is the only time o.canada.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.111.67.160 396982 (GOOGLE-CL...)
2 34.111.249.109 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
2 104.18.11.47 13335 (CLOUDFLAR...)
1 2620:100:a005::6 19750 (AS-CRITEO)
3 18.160.82.73 16509 (AMAZON-02)
2 104.98.130.104 16625 (AKAMAI-AS)
1 13.225.78.96 16509 (AMAZON-02)
1 2606:4700:e0:... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 18.66.112.84 16509 (AMAZON-02)
20 34.117.54.29 396982 (GOOGLE-CL...)
19 34.149.157.221 396982 (GOOGLE-CL...)
5 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.1.40.206 14618 (AMAZON-AES)
4 3.33.220.150 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 13.32.106.197 16509 (AMAZON-02)
5 99.81.135.85 16509 (AMAZON-02)
1 35.241.9.51 15169 (GOOGLE)
5 185.89.210.141 29990 (ASN-APPNEX)
1 104.19.149.54 13335 (CLOUDFLAR...)
11 34.107.254.252 396982 (GOOGLE-CL...)
3 34.98.64.218 396982 (GOOGLE-CL...)
4 2620:100:a005... 19750 (AS-CRITEO)
6 104.18.24.185 13335 (CLOUDFLAR...)
1 185.64.189.112 62713 (AS-PUBMATIC)
2 2602:803:c003... 26667 (RUBICONPR...)
1 216.52.2.91 32475 (SINGLEHOP...)
1 2.20.217.188 16625 (AKAMAI-AS)
2 34.204.208.84 14618 (AMAZON-AES)
2 99.83.154.140 16509 (AMAZON-02)
10 12 142.250.185.194 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
15 19 2600:9000:225... 16509 (AMAZON-02)
23 2a04:4e42:400... 54113 (FASTLY)
12 35.156.216.158 16509 (AMAZON-02)
48 18.156.195.47 16509 (AMAZON-02)
4 18.185.12.185 16509 (AMAZON-02)
1 2 2a02:2638:3::c 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 74.119.118.149 19750 (AS-CRITEO)
5 2a00:1450:400... 15169 (GOOGLE)
1 152.199.22.243 15133 (EDGECAST)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 2600:9000:223... 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
1 5 13.32.99.105 16509 (AMAZON-02)
6 2a04:4e42::645 54113 (FASTLY)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a04:4e42:600... 54113 (FASTLY)
3 2600:1f18:44f... 14618 (AMAZON-AES)
3 2600:9000:249... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
4 185.89.210.212 29990 (ASN-APPNEX)
3 2001:4860:480... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 65.9.66.33 16509 (AMAZON-02)
1 18.66.100.58 16509 (AMAZON-02)
5 138.201.64.38 24940 (HETZNER-AS)
1 3 185.29.134.245 30419 (MEDIAMATH...)
1 2.18.233.201 16625 (AKAMAI-AS)
1 23.35.236.188 16625 (AKAMAI-AS)
4 2600:9000:223... 16509 (AMAZON-02)
3 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 5 88.99.219.174 24940 (HETZNER-AS)
1 18.66.112.32 16509 (AMAZON-02)
1 143.204.89.74 16509 (AMAZON-02)
1 63.34.81.234 16509 (AMAZON-02)
6 162.55.144.218 24940 (HETZNER-AS)
13 2600:1f18:1ac... 14618 (AMAZON-AES)
1 2a0b:4d07:102::1 44239 (PROINITY ...)
1 2 2a01:4f8:d0a:... 24940 (HETZNER-AS)
1 167.233.14.134 24940 (HETZNER-AS)
1 18.168.48.81 16509 (AMAZON-02)
1 2 142.250.184.198 15169 (GOOGLE)
2 104.85.47.224 16625 (AKAMAI-AS)
1 54.162.11.97 14618 (AMAZON-AES)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 18.66.147.120 16509 (AMAZON-02)
1 99.86.4.53 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 18.133.81.67 16509 (AMAZON-02)
1 2600:1901:0:8... 15169 (GOOGLE)
1 151.101.65.108 54113 (FASTLY)
2 23.37.42.132 16625 (AKAMAI-AS)
2 2.19.228.187 16625 (AKAMAI-AS)
2 8 185.80.39.216 27381 (CASALE-MEDIA)
1 2 185.64.190.78 62713 (AS-PUBMATIC)
3 5 52.46.151.131 16509 (AMAZON-02)
1 1 34.111.151.213 396982 (GOOGLE-CL...)
1 185.86.139.94 201081 (SMARTADSE...)
1 1 70.42.32.255 22075 (AS-OUTBRAIN)
2 2 52.57.125.56 16509 (AMAZON-02)
1 104.18.10.47 13335 (CLOUDFLAR...)
3 5 69.173.144.138 26667 (RUBICONPR...)
4 4 69.173.144.165 26667 (RUBICONPR...)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 3 52.94.220.185 16509 (AMAZON-02)
1 1 185.29.134.244 30419 (MEDIAMATH...)
3 185.64.190.80 62713 (AS-PUBMATIC)
2 2 213.155.156.181 1299 (TWELVE99 ...)
5 185.64.189.110 62713 (AS-PUBMATIC)
1 1 74.119.118.138 19750 (AS-CRITEO)
1 1 178.250.1.9 44788 (ASN-CRITE...)
1 1 193.0.160.131 54312 (ROCKETFUEL)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 54.246.240.52 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
3 4 52.5.106.217 14618 (AMAZON-AES)
3 3 37.157.4.41 198622 (ADFORM)
1 35.204.74.118 396982 (GOOGLE-CL...)
1 198.47.127.20 ()
390 110
Apex Domain
Subdomains
Transfer
49 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1822
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 689
14 KB
39 postmedia.digital
fem.gprod.postmedia.digital — Cisco Umbrella Rank: 210663
smartcdn.gprod.postmedia.digital — Cisco Umbrella Rank: 153305
dcs-static.gprod.postmedia.digital — Cisco Umbrella Rank: 180754
605 KB
24 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
cm.g.doubleclick.net — Cisco Umbrella Rank: 313
stats.g.doubleclick.net — Cisco Umbrella Rank: 166
8019191.fls.doubleclick.net — Cisco Umbrella Rank: 355715
179 KB
23 adsafeprotected.com
cdn.adsafeprotected.com — Cisco Umbrella Rank: 4712
pixel.adsafeprotected.com — Cisco Umbrella Rank: 982
static.adsafeprotected.com — Cisco Umbrella Rank: 820
dt.adsafeprotected.com — Cisco Umbrella Rank: 738
224 KB
20 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 2945
entitlements.jwplayer.com — Cisco Umbrella Rank: 3874
64 KB
18 jwpsrv.com
assets-jpcust.jwpsrv.com — Cisco Umbrella Rank: 3884
videos-cloudfront.jwpsrv.com
910 KB
15 rubiconproject.com
micro.rubiconproject.com — Cisco Umbrella Rank: 3836
ads.rubiconproject.com — Cisco Umbrella Rank: 3003
fastlane.rubiconproject.com — Cisco Umbrella Rank: 677
eus.rubiconproject.com — Cisco Umbrella Rank: 798
pixel.rubiconproject.com — Cisco Umbrella Rank: 447
token.rubiconproject.com — Cisco Umbrella Rank: 795
248 KB
14 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 729
ads.pubmatic.com — Cisco Umbrella Rank: 725
image6.pubmatic.com — Cisco Umbrella Rank: 1037
simage2.pubmatic.com — Cisco Umbrella Rank: 976
image2.pubmatic.com — Cisco Umbrella Rank: 1377
simage4.pubmatic.com
15 KB
14 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 768
as-sec.casalemedia.com — Cisco Umbrella Rank: 2361
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 679
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 876
9 KB
12 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1651
1 KB
12 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 3232
api.permutive.com — Cisco Umbrella Rank: 2596
googlesync.permutive.com — Cisco Umbrella Rank: 10623
34 KB
12 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 361
aax.amazon-adsystem.com — Cisco Umbrella Rank: 455
s.amazon-adsystem.com — Cisco Umbrella Rank: 376
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 994
66 KB
11 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
8365c3be5f302f2ff3c8b4c0c178bb69.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
192 KB
11 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 319
ams3-ib.adnxs.com — Cisco Umbrella Rank: 5774
cdn.adnxs.com — Cisco Umbrella Rank: 2239
acdn.adnxs.com — Cisco Umbrella Rank: 806
62 KB
10 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 24080
hal900029.redintelligence.net — Cisco Umbrella Rank: 531071
238 KB
10 mparticle.com
jssdkcdns.mparticle.com — Cisco Umbrella Rank: 7839
identity.mparticle.com — Cisco Umbrella Rank: 2656
jssdks.mparticle.com — Cisco Umbrella Rank: 7695
60 KB
9 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 803
gum.criteo.com — Cisco Umbrella Rank: 442
mug.criteo.com — Cisco Umbrella Rank: 1686
dis.criteo.com — Cisco Umbrella Rank: 941
widget.eu.criteo.com — Cisco Umbrella Rank: 18538
9 KB
8 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
409 KB
8 google.com
adservice.google.com — Cisco Umbrella Rank: 130
www.google.com — Cisco Umbrella Rank: 16
region1.analytics.google.com — Cisco Umbrella Rank: 2930
2 KB
8 gstatic.com
fonts.gstatic.com
www.gstatic.com
102 KB
6 jwpcdn.com
ssl.p.jwpcdn.com — Cisco Umbrella Rank: 2781
269 KB
5 newsroom.bi
events.newsroom.bi — Cisco Umbrella Rank: 10833
2 KB
5 mathtag.com
tags.mathtag.com — Cisco Umbrella Rank: 5754
pixel.mathtag.com — Cisco Umbrella Rank: 1405
sync.mathtag.com — Cisco Umbrella Rank: 744
3 KB
5 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 218
4 KB
5 viafoura.net
cdn.viafoura.net — Cisco Umbrella Rank: 12517
232 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 119
storage.googleapis.com — Cisco Umbrella Rank: 625
imasdk.googleapis.com — Cisco Umbrella Rank: 520
517 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 3102
3 KB
4 viafoura.co
api.viafoura.co — Cisco Umbrella Rank: 13513
i.viafoura.co — Cisco Umbrella Rank: 13640
4 KB
4 loginradius.com
postmedia.hub.loginradius.com — Cisco Umbrella Rank: 220545
1 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 451
1 KB
4 lrcontent.com
auth.lrcontent.com — Cisco Umbrella Rank: 78142
config.lrcontent.com — Cisco Umbrella Rank: 22161
94 KB
3 adform.net
dmp.adform.net — Cisco Umbrella Rank: 3752
c1.adform.net — Cisco Umbrella Rank: 908
2 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24171
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 30620
898 B
3 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 15646
api.webgains.io — Cisco Umbrella Rank: 40158
31 KB
3 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 4666
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 5724
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 6329
20 KB
3 mrf.io
sdk.mrf.io — Cisco Umbrella Rank: 13973
compassdata.mrf.io — Cisco Umbrella Rank: 92014
39 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 91
20 KB
3 google.de
adservice.google.de — Cisco Umbrella Rank: 5261
www.google.de — Cisco Umbrella Rank: 3425
1 KB
3 openx.net
postmedia-d.openx.net — Cisco Umbrella Rank: 240139
u.openx.net — Cisco Umbrella Rank: 974
671 B
3 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 958
cdn.indexww.com — Cisco Umbrella Rank: 2274
43 KB
3 canada.com
canada.com — Cisco Umbrella Rank: 350113
o.canada.com — Cisco Umbrella Rank: 405778
109 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 6958
562 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1332
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
254 B
2 awin1.com
www.awin1.com — Cisco Umbrella Rank: 15474
1 KB
2 retailads.net
cdn.retailads.net — Cisco Umbrella Rank: 101420
6 KB
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 3747
p1.parsely.com — Cisco Umbrella Rank: 3160
26 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 189
137 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 238
98 KB
2 jwpltx.com
ping-meta-prd.jwpltx.com — Cisco Umbrella Rank: 8272
prd.jwpltx.com — Cisco Umbrella Rank: 3204
71 B
2 sail-personalize.com
api.sail-personalize.com — Cisco Umbrella Rank: 4193
497 B
2 amazon.dev
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 1019
456 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 474
3 KB
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1223
612 B
1 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1149
264 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1063
588 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1325
793 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 733
647 B
1 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 813
309 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1052
45 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 2579
366 B
1 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 1915
247 B
1 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 43265
3 KB
1 webgains.com
track.webgains.com — Cisco Umbrella Rank: 21883
2 KB
1 futalis.de
futalis.de — Cisco Umbrella Rank: 154070
401 B
1 office-partner.de
adv.office-partner.de — Cisco Umbrella Rank: 202889
931 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 373
17 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1680
17 KB
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 883
400 B
1 prmutv.co
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co — Cisco Umbrella Rank: 293658
390 B
1 liadm.com
idx.liadm.com — Cisco Umbrella Rank: 3099
430 B
1 permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app — Cisco Umbrella Rank: 223683
116 KB
1 sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 4037
33 KB
1 npttech.com
www.npttech.com — Cisco Umbrella Rank: 9534
3 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 763
40 KB
390 75
Domain Requested by
48 c2shb.ssp.yahoo.com js-sec.indexww.com
19 cdn.jwplayer.com 15 redirects dcs-static.gprod.postmedia.digital
cdn.jwplayer.com
ssl.p.jwpcdn.com
19 smartcdn.gprod.postmedia.digital o.canada.com
16 dcs-static.gprod.postmedia.digital o.canada.com
dcs-static.gprod.postmedia.digital
15 assets-jpcust.jwpsrv.com o.canada.com
13 dt.adsafeprotected.com
12 btlr.sharethrough.com js-sec.indexww.com
12 cm.g.doubleclick.net 10 redirects
10 api.permutive.com 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
8 www.googletagmanager.com fem.gprod.postmedia.digital
jssdkcdns.mparticle.com
www.googletagmanager.com
adv.office-partner.de
8 securepubads.g.doubleclick.net o.canada.com
securepubads.g.doubleclick.net
www.googletagservices.com
6 ssl.p.jwpcdn.com cdn.jwplayer.com
5 image2.pubmatic.com ads.pubmatic.com
5 pixel.rubiconproject.com 3 redirects
5 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
5 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
5 events.newsroom.bi sdk.mrf.io
5 hal900029.redintelligence.net 1 redirects o.canada.com
hal900029.redintelligence.net
5 jssdks.mparticle.com jssdkcdns.mparticle.com
5 hal9000.redintelligence.net o.canada.com
hal900029.redintelligence.net
5 sb.scorecardresearch.com 1 redirects fem.gprod.postmedia.digital
5 cdn.viafoura.net fem.gprod.postmedia.digital
cdn.viafoura.net
5 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
5 htlb.casalemedia.com micro.rubiconproject.com
js-sec.indexww.com
5 ib.adnxs.com 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
micro.rubiconproject.com
js-sec.indexww.com
acdn.adnxs.com
5 pixel.adsafeprotected.com cdn.adsafeprotected.com
o.canada.com
5 fonts.gstatic.com fonts.googleapis.com
4 a.audrte.com 3 redirects ads.pubmatic.com
4 token.rubiconproject.com 4 redirects
4 static.adsafeprotected.com pixel.adsafeprotected.com
o.canada.com
4 ams3-ib.adnxs.com o.canada.com
cdn.adnxs.com
4 identity.mparticle.com jssdkcdns.mparticle.com
4 postmedia.hub.loginradius.com fem.gprod.postmedia.digital
auth.lrcontent.com
4 bidder.criteo.com micro.rubiconproject.com
static.criteo.net
4 match.adsrvr.org js-sec.indexww.com
ssum-sec.casalemedia.com
ads.pubmatic.com
4 fem.gprod.postmedia.digital o.canada.com
fem.gprod.postmedia.digital
3 simage2.pubmatic.com ads.pubmatic.com
3 aax-eu.amazon-adsystem.com 2 redirects
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 region1.analytics.google.com www.googletagmanager.com
3 tags.mathtag.com 1 redirects o.canada.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 videos-cloudfront.jwpsrv.com ssl.p.jwpcdn.com
3 api.viafoura.co cdn.viafoura.net
3 www.gstatic.com cdn.jwplayer.com
www.gstatic.com
3 www.google.com tpc.googlesyndication.com
securepubads.g.doubleclick.net
3 c.amazon-adsystem.com o.canada.com
c.amazon-adsystem.com
2 c1.adform.net 2 redirects
2 cr.frontend.weborama.fr 2 redirects
2 d5p.de17a.com 2 redirects
2 pm.w55c.net 2 redirects
2 image6.pubmatic.com 1 redirects ads.pubmatic.com
2 ads.pubmatic.com micro.rubiconproject.com
ads.pubmatic.com
2 eus.rubiconproject.com micro.rubiconproject.com
eus.rubiconproject.com
2 api.webgains.io analytics.webgains.io
2 config.lrcontent.com auth.lrcontent.com
2 www.facebook.com
2 www.awin1.com o.canada.com
2 8019191.fls.doubleclick.net 1 redirects o.canada.com
2 cdn.retailads.net 1 redirects futalis.de
2 www.google.de
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net o.canada.com
connect.facebook.net
2 sdk.mrf.io o.canada.com
sdk.mrf.io
2 www.googletagservices.com securepubads.g.doubleclick.net
2 imasdk.googleapis.com cdn.jwplayer.com
imasdk.googleapis.com
2 adservice.google.com securepubads.g.doubleclick.net
8019191.fls.doubleclick.net
2 gum.criteo.com 1 redirects static.criteo.net
2 api.sail-personalize.com ak.sail-horizon.com
2 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev c.amazon-adsystem.com
2 fastlane.rubiconproject.com micro.rubiconproject.com
2 postmedia-d.openx.net micro.rubiconproject.com
js-sec.indexww.com
2 cdn.jsdelivr.net micro.rubiconproject.com
securepubads.g.doubleclick.net
2 auth.lrcontent.com o.canada.com
cdn.viafoura.net
2 js-sec.indexww.com o.canada.com
micro.rubiconproject.com
2 fonts.googleapis.com o.canada.com
hal900029.redintelligence.net
2 o.canada.com dcs-static.gprod.postmedia.digital
1 simage4.pubmatic.com ads.pubmatic.com
1 um.simpli.fi ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 cms.quantserve.com 1 redirects
1 p.rfihub.com 1 redirects
1 widget.eu.criteo.com 1 redirects
1 dis.criteo.com 1 redirects
1 sync.mathtag.com 1 redirects
1 px.ads.linkedin.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 b1sync.zemanta.com 1 redirects
1 ssbsync.smartadserver.com ssum-sec.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 u.openx.net micro.rubiconproject.com
1 acdn.adnxs.com micro.rubiconproject.com
1 lexicon.33across.com micro.rubiconproject.com
1 cdn.track.production.webgains.team o.canada.com
1 analytics.webgains.io track.webgains.com
1 i.viafoura.co cdn.viafoura.net
1 track.webgains.com o.canada.com
1 futalis.de hal900029.redintelligence.net
1 adv.office-partner.de hal900029.redintelligence.net
1 compassdata.mrf.io sdk.mrf.io
1 p1.parsely.com
1 signal-beacon.s-onetag.com get.s-onetag.com
1 onetag-geo.s-onetag.com get.s-onetag.com
1 cdn.adnxs.com o.canada.com
1 pixel.mathtag.com o.canada.com
1 cdn.parsely.com www.googletagmanager.com
1 get.s-onetag.com www.googletagmanager.com
1 s0.2mdn.net imasdk.googleapis.com
1 jssdkcdns.mparticle.com fem.gprod.postmedia.digital
1 prd.jwpltx.com
1 ping-meta-prd.jwpltx.com
1 entitlements.jwplayer.com cdn.jwplayer.com
1 mug.criteo.com
1 8365c3be5f302f2ff3c8b4c0c178bb69.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 as-sec.casalemedia.com js-sec.indexww.com
1 adservice.google.de securepubads.g.doubleclick.net
1 storage.googleapis.com dcs-static.gprod.postmedia.digital
1 googlesync.permutive.com o.canada.com
1 secure.cdn.fastclick.net o.canada.com
1 ap.lijit.com micro.rubiconproject.com
1 hbopenbid.pubmatic.com micro.rubiconproject.com
1 cdn.permutive.com 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1 23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 ads.rubiconproject.com micro.rubiconproject.com
1 idx.liadm.com js-sec.indexww.com
1 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app fem.gprod.postmedia.digital
1 ak.sail-horizon.com o.canada.com
1 www.npttech.com o.canada.com
1 cdn.adsafeprotected.com o.canada.com
1 micro.rubiconproject.com o.canada.com
1 static.criteo.net o.canada.com
1 canada.com 1 redirects
390 137
Subject Issuer Validity Valid
canada.com
GTS CA 1D4
2023-04-17 -
2023-07-16
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-10-06 -
2023-10-05
a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-03-24 -
2023-06-18
3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-02-28 -
2024-02-17
a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-03-07 -
2024-04-03
a year crt.sh
*.adsafeprotected.com
Amazon RSA 2048 M02
2023-02-22 -
2023-07-20
5 months crt.sh
ak.sail-horizon.com
Amazon RSA 2048 M01
2023-02-28 -
2024-01-16
a year crt.sh
gprod.postmedia.digital
GTS CA 1D4
2023-03-09 -
2023-06-07
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
permutive.app
Cloudflare Inc ECC CA-3
2023-03-11 -
2023-06-09
3 months crt.sh
*.liadm.com
Amazon RSA 2048 M01
2023-02-21 -
2023-10-29
8 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon
2022-06-15 -
2023-06-15
a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02
2023-03-29 -
2024-04-27
a year crt.sh
*.prmutv.co
R3
2023-03-14 -
2023-06-12
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
permutive.com
Cloudflare Inc ECC CA-3
2023-01-26 -
2024-01-25
a year crt.sh
api.permutive.com
R3
2023-04-17 -
2023-07-16
3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-03-09 -
2023-06-03
3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2022-06-13 -
2023-07-14
a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2022-06-27 -
2023-06-05
a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1
2022-12-02 -
2023-12-02
a year crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
Amazon RSA 2048 M02
2022-12-27 -
2024-01-25
a year crt.sh
api.sail-personalize.com
Amazon RSA 2048 M01
2023-02-28 -
2023-06-23
4 months crt.sh
storage.googleapis.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
jwplayer.com
Amazon RSA 2048 M02
2023-03-01 -
2023-12-25
10 months crt.sh
*.sharethrough.com
Amazon RSA 2048 M02
2023-02-10 -
2023-08-12
6 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-12-27 -
2023-06-21
6 months crt.sh
*.loginradius.com
DigiCert TLS RSA SHA256 2020 CA1
2022-11-29 -
2023-12-15
a year crt.sh
*.google.de
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
*.google.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
*.jwplayer.com
GlobalSign Atlas R3 DV TLS CA 2022 Q4
2022-11-26 -
2023-12-28
a year crt.sh
entitlements.jwplayer.com
GeoTrust TLS RSA CA G1
2023-04-11 -
2024-05-11
a year crt.sh
www.google.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
viafoura.com
Amazon RSA 2048 M01
2023-02-28 -
2023-10-06
7 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
*.scorecardresearch.com
Amazon RSA 2048 M02
2023-03-01 -
2024-01-28
a year crt.sh
jssdkcdns.mparticle.com
R3
2023-04-21 -
2023-07-20
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
identity.mparticle.com
Go Daddy Secure Certificate Authority - G2
2022-07-09 -
2023-07-07
a year crt.sh
jwpsrv.com
Amazon RSA 2048 M02
2023-03-20 -
2024-04-16
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-01-29 -
2023-04-29
3 months crt.sh
*.s-onetag.com
Amazon RSA 2048 M01
2023-02-23 -
2024-01-02
10 months crt.sh
*.parsely.com
Amazon RSA 2048 M01
2023-02-24 -
2023-07-04
4 months crt.sh
redintelligence.net
R3
2023-04-10 -
2023-07-09
3 months crt.sh
pixel.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-05 -
2023-07-05
a year crt.sh
*.mathtag.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-03-30 -
2024-04-29
a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018
2022-10-21 -
2023-10-22
a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M01
2023-02-24 -
2023-09-04
6 months crt.sh
jssdks.mparticle.com
R3
2023-04-21 -
2023-07-20
3 months crt.sh
www.google.de
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
api.newsroom.bi
R3
2023-03-28 -
2023-06-26
3 months crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01
2023-03-01 -
2023-05-08
2 months crt.sh
ssl02.cert.cl03.k8s.mrf.io
R3
2023-04-14 -
2023-07-13
3 months crt.sh
adv.office-partner.de
R3
2023-03-02 -
2023-05-31
3 months crt.sh
*.futalis.de
R3
2023-04-17 -
2023-07-16
3 months crt.sh
*.webgains.com
Amazon RSA 2048 M01
2023-02-22 -
2023-07-13
5 months crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-10 -
2024-03-09
a year crt.sh
*.webgains.io
Amazon RSA 2048 M02
2023-03-02 -
2023-09-21
7 months crt.sh
cdn.track.production.webgains.team
Amazon RSA 2048 M01
2023-02-28 -
2023-10-28
8 months crt.sh
cdn.retailads.net
Encryption Everywhere DV TLS CA - G1
2022-06-17 -
2023-06-18
a year crt.sh
lexicon.33across.com
GTS CA 1D4
2023-04-13 -
2023-07-12
3 months crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2
2022-12-13 -
2024-01-13
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-21 -
2024-01-23
a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2022-05-01 -
2023-06-02
a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1
2022-11-07 -
2023-12-08
a year crt.sh

This page contains 30 frames:

Primary Page: https://o.canada.com/
Frame ID: 87871646DA2AE9B5048468ADF9FCEBEF
Requests: 281 HTTP requests in this frame

Frame: https://fem.gprod.postmedia.digital/v79.3/xd.html
Frame ID: BC5FC103A0B5D431D5C005FE997EE757
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=o.canada.com
Frame ID: A43B9FEFA38EA7DEB6043742573A0849
Requests: 2 HTTP requests in this frame

Frame: https://8365c3be5f302f2ff3c8b4c0c178bb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 948FFF77018B51BA26A1AF0558E32AF1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D6CF167324D2F01C094547374B42161B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 370C4732B40A9741E315C5D74D23E62F
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.569.0_en_ca.html
Frame ID: 1DEA62BC4096639CE195E10A903F44E0
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=928934&campId=970x250&pubId=128864101&chanId=68750341&placementId=399614941&pubCreative=113098299181&pubOrder=415819741&cb=981655824&custom=index&custom2=1&adsafe_par&impId=261ce371-e07b-11ed-bc90-06d8cca89c2a
Frame ID: AD9FC2BD3187098049E1ECC98797BB15
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdO-eEUbDkM9CRX8NyI-V2oxtSsMvG0q9-qaQddqBH8d-FE6ItArCAivsrM7g2CtqF6ZsRl1q0jyoSsiGcm8-UyzZRbkoBDZZEy27cZZ6ktxspEZPcVTIpdiGpvN_mc-hGcLBJb6akDp9xCdeJkK-bAMV9jkDmIIVtKAN1d0tgiJO9ljKnqPKLwvG0CweQOHipkb2qU4ipZkYhKqxORVccsIvW2QMrwgplw7Qxo0CRjbCMwohNq9uLNUeNyhG3YVffsxLqXccdGFN4D1KJKpcw6BSd0iCr1fGJ9zY24QFqnPHcHlf9chmaDgzWsw&sai=AMfl-YRIeTCoTY1xaFMSjEUieRhpUVlRa3CsxB1Cn0jUI93x-jm6Zgzbau1xG6zwJh6JvB0Z_qi6fTPyo0WCpXvdklRzBSJVYeJDepkJMwwrbi0U7pWnU0StXlbGT_xEAHw&sig=Cg0ArKJSzJW2QTLJbjiZEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 31F683706B4E1B2B64558FECCA386FE7
Requests: 5 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=928934&campId=970x250&pubId=4811995650&chanId=68750341&placementId=6271300695&pubCreative=138431019205&pubOrder=3184962652&cb=2015102179&custom=index&custom2=2&adsafe_par&impId=261ce372-e07b-11ed-bc90-06d8cca89c2a
Frame ID: B32D8F5E4AB4FBD916BB7AF08514C700
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4JlxG3mpR0Z7HMgA5QcDwodSPIBrI4FCBRcJzExSrQc4oPkoUbVoX3zrW-NvsJZk301MoGKsGYS0oWakzvU5rLyDaBQd3HEuzFQhelTumx3YvziqpOXHprNzh8sejU1ALdq52Nr1L4L4CxxJjaIrF2aQLivjWSh1CX4rhHkJSLdf45VrH_QcIs_hGAjTdc4II7qM2t3ddFrdZfF_ykHphbj7wgBcmWnn8REKp_C9cPTpB1_sc6BBVscEoJQHTIqu3psOhZlWJz_zkinhHPhL132RBjxHEwU9gVkyoW7E6IuAS3YMgtaug1bU&sai=AMfl-YR2OPj1Nh7-XRbmcxMCjdHbzdJTEvfnv4fIkj99gOc6jdeP_8rwpZLG56TcBVDMIctCpY4m9WAiZU1jNdrWysMOrPBdrFPMZJ9vqqCe-EDv7T4RfZqJ-zwXSZ9vpoE&sig=Cg0ArKJSzHl_0cUdpjtDEAE&uach_m=[UACH]&adurl=
Frame ID: 74FC4C3473DE59845570C602E2DD96DE
Requests: 7 HTTP requests in this frame

Frame: https://hal9000.redintelligence.net/zone/htlmx5cd89bk?subid=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&rnd=7567641301338255845&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:apn&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7567641301338255845%26mt_id%3D6622404%26mt_adid%3D216536%26redirect%3D
Frame ID: A69A13DE97BC15CA25B3CB1645D32ABC
Requests: 15 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: AC4C943515CC511725B72EA53DB68E9A
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 4A2C0DFA22118E0DF263005D2AE2123E
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: CDC5D9B54B35D0A69585EFE11014E000
Requests: 2 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2628011022
Frame ID: 9F8E2E45627D1024E29673334E726F18
Requests: 2 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CI_k5q7bu_4CFYGoGAodq1cMVA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7040209637351.578
Frame ID: 7B93804B24DEF624D9A38ECB93B5FC12
Requests: 2 HTTP requests in this frame

Frame: https://hal900029.redintelligence.net/request_content.php?s=91007500126201500951435012301029&a=11e12815
Frame ID: 52997151D0F09596081EFE0B19D753F0
Requests: 10 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 739B56940AD8DC4184DEB121B8AA116F
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 38AC268B998ED0FDC268F69C286BF9AC
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: D01262B48043130D864F6ECDF0D161FA
Requests: 10 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: C62B18B2382FFFA1CC37D865CD481208
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Frame ID: CEEE39182FC7DDAF3140758DB6740FC7
Requests: 12 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 8C668B26A50468430D11E95729D983AF
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: CA32FD7EBFFB024FBF8C93699249451F
Requests: 10 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:45906442-e4ad-4a00-a9c9-deea8528581a&gdpr=0&gdpr_consent=
Frame ID: 11F823A932638CF79F5D79B872E46351
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5077674839012819457
Frame ID: EDAB732F01BC0AD17064A59F65200276
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: A7A849094700074422256D5B81209F0C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559727366041940
Frame ID: 35036D3A441BB85B618A0ACF4A775F87
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=JgoPAHUKWQI9Ww8BKQsWBiAIAlc9DAlUIlghrpmk
Frame ID: B9F9A27281922F15D8D9362F2F1CCDF7
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Canada.Com | Homepage | Canada.ComCanada.comUser

Page URL History Show full URLs

  1. https://canada.com/ HTTP 301
    https://o.canada.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io

Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

390
Requests

89 %
HTTPS

36 %
IPv6

75
Domains

137
Subdomains

110
IPs

13
Countries

5321 kB
Transfer

14978 kB
Size

89
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://canada.com/ HTTP 301
    https://o.canada.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 88
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=e2301df0-f692-496c-a1a4-8e9ba98652f2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=e2301df0-f692-496c-a1a4-8e9ba98652f2&google_tc= HTTP 302
  • https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEGZpw9mG97q_3JQZzi_w2wY&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=e2301df0-f692-496c-a1a4-8e9ba98652f2&google_cver=1
Request Chain 91
  • https://cdn.jwplayer.com/v2/media/mVlrGuYl/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/0z1m5a4b-320.jpg
Request Chain 92
  • https://cdn.jwplayer.com/v2/media/NHIZTWRz/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/9zutyodg-320.jpg
Request Chain 93
  • https://cdn.jwplayer.com/v2/media/pk7viBG8/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/g4mcmyw7-320.jpg
Request Chain 94
  • https://cdn.jwplayer.com/v2/media/oWKsCuki/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/PRx3AmKN-320.jpg
Request Chain 95
  • https://cdn.jwplayer.com/v2/media/ZScHFlUa/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/CrZd9FoV-320.jpg
Request Chain 96
  • https://cdn.jwplayer.com/v2/media/SAa5eY0t/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/38g3172v-320.jpg
Request Chain 97
  • https://cdn.jwplayer.com/v2/media/JBXrf8E4/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/M2uuck0r-320.jpg
Request Chain 98
  • https://cdn.jwplayer.com/v2/media/h7MyIJmY/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/GER0RdQo-320.jpg
Request Chain 99
  • https://cdn.jwplayer.com/v2/media/hsft5pjj/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/sfa013va-320.jpg
Request Chain 100
  • https://cdn.jwplayer.com/v2/media/XwSvaCKl/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/XfS4caFq-320.jpg
Request Chain 180
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=canada.com&sn=ChromeSyncframe&so=0&topUrl=o.canada.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=qRuMO3xiV1VhZnpaTm1BSHJvdms3WHNQc2Q2Y0toUlJCS0xHRG4zY1ZkSWRBanpqdFVOa0lMcEwwTkhjbm1yakJpUHVsRGhsTkZ5VEFZY1JqeUIwTkwxSWtneFFkNGxHR3Q5QkxQQ1BmcGk1OGFWK3Y4VEc5WUpNdGxIOHJCU0hNREdDU0NZWXJORDBCaXBjeGFzTy8rbis3RUk3L1dmSVAyNEhMTTl2b1JwemowSEoxZXAxaFBXbzNtR2phWGZodkh0R2g0Rmx5OVR0V0hQRTB2YVpHSU1wN3ExVnJWK0k3SWVpbnAwYk5MOGhOZmdxVWVBMjVoN1BCcHJ5UnIxT01KWWJuRUNxVWNxN0ZKU2dHZ1ZmV1RUOVgzQT09fA&cppv=2
Request Chain 192
  • https://cdn.jwplayer.com/strips/XwSvaCKl-120.vtt HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/XwSvaCKl-120.vtt
Request Chain 196
  • https://cdn.jwplayer.com/v2/media/XwSvaCKl/poster.jpg?width=720 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/XfS4caFq-720.jpg
Request Chain 197
  • https://cdn.jwplayer.com/v2/media/XwSvaCKl/poster.jpg?width=640 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/XfS4caFq-640.jpg
Request Chain 221
  • https://cdn.jwplayer.com/strips/XwSvaCKl-120.jpg HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/XwSvaCKl-120.jpg
Request Chain 243
  • https://tags.mathtag.com/notify/img?exch=apn&s_exch=apn&id=5aW95q2jLzIzLyAvWkRrNE16RXpORFV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzc1Njc2NDEzMDEzMzgyNTU4NDUvNjYyMjQwNC80NTYyMzEyLzEzL0t4ZjNoaHVPMGlYYTRpSDZoeVd6N0xNRFpaQVN3UkdFdC1tUFlWQkpyXzAvMS8xMy8wLzAvOTU2ODAzLzEzNTg4OTA4NjEvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzc1Njc2NDEzMDEzMzgyNTU4NDUvenJoLzAvNjA1LzUzLzk5OS8zMjIvODAuMjU1LjcuMC8wLjAwMC8xNjgyMTA1NTE1LzE2ODIxMTgxMTUvMTMvNzgxNy8/s_YuVPHIjdL4eQhV5wbqL5izBz8&nodeid=3771&group=zrh&auctionid=7567641301338255845&pbs_auctionid=7567641301338255845&shardkey=7567641301338255845&sid=4562312&cid=6622404&bp=a_agiica&min_bid_win=${AUCTION_MIN_TO_WIN}&nfy_act=LD5wew&bfip=185.29.135.58&type=imp&client=c2s HTTP 302
  • https://tags.mathtag.com/ck-confirm?bid_id=7567641301338255845&node_id=3771&exch_id=13
Request Chain 247
  • https://sb.scorecardresearch.com/c2/10276888/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 248
  • https://cdn.jwplayer.com/v2/media/mVlrGuYl/poster.jpg?width=120 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/0z1m5a4b-120.jpg
Request Chain 263
  • https://hal900029.redintelligence.net/request.php?zone=htlmx5cd89bk&nw=20&renderingType=javascript&namespace=f9c34faa0a&subid=&uid=83df7d97484a0172&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7567641301338255845%26mt_id%3D6622404%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fo.canada.com%2F&ancestorOrigins=https%3A%2F%2Fo.canada.com%2Chttps%3A%2F%2Fo.canada.com&random=582211460554&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900029.redintelligence.net/request.php?zone=htlmx5cd89bk&nw=20&renderingType=javascript&namespace=f9c34faa0a&subid=&uid=83df7d97484a0172&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7567641301338255845%26mt_id%3D6622404%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fo.canada.com%2F&ancestorOrigins=https%3A%2F%2Fo.canada.com%2Chttps%3A%2F%2Fo.canada.com&random=582211460554&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 296
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=91007500126201500951435012301029&ra_cnt_active=1&ra_cnt=1 HTTP 302
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2628011022
Request Chain 298
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7040209637351.578 HTTP 302
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CI_k5q7bu_4CFYGoGAodq1cMVA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7040209637351.578
Request Chain 351
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 355
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZELksA.3e0pjjxt25pWo7AAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPOUNP_PGOwxHbE6yYwCUTs&google_cver=1&google_hm=2
Request Chain 356
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZELksA-3e0pjjxt25pWo7AAABKIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGwuk2MsBlZPoThVgbim_6Q&google_cver=1
Request Chain 357
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZELksA-3e0pjjxt25pWo7AAABKIAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZELksA-3e0pjjxt25pWo7AAABKIAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 359
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=84561b8a-6c3b-7772-53fafe6f
Request Chain 361
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Request Chain 362
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=NLl5g8Yo1PPWuc5
Request Chain 364
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOpjzKybmJHFKr3fabknGqg&google_cver=1
Request Chain 365
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/vOVk0fB279UeXUTiItjk3cn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-znViMXlE2oIsVurdvmmdMTUF.fIOE5eGKRHItg--~A
Request Chain 366
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGQY6Y4S-1D-JRP3
Request Chain 368
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDcxM2FhNTgyNzVjYzViOGUwOGIwNzUxYWFiNDA1MTI5MWRmNmQzMw
Request Chain 369
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEdRWTZZNFMtMUQtSlJQMw== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEC8CbuZ9zo7iXFy1G1iDIUg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdRWTZZNFMtMUQtSlJQMw==&google_push=
Request Chain 370
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Y_oYmx6IRhCkZd33yeLWSQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Y_oYmx6IRhCkZd33yeLWSQ
Request Chain 371
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=sZVLYsbjR3aekZp4YK9v9A&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=sZVLYsbjR3aekZp4YK9v9A
Request Chain 372
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:45906442-e4ad-4a00-a9c9-deea8528581a&gdpr=0&gdpr_consent=
Request Chain 373
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5077674839012819457
Request Chain 374
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://widget.eu.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 375
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559727366041940
Request Chain 376
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=JgoPAHUKWQI9Ww8BKQsWBiAIAlc9DAlUIlghrpmk
Request Chain 377
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tiMnrcfyTUiyTJ7WRuMV0g%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 379
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2681491014 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=B62327AD-C7F2-4D48-B24C-9ED646E315D2
Request Chain 380
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=B62327AD-C7F2-4D48-B24C-9ED646E315D2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZmxpRmFxa0tZWFZTbzJXR0FObDJ6Wkx0dw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=2195365206489049563&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 381
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjYyMzI3QUQtQzdGMi00RDQ4LUIyNEMtOUVENjQ2RTMxNUQy&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 382
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELurCMTCuG1xQ-97AHRxdYA&google_cver=1
Request Chain 384
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2195365206489049563

390 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
o.canada.com/
Redirect Chain
  • https://canada.com/
  • https://o.canada.com/
661 KB
108 KB
Document
General
Full URL
https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.249.109 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
109.249.111.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
bb40f88f520dc06aa3e594ff3fe6f10b7b3623374e2f983a2af29731dd973738
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
max-age=300
content-encoding
gzip
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
content-type
text/html; charset=utf-8
date
Fri, 21 Apr 2023 19:31:53 GMT
expires
Fri, 21 Apr 2023 19:33:55 GMT
permissions-policy
autoplay=(*), camera=(*), display-capture=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), microphone=(*), payment=(*)
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.14.2
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-pmd-backend
pmd-nginx-proxy-7f544499d4-z6gmv
x-pmd-cache
HIT

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 19:31:53 GMT
location
https://o.canada.com/
css
fonts.googleapis.com/
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3765c827835b648cc260ae2d788cd5d099c3ccac31537d04964d526e5bff533f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 21 Apr 2023 19:31:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 21 Apr 2023 19:31:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 21 Apr 2023 19:31:54 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
74 KB
25 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
96965e9198593fe808f8fa9b2edd88eb18484bcd2ac1c4013fcc8a788a2f62f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25071
x-xss-protection
0
server
cafe
etag
874 / 19468 / 31074054 / config-hash: 11648243008235316478
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 21 Apr 2023 19:31:54 GMT
184635-232448041313322.js
js-sec.indexww.com/ht/p/
153 KB
41 KB
Script
General
Full URL
https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
521c60f0c979eeeabc2dcabee0d4ecdcc8c1c91e2654b4ea243d4957e4bd1ed1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:54 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 21 Apr 2023 19:21:03 GMT
server
cloudflare
age
571
etag
W/"764fc4-262ff-5f9dd8ed8515f"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
7bb80cc72f919b7d-FRA
expires
Fri, 21 Apr 2023 23:31:54 GMT
publishertag.js
static.criteo.net/js/ld/
121 KB
40 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a005::6 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ee5dd0a4359b47cc49bbeaa01ee01d9ab77226267bc4999dce2331f35dd4b930
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-1e357"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 22 Apr 2023 19:31:54 GMT
apstag.js
c.amazon-adsystem.com/aax2/
226 KB
55 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.82.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-82-73.atl59.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
49262cbd305b40a32de0c41a27e4a5aafc65927c0b7f0e6163e0e5b3739eab85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 18:37:00 GMT
content-encoding
gzip
via
1.1 a075746ea1824aa1c02a5e26a9e968e4.cloudfront.net (CloudFront), 1.1 a39699152176bddffd29fe58063d838a.cloudfront.net (CloudFront)
last-modified
Wed, 19 Apr 2023 20:25:04 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, ATL59-P2
age
3295
x-amz-server-side-encryption
AES256
etag
W/"d0373f28cbce103f094bc2631a9c8dd5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
jhADtKqSWUP0G6Yz6V0_BrdBx7TZHuEDa4A9Px6irtQBNwjDecsG1Q==
14648.js
micro.rubiconproject.com/prebid/dynamic/
2 MB
224 KB
Script
General
Full URL
https://micro.rubiconproject.com/prebid/dynamic/14648.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.98.130.104 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-98-130-104.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0ffafb73246f5e2d8087021e2e09ab3c9e2be03bb4124667b9f9287d7288bb39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:54 GMT
content-encoding
gzip
last-modified
Fri, 21 Apr 2023 03:40:53 GMT
server
Apache
etag
"14648_postmedia_pbjsRule_4Fri__21_Apr_2023_03:40:53_GMT"
vary
Accept-Encoding
edge-cache-tag
prod-prebid-14648_postmedia_pbjs.js
content-type
text/javascript
cache-control
public, must-revalidate, max-age=14400
content-length
228164
expires
Sat, 22 Apr 2023 04:30:58 GMT
iasPET.1.js
cdn.adsafeprotected.com/
22 KB
22 KB
Script
General
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-96.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 03:42:13 GMT
Via
1.1 1e498d046330e15095a1a2a958463bf4.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C2
Age
402582
ETag
"51636de3ce868a2172f9e6996c2934e0"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22521
X-Amz-Cf-Id
5Gt2vk9HcDBqWF-09iy_I5-BFtpH0w2YdyxjHHDcI-InUepH2jVWtw==
advertising.js
www.npttech.com/
6 KB
3 KB
Script
General
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:650c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:54 GMT
x-amz-version-id
AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
EMR7W5Y5DVSVVPVA
age
3337
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
Mi9pKP9W0n9kCQ2Mgys/5TnmhIG6KWlVfn9r/01RGKjz3yHaNJvItZmWkaYbd+rZ7Z8IOQqZmVc=
last-modified
Tue, 18 Oct 2022 13:20:01 GMT
server
cloudflare
etag
W/"df0e1827cd8f289a645f38d8fecaf6e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DCNyfnLKMr1NMnlajggebEyKdIPnNxH%2BkhmNP88NzZfc%2B6EgmW%2Bg1mwm3fl80jC85EgJKuhzvvskT8ACgP7CD41uR%2FG8iYiT3DlzI7Axuc5wQ1qKOEkKbndTVbmIjlCiWZHp%2Be7KoNqKoIkd6xc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
cf-ray
7bb80cc91bf22c1c-FRA
LoginRadiusV2.js
auth.lrcontent.com/v2/js/
199 KB
46 KB
Script
General
Full URL
https://auth.lrcontent.com/v2/js/LoginRadiusV2.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:48e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68a335c0d87dce935fee1811892070e78c514828d50bfe2ae21fde739ec1002c
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:54 GMT
strict-transport-security
max-age= 63072000; includeSubdomains; preload
via
1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
gzip
age
2251
x-amz-cf-pop
AMS1-P2
cf-polished
origSize=1238069
x-cache
Hit from cloudfront
cf-bgj
minify
last-modified
Mon, 13 Dec 2021 05:19:58 GMT
server
cloudflare
etag
W/"ae3463c4a59ae100b160ed4dd5dbf4b8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7bb80cc7dac7362b-FRA
x-amz-cf-id
wub1sAnQfYScioyVqT-Mo79LTeV0WbTyulN3ghOKvVC8XFDlfdze_A==
spm.v1.min.js
ak.sail-horizon.com/spm/
98 KB
33 KB
Script
General
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-84.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc5f18223b1a8a5c768d7e1a6e61e1f6c724d385921f6353ba01ff9ef19d59e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:27:14 GMT
content-encoding
gzip
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
last-modified
Wed, 11 Jan 2023 16:08:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
281
x-amz-server-side-encryption
AES256
etag
W/"be0aea74754407f0a826a84e140dd5ea"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600; must-revalidate
x-amz-cf-id
3or4pp6YaPcDkt-zuUablQru8LJFxjK_x9P0zKGG8dCyjWbk2oAoPA==
fem.js
fem.gprod.postmedia.digital/v79.3/
316 KB
91 KB
Script
General
Full URL
https://fem.gprod.postmedia.digital/v79.3/fem.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
aee9a10d3ffa3dc4daf0ea79b7f151d3e0935e8e9d4cd81790002d98f3481c54

Request headers

Referer
https://o.canada.com/
Origin
https://o.canada.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 04:28:05 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1680803051
age
54229
x-guploader-uploadid
ADPycdsOsqT1UT53OKJYSh09a5iA7tKGqjIr7ch11xHtzSskw_T4Lze310yQBqIroVMybBN0YyXinkx-OgBOtFCSJDpn-A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92704
last-modified
Thu, 06 Apr 2023 17:45:48 GMT
server
UploadServer
etag
W/"2c29f95c48f141a9429183aae6cad1e6"
vary
Accept-Encoding
x-goog-generation
1680803148690651
x-goog-hash
crc32c=n8tu2w==, md5=LCn5XEjxQalCkYOq5srR5g==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
323450
accept-ranges
none
content-type
application/javascript
TS2020224ED18-scaled-e1682097430938.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/04/
49 KB
50 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/04/TS2020224ED18-scaled-e1682097430938.jpg?quality=90&strip=all&w=466&type=webp&sig=qth3ksvbFiWKjsnAk1Pr7w
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.23.3 /
Resource Hash
19857629e139501e0746c61584a3b5bfeff6441b18ea0185147570abe9a0c7a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Fri, 21 Apr 2023 19:30:01 GMT
via
1.1 google
server
nginx/1.23.3
age
113
etag
"776ac7dd52306c27dfffca61f354d2f6c062c810"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-556576c5cb-n84gl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50572
CAL-0111822-gyb-2.jpg
smartcdn.gprod.postmedia.digital/theprovince/wp-content/uploads/2023/04/
8 KB
9 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/theprovince/wp-content/uploads/2023/04/CAL-0111822-gyb-2.jpg?quality=90&strip=all&w=150&type=webp&sig=vAt-mQv89mFpFY40_gNFig
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.23.3 /
Resource Hash
add6d72b7bad57dd0a1324fd768592bdb0abee6a934c74d12ee8d9405ec3a348

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-pmd-smartcdn-requester
theprovince
date
Thu, 20 Apr 2023 09:14:47 GMT
via
1.1 google
server
nginx/1.23.3
age
123427
etag
"25470343bbe1b0eba88ec414291581e6676c0086"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-556576c5cb-jxcw6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8682
png0417nyvr-04.jpg
smartcdn.gprod.postmedia.digital/theprovince/wp-content/uploads/2023/04/
5 KB
5 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/theprovince/wp-content/uploads/2023/04/png0417nyvr-04.jpg?quality=90&strip=all&w=150&type=webp&sig=9xscr6f-5DAqqDh5PujwTQ
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.23.3 /
Resource Hash
34ab18ea385dc6969e61c4c5962dd735410c9840271412c480ff8fc959991da3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-pmd-smartcdn-requester
theprovince
date
Fri, 21 Apr 2023 03:03:06 GMT
via
1.1 google
server
nginx/1.23.3
age
59328
etag
"d566fa916df9007eec68559c74e84d4e7431eeb4"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-556576c5cb-jxcw6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5372
png0417nyvr-04.jpg
smartcdn.gprod.postmedia.digital/vancouversun/wp-content/uploads/2023/04/
5 KB
6 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/vancouversun/wp-content/uploads/2023/04/png0417nyvr-04.jpg?quality=90&strip=all&w=150&type=webp&sig=TNx3J7Pelaan5Zt1kEW_WQ
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.23.3 /
Resource Hash
1e6ca03f49ae740f13907bf4d41cdcf922ae62284ac9a2b6d1c5846f1f9af4db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-pmd-smartcdn-requester
vancouversun
date
Fri, 21 Apr 2023 11:49:45 GMT
via
1.1 google
server
nginx/1.23.3
age
27729
etag
"2005cb377af8cc7a11325fc9b453139e163ce2b1"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-556576c5cb-l7b4g
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5396
jae_lynn_chaney-e1681758507302.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/04/
7 KB
7 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/04/jae_lynn_chaney-e1681758507302.jpg?quality=90&strip=all&w=150&type=webp&sig=vhdiTeM7vgqCUKL_bY_qhw
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.23.3 /
Resource Hash
36dd2e74c11b45f40f4c51151787ecf875dfe14601fec4a3240692ef2336544b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Fri, 21 Apr 2023 11:49:45 GMT
via
1.1 google
server
nginx/1.23.3
age
27729
etag
"ca75ca53623c3db21483e0e7c41d9995dbfa716a"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-556576c5cb-czgpw
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7088
shared.72fe1588dbc6.js
dcs-static.gprod.postmedia.digital/13.3.0/CACHE/js/
20 KB
7 KB
Script
General
Full URL
https://dcs-static.gprod.postmedia.digital/13.3.0/CACHE/js/shared.72fe1588dbc6.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
0e5a5431b1a7bfecbf681243556f01b3e0e2b02e8621d7366a1d63804edb1052

Request headers

Referer
https://o.canada.com/
Origin
https://o.canada.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 13:53:56 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1680551564
age
20278
x-guploader-uploadid
ADPycdtoL9-MOIjnNg5m1xuEU2FGQiHpARk5fLrflGwhylm3xSJ-EFqdx204AghTm38dNDTeEoQG-kBST43FfK3OIBUY_oAVrFEu
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7395
last-modified
Tue, 11 Apr 2023 17:04:42 GMT
server
UploadServer
etag
W/"8016f6346cf946e64cecca89794f7e9f"
vary
Accept-Encoding
x-goog-generation
1681232682494936
x-goog-hash
crc32c=itNNFw==, md5=gBb2NGz5RuZM7MqJeU9+nw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
20647
accept-ranges
none
content-type
application/javascript
main.63c80e333ec4.js
dcs-static.gprod.postmedia.digital/13.3.0/CACHE/js/
90 KB
31 KB
Script
General
Full URL
https://dcs-static.gprod.postmedia.digital/13.3.0/CACHE/js/main.63c80e333ec4.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
63c80e333ec4cf5788615d26fbfd54ac5c3291cd01a7da6dfe6124b6b8d50b99

Request headers

Referer
https://o.canada.com/
Origin
https://o.canada.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:47:12 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1680551564
age
92682
x-guploader-uploadid
ADPycdsRL24Zl8U2RNJVRco8mjH5ZIZpq3uD1nF5EqyTeMbk7GRzDm7usUcGHB1I5l_aCxCYNh21Up_0Be3-j7mln5MK
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31258
last-modified
Tue, 11 Apr 2023 17:04:42 GMT
server
UploadServer
etag
W/"b9c8c2948cb911af93ab70a9ed100db5"
vary
Accept-Encoding
x-goog-generation
1681232682438725
x-goog-hash
crc32c=zMmd3Q==, md5=ucjClIy5Ea+Tq3Cp7RANtQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
91952
accept-ranges
none
content-type
application/javascript
truncated
/
256 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3fde76cacc186420d0405496f66f9cd00a7c14a38a9ffa4b626a09affe83cc2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://o.canada.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 02:04:52 GMT
x-content-type-options
nosniff
age
149222
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Apr 2024 02:04:52 GMT
icon-generic-play.svg
dcs-static.gprod.postmedia.digital/13.3.0/websites/images/common-icon/
1 KB
1 KB
Image
General
Full URL
https://dcs-static.gprod.postmedia.digital/13.3.0/websites/images/common-icon/icon-generic-play.svg
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2f28c008f0ce667d697ccc95a07377e8562c0c28dd910f864724a265f75671e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 10:48:03 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1680551565
age
204231
x-guploader-uploadid
ADPycdu9ej8A1PxosN4Oh0qWx6ysX1lSG0JlMpF5AOPTmrfatsXBFDod1ST-BxaQWjOKf4W-DPLHd8DlzxD5BIH4j0G5TA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
501
last-modified
Tue, 11 Apr 2023 17:04:54 GMT
server
UploadServer
etag
W/"34ef0f992f9fa3f5a172353b887ba82c"
vary
Accept-Encoding
x-goog-generation
1681232694377085
x-goog-hash
crc32c=+OS2xg==, md5=NO8PmS+fo/WhcjU7iHuoLA==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
1091
accept-ranges
none
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://o.canada.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:05:23 GMT
x-content-type-options
nosniff
age
62791
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15660
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:42:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 Apr 2024 02:05:23 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://o.canada.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 19:35:07 GMT
x-content-type-options
nosniff
age
86207
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Apr 2024 19:35:07 GMT
icon-fire.svg
dcs-static.gprod.postmedia.digital/13.3.0/websites/images/common-icon/
835 B
1 KB
Image
General
Full URL
https://dcs-static.gprod.postmedia.digital/13.3.0/websites/images/common-icon/icon-fire.svg
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a345a18e5d3f6c07451cb14dd480bfad123f03663912b581265d617d4725fe9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 05:48:20 GMT
x-goog-meta-goog-reserved-file-mtime
1680551565
age
49414
x-guploader-uploadid
ADPycdupLjcWX7q4rCif_B3slFHJalIFaSSo6Ngq9f45BepWIJEpWo9BOc6LT1XVNo2ZljgTvR0CIytcXyP4vKCzQVNp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
835
last-modified
Tue, 11 Apr 2023 17:04:54 GMT
server
UploadServer
etag
"9c6e99306a671d196d8945273b28bfe8"
x-goog-generation
1681232694238262
x-goog-hash
crc32c=0k5Zig==, md5=nG6ZMGpnHRltiUUnOyi/6A==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
835
accept-ranges
bytes
postmedia-image-fallback.webp
dcs-static.gprod.postmedia.digital/13.3.0/websites/images/
3 KB
3 KB
Image
General
Full URL
https://dcs-static.gprod.postmedia.digital/13.3.0/websites/images/postmedia-image-fallback.webp
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
179c493864283938999b1e6cfb14839f78f9b25d1ec30faabbf9ea18216b23e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 05:48:35 GMT
x-goog-meta-goog-reserved-file-mtime
1680551565
age
49399
x-guploader-uploadid
ADPycdsLWQOcvz5RTnrwu4T9iIAxokcDRia-ERbEKUVprplR9zGXNs0XkzFmWDp6XTJiqVXR91rero5eeGAweEvnm0dVGzZOehpp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2934
last-modified
Tue, 11 Apr 2023 17:05:04 GMT
server
UploadServer
etag
"496f3aa3adffbf2280dd5f74fb6eef8f"
x-goog-generation
1681232704717125
x-goog-hash
crc32c=Qpf2ww==, md5=SW86o63/vyKA3V90+27vjw==
access-control-allow-origin
*
content-type
application/octet-stream
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
2934
accept-ranges
bytes
xd.html
fem.gprod.postmedia.digital/v79.3/ Frame BC5F
165 B
194 B
Document
General
Full URL
https://fem.gprod.postmedia.digital/v79.3/xd.html
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v79.3/fem.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6e9ba075c98efb22256a5fc825dfc9607f1e0196538599d131ef9f2872fa7dde

Request headers

Referer
https://o.canada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
126199
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=31622400
content-length
165
content-type
text/html
date
Thu, 20 Apr 2023 08:28:35 GMT
etag
"db78eb90321256d80ad3e4dec9b2661c"
last-modified
Thu, 06 Apr 2023 17:45:50 GMT
server
UploadServer
x-cache-hit
hit
x-goog-generation
1680803150161472
x-goog-hash
crc32c=9hJZ3w== md5=23jrkDISVtgK0+TeybJmHA==
x-goog-meta-goog-reserved-file-mtime
1680803051
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
165
x-guploader-uploadid
ADPycdu00d66uukdsyVQIHSjz2WadKMF679L1kydiaWAdY-f1Fg2eORApnD6pCuJ2UwJMlZHTwG7KmsxTdeNW9nsm53_cQ
23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/
389 KB
116 KB
Script
General
Full URL
https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v79.3/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4d6b8130cb43f9481aad42bba75a692c0adbce23fc57bd0b34d6e069882a5bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:54 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
23dc09d6-b664-425a-a76e-0eed6a6cc102
age
0
x-guploader-uploadid
ADPycdsnUWKcVVrUbaRg6U073VqORDkwlR4TA9vgBm_P279W_Narljqv2Ckc7BlMNuQPt4zXfuEu93pbCggWxzUgDlpKIdlqiNRM
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
last-modified
Wed, 19 Apr 2023 20:01:12 GMT
server
cloudflare
etag
W/"71f510c4e371611d14d72a7cae6fd543"
vary
Accept-Encoding
x-goog-generation
1681934472381398
content-type
application/javascript
x-goog-hash
crc32c=a/NtSg==, md5=cfUQxONxYR0U1yp8rm/VQw==
cache-control
public, max-age=900
x-goog-stored-content-length
119309
timing-allow-origin
*
cf-ray
7bb80cc9ba01bbd4-FRA
expires
Fri, 21 Apr 2023 19:46:54 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/
400 KB
124 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c470984efff845d5290f15d3a01552b4bff15c1e40a48c944233a5bc5f69539
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 09:54:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
34663
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127052
x-xss-protection
0
server
cafe
etag
14196522953641333499
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 20 Apr 2024 09:54:11 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
114 B
104 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=o.canada.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b0e1b58919532ecbedd604dc6d8f72cc5ada25bae80b518061ccc79b0d56640e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
x-xss-protection
0
expires
Fri, 21 Apr 2023 19:31:54 GMT
any
idx.liadm.com/idex/ie/
54 B
430 B
XHR
General
Full URL
https://idx.liadm.com/idex/ie/any
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.40.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-40-206.compute-1.amazonaws.com
Software
/
Resource Hash
d66cb3a72f22b81cc7dc07d1f8ce6fa56985f85839a1d4df1e13d430a3b9cd2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
request-time
22
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
trace-id
d62694081f0878a6
content-length
54
expires
Sat, 22 Apr 2023 19:31:54 GMT
rid
match.adsrvr.org/track/
63 B
387 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=184635
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
fbae1f5945b9cfa3537ebb968ce9c10cfd1fce9923bf6676d1ab6c659c2ec741

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:54 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://o.canada.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Sun, 21 May 2023 19:31:54 GMT
14648-pbjs-floors.json
ads.rubiconproject.com/floors/
64 KB
6 KB
XHR
General
Full URL
https://ads.rubiconproject.com/floors/14648-pbjs-floors.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.98.130.104 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-98-130-104.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b15a3c9997687ceb8acb60f1ec5e658ca9debf4d5a0f5abbe94490d212da5bdf

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Apr 2023 19:31:54 GMT
content-encoding
gzip
last-modified
Fri, 21 Apr 2023 18:40:53 GMT
server
Apache
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1500
access-control-allow-credentials
true
accept-ranges
bytes
content-length
5939
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
2 KB
2 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230421
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a4c225e3059c9ec1712ed6c4154c0f79985402dffb38a938d6581cad5946889
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Apr 2023 19:31:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
12660
x-jsd-version
1.0.1683
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4581-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"63c-0AfnNtxWGDTJjeyoJD9A+sRE8aw"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2FDCSQxzL7WTQVFYw4OaKZNf3NJownlZLMy0OuP0oXgnHXhHhQZF%2BVT5iaHhg69ldlaxcnQB78ySrHsjfNNb37dT7YPrYvSmRvKhCq%2FnvmZLM23yKKxwrngufdgmdsRNmK3BLILn7EkzFuBUKQk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7bb80ccaad499bf5-FRA
xd.js
fem.gprod.postmedia.digital/v79.3/ Frame BC5F
51 KB
17 KB
Script
General
Full URL
https://fem.gprod.postmedia.digital/v79.3/xd.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v79.3/xd.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
71953c2522ed53a92a0ccbc21a8c088f37d22ddb3eb571289637926768305f6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fem.gprod.postmedia.digital/v79.3/xd.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 06:16:18 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1680803051
age
47736
x-guploader-uploadid
ADPycdvTh3Jtpf8EHWZ5ibF9SbO-6eVTqohEGdKmu3QpnSd6duWAV08m1WWaQAb2x26YxulW_OBVzhwFh7M4h_xU8E9PCw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17125
last-modified
Thu, 06 Apr 2023 17:45:50 GMT
server
UploadServer
etag
W/"34131d7ea0d34f4067256a00ed07ae3b"
vary
Accept-Encoding
x-goog-generation
1680803150439032
x-goog-hash
crc32c=UGW+4g==, md5=NBMdfqDTT0BnJWoA7QeuOw==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
51835
accept-ranges
none
65c1728f2033e06a11127.js
dcs-static.gprod.postmedia.digital/13.3.0/websites/js/
23 KB
7 KB
Script
General
Full URL
https://dcs-static.gprod.postmedia.digital/13.3.0/websites/js/65c1728f2033e06a11127.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/13.3.0/CACHE/js/shared.72fe1588dbc6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3cfa09fd8d0ccfa990f5b81e8fbc8c6f50a8ecc7f0260b89a567f5100741e9c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 10:24:39 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1680551564
age
119235
x-guploader-uploadid
ADPycdvFqOE4VXE4Oq7oBB5ErA7khZ1tazzYy0o_OT9J56LIKqcGgsG-RwB_iSx7nx7f7lJW2iATWEJcUUEdxBYLfK2YfQCuK5nn
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6864
last-modified
Tue, 11 Apr 2023 17:05:09 GMT
server
UploadServer
etag
W/"7e7697105393f16cace997d47dc71d87"
vary
Accept-Encoding
x-goog-generation
1681232709563440
x-goog-hash
crc32c=Dhschw==, md5=fnaXEFOT8Wys6ZfUfccdhw==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
23052
accept-ranges
none
a3abef1aea194bc54ce30.js
dcs-static.gprod.postmedia.digital/13.3.0/websites/js/
7 KB
3 KB
Script
General
Full URL
https://dcs-static.gprod.postmedia.digital/13.3.0/websites/js/a3abef1aea194bc54ce30.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/13.3.0/CACHE/js/shared.72fe1588dbc6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6333459bbba841d16299dfee81d2019bf4b4133760e6b375168a4b4ce03a9079

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:46:11 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1680551564
age
179143
x-guploader-uploadid
ADPycdsX3bFmSn02AciOK88sQasOxGDQm2Cc8NjpTQEE0YOKvEkTjGbMoVRRC3_12FTMaUbrflu-lnyxMciWnqRad_8d
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2831
last-modified
Tue, 11 Apr 2023 17:05:10 GMT
server
UploadServer
etag
W/"b64e8b5cfcdcf8c0a79afea901dadb8c"
vary
Accept-Encoding
x-goog-generation
1681232710021240
x-goog-hash
crc32c=S9u9sA==, md5=tk6LXPzc+MCnmv6pAdrbjA==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
6981
accept-ranges
none
7ccc7238f639079f46592.js
dcs-static.gprod.postmedia.digital/13.3.0/websites/js/
33 KB
10 KB
Script
General
Full URL
https://dcs-static.gprod.postmedia.digital/13.3.0/websites/js/7ccc7238f639079f46592.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/13.3.0/CACHE/js/shared.72fe1588dbc6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
67d87e0c0c48649776175b5c581a896df462d1d241bbf73dcd31942cd53a8fbb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 05:48:47 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1680551564
age
49387
x-guploader-uploadid
ADPycduP5jXLI6pv01IAKuQqAnL0qe3YIEIBZHa2EmMKQx5Mqxx6zNAGkUmIAZW0HRzOGUkvof-imEtKVqYSuzWRx4F_NA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10318
last-modified
Tue, 11 Apr 2023 17:05:09 GMT
server
UploadServer
etag
W/"e776f16af1e1e66a14dd8c08775ecc71"
vary
Accept-Encoding
x-goog-generation
1681232709726130
x-goog-hash
crc32c=Rii1iQ==, md5=53bxavHh5moU3YwId17McQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
33796
accept-ranges
none
a8c398763ea07427eb503.js
dcs-static.gprod.postmedia.digital/13.3.0/websites/js/
9 KB
3 KB
Script
General
Full URL
https://dcs-static.gprod.postmedia.digital/13.3.0/websites/js/a8c398763ea07427eb503.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/13.3.0/CACHE/js/shared.72fe1588dbc6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ced3553fbf17f8efee6874437b0201c1de697f287c6198e5a2860d5336bafd62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:19:23 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1680551564
age
94351
x-guploader-uploadid
ADPycdt9dyikb-_9qAUk4_dnqbWS3fixwXd88-InTNkXCPPKS-1ZuuBzktQVY1tpg17jf1d12FlTaiVY7HZ5uj8lJx2oKQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3061
last-modified
Tue, 11 Apr 2023 17:05:10 GMT
server
UploadServer
etag
W/"1b135bd4899ba8b0e0d2918a82586990"
vary
Accept-Encoding
x-goog-generation
1681232710121356
x-goog-hash
crc32c=j+jMIQ==, md5=GxNb1ImbqLDg0pGKglhpkA==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
8946
accept-ranges
none
5823a2c6fa01947b28a528.js
dcs-static.gprod.postmedia.digital/13.3.0/websites/js/
223 B
259 B
Script
General
Full URL
https://dcs-static.gprod.postmedia.digital/13.3.0/websites/js/5823a2c6fa01947b28a528.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/13.3.0/CACHE/js/shared.72fe1588dbc6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3ac01602a680fd35035a37b390f16b13e3fdf151afbf8dbf0f820e5d8d2202b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 05:54:05 GMT
x-goog-meta-goog-reserved-file-mtime
1680551564
age
221869
x-guploader-uploadid
ADPycdsmO_rm4a423iTJcu_suBvsfRVRrVx0tUlPtylkndxRnGefrrm8rzDd3uNbd8_HoWNr9_a5U3AB2_ZzrZZHIUVX
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
223
last-modified
Tue, 11 Apr 2023 17:05:09 GMT
server
UploadServer
etag
"81f3ce3aabef50d72c77dc89a8efc2d3"
x-goog-generation
1681232709407455
x-goog-hash
crc32c=0Scl4w==, md5=gfPOOqvvUNcsd9yJqO/C0w==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
223
accept-ranges
bytes
b4cb18d7576a04277b1d10.js
dcs-static.gprod.postmedia.digital/13.3.0/websites/js/
22 KB
7 KB
Script
General
Full URL
https://dcs-static.gprod.postmedia.digital/13.3.0/websites/js/b4cb18d7576a04277b1d10.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/13.3.0/CACHE/js/shared.72fe1588dbc6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6baac3ad71b0e139bb374ad569fb40f9316db512d4827f774d7349c70778b48e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 05:54:05 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1680551564
age
221869
x-guploader-uploadid
ADPycdtCCFHyZV9k0tUDTBoeEnmhyw_MMWXStPgmFBQFEGPtnBEVz_6ca5tphwNgCcEpwVj5fWPxj-Ga0BLId9VXilBFVg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6851
last-modified
Tue, 11 Apr 2023 17:05:10 GMT
server
UploadServer
etag
W/"0a949c15b9e48dd157ce89acf98c55b9"
vary
Accept-Encoding
x-goog-generation
1681232710289959
x-goog-hash
crc32c=BSgtZA==, md5=CpScFbnkjdFXzoms+YxVuQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
22660
accept-ranges
none
1c5126d5938ab9ae97a140.js
dcs-static.gprod.postmedia.digital/13.3.0/websites/js/
2 KB
1 KB
Script
General
Full URL
https://dcs-static.gprod.postmedia.digital/13.3.0/websites/js/1c5126d5938ab9ae97a140.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/13.3.0/CACHE/js/shared.72fe1588dbc6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8ce0f5ae7bee69ea6ce3ed3fb7cdcbb1b93d4a1935dde9ce1ca29abfe21235b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:13:50 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1680551564
age
94684
x-guploader-uploadid
ADPycduPoD57Zz305i8-EMs0taxGfX2Z87ik1pI3JZ8QucDbVeC-PCEseSOhvPN5p31fhsYMAEr0NELxe5ajSAnJKQdNxxmLuVFT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1072
last-modified
Tue, 11 Apr 2023 17:05:07 GMT
server
UploadServer
etag
W/"ab14eb695c98d3bbb4d175a1a286c824"
vary
Accept-Encoding
x-goog-generation
1681232707420604
x-goog-hash
crc32c=E+rsrA==, md5=qxTraVyY07u00XWhoobIJA==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
2462
accept-ranges
none
2927530881c26074a84a22.js
dcs-static.gprod.postmedia.digital/13.3.0/websites/js/
9 KB
3 KB
Script
General
Full URL
https://dcs-static.gprod.postmedia.digital/13.3.0/websites/js/2927530881c26074a84a22.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/13.3.0/CACHE/js/shared.72fe1588dbc6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
5a7a5314edb2dda052187abeb7e967f32485d1c7ad08c5f7cfcbdffe8d8bf36b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 05:50:20 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1680551564
age
135694
x-guploader-uploadid
ADPycdtV3l9hZd8TLiiJeVRgh-iU98mEdVIJIw7-VODpJE7XKr_OJzU3xcSGm9mzQ3NfD6adkKlmGgmOOrCzswgMK7iyVg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2881
last-modified
Tue, 11 Apr 2023 17:05:07 GMT
server
UploadServer
etag
W/"de3c2a266d0af741f9babc6fd15024de"
vary
Accept-Encoding
x-goog-generation
1681232707922443
x-goog-hash
crc32c=8S/+9w==, md5=3jwqJm0K90H5urxv0VAk3g==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
9693
accept-ranges
none
config
c.amazon-adsystem.com/cdn/prod/
336 B
683 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3528&u=https%3A%2F%2Fo.canada.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.82.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-82-73.atl59.r.cloudfront.net
Software
Server /
Resource Hash
35e5a8881e34365a13399b7c568c2427717401560f9b6b41fdb75f904718e2e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:54 GMT
via
1.1 a39699152176bddffd29fe58063d838a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ATL59-P2
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://o.canada.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
336
x-amz-cf-id
U2sOv4Y4gt4GIhUwRDu4-FPqy9QEQBFsMl8wiEFDd7YaYu9MYHhFAg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.82.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-82-73.atl59.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 17:43:58 GMT
x-amz-version-id
BeoItWAXLH_Ztd131J1ILFBRpuOxsQkH
content-encoding
gzip
via
1.1 3d166e50ec93c97ac61aad558d457798.cloudfront.net (CloudFront)
x-amz-cf-pop
ATL59-P2
age
6477
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 13 Apr 2023 22:29:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
H4iLqloin7C8vtqktLd0NRe0zEJ36YJx5dKaeQq_Rbl0eIMInQnkvw==
bid
aax.amazon-adsystem.com/e/dtb/
64 B
499 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3528&u=https%3A%2F%2Fo.canada.com%2F&pid=Cf42n1eZc5wkV&cb=0&ws=1600x1200&v=23.414.2006&t=2000&slots=%5B%7B%22sd%22%3A%22ad-1%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-2%22%2C%22s%22%3A%5B%226x6%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-1%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-3%22%2C%22s%22%3A%5B%227x7%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-2%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-4%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-3%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-5%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-4%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-6%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-5%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-7%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-6%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-8%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-7%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-9%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-8%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-10%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-9%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-11%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-10%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-12%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.106.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-106-197.fra60.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:54 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
4GWM8AVPB8SE2CP531GT
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
AyR8vo8eH5ynZtWB7wK_wALw4AGKGDtbpt190Y0py9lVwx79nfMizg==
Robbins-Club-Med_275831266-scaled.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/03/
17 KB
17 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/03/Robbins-Club-Med_275831266-scaled.jpg?quality=90&strip=all&w=344&type=webp&sig=_MLdx_ya4XBeewqmHgPdGg
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.23.3 /
Resource Hash
9c18640014cb8be01b3712883cb601370a8a691b2910d616a188f8e916be280c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Fri, 21 Apr 2023 11:49:51 GMT
via
1.1 google
server
nginx/1.23.3
age
27723
etag
"01bc62d6d5605ec26707fbb3f182e4ec108dde07"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-556576c5cb-l7b4g
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17576
The-Archives_Noelle-scaled-e1679773171892.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/03/
28 KB
29 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/03/The-Archives_Noelle-scaled-e1679773171892.jpg?quality=90&strip=all&w=344&type=webp&sig=4S3i8rNtFf6Ib9FrSeLKzg
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.23.3 /
Resource Hash
2741a76f8222fcac27cd53da970a385f9c0f0252f8bd440fdeed058dfdf10952

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Thu, 20 Apr 2023 12:21:32 GMT
via
1.1 google
server
nginx/1.23.3
age
112222
etag
"21319e6be9183771eb25910ec0b3511bbd75a632"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-556576c5cb-xqm7w
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29110
best-221117-4484-2100x1400-4d34848b-5c36-417b-abd6-ec83da626-e1679527725654.jpg
smartcdn.gprod.postmedia.digital/calgaryherald/wp-content/uploads/2023/03/
30 KB
30 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/calgaryherald/wp-content/uploads/2023/03/best-221117-4484-2100x1400-4d34848b-5c36-417b-abd6-ec83da626-e1679527725654.jpg?quality=90&strip=all&w=344&type=webp&sig=gTiVoPGAYxz95u9rbodRpQ
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.23.3 /
Resource Hash
f4b01fa9015e87a8a2cc7c7bd08156fdb456cd0e89249a08f189fea4a6495163

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-pmd-smartcdn-requester
calgaryherald
date
Fri, 21 Apr 2023 11:49:51 GMT
via
1.1 google
server
nginx/1.23.3
age
27723
etag
"c6905f58c230b78e4f9a710291d95fa913c5b2bb"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-556576c5cb-xqm7w
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30210
img_7769_275226320.jpeg
smartcdn.gprod.postmedia.digital/calgaryherald/wp-content/uploads/2023/02/
32 KB
33 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/calgaryherald/wp-content/uploads/2023/02/img_7769_275226320.jpeg?quality=90&strip=all&w=344&type=webp&sig=DLEWhAA1o9dr6NYFT6NPtg
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.23.3 /
Resource Hash
b9b4f4daa5cf7deb7b20df72a534952835704580cb8785db45c2113c228087cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-pmd-smartcdn-requester
calgaryherald
date
Fri, 21 Apr 2023 11:49:52 GMT
via
1.1 google
server
nginx/1.23.3
age
27722
etag
"0102a6a581cfab512efb913f66bea30f31f7292f"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-556576c5cb-l7b4g
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33278
cabo-1_275377198-scaled.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/03/
12 KB
12 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/03/cabo-1_275377198-scaled.jpg?quality=90&strip=all&w=344&type=webp&sig=ZqrEWLg0mfIUbjCjaRe3WQ
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.23.3 /
Resource Hash
d013e25c3ed322056ae5bf61f416e23b6db04de1356c72d0c896a95b86c8f5e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Fri, 21 Apr 2023 11:49:52 GMT
via
1.1 google
server
nginx/1.23.3
age
27722
etag
"03957eed5f8bfde3f04a900ff28dc54b87b1ab6d"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-556576c5cb-l7b4g
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12578
a-davids-bridal-location-as-retailer-takes-steps-for-bankrup.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/04/
28 KB
28 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/04/a-davids-bridal-location-as-retailer-takes-steps-for-bankrup.jpg?quality=90&strip=all&w=344&type=webp&sig=_JHrw9fExAIL-zW4a7FpdQ
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.23.3 /
Resource Hash
3c4b94a47215a3712f8e0c5060cb586cd2a5726a95fc12b4f38a6811381421b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Fri, 21 Apr 2023 19:30:02 GMT
via
1.1 google
server
nginx/1.23.3
age
112
etag
"dbb303d61ea775cce8831a19137f2a02a4332fde"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-556576c5cb-9sq9b
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28574
0c7a0082_277129370.jpg
smartcdn.gprod.postmedia.digital/ottawacitizen/wp-content/uploads/2023/04/
32 KB
32 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/ottawacitizen/wp-content/uploads/2023/04/0c7a0082_277129370.jpg?quality=90&strip=all&w=344&type=webp&sig=lPPHQ6Ino5gJwoIk-BLpsw
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.23.3 /
Resource Hash
e0be2e6b539a67a5126f28a1bce1d854ffbee3cccba2e1fe7a23a65bcabd4da6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-pmd-smartcdn-requester
ottawacitizen
date
Fri, 21 Apr 2023 01:57:42 GMT
via
1.1 google
server
nginx/1.23.3
age
63252
etag
"f50acf03b5a46bc0bd49e58cc334cf0580cf61ec"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-556576c5cb-xqm7w
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32304
CPAC-1-2.jpg
smartcdn.gprod.postmedia.digital/ottawacitizen/wp-content/uploads/2023/04/
22 KB
22 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/ottawacitizen/wp-content/uploads/2023/04/CPAC-1-2.jpg?quality=90&strip=all&w=344&type=webp&sig=mMB3GBqUgu1NCRiizozH8w
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.23.3 /
Resource Hash
7d31113d3a5c0016c1e52514ecaeda6b8879a5a23dd6fb67f1cb5bc008fb3f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-pmd-smartcdn-requester
ottawacitizen
date
Thu, 20 Apr 2023 09:01:03 GMT
via
1.1 google
server
nginx/1.23.3
age
124251
etag
"5a2dd7dcb5966cb97eab49a41d1f7b5f07a3be00"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-556576c5cb-xqm7w
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22360
Housing.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/04/
32 KB
32 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/04/Housing.jpg?quality=90&strip=all&w=344&type=webp&sig=wz9AQ7Znk6EksokXmjnEXA
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.23.3 /
Resource Hash
6c5396da8d8457713b751b38bfacfbd1eafa4a70588e894bd96fa4b04bcfa78a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Fri, 21 Apr 2023 19:20:40 GMT
via
1.1 google
server
nginx/1.23.3
age
674
etag
"90123196a72c494f5dfb2b12441d00d7d18e164b"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-556576c5cb-n84gl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32560
GettyImages-112561224.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/04/
23 KB
23 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/04/GettyImages-112561224.jpg?quality=90&strip=all&w=344&type=webp&sig=wb2aUB_Kr47ZPui8SBmzNg
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.23.3 /
Resource Hash
82022fa41d13a72f88952e3979f12660c6461738dc1d350ca529d2e37909972c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Fri, 21 Apr 2023 19:31:54 GMT
via
1.1 google
server
nginx/1.23.3
etag
"bedd72461893ea95435a413847af1009c75b985d"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-556576c5cb-9sq9b
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23258
1u1a8992-1_276963869.jpg
smartcdn.gprod.postmedia.digital/calgaryherald/wp-content/uploads/2023/04/
24 KB
24 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/calgaryherald/wp-content/uploads/2023/04/1u1a8992-1_276963869.jpg?quality=90&strip=all&w=344&type=webp&sig=DGVEoUv8rT0LEGKzX4JxZA
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.23.3 /
Resource Hash
22dc2818feac3faf2342b046e731e0f4911c76a254d6ef3231e90179bd0935f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-pmd-smartcdn-requester
calgaryherald
date
Fri, 21 Apr 2023 19:31:54 GMT
via
1.1 google
server
nginx/1.23.3
etag
"a4c4723b7d65f33db16c6003ae28d34c45c8e678"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-556576c5cb-n84gl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24620
nf08-0818-garlic.jpg
smartcdn.gprod.postmedia.digital/edmontonjournal/wp-content/uploads/2023/04/
9 KB
9 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/edmontonjournal/wp-content/uploads/2023/04/nf08-0818-garlic.jpg?quality=90&strip=all&w=344&type=webp&sig=n3yxtPdh4_kxbe_Gp_RVXA
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.23.3 /
Resource Hash
8c48b93cd82074f96dd39e8cf1460faf8bb2de243bd6c725d01f571330e377b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-pmd-smartcdn-requester
edmontonjournal
date
Fri, 21 Apr 2023 19:04:20 GMT
via
1.1 google
server
nginx/1.23.3
age
1654
etag
"e648116c84d96ce4ae1c091bf34fc1ecab385f25"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-556576c5cb-9sq9b
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9366
0422-minter-one.jpg
smartcdn.gprod.postmedia.digital/vancouversun/wp-content/uploads/2023/04/
35 KB
36 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/vancouversun/wp-content/uploads/2023/04/0422-minter-one.jpg?quality=90&strip=all&w=344&type=webp&sig=aI6ucZid6pWoKvMz3hpDLA
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.23.3 /
Resource Hash
5ce69af4940a08ea9dd52a568fa32b839efa9a4f13114654959bfa8223819620

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-pmd-smartcdn-requester
vancouversun
date
Fri, 21 Apr 2023 18:06:27 GMT
via
1.1 google
server
nginx/1.23.3
age
5127
etag
"578d7123d52b5fda791054cb2f487ff748cfdd15"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-556576c5cb-rsnh9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36324
fab-five-spring-event-dresses-nouvelle-nouvelle-toit-volant--1.jpg
smartcdn.gprod.postmedia.digital/vancouversun/wp-content/uploads/2023/04/
10 KB
10 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/vancouversun/wp-content/uploads/2023/04/fab-five-spring-event-dresses-nouvelle-nouvelle-toit-volant--1.jpg?quality=90&strip=all&w=344&type=webp&sig=0bqX2Xgo3jphglPtZa8F_Q
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.23.3 /
Resource Hash
b36929edc97506b13316f1ee18bc06e44be322676dbadd8a5689ef4b62911080

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-pmd-smartcdn-requester
vancouversun
date
Fri, 21 Apr 2023 18:05:56 GMT
via
1.1 google
server
nginx/1.23.3
age
5158
etag
"f31248969b397181714f06cc7a4d026b362d842b"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-556576c5cb-czgpw
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10458
pub
pixel.adsafeprotected.com/services/
2 KB
2 KB
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=928934&slot=%7Bid:ad-1,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-2,ss:%5B6.6,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-native-1,ss:%5B5.5%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-3,ss:%5B7.7,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-native-2,ss:%5B5.5%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-4,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-native-3,ss:%5B5.5%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-5,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-native-4,ss:%5B5.5%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-6,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-native-5,ss:%5B5.5%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-7,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-native-6,ss:%5B5.5%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-8,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-native-7,ss:%5B5.5%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-9,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-native-8,ss:%5B5.5%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-10,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-native-9,ss:%5B5.5%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-11,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-native-10,ss:%5B5.5%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-12,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=1f89ba2a-d981-c147-6d94-d065ebd041d5&url=https%253A%252F%252Fo.canada.com%252F
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.135.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-135-85.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
01eca4a441fa8a9ef085e41c69e198952f7530644fbc3d1ff093545c7864d1d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:54 GMT
server
nginx
x-server-name
app01.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://o.canada.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
4f6161d682044f60dd0f20.js
dcs-static.gprod.postmedia.digital/13.3.0/websites/js/
5 KB
2 KB
Script
General
Full URL
https://dcs-static.gprod.postmedia.digital/13.3.0/websites/js/4f6161d682044f60dd0f20.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/13.3.0/CACHE/js/shared.72fe1588dbc6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6342cb9dc3c060e563089dfc844b2b9465b41b9701ef9c9b3493bcf564057e6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 08:28:41 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1680551564
age
126193
x-guploader-uploadid
ADPycdvwQkeElqwkGHWbZkJXOq-3h3QdHZ2GR-lB3c4v47VcWCcIZHqsoFB0DzZTpVpwZTeaGZZTRojfu_mRiCyVMnnoXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1899
last-modified
Tue, 11 Apr 2023 17:05:09 GMT
server
UploadServer
etag
W/"007fd3b9f2ce3fd51e8cd5bd1be95274"
vary
Accept-Encoding
x-goog-generation
1681232709281771
x-goog-hash
crc32c=voRUyQ==, md5=AH/TufLOP9UejNW9G+lSdA==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
5175
accept-ranges
none
65079a5abc8be7057f994.js
dcs-static.gprod.postmedia.digital/13.3.0/websites/js/
11 KB
3 KB
Script
General
Full URL
https://dcs-static.gprod.postmedia.digital/13.3.0/websites/js/65079a5abc8be7057f994.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/13.3.0/CACHE/js/shared.72fe1588dbc6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
604b9cf337c21d5ffee6265583dcb1ff9fc38cda8bfd50ac6925325f843a2375

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:49:45 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1680551564
age
92529
x-guploader-uploadid
ADPycdsd-9--8wG27kqXC2wfGktvWba6ajz8355Ae3vEJ9Z2V2rKBaOajvHGjhCL7EfQsq0nHk1YpJ9tPFhJP9Oj0o0H
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3192
last-modified
Tue, 11 Apr 2023 17:05:09 GMT
server
UploadServer
etag
W/"af103ed23009aa6f4424aebb0e89e9b1"
vary
Accept-Encoding
x-goog-generation
1681232709510462
x-goog-hash
crc32c=8Ax41g==, md5=rxA+0jAJqm9EJK67DonpsQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
11392
accept-ranges
none
affc78503e58be0e3d6215.js
dcs-static.gprod.postmedia.digital/13.3.0/websites/js/
2 KB
1011 B
Script
General
Full URL
https://dcs-static.gprod.postmedia.digital/13.3.0/websites/js/affc78503e58be0e3d6215.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/13.3.0/CACHE/js/shared.72fe1588dbc6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ec5e8bdd195cceea062b48abe6d0a3b340337e62fe7807f683304115c1ee8fd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 21:53:47 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1680551564
age
164287
x-guploader-uploadid
ADPycduG6f1pc82rm4lUlHRKIwEZZOFbd6J7qIAmv0tIq9xbEV3H4TqTCkoY8rddGS1aCRwpPbnMQ_m3ozlQsc43jKbHBgI2Qydj
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
969
last-modified
Tue, 11 Apr 2023 17:05:10 GMT
server
UploadServer
etag
W/"d582b4f3021ce75a848894824cb76d56"
vary
Accept-Encoding
x-goog-generation
1681232710242903
x-goog-hash
crc32c=etNR3A==, md5=1YK08wIc51qEiJSCTLdtVg==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
2483
accept-ranges
none
pxid
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/
46 B
390 B
XHR
General
Full URL
https://23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/pxid?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
177ef68b60dfcce3948991f1f84d80ee162561ae67c2282faef41db6eb4e0c42

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 21 Apr 2023 19:31:54 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
getuidj
ib.adnxs.com/
11 B
812 B
XHR
General
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 19:31:54 GMT
AN-X-Request-Uuid
11a42295-3369-4a86-9a86-926b4a9242fa
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://o.canada.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.109; 80.255.7.109; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
11
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
23dc09d6-b664-425a-a76e-0eed6a6cc102-models.bin
cdn.permutive.com/models/v2/
48 KB
33 KB
XHR
General
Full URL
https://cdn.permutive.com/models/v2/23dc09d6-b664-425a-a76e-0eed6a6cc102-models.bin
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.149.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4e3ce725f71e490d2403ef9921e00107d5bb11d834a2a5b947a9cf6883db9af

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 21 Apr 2023 19:31:54 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
x-goog-meta-oid
23dc09d6-b664-425a-a76e-0eed6a6cc102
age
0
x-guploader-uploadid
ADPycdv8i7aZEc5xoFyugslONNapIEJ9f1LbHC8AhiDfHs3mGINKTvqhnRPw1IkMmLZnfJdci14RGt9MKkg3zLd3gkKW6A
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
33134
last-modified
Fri, 21 Apr 2023 06:02:20 GMT
server
cloudflare
etag
"f26cca9f4d74a021ef2e23ddf9cd7558"
vary
Accept-Encoding
x-goog-generation
1682056940524467
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=dTI1fQ==, md5=8mzKn010oCHvLiPd+c11WA==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
33134
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7bb80ccc79bd03ac-FRA
expires
Fri, 21 Apr 2023 19:31:54 GMT
geoip
api.permutive.com/v2.0/
209 B
336 B
XHR
General
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
9d799961163bc310e9b528b76ced3dd459085488c92a0713ce48f2ee67c4a06b

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 21 Apr 2023 19:31:54 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
144
watson
api.permutive.com/v2.0/
317 B
284 B
XHR
General
Full URL
https://api.permutive.com/v2.0/watson?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
fbe2776528321e86eab1c9f37320995207af2ddc97a41f452b022e7a2495c987

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 21 Apr 2023 19:31:54 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
219
arj
postmedia-d.openx.net/w/1.0/
73 B
374 B
XHR
General
Full URL
https://postmedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fo.canada.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b58f1a28-dc88-4b34-a857-4976bf259024%2C9a50dc40-e1d2-4e16-913e-5ddcdeca6e72%2Cacfec8c0-9093-43b1-bd34-18418c04afba%2Ca66266b2-592b-4954-8ae9-dcffcceb35bd%2C31818f83-b723-4244-818e-30b3a7e26473%2Cbb366da7-07f3-45e8-bca4-f06353819a01%2C5a1ba445-a961-4e2d-b98a-5199cc59ed77%2Cb8576243-4bc4-41a8-8960-b7c1f9bdc87e%2C47f5eb22-d5ed-4244-b045-e0b4a850b53d%2Cb0b47be8-5cfb-44e8-b2ba-32d97fd63580%2Cb9717da9-3443-47dd-8354-c1109107e501%2C743febe9-b9c7-4acf-a3b9-9fcf15f26977&nocache=1682105514895&sua=%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D&pubcid=2761ed64-1062-4942-a3d7-8195063f218a&aus=970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250&divids=ad-1%2Cad-2%2Cad-3%2Cad-4%2Cad-5%2Cad-6%2Cad-7%2Cad-8%2Cad-9%2Cad-10%2Cad-11%2Cad-12&aucs=%252F3081%252Fccn.com%252Findex%2523ad-1%2C%252F3081%252Fccn.com%252Findex%2523ad-2%2C%252F3081%252Fccn.com%252Findex%2523ad-3%2C%252F3081%252Fccn.com%252Findex%2523ad-4%2C%252F3081%252Fccn.com%252Findex%2523ad-5%2C%252F3081%252Fccn.com%252Findex%2523ad-6%2C%252F3081%252Fccn.com%252Findex%2523ad-7%2C%252F3081%252Fccn.com%252Findex%2523ad-8%2C%252F3081%252Fccn.com%252Findex%2523ad-9%2C%252F3081%252Fccn.com%252Findex%2523ad-10%2C%252F3081%252Fccn.com%252Findex%2523ad-11%2C%252F3081%252Fccn.com%252Findex%2523ad-12&auid=558243301%2C558243301%2C558243301%2C558243301%2C558243301%2C558243301%2C558243301%2C558243301%2C558243301%2C558243301%2C558243301%2C558243301&aumfs=27%2C27%2C27%2C27%2C27%2C27%2C27%2C27%2C27%2C27%2C27%2C27
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
bcfa4e9901abcf24cecda2f7d296b954eea016cc7e9a0afff1623f9ba6258828

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://o.canada.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/
2 B
294 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?ptv=135&profileId=185&av=35&wv=7.40.0&cb=82136019138
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a005::17 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Apr 2023 19:31:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
28
pbjs
htlb.casalemedia.com/openrtb/
37 B
563 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=901899
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f9164ffff3e5d74f9d77b54f93c97de53ad77dc53a0bbbdc109f79fd2afa865

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:31:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L9Mu2%2FZePyN9m2l6U8us%2FzyvuLr5yHaE0%2F0tfK%2FcmdiZcCftjj5RWXeQuAn4mqjqBuE5R8603VkDmuLu8Ka7oPmQ1ObgujnSB8VOe27pjE3Y3dAzl5shNVE%2FmaDZItdsQUYPJ29T"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://o.canada.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7bb80cccfb8035e6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/
37 B
311 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=901899
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f9164ffff3e5d74f9d77b54f93c97de53ad77dc53a0bbbdc109f79fd2afa865

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:31:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RZlX9NYsQVRcXDVCo9VYVN1H7gACIEWXmBQAhkFdxsm%2Fb1fFzukCe22VM1eYDG2uN6CNU53KXtDp9LCVQPasH84RwbWmtC1%2FuLGdGrolA6MixYrxXUrjo2rRmIqg%2BvIwR4OdF%2FGR"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://o.canada.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7bb80cccfb8435e6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/
37 B
311 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=901899
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f9164ffff3e5d74f9d77b54f93c97de53ad77dc53a0bbbdc109f79fd2afa865

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:31:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RNkQbBv9Dnsj7N8IUsZC%2FP%2BeI7OAo5SUCNhcbHKps6OCD7oCgyEIOA1pyUFQZRqOCkabRKFxL65886rpnF%2Bqr69dgJviQjr4k3EC68wiu31jdXLwJYquYLrSlJgQRcV46%2FcU0klD"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://o.canada.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7bb80cccfb8835e6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/
37 B
313 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=901899
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f9164ffff3e5d74f9d77b54f93c97de53ad77dc53a0bbbdc109f79fd2afa865

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:31:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VRwIseoeAOxTIbUhh1vQyYk286jhzmS44lF5Onl%2Bsf%2FDv0IsYQj3qMnLn06RVy%2BN6Y0%2FICgPwTRE1lGPzLJRbDGbmwMKZYCqICaWEas8cJVOPg4GSwAyLMSWWBzbgtEYp90v%2F4BJ"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://o.canada.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7bb80cccfb8a35e6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
translator
hbopenbid.pubmatic.com/
0
113 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://o.canada.com
date
Fri, 21 Apr 2023 19:31:55 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/
1 KB
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c3b66e70d3dae3e359fb54b663ca061040d6f28ebd38fb579d634bff5f55fede
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 21 Apr 2023 19:31:55 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.109; 80.255.7.109; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
bdfbae46-f94b-4089-a568-37f22bb05323
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://o.canada.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
1 KB
3 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14648&site_id=359816&zone_id=2596708&size_id=15&alt_size_ids=2%2C55%2C57&eid_pubcid.org=2761ed64-1062-4942-a3d7-8195063f218a%5E1&rf=https%3A%2F%2Fo.canada.com%2F&tg_i.page=https%3A%2F%2Fo.canada.com%2F&tg_i.domain=o.canada.com&tg_i.aupname=%2F3081%2Fccn.com%2Findex&tg_i.pbadslot=%2F3081%2Fccn.com%2Findex%23ad-1%3B%2F3081%2Fccn.com%2Findex%23ad-2%3B%2F3081%2Fccn.com%2Findex%23ad-3%3B%2F3081%2Fccn.com%2Findex%23ad-4%3B%2F3081%2Fccn.com%2Findex%23ad-5%3B%2F3081%2Fccn.com%2Findex%23ad-6%3B%2F3081%2Fccn.com%2Findex%23ad-7%3B%2F3081%2Fccn.com%2Findex%23ad-8%3B%2F3081%2Fccn.com%2Findex%23ad-9%3B%2F3081%2Fccn.com%2Findex%23ad-10&tk_flint=dmpbjs_v7.40.0&x_source.tid=b58f1a28-dc88-4b34-a857-4976bf259024%3B9a50dc40-e1d2-4e16-913e-5ddcdeca6e72%3Bacfec8c0-9093-43b1-bd34-18418c04afba%3Ba66266b2-592b-4954-8ae9-dcffcceb35bd%3B31818f83-b723-4244-818e-30b3a7e26473%3Bbb366da7-07f3-45e8-bca4-f06353819a01%3B5a1ba445-a961-4e2d-b98a-5199cc59ed77%3Bb8576243-4bc4-41a8-8960-b7c1f9bdc87e%3B47f5eb22-d5ed-4244-b045-e0b4a850b53d%3Bb0b47be8-5cfb-44e8-b2ba-32d97fd63580&l_pb_bid_id=139082962693117%3B140e0d2108e176a3%3B141ad18d28bc7a85%3B142e67ded576e133%3B143985d2fa6706be%3B144bfa695830cd08%3B145b68f5b22e9e5a%3B146ebc2fdc5d66fb%3B147599a8c09ae08e%3B1481f78375a403f5&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.02&rp_maxbids=1&p_gpid=%2F3081%2Fccn.com%2Findex%23ad-1%3B%2F3081%2Fccn.com%2Findex%23ad-2%3B%2F3081%2Fccn.com%2Findex%23ad-3%3B%2F3081%2Fccn.com%2Findex%23ad-4%3B%2F3081%2Fccn.com%2Findex%23ad-5%3B%2F3081%2Fccn.com%2Findex%23ad-6%3B%2F3081%2Fccn.com%2Findex%23ad-7%3B%2F3081%2Fccn.com%2Findex%23ad-8%3B%2F3081%2Fccn.com%2Findex%23ad-9%3B%2F3081%2Fccn.com%2Findex%23ad-10&slots=10&rand=0.0034917720507567918
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a178bd02afbb6d31490dea788229a580c29211ca0519cf054e4851ed463aef32

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://o.canada.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
489 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14648&site_id=359816&zone_id=2596708&size_id=15&alt_size_ids=2%2C55%2C57&eid_pubcid.org=2761ed64-1062-4942-a3d7-8195063f218a%5E1&rf=https%3A%2F%2Fo.canada.com%2F&tg_i.page=https%3A%2F%2Fo.canada.com%2F&tg_i.domain=o.canada.com&tg_i.aupname=%2F3081%2Fccn.com%2Findex&tg_i.pbadslot=%2F3081%2Fccn.com%2Findex%23ad-11%3B%2F3081%2Fccn.com%2Findex%23ad-12&tk_flint=dmpbjs_v7.40.0&x_source.tid=b9717da9-3443-47dd-8354-c1109107e501%3B743febe9-b9c7-4acf-a3b9-9fcf15f26977&l_pb_bid_id=149610a4c4fd1a8d%3B150dda78b47ab9ee&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.02&rp_maxbids=1&p_gpid=%2F3081%2Fccn.com%2Findex%23ad-11%3B%2F3081%2Fccn.com%2Findex%23ad-12&slots=2&rand=0.5857420299783391
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
84877b8a1446370ea19d84090c1281f9b6cbf64ba0c7e355c0a42ab185c85cef

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:31:55 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://o.canada.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/
25 B
400 B
XHR
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.40.0
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e252ba32ffa0c8478b38ac5619c7b60a0befc4425fa8d765f3fe3ab1d44de072

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 21 Apr 2023 19:31:55 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://o.canada.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/
54 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.20.217.188 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-217-188.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Fri, 21 Apr 2023 19:46:55 GMT
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/
0
456 B
XHR
General
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.204.208.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-208-84.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Fri, 21 Apr 2023 19:31:55 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame
0
0
Preflight
General
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.204.208.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-208-84.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://o.canada.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Fri, 21 Apr 2023 19:31:55 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
918c3813-8cad-4ef7-9ee1-206683a605de
https://o.canada.com/
123 KB
0
Other
General
Full URL
blob:https://o.canada.com/918c3813-8cad-4ef7-9ee1-206683a605de
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ef68379a69640d0c20a69c71426a5d0a49d1118dd9ecfeddbe81ba25c326bbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
126357
Content-Type
8eaecdd2-72f5-48e0-9d37-3f0618d857e9
https://o.canada.com/
123 KB
0
Other
General
Full URL
blob:https://o.canada.com/8eaecdd2-72f5-48e0-9d37-3f0618d857e9
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ef68379a69640d0c20a69c71426a5d0a49d1118dd9ecfeddbe81ba25c326bbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
126357
Content-Type
/
o.canada.com/api-root/media/videos/playlists/zNackYHG/player/json/
9 KB
2 KB
Fetch
General
Full URL
https://o.canada.com/api-root/media/videos/playlists/zNackYHG/player/json/
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/13.3.0/websites/js/65c1728f2033e06a11127.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.249.109 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
109.249.111.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
44646e7a5577d1b30d00771cc79c7261dac30e52aab2cb237561aea959a9f0e9
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
referrer-policy
strict-origin-when-cross-origin
last-modified
Friday, 21-Apr-2023 19:31:55 GMT
server
nginx/1.14.2
x-pmd-backend
pmd-nginx-proxy-7f544499d4-z6gmv
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept, Cookie, Origin
content-type
application/json
allow
GET, HEAD, OPTIONS
cache-control
max-age=900, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
permissions-policy
autoplay=(*), camera=(*), display-capture=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), microphone=(*), payment=(*)
expires
Fri, 21 Apr 2023 19:32:32 GMT
simple
api.sail-personalize.com/v1/personalize/
288 B
497 B
Fetch
General
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash
9c14d1d9608c1f14225617cfed30a14ff6429e20777f7c304290413beb5d35d5

Request headers

x-lib-version
v1.0.1
accept-language
de-DE,de;q=0.9
authorization
Bearer b9d3df2fccd108b5eff3c44f573b2cd6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://o.canada.com/
x-referring-url
https://o.canada.com/

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
allowedorigins
*
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
allowedmethods
GET,OPTIONS
cache-control
no-store
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
196
expires
-1
simple
api.sail-personalize.com/v1/personalize/ Frame
0
0
Preflight
General
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method
GET
Origin
https://o.canada.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin
https://o.canada.com
access-control-max-age
1800
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Fri, 21 Apr 2023 19:31:55 GMT
identify
api.permutive.com/v2.0/
50 B
88 B
XHR
General
Full URL
https://api.permutive.com/v2.0/identify?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
17088c608eae712ec37c502e772852ef73c9e5f32c8f9f261621bcde5830433c

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
sync
googlesync.permutive.com/v2.0/px/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=e2301df0-f692-496c-a1a4-8e9ba98652f2
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=e2301df0-f692-496c-a1a4-8e9ba98652f2&google_tc=
  • https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEGZpw9mG97q_3JQZzi_w2wY&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=e2301df0-f692-496c-a1a4-8e9ba98652f2&google_cver=1
35 B
176 B
Image
General
Full URL
https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEGZpw9mG97q_3JQZzi_w2wY&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=e2301df0-f692-496c-a1a4-8e9ba98652f2&google_cver=1
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
vary
Origin
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:31:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEGZpw9mG97q_3JQZzi_w2wY&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=e2301df0-f692-496c-a1a4-8e9ba98652f2&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
404
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
segment
api.permutive.com/adv/v2/
30 B
94 B
XHR
General
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
b445bad8e6fcb75a280aab0d13732970ddcb3e855e14f5281ec4200b871ac7ef

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 21 Apr 2023 19:31:55 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30
content-type
application/json
comscore.js
storage.googleapis.com/pmd-dev-northamerica-northeast1-asset-analytics-pub/js/
168 KB
168 KB
Script
General
Full URL
https://storage.googleapis.com/pmd-dev-northamerica-northeast1-asset-analytics-pub/js/comscore.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/13.3.0/websites/js/1c5126d5938ab9ae97a140.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
276b5244682738d09b1f2ea556faf7d6d967c844fa95c762c121a0957ebe4503

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 18:57:53 GMT
age
2042
x-guploader-uploadid
ADPycduGb2dRSyy7OsWi02vU0Fxa55ZWT_6BI_gXpSwHwE2X1KuFlIkmi3-5-mkvFxAs3NC6Hw9J66BQIEvtFxolY1vsyA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
171739
last-modified
Tue, 13 Sep 2022 19:04:43 GMT
server
UploadServer
etag
"702fb2c84c6e8b364a6130cb860c7987"
x-goog-generation
1663095883714722
x-goog-hash
crc32c=aQkgGQ==, md5=cC+yyExuizZKYTDLhgx5hw==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
171739
accept-ranges
bytes
expires
Fri, 21 Apr 2023 19:57:53 GMT
0z1m5a4b-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/mVlrGuYl/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/0z1m5a4b-320.jpg
17 KB
18 KB
Image
General
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/0z1m5a4b-320.jpg
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
092cd9c4826b6efb6273c803188196fd09f420563712dea4adcecb61a26fc83b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
683
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
17570
x-served-by
cache-iad-kiad7000095-IAD, cache-hhn-etou8220037-HHN
last-modified
Wed, 19 Apr 2023 19:26:46 GMT
server
nginx
x-timer
S1682105516.521185,VS0,VE1
etag
"818f5d4f5fcecfb0282c9119e5f172a8"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
20, 1

Redirect headers

date
Fri, 21 Apr 2023 19:31:55 GMT
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/0z1m5a4b-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
4dlgYFAa8kGEGPO-yFsXSrJ1jicdjCVgUevH8CkUSHitQw-GZ1UKmw==
9zutyodg-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/NHIZTWRz/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/9zutyodg-320.jpg
16 KB
16 KB
Image
General
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/9zutyodg-320.jpg
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
581d258b926c1cb7d85cd813ab77712c0c7b0ab3c3efdbe98a8cec08a6674060

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
386
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
16327
x-served-by
cache-iad-kcgs7200114-IAD, cache-hhn-etou8220037-HHN
last-modified
Mon, 17 Apr 2023 22:19:30 GMT
server
nginx
x-timer
S1682105516.521435,VS0,VE2
etag
"2b9aac04d655ea938e70468c88f46165"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
65, 1

Redirect headers

date
Fri, 21 Apr 2023 19:31:55 GMT
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/9zutyodg-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
j0yguBglhmBR4-Uvuk3lQFLnRsSUKUShGoaw6phj0vFHV6honMWZbg==
g4mcmyw7-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/pk7viBG8/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/g4mcmyw7-320.jpg
43 KB
43 KB
Image
General
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/g4mcmyw7-320.jpg
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ab31f40034920c1b534146957bf16fd87455ee28193b564863bae4014b6fc9c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
683
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
43647
x-served-by
cache-iad-kcgs7200170-IAD, cache-hhn-etou8220037-HHN
last-modified
Thu, 13 Apr 2023 20:14:19 GMT
server
nginx
x-timer
S1682105516.522214,VS0,VE2
etag
"0241fca92d3fc10bbe3586df36e8ba7a"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
24, 1

Redirect headers

date
Fri, 21 Apr 2023 19:31:55 GMT
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/g4mcmyw7-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
2kRKmp8BrX7iXhmqcQyoRxdszXdXq27BH9MY4k6NLDii00ItRvriPA==
PRx3AmKN-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/oWKsCuki/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/PRx3AmKN-320.jpg
21 KB
21 KB
Image
General
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/PRx3AmKN-320.jpg
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c843c33ccd262782405dd3b16ef2e820cb36a03109002ef9ec29a137efff8c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
683
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
21265
x-served-by
cache-iad-kcgs7200081-IAD, cache-hhn-etou8220037-HHN
last-modified
Thu, 13 Apr 2023 02:46:18 GMT
server
nginx
x-timer
S1682105516.521288,VS0,VE3
etag
"b2bdbcdd893aec1879ab39d546f120b8"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
3, 1

Redirect headers

date
Fri, 21 Apr 2023 19:31:55 GMT
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/PRx3AmKN-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
Wj3v6ikEd7IilrhpJXDleG1DzZ4AhJ1WyAM3M2nLYFDgQLgisGXPDQ==
CrZd9FoV-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/ZScHFlUa/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/CrZd9FoV-320.jpg
14 KB
14 KB
Image
General
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/CrZd9FoV-320.jpg
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a605f554398f3664fa0fa05fa0a5d08405e44234f6879a6f3016b7c30289a9f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
443
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
14564
x-served-by
cache-iad-kiad7000036-IAD, cache-hhn-etou8220037-HHN
last-modified
Wed, 12 Apr 2023 14:48:13 GMT
server
nginx
x-timer
S1682105516.521958,VS0,VE1
etag
"cc65dd258839d192b217d92df5a2be1e"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
16517, 1

Redirect headers

date
Fri, 21 Apr 2023 19:31:55 GMT
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/CrZd9FoV-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
0BvxIAivvLo8aNxEIY26HrXUvjmH3CiNpAvMcQHEDgc5YFQYXt91mA==
38g3172v-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/SAa5eY0t/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/38g3172v-320.jpg
13 KB
13 KB
Image
General
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/38g3172v-320.jpg
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0e72d013e79451e4b8a4921419dea75533763d65651fbe75275aa6a5d3acf229

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
443
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
12864
x-served-by
cache-iad-kcgs7200160-IAD, cache-hhn-etou8220037-HHN
last-modified
Mon, 10 Apr 2023 20:17:47 GMT
server
nginx
x-timer
S1682105516.522106,VS0,VE2
etag
"9f971a904d3d9db1ce32fd56fad835cb"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
4030, 1

Redirect headers

date
Fri, 21 Apr 2023 19:31:55 GMT
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/38g3172v-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
mJkN8oSm1qXLk7jjtJyZE5lu3tj7zETfI21U1xirUaQn7Jkx4D6zHA==
M2uuck0r-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/JBXrf8E4/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/M2uuck0r-320.jpg
28 KB
28 KB
Image
General
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/M2uuck0r-320.jpg
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
59c01d3a87aba7509f64488a639195961163184d682168eb9d587a0a6f801a9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
683
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
28655
x-served-by
cache-iad-kiad7000149-IAD, cache-hhn-etou8220037-HHN
last-modified
Thu, 06 Apr 2023 18:42:04 GMT
server
nginx
x-timer
S1682105516.558797,VS0,VE1
etag
"8e8e5263504f794b3d2bb48fd539b6e1"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
15110, 1

Redirect headers

date
Fri, 21 Apr 2023 19:31:55 GMT
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/M2uuck0r-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
74ogOvVqYaIGBg1R-M6vW08W7ckp9isbp9DW5oINp2zXsTvHICa7hw==
GER0RdQo-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/h7MyIJmY/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/GER0RdQo-320.jpg
18 KB
19 KB
Image
General
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/GER0RdQo-320.jpg
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d4e0293f1518151cb34061f0a4f3b9b56e1d86cea431c6f3802b7b2d4428d32b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
443
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
18616
x-served-by
cache-iad-kiad7000176-IAD, cache-hhn-etou8220037-HHN
last-modified
Thu, 06 Apr 2023 20:15:52 GMT
server
nginx
x-timer
S1682105516.521961,VS0,VE91
etag
"6b31a1c003c55772b246ceb057e21273"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
36159, 1

Redirect headers

date
Fri, 21 Apr 2023 19:31:55 GMT
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/GER0RdQo-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
GfWsuU92bMXH9qy58kYIMdxdz8VHrdFps8Cu6mcFlVPbZpykIoWtAQ==
sfa013va-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/hsft5pjj/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/sfa013va-320.jpg
28 KB
28 KB
Image
General
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/sfa013va-320.jpg
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c1a59f8bdfea0998b5c3030f34e98dd678b6b79afe1486b173543f109cad51d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
249
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
28421
x-served-by
cache-iad-kcgs7200120-IAD, cache-hhn-etou8220037-HHN
last-modified
Wed, 05 Apr 2023 21:22:09 GMT
server
nginx
x-timer
S1682105516.521828,VS0,VE92
etag
"05a8c009bbc9b4f80982c1c9986ec18a"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
57970, 1

Redirect headers

date
Fri, 21 Apr 2023 19:31:55 GMT
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/sfa013va-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
gDYFaW7EXbzUEmMUHkL9EjVI8ZClnHFoZlT4qdFlnCm4JWRZpduQLQ==
XfS4caFq-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/XwSvaCKl/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/XfS4caFq-320.jpg
29 KB
29 KB
Image
General
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/XfS4caFq-320.jpg
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d313757775c99965549cd4798be91e2c9514bd5e27436f3ba7e5e9ad5f1c787d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
594
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
29496
x-served-by
cache-iad-kiad7000117-IAD, cache-hhn-etou8220037-HHN
last-modified
Thu, 20 Apr 2023 17:03:30 GMT
server
nginx
x-timer
S1682105516.558782,VS0,VE3
etag
"d85c1bce678a8e4f7bc3267db99e3fef"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
31, 1

Redirect headers

date
Fri, 21 Apr 2023 19:31:55 GMT
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/XfS4caFq-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
FEqthh0hM8SGnASht-1-6a7PDHB-HAWsAyzvnKuQcDFLsWWYBh2VeQ==
IrYAVodh.js
cdn.jwplayer.com/libraries/
109 KB
41 KB
Script
General
Full URL
https://cdn.jwplayer.com/libraries/IrYAVodh.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/13.3.0/websites/js/1c5126d5938ab9ae97a140.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:7a00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
f4b014d5d9c62b5640d2971c2a1b8dedf275350cb4ec22a33da5e3520da1919d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180
x-robots-tag
noindex, indexifembedded
content-length
41681
x-amz-cf-id
AMwnAlbrk8Wqy2MxlPWBK2J19aS0-xESZcX6M8xJUZM-bN0iFkvB2Q==
events
bidder.criteo.com/csm/
0
213 B
Ping
General
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a005::17 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/
39 KB
10 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a6516337bf8c304df648ce25ecd89e807b766e691885247e86d069f430f7eaac
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 21 Apr 2023 19:31:55 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.109; 80.255.7.109; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
1cdc92b4-5fdc-42a6-92c8-197b718b1abb
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://o.canada.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
postmedia-d.openx.net/w/1.0/
130 B
206 B
XHR
General
Full URL
https://postmedia-d.openx.net/w/1.0/arj?auid=542276131%2C542276130%2C542276129%2C542276139%2C542276136%2C542276134%2C542276132%2C542276150%2C542276147%2C542276144%2C542276141%2C542276121&aus=300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90&ju=https%3A%2F%2Fo.canada.com%2F&jr=&ch=UTF-8&tz=0&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._MYDVZ7IJ&cache=1682105515376
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
7f403f1af6606203ed4edced0e85b8146f830c4e61eb3ec17a19005760897a4a

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://o.canada.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
btlr.sharethrough.com/t6oivhQt/
0
110 B
XHR
General
Full URL
https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=hzsusVmqC5eWvQJsY0u4eekI&bidId=_6s79dZx1&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.3.0&cbust=1682105515376&secure=true
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.216.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-216-158.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://o.canada.com
date
Fri, 21 Apr 2023 19:31:55 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/t6oivhQt/
0
110 B
XHR
General
Full URL
https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=Xt2r1QU8tTAXPb6tzO3pklF3&bidId=_6CUiGXNU&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.3.0&cbust=1682105515377&secure=true
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.216.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-216-158.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://o.canada.com
date
Fri, 21 Apr 2023 19:31:55 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/t6oivhQt/
0
110 B
XHR
General
Full URL
https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=19XOE1tymKWfUgsquwZuAYYg&bidId=_VW9kjQ8g&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.3.0&cbust=1682105515377&secure=true
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.216.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-216-158.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://o.canada.com
date
Fri, 21 Apr 2023 19:31:55 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/t6oivhQt/
0
111 B
XHR
General
Full URL
https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=4cyEfY7AQaf54g87vCF4eUYl&bidId=_M8NEiVcl&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.3.0&cbust=1682105515377&secure=true
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.216.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-216-158.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://o.canada.com
date
Fri, 21 Apr 2023 19:31:55 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/t6oivhQt/
0
110 B
XHR
General
Full URL
https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=MUdPh0jMXqCGFsJdh4ib5FEt&bidId=_gloRSpUp&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.3.0&cbust=1682105515377&secure=true
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.216.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-216-158.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://o.canada.com
date
Fri, 21 Apr 2023 19:31:55 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/t6oivhQt/
0
110 B
XHR
General
Full URL
https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=ui9DdqmWqvNyHhSQx6UNg6EF&bidId=_53TvxMU0&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.3.0&cbust=1682105515377&secure=true
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.216.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-216-158.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://o.canada.com
date
Fri, 21 Apr 2023 19:31:55 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/t6oivhQt/
0
110 B
XHR
General
Full URL
https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=nFaTIuTY4RmaA59XBMOBp0su&bidId=_CHwv3er6&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.3.0&cbust=1682105515378&secure=true
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.216.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-216-158.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://o.canada.com
date
Fri, 21 Apr 2023 19:31:55 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/t6oivhQt/
0
110 B
XHR
General
Full URL
https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=qDeHhy6XpZBB8AMn22kYGbUt&bidId=_VxVnKJDV&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.3.0&cbust=1682105515378&secure=true
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.216.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-216-158.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://o.canada.com
date
Fri, 21 Apr 2023 19:31:55 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/t6oivhQt/
0
110 B
XHR
General
Full URL
https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=GeBLm9MgD6ysVhfy4NEPbbXx&bidId=_LVMD2UoV&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.3.0&cbust=1682105515378&secure=true
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.216.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-216-158.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://o.canada.com
date
Fri, 21 Apr 2023 19:31:55 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/t6oivhQt/
0
110 B
XHR
General
Full URL
https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=HmuNusdS6xt11eISKMpyYkEP&bidId=_x1qCNqut&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.3.0&cbust=1682105515378&secure=true
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.216.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-216-158.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://o.canada.com
date
Fri, 21 Apr 2023 19:31:55 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/t6oivhQt/
0
110 B
XHR
General
Full URL
https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=wt6NCcwEyNTDNIluSYOPHljH&bidId=_Ixt7bInh&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.3.0&cbust=1682105515378&secure=true
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.216.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-216-158.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://o.canada.com
date
Fri, 21 Apr 2023 19:31:55 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/t6oivhQt/
0
110 B
XHR
General
Full URL
https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=YpGNmXyJuc3hYt7HmpGuGwgE&bidId=_B1Fhi7PX&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.3.0&cbust=1682105515378&secure=true
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.216.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-216-158.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://o.canada.com
date
Fri, 21 Apr 2023 19:31:55 GMT
access-control-allow-credentials
true
vary
Origin
cygnus
htlb.casalemedia.com/
30 B
310 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=307796
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5ba86f4b77800708c17938240e0c6f1ad870ed4c1beb95ffd4f053409027efd

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:31:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jtL%2B%2FFZD%2BmJv2WnUhKC27kZSEi14gYoZ%2Fs%2Bgq2l%2B15bgyWCUX0dA8cS2vVRSPEo34fQx3w7kdttFRr3ZSMyMjEQxtBtNZvMmXcE0ZhllIEAcXB8MXfXiy22khdoohgIxZaznVa5U"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://o.canada.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7bb80ccf4ed935e6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30
expires
0
bidRequest
c2shb.ssp.yahoo.com/
62 B
281 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c4f7901cc&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
ac7bbc8b5538b696ea0a5c3e9b30bb0ee3d8f646cc815f724b57b75df96ec0fc

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/
62 B
504 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c4e6901cb&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
52873b49651559e5b6ad65ddc945885d34b94b379d12a3a860afa2b3eb40d867

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/
62 B
282 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c4b9b01c9&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
2f8463521fbf7fa7d2e84a203be60b42908057c9ecf4c5cf0323de73a6f282f4

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/
62 B
282 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c4cca01ca&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
4ed96f3afeb45430fc1965604e45e7c97e3662fa7830782195a5fbad7ff3a459

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/
62 B
281 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c4a9201c8&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
9f3315236dc60ee664a7d896175be16b93fad685f213f1f727cd83a69bfaa2be

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/
62 B
282 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c487901c6&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
5f59629d0412eb1ca4954f860d43a0ef971574859f7f71ff1c6670cef18ea3f5

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/
62 B
281 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c475b01c5&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
f9709ee304271fffffec5b790a1df9f934521e3ff2c7bcd9af3e3178024536dd

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/
62 B
281 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c498a01c7&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
1f31bfbf8314cbefa674c26a79b2ae9c0bc7c685ae35226cb66c98fb4d5dfefc

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/
62 B
280 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c445501c2&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
095020de02654e91b936ce6663eb744166ad3121db61e1c35d10ee2e06bd70de

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
77
bidRequest
c2shb.ssp.yahoo.com/
62 B
282 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c454701c3&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
b43506b6c7500b58ee5a5a58c6250e7e6597c67a5b4be660aebf88f0a2a8de97

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/
62 B
282 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c464101c4&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
1f8c46ca475f30c11e1db5fe45bbceb2ba37032e2f5e7bc551ac0a80ca56f7b4

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/
62 B
281 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c435501c1&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
d71dde094c5ec9d9290f0fad530291ca020c979c59348a536b2bd741768a75df

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/
62 B
282 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c82c801f6&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e764fde5c1384295b7b68c71b574288e61ae1525fc86677174e2f61cfe7b1ebe

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/
62 B
281 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c857001f8&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e0ad0fb8d50d005114ba2f8062bf8e96da0576dcca58b8e2b1de45e1a80c2c8a

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/
62 B
281 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c841201f7&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
179c0c99d595565aea4c66ba49828fe6012a209f2403ed128ed62c67386c930e

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/
62 B
282 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c817101f5&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
d7138c8c59b5b685e318370f4e180cba56384df7e78b32d6a3f7942b8ded0b8a

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/
62 B
282 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c802601f4&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
cb9cdabc95c3e5faa6d6a891d5a9f7d415927f2aa23860bb9a368cffb73d1df9

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/
62 B
281 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c7d9301f2&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
530c33ffa7996b9705e59c73ab52e87c6095002e00615f1cf2e00ffe00d17cc6

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/
62 B
279 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c7c4f01f1&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
4a41ecdd9d7d60c4335b95ece39b66da593a02af74149022fc5c592ab8743229

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/
62 B
281 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c7ed101f3&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
4a92acdc96f84e778bb492f3fe59250e9a923bf3a7cc546f952262528a467b11

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/
62 B
279 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c772401ed&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
dd80a1e1b04dcfe0597e73ab2bdcd4378cfa3b7fb33f1ecc18b2f5b63bff5fe7

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
78
bidRequest
c2shb.ssp.yahoo.com/
62 B
280 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c787001ee&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
1607b4bc492c7ef6f107c44882616ff245d777bf7399a97eacd5de718da9d6c8

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/
62 B
282 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c7b0401f0&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
a502862fcb5962862e8bd5b2cd2df1182eb1bdc075b4eac3d573f43e846bcb93

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/
62 B
281 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c79ae01ef&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
9cb17f36b28a6ea9becc0686bfdf5eb3c9687e4aa0f933d25886a448bc31331c

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/
62 B
281 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c745e01eb&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
70a656cfd60a4412d9fa2ebc58cce61685699e3e104743fbac5e440db942c22c

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/
62 B
281 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c75e501ec&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
0992f9c1d5f638b715628fb17069a252835a0b3435467945eed579dcb660d817

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/
62 B
282 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c716101e9&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
0c34ddb0391d36e510f59648df20c9fd53fc36411368fc82e1a9476c60cc9da7

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/
62 B
281 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c72a101ea&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
d49ad5b802fcc1b63fe0d45c9502282c94193e10f35fa8bb6fe74b1cee1f5fed

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/
62 B
279 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c6dbf01e6&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
62c497767d55594e3b59c46d675754f0510e6494fe80e7afd99f343cc6e47900

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
78
bidRequest
c2shb.ssp.yahoo.com/
62 B
281 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c6eee01e7&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
de240838374fc82ed43828f26284173a7c6ecb54493ee14b97c562e11a1315de

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/
62 B
280 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c702e01e8&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
8066031766ce3c5063073441845bad55e37eed9e6eff119ab846f552d250b091

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/
62 B
281 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c6c8b01e5&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
904b15ed9306732c2de1d25708075fedb35400b625196c94003867d0c3196155

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/
62 B
281 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c6b4d01e4&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
6e900b6f19f73c6310b8fe29e20e86f77fd63749f99b2fb36a23057c0171b79a

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/
62 B
278 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c67bb01e1&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
5ee034cfaa3960ab9dc1f583caa01241284658db37650ec94f7534ba895c3d05

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
77
bidRequest
c2shb.ssp.yahoo.com/
62 B
281 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c6a1801e3&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
d5dc0ad78230e45c600c565d60462acf4feafc58c7a915b129f03fe389cf2b33

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/
62 B
281 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c68e801e2&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
2474a9c4e71d383499ceb8ddbef2fb14db7eaf9d29c3b5277e42b7ba9f469622

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/
62 B
280 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c630201dd&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
b207a079553d1075b4b924723b9f29467821fb89a9912577321df4a033266267

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/
62 B
281 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c668c01e0&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
96dfdf3db055abdcf55f9b71426fd3cbfd73b80c3492e8fc35e101d1e461ff90

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
78
bidRequest
c2shb.ssp.yahoo.com/
62 B
281 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c642901de&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
fc3d7253917505f87f64ed3c57cca8965b34eb514176091b9cc081be757b1b93

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/
62 B
281 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c655601df&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
15f83050cc6ec90d6b548db10f3b2363dfce0ff8ac93c3c0cd65020b5a482a3f

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/
62 B
281 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c5ddc01d9&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
8cb06ab44ee02fd2719632262c2c4b2764676eb753710eb9ca99dd431a3099f5

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/
62 B
281 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c5efb01da&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
7ca568a4abd5b2d8ddb8b76f75e6f0cbc307d0019842f113ec4c5b0c44bf5cd2

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/
62 B
281 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c61c301dc&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
a437be2b92b1d11f3562c903ad893e62b5312e8565a4dd4d24c6e00251392083

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/
62 B
281 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c601d01db&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
b0a67f3b980cbd420c108073729ab45a3c8cbfbffb39141f75e2530428fc4ecc

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/
62 B
281 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c406101be&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
6a64fe4ec075f42a46581e7c683dda8a1e9785914fa5caa3a833a57751ec8cd4

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/
62 B
279 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c415901bf&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
ab021fd388f86ebe1afb31d6c97ccf6509459bff1b501831cc6fc507eec58024

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/
62 B
281 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c3f5701bd&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
86b27d5ac9d341e4b562d80f192c556dc8eb2893102461c14d052946de91bbfc

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/
62 B
281 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c425401c0&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
79905a8b70c5de153ebf267463fc2d6b8d1c737beb6c09d50fac5d61189300a6

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
cdb
bidder.criteo.com/
2 B
293 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?ptv=135&profileId=154&cb=36429453777
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a005::17 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 21 Apr 2023 19:31:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
28
5f51e082f0347cd83ab6.js
fem.gprod.postmedia.digital/v79.3/chunks/
3 KB
1 KB
Script
General
Full URL
https://fem.gprod.postmedia.digital/v79.3/chunks/5f51e082f0347cd83ab6.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v79.3/fem.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7ffae9e2ad2e03f24be4dfe7a8c14b87cc82d5b56d26133a4bff995a9f94459b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 21:53:47 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1680803051
age
164288
x-guploader-uploadid
ADPycduk0CSPwO2mIQThNqCiPsNkW03NiUcoHHaYUCvBRcvLB7LylCzDKrSbUBildPDXcRmQ-7huroBih28dp7lBF_wxQxXErEDx
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1100
last-modified
Thu, 06 Apr 2023 17:45:47 GMT
server
UploadServer
etag
W/"7748ae713f8cbe632dc73d4c1e7747a7"
vary
Accept-Encoding
x-goog-generation
1680803147404967
x-goog-hash
crc32c=MHU/SA==, md5=d0iucT+MvmMtxz1MHndHpw==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
3197
accept-ranges
none
login
postmedia.hub.loginradius.com/ssologin/ Frame
0
0
Preflight
General
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://o.canada.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin
https://o.canada.com
Connection
keep-alive
Date
Fri, 21 Apr 2023 19:31:56 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-LoginRadius-Server
Primary - IDX - AWS
X-Server
ms_idx_primary
login
postmedia.hub.loginradius.com/ssologin/
38 B
546 B
Fetch
General
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v79.3/fem.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
application/json

Response headers

Date
Fri, 21 Apr 2023 19:31:56 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://o.canada.com
X-LoginRadius-Server
Primary - IDX - AWS
Access-Control-Allow-Credentials
true
X-Server
ms_idx_primary
Connection
keep-alive
Content-Length
38
events
bidder.criteo.com/csm/
0
213 B
Ping
General
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a005::17 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:54 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
events
api.permutive.com/v2.0/batch/
101 B
130 B
XHR
General
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
c3eb54cad84c114640c18a5bed91503cc79a039d9b2f5e459ef9d3b93400af8f

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
zNackYHG
cdn.jwplayer.com/v2/playlists/
54 KB
8 KB
Fetch
General
Full URL
https://cdn.jwplayer.com/v2/playlists/zNackYHG
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/13.3.0/websites/js/7ccc7238f639079f46592.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:7a00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
ffdaf861cd113e4d1b5c82a6edfb6a2ae989bf8005a9771d929336d210e094a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
via
1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-robots-tag
noindex, indexifembedded
content-length
7393
x-amz-cf-id
VrLkJfaXXs1bZIMaGeCI8t0Y-NltUdLCszweyeYbxKSSwwHchGkDtw==
expires
Fri, 21 Apr 2023 19:34:55
syncframe
gum.criteo.com/ Frame A43B
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=o.canada.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://o.canada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 21 Apr 2023 19:31:55 GMT
server
Kestrel
server-processing-duration-in-ticks
369711
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
integrator.js
adservice.google.de/adsid/
107 B
531 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=o.canada.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
456 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=o.canada.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
headerstats
as-sec.casalemedia.com/
0
500 B
XHR
General
Full URL
https://as-sec.casalemedia.com/headerstats?s=307796&u=https%3A%2F%2Fo.canada.com%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:31:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xc%2BW3NOHWbhd5jxKC65r3SZYREIWxZGKSEUgH0tp1VdSOK8bOLGMUGy3AWcdo6RQXTjp18Aot3fakzSY6%2Ff7Z5GzwjOWR6Yh5FnJ3pI5iWBH7gkcIFdz2ZXrI%2FFwkQgK7hx0Hv7RyMQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://o.canada.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7bb80cd25934bbcd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
ads
securepubads.g.doubleclick.net/gampad/
302 KB
27 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1687788293031206&correlator=779562585111279&eid=31074054&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fifs&iu_parts=3081%2Cccn.com%2Cindex&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C6x6%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C7x7%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250&ifi=1&adks=4217552496%2C1341624894%2C931136440%2C3283421726%2C931136447%2C4217552501%2C931136446%2C4217552500%2C931136445%2C4217552503%2C931136444%2C4217552502%2C931136435%2C4217552505%2C931136434%2C4217552504%2C931136433%2C2421343164%2C931136432%2C2421343165%2C3395320742%2C2421343166&didk=390648829~390648828~3147356942~390648827~3147356943~390648826~3147356940~390648825~3147356941~390648824~3147356938~390648775~3147356939~390648774~3147356936~390648773~3147356937~4188301106~3147356934~4188301101~3650700221~4188301100&sfv=1-0-40&prev_scp=loc%3D1%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D261ce371-e07b-11ed-bc90-06d8cca89c2a%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26ix_apnx_om%3D970x250_5%26ix_apnx_id%3D_hqQG7o2K%7Cloc%3D2%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D261ce372-e07b-11ed-bc90-06d8cca89c2a%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%7Cloc%3D1%26amznbid%3D2%26amznp%3D2%26id%3D261ce373-e07b-11ed-bc90-06d8cca89c2a%7Cloc%3D3%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D261ce374-e07b-11ed-bc90-06d8cca89c2a%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%7Cloc%3D2%26amznbid%3D2%26amznp%3D2%26id%3D261ce375-e07b-11ed-bc90-06d8cca89c2a%7Cloc%3D4%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D261ce376-e07b-11ed-bc90-06d8cca89c2a%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%7Cloc%3D3%26amznbid%3D2%26amznp%3D2%26id%3D261ce377-e07b-11ed-bc90-06d8cca89c2a%7Cloc%3D5%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D261ce378-e07b-11ed-bc90-06d8cca89c2a%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%26ix_apnx_om%3D970x250_17%26ix_apnx_id%3D_K0VtIrxc%7Cloc%3D4%26amznbid%3D2%26amznp%3D2%26id%3D261ce379-e07b-11ed-bc90-06d8cca89c2a%7Cloc%3D6%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D261ce37a-e07b-11ed-bc90-06d8cca89c2a%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%7Cloc%3D5%26amznbid%3D2%26amznp%3D2%26id%3D261ce37b-e07b-11ed-bc90-06d8cca89c2a%7Cloc%3D7%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D261ce37c-e07b-11ed-bc90-06d8cca89c2a%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%7Cloc%3D6%26amznbid%3D2%26amznp%3D2%26id%3D261ce37d-e07b-11ed-bc90-06d8cca89c2a%7Cloc%3D8%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D261ce37e-e07b-11ed-bc90-06d8cca89c2a%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%7Cloc%3D7%26amznbid%3D2%26amznp%3D2%26id%3D261ce37f-e07b-11ed-bc90-06d8cca89c2a%7Cloc%3D9%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D261ce380-e07b-11ed-bc90-06d8cca89c2a%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%7Cloc%3D8%26amznbid%3D2%26amznp%3D2%26id%3D261ce381-e07b-11ed-bc90-06d8cca89c2a%7Cloc%3D10%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D261ce382-e07b-11ed-bc90-06d8cca89c2a%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%7Cloc%3D9%26amznbid%3D2%26amznp%3D2%26id%3D261ce383-e07b-11ed-bc90-06d8cca89c2a%7Cloc%3D11%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D261ce384-e07b-11ed-bc90-06d8cca89c2a%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%7Cloc%3D10%26amznbid%3D2%26amznp%3D2%26id%3D261ce385-e07b-11ed-bc90-06d8cca89c2a%7Cloc%3D12%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D261ce386-e07b-11ed-bc90-06d8cca89c2a%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%26ix_apnx_om%3D970x250_17%26ix_apnx_id%3D_7tpH9cBM&eri=1&cust_params=permutive%3D96400%252C110592%252C110603%252C111761%252C111793%252C116417%252Crts%26prmtvvid%3D143ad630-eb41-48db-a87a-6b4fbeaf5632%26prmtvwid%3D23dc09d6-b664-425a-a76e-0eed6a6cc102%26no_pol%3Dtrue%26page%3Dindex%26pr%3Dccn%26sensitive%3Dn%26negative%3Dn%26ck%3Dindex%26imp%3Dindex%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3D%26prmtvsdk%3Dweb&sc=1&cookie_enabled=1&abxe=1&dt=1682105515783&lmt=1682105515&dlt=1682105513989&idt=665&adxs=200%2C797%2C765%2C797%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200&adys=233%2C1308%2C1849%2C2590%2C3146%2C3886%2C4464%2C4227%2C4769%2C4568%2C5110%2C4909%2C5479%2C5250%2C5810%2C5591%2C6169%2C5932%2C6502%2C6273%2C6815%2C6614&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C20%7C21&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci%7Cj%7Ck%7Cl%7Cm&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fo.canada.com%2F&frm=20&vis=1&psz=1600x250%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250&msz=1600x-1%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600&ga_vid=1219204526.1682105516&ga_sid=1682105516&ga_hid=577896869&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9e6b44ff03ce9ff9ed5f9966f6110d1e5406bfcfa2f1cd27dd9b5ada22feeb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27495
x-xss-protection
0
google-lineitem-id
399614941,6271300695,6237822865,6271300695,6237822865,-2,6237822865,4357393356,6237822865,-2,6237822865,-2,6237822865,-2,-2,-2,-2,-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
113098299181,138431019205,138424580499,138430359159,138425229529,-2,138424580637,113098299181,138425229604,-2,138424531673,-2,138424580253,-2,-2,-2,-2,-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://o.canada.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
15 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304190101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b120396386be73f614d7566cbaa7c7e97d76210ba5665243306423ca1f70f809
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11405
x-xss-protection
0
container.html
8365c3be5f302f2ff3c8b4c0c178bb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 948F
6 KB
3 KB
Document
General
Full URL
https://8365c3be5f302f2ff3c8b4c0c178bb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://o.canada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 21 Apr 2023 19:31:55 GMT
expires
Sat, 20 Apr 2024 19:31:55 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sid
mug.criteo.com/ Frame A43B
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=canada.com&sn=ChromeSyncframe&so=0&topUrl=o.canada.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=qRuMO3xiV1VhZnpaTm1BSHJvdms3WHNQc2Q2Y0toUlJCS0xHRG4zY1ZkSWRBanpqdFVOa0lMcEwwTkhjbm1yakJpUHVsRGhsTkZ5VEFZY1JqeUIwTkwxSWtneFFkNGxHR3Q5QkxQQ1BmcGk1OGFWK3Y4VEc5WUpNdGxIOH...
420 B
650 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=qRuMO3xiV1VhZnpaTm1BSHJvdms3WHNQc2Q2Y0toUlJCS0xHRG4zY1ZkSWRBanpqdFVOa0lMcEwwTkhjbm1yakJpUHVsRGhsTkZ5VEFZY1JqeUIwTkwxSWtneFFkNGxHR3Q5QkxQQ1BmcGk1OGFWK3Y4VEc5WUpNdGxIOHJCU0hNREdDU0NZWXJORDBCaXBjeGFzTy8rbis3RUk3L1dmSVAyNEhMTTl2b1JwemowSEoxZXAxaFBXbzNtR2phWGZodkh0R2g0Rmx5OVR0V0hQRTB2YVpHSU1wN3ExVnJWK0k3SWVpbnAwYk5MOGhOZmdxVWVBMjVoN1BCcHJ5UnIxT01KWWJuRUNxVWNxN0ZKU2dHZ1ZmV1RUOVgzQT09fA&cppv=2
Protocol
H2
Server
74.119.118.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
b649640b73b1e1d4944f7d5912123369d8d5c680b0ecea681744802e3bd15cb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:31:55 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2326872
expires
0

Redirect headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:31:55 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=qRuMO3xiV1VhZnpaTm1BSHJvdms3WHNQc2Q2Y0toUlJCS0xHRG4zY1ZkSWRBanpqdFVOa0lMcEwwTkhjbm1yakJpUHVsRGhsTkZ5VEFZY1JqeUIwTkwxSWtneFFkNGxHR3Q5QkxQQ1BmcGk1OGFWK3Y4VEc5WUpNdGxIOHJCU0hNREdDU0NZWXJORDBCaXBjeGFzTy8rbis3RUk3L1dmSVAyNEhMTTl2b1JwemowSEoxZXAxaFBXbzNtR2phWGZodkh0R2g0Rmx5OVR0V0hQRTB2YVpHSU1wN3ExVnJWK0k3SWVpbnAwYk5MOGhOZmdxVWVBMjVoN1BCcHJ5UnIxT01KWWJuRUNxVWNxN0ZKU2dHZ1ZmV1RUOVgzQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
390843
content-length
0
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 21 Apr 2023 19:31:56 GMT
googima.js
ssl.p.jwpcdn.com/player/v/8.26.9/
72 KB
22 KB
Script
General
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.9/googima.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a7a659a1b8a811f331f5b6fd5d0eed07a4ce6d43adbf7be275edeb526553b7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:56 GMT
content-encoding
gzip
via
1.1 varnish
age
82808
x-cache
HIT
content-length
21872
x-served-by
cache-hhn-etou8220037-HHN
last-modified
Mon, 27 Mar 2023 20:13:26 GMT
server
AmazonS3
x-timer
S1682105516.072853,VS0,VE0
etag
"19040322fd3ffc0e16b5d36646e6f667"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, immutable
accept-ranges
bytes
x-cache-hits
15983
jwpsrv.js
ssl.p.jwpcdn.com/player/v/8.26.9/
62 KB
19 KB
Script
General
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.9/jwpsrv.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
21ac25f1546e0756a9b2b8c5832d6a120653b60020b80aa69e15610a86c423d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:56 GMT
content-encoding
gzip
via
1.1 varnish
age
110
x-cache
HIT
content-length
19095
x-served-by
cache-hhn-etou8220037-HHN
last-modified
Mon, 27 Mar 2023 20:13:27 GMT
server
AmazonS3
x-timer
S1682105516.072769,VS0,VE0
etag
"b05c870fc5d7c7e6a5d7e5dde188b9e9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, immutable
accept-ranges
bytes
x-cache-hits
105
jwplayer.core.controls.js
ssl.p.jwpcdn.com/player/v/8.26.9/
316 KB
83 KB
Script
General
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.9/jwplayer.core.controls.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
35334400bec8f4c230e7b91c17c4cc96e17caebb6e144bf43dab0e57c4cf90e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:56 GMT
content-encoding
gzip
via
1.1 varnish
age
2070014
x-cache
HIT
content-length
84566
x-served-by
cache-hhn-etou8220037-HHN
last-modified
Mon, 27 Mar 2023 20:13:21 GMT
server
AmazonS3
x-timer
S1682105516.073279,VS0,VE0
etag
"3c5ff110bccc0950103d3f24d854eac2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
232471
zNackYHG
cdn.jwplayer.com/v2/playlists/
54 KB
8 KB
XHR
General
Full URL
https://cdn.jwplayer.com/v2/playlists/zNackYHG
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:7a00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
ffdaf861cd113e4d1b5c82a6edfb6a2ae989bf8005a9771d929336d210e094a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:55 GMT
content-encoding
gzip
via
1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-robots-tag
noindex, indexifembedded
content-length
7393
x-amz-cf-id
VGcPsGlLsC94nGW5p4DP9xdxWoP2C4tMrosUc85fQJgsOjmik5iZag==
expires
Fri, 21 Apr 2023 19:34:55
state
api.permutive.com/v1.0/
0
33 B
XHR
General
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 21 Apr 2023 19:31:56 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
provider.hlsjs.js
ssl.p.jwpcdn.com/player/v/8.26.9/
384 KB
112 KB
Script
General
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.9/provider.hlsjs.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8c5a33eaec1f774cc6795ae95883441e2b5a34794d5a7ac2780e3fd7e55a0544

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:56 GMT
content-encoding
gzip
via
1.1 varnish
age
2069985
x-cache
HIT
content-length
114232
x-served-by
cache-hhn-etou8220037-HHN
last-modified
Mon, 27 Mar 2023 20:13:23 GMT
server
AmazonS3
x-timer
S1682105516.117916,VS0,VE0
etag
"f8f2c425fdf03e4ff59fcf93935a5461"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
182064
EP4j6LNJEeu2Q2J+7u8ONQ.json
entitlements.jwplayer.com/
69 B
249 B
XHR
General
Full URL
https://entitlements.jwplayer.com/EP4j6LNJEeu2Q2J+7u8ONQ.json
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.243 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/67A5) /
Resource Hash
5427e10c23520fbca480e8750c7e03dc2858eee594081879ea72a559bbd9fa81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:56 GMT
content-encoding
gzip
last-modified
Fri, 21 Apr 2023 19:10:31 GMT
server
ECAcc (frb/67A5)
age
1285
vary
Accept-Encoding
x-cache
HIT
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=6240
accept-ranges
bytes
content-length
80
ima3.js
imasdk.googleapis.com/js/sdkloader/
360 KB
121 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3151e33d06603419c364949fc9d2644045fea83bd9580886fd5388cbff467e36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123415
x-xss-protection
0
expires
Fri, 21 Apr 2023 19:31:56 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D6CF
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://o.canada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
34458
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 21 Apr 2023 09:57:38 GMT
expires
Sat, 20 Apr 2024 09:57:38 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 370C
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
dd8e3ac8907a8af46def8034684a9a697d00a62e08bd73d273bc1cebf8c48217
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7BCheOfsKQjhL3on7uFWSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://o.canada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-7BCheOfsKQjhL3on7uFWSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 21 Apr 2023 19:31:56 GMT
expires
Fri, 21 Apr 2023 19:31:56 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
XwSvaCKl-120.vtt
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/XwSvaCKl-120.vtt
  • https://assets-jpcust.jwpsrv.com/strips/XwSvaCKl-120.vtt
4 KB
1 KB
XHR
General
Full URL
https://assets-jpcust.jwpsrv.com/strips/XwSvaCKl-120.vtt
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c9f3eb7ef4f07d64e54bed90394322e2e8e497066adbf95713ad811cd482d757

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:56 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
44
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
588
x-served-by
cache-iad-kjyo7100166-IAD, cache-fra-eddf8230110-FRA
last-modified
Thu, 20 Apr 2023 01:22:06 GMT
server
nginx
x-timer
S1682105516.481957,VS0,VE97
etag
"2f05b0aab2cc1c0ae1e144d224136356"
access-control-max-age
180
access-control-allow-methods
GET
content-type
text/vtt
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
13, 1

Redirect headers

date
Fri, 21 Apr 2023 19:31:56 GMT
via
1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/strips/XwSvaCKl-120.vtt
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
cPO0O2Ih1crBolOfETfOj1gJ2lnxTTyL-WA-B5dAyXS9CZx6_P0YOg==
provider.cast.js
ssl.p.jwpcdn.com/player/v/8.26.9/
29 KB
10 KB
Script
General
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.9/provider.cast.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
478d7db2012e97743162bb73dab95c045e3533bade97a2c0b0f435c2ebbeebe8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:56 GMT
content-encoding
gzip
via
1.1 varnish
age
2069975
x-cache
HIT
content-length
9824
x-served-by
cache-hhn-etou8220037-HHN
last-modified
Mon, 27 Mar 2023 20:13:23 GMT
server
AmazonS3
x-timer
S1682105516.255809,VS0,VE0
etag
"7a76911bb33f1218b000c0677e96c5ce"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
99931
related.js
ssl.p.jwpcdn.com/player/v/8.26.9/
102 KB
25 KB
Script
General
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.9/related.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cd090578f949988d88531c0c98339766364ed6cdcfd7bca0d49905c44e56a260

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:56 GMT
content-encoding
gzip
via
1.1 varnish
age
2069975
x-cache
HIT
content-length
24956
x-served-by
cache-hhn-etou8220037-HHN
last-modified
Mon, 27 Mar 2023 20:13:25 GMT
server
AmazonS3
x-timer
S1682105516.255314,VS0,VE0
etag
"49db87945be8198af9e0136a6ad75ba3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
210481
XwSvaCKl.m3u8
cdn.jwplayer.com/manifests/
2 KB
901 B
XHR
General
Full URL
https://cdn.jwplayer.com/manifests/XwSvaCKl.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.26.9/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:7a00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
ce50b5f36a11512d9455810020c3c71284b093ee66d26d76e16d8c64bf5c17f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:56 GMT
content-encoding
gzip
via
1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
application/vnd.apple.mpegurl; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180
x-robots-tag
noindex, indexifembedded
content-length
550
x-amz-cf-id
y14OwEFCCH8LsmzfogGw0dHekPUYKLRbytj9AEajOpFcGMbeaDyg8g==
XfS4caFq-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/XwSvaCKl/poster.jpg?width=720
  • https://assets-jpcust.jwpsrv.com/thumbnails/XfS4caFq-720.jpg
98 KB
98 KB
Image
General
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/XfS4caFq-720.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
07b8cd5004bef57df6f470ccbd907dc46dcb1b76148166b41bdc0ac225e0bb46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:56 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
46
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
100342
x-served-by
cache-iad-kcgs7200128-IAD, cache-hhn-etou8220037-HHN
last-modified
Thu, 20 Apr 2023 17:03:30 GMT
server
nginx
x-timer
S1682105516.433668,VS0,VE97
etag
"4f9ae6c387fe2a1dca58a7daf43719d0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
52, 1

Redirect headers

date
Fri, 21 Apr 2023 19:31:56 GMT
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/XfS4caFq-720.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
ftDmWMzj6okb8olaxvpRVEJAI-_RTDZu_xKoptWyipl3fEtNmeUUCQ==
XfS4caFq-640.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/XwSvaCKl/poster.jpg?width=640
  • https://assets-jpcust.jwpsrv.com/thumbnails/XfS4caFq-640.jpg
83 KB
83 KB
Image
General
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/XfS4caFq-640.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e036db18f788e13370eaf8f88047b8d5e05628f1f534ffa2e58c0ba76a6bada7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:56 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
62
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
84858
x-served-by
cache-iad-kiad7000072-IAD, cache-hhn-etou8220037-HHN
last-modified
Thu, 20 Apr 2023 17:03:30 GMT
server
nginx
x-timer
S1682105516.432125,VS0,VE95
etag
"61580d395fe3d01ba93a67fd31268a5d"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1378, 1

Redirect headers

date
Fri, 21 Apr 2023 19:31:56 GMT
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/XfS4caFq-640.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
oGqgGfnuYFd0kjkOrU2eHyR77kuh8HBD3idsnKmzdUrErZ9HQBsnQA==
ping.gif
ping-meta-prd.jwpltx.com/v1/jwplayer6/
0
45 B
Image
General
Full URL
https://ping-meta-prd.jwpltx.com/v1/jwplayer6/ping.gif?h=-1194995210&e=xapi&n=4111994204015863&aid=EP4j6LNJEeu2Q2J%2B7u8ONQ&emi=lk6qe3mg0fzz&id=XwSvaCKl&pli=7m2v3s1fzi6l&pv=8.26.9&tv=3.42.1&ed=6&prs=idle&pid=IrYAVodh&ph=1&sdk=0&xam=on&xfmp=complete&sa=1682105516229
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by
cache-hhn-etou8220037-HHN
date
Fri, 21 Apr 2023 19:31:56 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-cache
MISS
x-cache-hits
0
ping.gif
prd.jwpltx.com/v1/jwplayer6/
0
26 B
Image
General
Full URL
https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=-236443120&e=e&n=2066588338135782&abc=0&aid=EP4j6LNJEeu2Q2J%2B7u8ONQ&amp=0&ask=7BVX73DI&at=1&c=1&ccp=0&cp=0&d=0&eb=0&ed=6&emi=lk6qe3mg0fzz&i=0&id=XwSvaCKl&lid=mzwrd4hb09oh&lsa=set&mt=0&pbd=1&pbr=1&pgi=i2oj211t00yh&ph=1&pid=IrYAVodh&pii=0&pl=282&plc=20&pli=7m2v3s1fzi6l&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Canada.Com%20%7C%20Homepage%20%7C%20Canada.Com&pu=https%3A%2F%2Fo.canada.com%2F&pv=8.26.9&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=Canada%27s%20public%20service%20strike%3A%205%20services%20that%20may%20be%20affected&tv=3.42.1&vb=1&vi=1&vl=90&wd=501&ab=1&cae=0&cb=1&cdid=leadVideoIFrameHeadline&cme=0&dd=1&fed=zNackYHG&flc=1&fv=&ga=0&lng=en-CA&mk=hls&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FXwSvaCKl.m3u8&pbc=0&pd=2&pdr=&plng=en-CA&plt=2100&pni=1&po=0&pogt=%20Canada.Com&rf=%2F%2Fcdn.jwplayer.com%2Fv2%2Fplaylists%2FuzU5KAZg%3Frelated_media_id%3DMEDIAID&sn=%7B%22controlbar%22%3A%7B%22background%22%3A%22rgba(0%2C0%2C0%2C0)%22%2C%22icons%22%3A%22rgba(255%2C255%2C255%2C0.8)%22%2C%22iconsActive%22%3A%22%23FFFFFF%22%2C%22text%22%3A%22%23FFFFFF%22%7D%2C%22menus%22%3A%7B%22background%22%3A%22%23333333%22%2C%22text%22%3A%22rgba(255%2C255%2C255%2C0.8)%22%2C%22textActive%22%3A%22%23FFFFFF%22%7D%2C%22timeslider%22%3A%7B%22progress%22%3A%22%23F2F2F2%22%2C%22rail%22%3A%22rgba(255%2C255%2C255%2C0.3)%22%7D%2C%22tooltips%22%3A%7B%22background%22%3A%22%23FFFFFF%22%2C%22text%22%3A%22%23000000%22%7D%7D&sp=0&st=190&sa=1682105516233
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by
cache-hhn-etou8220037-HHN
date
Fri, 21 Apr 2023 19:31:56 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-cache
MISS
x-cache-hits
0
vf-v2.js
cdn.viafoura.net/
773 KB
218 KB
Script
General
Full URL
https://cdn.viafoura.net/vf-v2.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v79.3/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:6c00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
99e2c72b815a7fe7d1c09bd02659ae12dab9db5f44365349f39b511fb09cba0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
1bBgUEvq1CH95rVWhrFBpGqDr7l.o3EX
content-encoding
gzip
via
1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
date
Fri, 21 Apr 2023 19:29:53 GMT
x-amz-cf-pop
FRA56-P2
age
123
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 20 Apr 2023 17:24:23 GMT
server
AmazonS3
etag
W/"1561d7ca9094e985b67034f1d3fc6458"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
x-amz-cf-id
c5kho9DJ6Gp9_dIwzRX8E_Ri6FH8HiYWr-oyqnHNxUJep-cZoEyt8g==
gtm.js
www.googletagmanager.com/
132 KB
43 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WC74WBX&l=dataLayer
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v79.3/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f37f82d9d0c419df9240794590e3836492d0be21a2a3736298463c49940ab561
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43797
x-xss-protection
0
last-modified
Fri, 21 Apr 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 21 Apr 2023 19:31:56 GMT
beacon.js
sb.scorecardresearch.com/
4 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v79.3/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 09:36:45 GMT
content-encoding
gzip
via
1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
last-modified
Thu, 09 Mar 2023 09:22:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
35712
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
QmCKH4pcvtdaRvgTZ47ibQCvQSbVoPkX3VnCONwr4RVQVdWGIGUlUg==
mparticle.js
jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/
245 KB
59 KB
Script
General
Full URL
https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v79.3/fem.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
823f575059de9e8da4895298dac4bd323962d09d617e4aeae606f09536dc56e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by
cache-iad-kcgs7200117-IAD, cache-hhn-etou8220071-HHN
date
Fri, 21 Apr 2023 19:31:56 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
server
Kestrel
age
76
x-timer
S1682105516.392688,VS0,VE1
x-origin-name
fastlyshield--shield_ssl_cache_iad_kcgs7200117_IAD
x-cache
HIT, HIT
content-type
application/javascript
vary
Accept, Accept-Encoding
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
59692
x-cache-hits
8, 1
gtm.js
www.googletagmanager.com/
138 KB
44 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v79.3/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f078fc0cc9d56aaf66dc96426c8dadab932a4530a1de31dddcfb916ca7acc89f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44875
x-xss-protection
0
last-modified
Fri, 21 Apr 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 21 Apr 2023 19:31:56 GMT
w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
pagead2.googlesyndication.com/bg/ Frame D6CF
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c34e73186f6a6a8b0e0482f529be8e90ab6b07d53c01f1ef3a28e413fa85e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 09:37:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
35680
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14215
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 20 Apr 2024 09:37:16 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/
4 KB
2 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 21 Apr 2023 19:31:56 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 370C
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304190101&jk=1687788293031206&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

bridge3.569.0_en_ca.html
imasdk.googleapis.com/js/core/ Frame 1DEA
707 KB
226 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.569.0_en_ca.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7907168dc2255877321693175558860b45a3eeecddd7665ad5b158d5a3de92f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://o.canada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
156890
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231152
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 19 Apr 2023 23:57:06 GMT
expires
Thu, 18 Apr 2024 23:57:06 GMT
last-modified
Wed, 19 Apr 2023 16:46:00 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/
44 KB
17 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 21 Apr 2023 19:31:56 GMT
generate_204
tpc.googlesyndication.com/ Frame D6CF
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?lWsUaQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:56 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cast_framework.js
www.gstatic.com/cast/sdk/libs/sender/1.0/
35 KB
12 KB
Script
General
Full URL
https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12197
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 23:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="chrome-dongle"
vary
Accept-Encoding
report-to
{"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type
text/javascript
cache-control
private, max-age=0
accept-ranges
bytes
expires
Fri, 21 Apr 2023 19:31:56 GMT
cast_sender.js
www.gstatic.com/eureka/clank/112/
50 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/eureka/clank/112/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 13:53:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20293
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14872
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 16:06:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sat, 22 Apr 2023 13:53:43 GMT
identify
identity.mparticle.com/v1/ Frame
0
0
Preflight
General
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-mp-key
Access-Control-Request-Method
POST
Origin
https://o.canada.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
age
3242
date
Fri, 21 Apr 2023 19:31:56 GMT
server
Kestrel
strict-transport-security
max-age=900
via
1.1 varnish
x-cache
HIT
x-cache-hits
1430
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-fra-eddf8230063-FRA
x-timer
S1682105517.646107,VS0,VE0
gtm.js
www.googletagmanager.com/
118 KB
41 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TR7GVNJ&l=dl_mparticle
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1819c90878c447095a2185503ea2f26d5cfb9e088b989062e3ad845a2c369272
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42029
x-xss-protection
0
last-modified
Fri, 21 Apr 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 21 Apr 2023 19:31:56 GMT
gtm.js
www.googletagmanager.com/
115 KB
40 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MW2G74V&l=mp_data_layer
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c6e3194d14fc8f2cf36f2bf2abdb7286b0c288d2e718d5d1623b677c15a59a4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40909
x-xss-protection
0
last-modified
Fri, 21 Apr 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 21 Apr 2023 19:31:56 GMT
identify
identity.mparticle.com/v1/
175 B
273 B
XHR
General
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
082812e87cfbb7d95e05ca4f1af9cf93b90d60b2642b171a1439be9df16d0466
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-99b65fde89a1a145894d2d51d283cc83
Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-fra-eddf8230063-FRA
date
Fri, 21 Apr 2023 19:31:56 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=900
server
Kestrel
x-timer
S1682105517.689592,VS0,VE212
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
gtm.js
www.googletagmanager.com/
98 KB
38 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NHPWKCD&l=gtm_data_layer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
21ffdb412e26db2cf4fc4bfb9a659d314ea64a3c9f68221dc1cb2aa17afad118
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39051
x-xss-protection
0
last-modified
Fri, 21 Apr 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 21 Apr 2023 19:31:56 GMT
gtm.js
www.googletagmanager.com/
279 KB
83 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dd95f4a502384eeed52cfce2c6ecd19d877c813ebb794d8c9d6c0baa32753b51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
84837
x-xss-protection
0
last-modified
Fri, 21 Apr 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 21 Apr 2023 19:31:56 GMT
v2
api.viafoura.co/v2/o.canada.com/bootstrap/ Frame
0
0
Preflight
General
Full URL
https://api.viafoura.co/v2/o.canada.com/bootstrap/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4846:b2d5:abb3:78ee:3922 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://o.canada.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
access-control-allow-origin
https://o.canada.com
access-control-max-age
1728000
cache-control
max-age=0
date
Fri, 21 Apr 2023 19:31:56 GMT
expires
Fri, 21 Apr 2023 19:31:56 GMT
server
nginx/1.18.0 (Ubuntu)
v2
api.viafoura.co/v2/o.canada.com/bootstrap/
7 KB
3 KB
XHR
General
Full URL
https://api.viafoura.co/v2/o.canada.com/bootstrap/v2
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4846:b2d5:abb3:78ee:3922 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
74d949a4dda66c61f5be6df01a9b3c2b513021d12e148964869d504fad9ef024

Request headers

Accept
application/json, text/plain, */*
Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

x-instance-id
i-0d5bbfa84039deb7a
pragma
no-cache
date
Fri, 21 Apr 2023 19:31:57 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://o.canada.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Fri, 21 Apr 2023 19:31:57 GMT
XwSvaCKl-120.jpg
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/XwSvaCKl-120.jpg
  • https://assets-jpcust.jwpsrv.com/strips/XwSvaCKl-120.jpg
213 KB
211 KB
Image
General
Full URL
https://assets-jpcust.jwpsrv.com/strips/XwSvaCKl-120.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d2a25fff8bcc4cafd152c72b10d763468fdabf7c556eba97d5378c49228e36b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:56 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
226
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
content-length
215678
x-served-by
cache-iad-kcgs7200051-IAD, cache-hhn-etou8220037-HHN
last-modified
Thu, 20 Apr 2023 01:22:06 GMT
server
nginx
x-timer
S1682105517.801606,VS0,VE124
etag
"7af6af893006fcaa61282d9c694186ef"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
2190, 0

Redirect headers

date
Fri, 21 Apr 2023 19:31:56 GMT
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/strips/XwSvaCKl-120.jpg
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
5yegMY_zPRFtzgwbaPvm9guVShNHPx1Mq4ni9gjUscOfpbMXow07oQ==
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/
732 B
1 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4590
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2PA3FD6SWJK6buEr7McpWvXkFgBBRS5%2FfHoKP8LKJH0C43qp9Pm9pvG6%2BYEB7bDltisIdQcZWE5Hf0dVJbC%2BGSu%2FgLxO6tR4SeyGNAWMcfnFdx88m9nwYyYNAJthpq1oRc3%2BmWJ0neByDYXgaX4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7bb80cd77ce45c68-FRA
XwSvaCKl-33887826.mp4.m3u8
videos-cloudfront.jwpsrv.com/64438d6c_e2d71834c2a9c6ff607729e5bb1ef83a716e540e/content/conversions/ReDAXyY4/videos/
2 KB
860 B
XHR
General
Full URL
https://videos-cloudfront.jwpsrv.com/64438d6c_e2d71834c2a9c6ff607729e5bb1ef83a716e540e/content/conversions/ReDAXyY4/videos/XwSvaCKl-33887826.mp4.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.26.9/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:5600:3:37c9:30c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
otfp /
Resource Hash
9c9dc9d9b9b35b90d91e41f9f5bcda7704e53afa2b222ef0727e5d6593b32db9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:56 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 fde85e7daa13f95cf6b8f5fa09c62ef6.cloudfront.net (CloudFront)
x-backend
https://s3-external-1.amazonaws.com
x-amz-cf-pop
FRA56-P7
x-cache
RefreshHit from cloudfront
fastly-stats
otfp=1
content-length
242
x-served-by
cache-iad-kiad7000069-IAD, cache-hhn-etou8220026-HHN
server
otfp
x-timer
S1682052060.718209,VS0,VE1
etag
"8ck3M1PAwBYCW7nUfyXTNZOwa49bA1UeUZzRhnf-7ZlOY7NF7BR9g_VFleDNe0AlgdR_Idg8B51JbqWsQuVsV7_pZw"
vary
Accept-Encoding
content-type
application/x-mpegurl
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt
x-amz-cf-id
acyHqyhlg2C8313UzLgf1iW0UyYKo_of6rY1NYLV-z7cBSOBE1zb8A==
x-cache-hits
3, 1
jload
pixel.adsafeprotected.com/ Frame AD9F
47 KB
13 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/jload?anId=928934&campId=970x250&pubId=128864101&chanId=68750341&placementId=399614941&pubCreative=113098299181&pubOrder=415819741&cb=981655824&custom=index&custom2=1&adsafe_par&impId=261ce371-e07b-11ed-bc90-06d8cca89c2a
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.135.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-135-85.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1d02e97d2bc153f00c9cdd2f379a26e6dc7fd6c82aa5c14c0fdbc5b1d694f2de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:31:56 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 31F6
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdO-eEUbDkM9CRX8NyI-V2oxtSsMvG0q9-qaQddqBH8d-FE6ItArCAivsrM7g2CtqF6ZsRl1q0jyoSsiGcm8-UyzZRbkoBDZZEy27cZZ6ktxspEZPcVTIpdiGpvN_mc-hGcLBJb6akDp9xCdeJkK-bAMV9jkDmIIVtKAN1d0tgiJO9ljKnqPKLwvG0CweQOHipkb2qU4ipZkYhKqxORVccsIvW2QMrwgplw7Qxo0CRjbCMwohNq9uLNUeNyhG3YVffsxLqXccdGFN4D1KJKpcw6BSd0iCr1fGJ9zY24QFqnPHcHlf9chmaDgzWsw&sai=AMfl-YRIeTCoTY1xaFMSjEUieRhpUVlRa3CsxB1Cn0jUI93x-jm6Zgzbau1xG6zwJh6JvB0Z_qi6fTPyo0WCpXvdklRzBSJVYeJDepkJMwwrbi0U7pWnU0StXlbGT_xEAHw&sig=Cg0ArKJSzJW2QTLJbjiZEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 31F6
159 KB
49 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49672
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1681929791789681"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Apr 2023 19:31:56 GMT
jload
pixel.adsafeprotected.com/ Frame B32D
47 KB
13 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/jload?anId=928934&campId=970x250&pubId=4811995650&chanId=68750341&placementId=6271300695&pubCreative=138431019205&pubOrder=3184962652&cb=2015102179&custom=index&custom2=2&adsafe_par&impId=261ce372-e07b-11ed-bc90-06d8cca89c2a
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.135.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-135-85.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1dc35beabaf0947ab51f16c8f8b2dadabedc7b6ac08836e9419d18c9badbf6b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:31:56 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 74FC
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4JlxG3mpR0Z7HMgA5QcDwodSPIBrI4FCBRcJzExSrQc4oPkoUbVoX3zrW-NvsJZk301MoGKsGYS0oWakzvU5rLyDaBQd3HEuzFQhelTumx3YvziqpOXHprNzh8sejU1ALdq52Nr1L4L4CxxJjaIrF2aQLivjWSh1CX4rhHkJSLdf45VrH_QcIs_hGAjTdc4II7qM2t3ddFrdZfF_ykHphbj7wgBcmWnn8REKp_C9cPTpB1_sc6BBVscEoJQHTIqu3psOhZlWJz_zkinhHPhL132RBjxHEwU9gVkyoW7E6IuAS3YMgtaug1bU&sai=AMfl-YR2OPj1Nh7-XRbmcxMCjdHbzdJTEvfnv4fIkj99gOc6jdeP_8rwpZLG56TcBVDMIctCpY4m9WAiZU1jNdrWysMOrPBdrFPMZJ9vqqCe-EDv7T4RfZqJ-zwXSZ9vpoE&sig=Cg0ArKJSzHl_0cUdpjtDEAE&uach_m=[UACH]&adurl=
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 74FC
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 09:24:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
36473
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 May 2023 09:24:03 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 74FC
159 KB
49 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49672
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1681929791789681"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Apr 2023 19:31:56 GMT
12120540700722256733
tpc.googlesyndication.com/simgad/ Frame 74FC
150 KB
150 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/12120540700722256733
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9d7ed6d561f96ca06fb3912adcc155a0fa0db34d0eee351908dc9493c79e1c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:20:50 GMT
x-content-type-options
nosniff
age
666
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153639
x-xss-protection
0
last-modified
Fri, 21 Apr 2023 19:14:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 20 Apr 2024 19:20:50 GMT
l
www.google.com/ads/measurement/ Frame 74FC
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT5HK9jO3nsEV4mjWFMlJYRWLxPZawffEeuihF0qDGgS3Tsbh2XmrxDUfl-z8s9ylcNcR5q
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

truncated
/ Frame 74FC
218 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
91eb404d7c8309bf15a6407396d060c4cf8c636f248471a53bb5e66706ccbf0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
it
ams3-ib.adnxs.com/
0
929 B
Image
General
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https://o.canada.com/&e=wqT_3QLRCuhRBQAAAwDWAAUBCKvJi6IGENHUxN__3evHVBgAKjYJWYtPATCesT8RfgbUm1HzrT8ZAAAAYLgeIkAhfg0SACkRJMgxAAAAwB6F9z8w84vPCTiJPUAdSAhQ9427tgFYzY5jYABonsdmeO3zBYABAYoBA1VTRJIFBvSbAZgBygegAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKEoD3qAhVodHRwczovL28uY2FuYWRhLmNvbS-AAwCIAwGQAwCYAxegAwGqA9AGCocGaHR0cDovL3RhZ3MubWF0aHRhZy5jb20vbm90aWZ5L2ltZz9leGNoPWFwbiZzX2V4Y2g9YXBuJmlkPTVhVzk1cTJqTHpJekx5QXZXa1JyTkUxNlJYcE9SRlYwVFVSQmQwMURNSGROUkVGM1RGUkJkMDFFUVhSTlJFRjNUVVJCZDAxRVFYZE5SRUYzTHpjMU5qYzJOREV6TURFek16Z3lOVFU0TkRVdk5qWXlNalF3TkM4ME5UWXlNekV5THpFekwwdDRaak5vYUhWUE1HbFlZVFJwU0Rab2VWZDZOMUJOZGtkTllUVmxNMU4xV1Vkc2JubzJVVTlwYnpBdk1TOHhNeTh3THpBdk9UVTJPREF6THpFek5UZzRPVEE0TmpFdk1qRTJOVE0yTHpZMU1UZzNNUzh4THpBdk1DOU5SRUYzVFVSQmQFxARSTgHEEFRVTXdkBRAMZE1WRQ3kEEUxRVFYLQQIVVJCCSAgY3ZNQzh3THpBDQgAY2L8AAxlbkpvASh8TmpBMUx6VXpMems1T1M4ek1qSXZPREF1TWpVMUxqY3UFUPCLakF3TUM4eE5qZ3lNVEExTlRFMUx6RTJPREl4TVRneE1UVXZNVE12TnpneE55OC9TeHpjdlFIZnJvX2VwU1FpUVJYYnFmQVJGeUUmbm9kZWlkPTM3NzEmZ3JvdXA9enJoJmF1Y3Rpb25pZD03NTY3NjQxMzAxMzM4MjU1ODQ1JnBic19hdWN0aW9uaWRSIgAcc2hhcmRrZXlSHQDwhnByaWNlPSR7QVVDVElPTl9QUklDRX0mYnA9YV9hZ2lpY2EmbmZ5X2FjdD1MRDV3ZjNVJmJmaXA9MTg1LjI5LjEzNS41OCZzaWQ9NDU2MjMxMiZjaWQ9NjYyMjQwNCZzcmM9YXBpJnR5cGU9bnVybCZjbGllbnQ9czJzEhM3NTY3NjQxMzAxMxHPsBoTNjA5MzI4MTE2NjYwMjg3MzQyNSIJMzgyNjUwMTAzKgYxMDE5MzY6BzY2MgFj8IvAA6wCyAMA2APhrQvgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTA5qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8AT3jbu2AYgFAZgFAKAFlpLx6uPos-BTwAUAyQUAAAAAAADwP9IFCQkAAAkOcNgFAeAFAfAFi-tL-gUECAAQAJAGAJgGALgGAMEGCSMs8D_QBvmrAdoGFgoQCRIZAZgQABgA4AYB8gYCCACABwGIBwCgBwGqBwY2NTE4NzHIB-3zBdIHDQkRMQEvCNoHBgFncBgA4AcA6gcCCADwB_6dAYoIAhAAlQgAAIA_mAgB&s=550abcb847d8d3b817546b5a28a0c0f10950caaf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 19:31:56 GMT
AN-X-Request-Uuid
8d794d3e-e4ca-4426-a785-79c0dd793681
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.109; 80.255.7.109; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 21 Apr 2023 18:27:45 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
3851
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Fri, 21 Apr 2023 20:27:45 GMT
marfeel-sdk.js
sdk.mrf.io/statics/
104 KB
30 KB
Script
General
Full URL
https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:325a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29f96d7dbf7a8ef4837454ec25f650ffae323bea3ec1782b50bc84532e3a97cc

Request headers

Referer
https://o.canada.com/
Origin
https://o.canada.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-response-time
1ms
date
Fri, 21 Apr 2023 19:31:56 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Fri, 21 Apr 2023 17:41:00 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1800
x-envoy-upstream-service-time
6
accept-ranges
bytes
cf-ray
7bb80cd8cd279bfe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29980
fbevents.js
connect.facebook.net/en_US/
107 KB
28 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 21 Apr 2023 19:31:56 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27967
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
nLfKfomzJjxlDvPf4njJMRxjzIm1VfTMbFxyzTk8+EDoqz8n9B/JbGkZkkbnftlx2UyEwyZMQUMpPQmwwY6YqQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
tag.min.js
get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/
36 KB
11 KB
Script
General
Full URL
https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-33.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
925abf3e95dd81547dc17dcbd96ac29eed1a93ef9caa21e101d03c02d73c57fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
GQ1y0deumN2bH2y74HaTf32E0eUQsGHu
content-encoding
gzip
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
date
Fri, 21 Apr 2023 17:27:34 GMT
last-modified
Wed, 19 Apr 2023 17:27:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
7463
x-amz-server-side-encryption
AES256
etag
W/"f48fa7169fc3fa15f1fb3e7c3197e0be"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
B_ELH3n1ITqyQeLBt1-XSEPTQNPaD6Cl0dI1JKSp3JSZ5QVsD7k4aQ==
js
www.googletagmanager.com/gtag/
226 KB
79 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CBS6P3K53Q&l=gtm_data_layer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
575557369f8893b7c66413f52ba7add234ad1d4654fbfe2ce0931a5e7a6e5baa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80404
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 21 Apr 2023 19:31:56 GMT
p.js
cdn.parsely.com/keys/o.canada.com/
74 KB
26 KB
Script
General
Full URL
https://cdn.parsely.com/keys/o.canada.com/p.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-100-58.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
b48743091fa7f477ba4780fe108d6a622bf01de9e6047d7855a59e04ba87f916

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Apr 2023 06:34:04 GMT
content-encoding
gzip
via
1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
last-modified
Wed, 14 Dec 2022 21:12:47 GMT
server
nginx
x-amz-cf-pop
FRA56-P2
age
46672
etag
W/"639a3c4f-12687"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
AD28XEz6xB-zizyLTK5ciapfdp4OyeVTx4j1Oj56iBvkZiiNYII9Fg==
expires
Sat, 22 Apr 2023 06:34:04 GMT
b
sb.scorecardresearch.com/
0
225 B
Image
General
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=10276888&ns__t=1682105516800&ns_c=UTF-8&c8=Canada.Com%20%7C%20Homepage%20%7C%20Canada.Com&c7=https%3A%2F%2Fo.canada.com%2F&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:56 GMT
via
1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
k5DyLUou8R3qkoO0VZuFpe6aoE3tqWRTOxVlfMHCQQNTCi5B5s524Q==
x-cache
Miss from cloudfront
htlmx5cd89bk
hal9000.redintelligence.net/zone/ Frame A69A
10 KB
3 KB
Script
General
Full URL
https://hal9000.redintelligence.net/zone/htlmx5cd89bk?subid=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&rnd=7567641301338255845&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:apn&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7567641301338255845%26mt_id%3D6622404%26mt_adid%3D216536%26redirect%3D
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.38.64.201.138.clients.your-server.de
Software
Apache /
Resource Hash
219e9f67e1bbf2b76266a6180a3604deea56e0c5e1fd4d74095037d472b36afb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 19:31:56 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
2802
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ck-confirm
tags.mathtag.com/ Frame A69A
Redirect Chain
  • https://tags.mathtag.com/notify/img?exch=apn&s_exch=apn&id=5aW95q2jLzIzLyAvWkRrNE16RXpORFV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzc1Njc2NDEzMDEzMzgyNTU4NDUvNjYyMjQwNC80NTYyMzEyLzEzL0t4Zj...
  • https://tags.mathtag.com/ck-confirm?bid_id=7567641301338255845&node_id=3771&exch_id=13
49 B
330 B
Image
General
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=7567641301338255845&node_id=3771&exch_id=13
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
HTTP/1.1
Server
185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.385.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 19:31:57 GMT
Server
MMBD/3.385.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x79, zrh-bidder-x157
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Fri, 21 Apr 2023 19:31:56 GMT

Redirect headers

Date
Fri, 21 Apr 2023 19:31:56 GMT
x-mm-nodeid
3771
x-mm-bid-request-time
1682105515
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
keep-alive
Content-Length
86
x-mm-handled-by-owner
true
Last-Modified
Fri, 21 Apr 2023 19:31:55 GMT
Server
MMBD/3.385.0
x-mm-latency
11 (1)
Content-Type
text/html; charset=utf-8
Location
https://tags.mathtag.com/ck-confirm?bid_id=7567641301338255845&node_id=3771&exch_id=13
x-mm-dbg
NotCount
Cache-Control
no-cache
x-mm-host
cdg-router-x42, zrh-bidder-x157
Keep-Alive
timeout=360
x-mm-lag
1
Expires
Fri, 21 Apr 2023 19:31:55 GMT
img
pixel.mathtag.com/event/ Frame A69A
43 B
561 B
Image
General
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=13&v2=7567641301338255845&v3=651871&v4=4562312&v5=6622404&mt_nsync=1&no_attr=1
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 830 785530e master zrh-pixel-x9 config_version:"unknown" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 19:31:56 GMT
Server
MT3 830 785530e master zrh-pixel-x9 config_version:"unknown"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Fri, 21 Apr 2023 19:31:55 GMT
img
tags.mathtag.com/event/ Frame A69A
49 B
331 B
Image
General
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=apn&bid=7567641301338255845&st=4562312&time=[IMP_ATTR.time]&nodeid=3771
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.385.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 19:31:56 GMT
Server
MMBD/3.385.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x103, zrh-bidder-x157
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Fri, 21 Apr 2023 19:31:55 GMT
trk.js
cdn.adnxs.com/v/s/231/ Frame A69A
80 KB
27 KB
Script
General
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 19:31:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27455
Expires
Sat, 20 Apr 2024 19:31:56 GMT
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/10276888/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
361 B
Script
General
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:17:18 GMT
via
1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
879
x-amz-server-side-encryption
AES256
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
0
x-amz-cf-id
5XymD0JNyvRxu6JJjZZ9OdhzZITaAHEW14EC4sJC9OVQxRz3lnuT0Q==

Redirect headers

date
Fri, 21 Apr 2023 19:31:56 GMT
via
1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
location
/internal-c2/default/cs.js
content-length
0
x-amz-cf-id
TmOYS08LWUf5PoYXRc19DlFNv_rnij51zjgqXLYRpcfjpTcaGI39mA==
0z1m5a4b-120.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/mVlrGuYl/poster.jpg?width=120
  • https://assets-jpcust.jwpsrv.com/thumbnails/0z1m5a4b-120.jpg
3 KB
4 KB
Image
General
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/0z1m5a4b-120.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fdd0c16fee1dc36290fe200f8b77d146d422818afe7a4025ac8e81a86c196812

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:57 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
46
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
3559
x-served-by
cache-iad-kjyo7100040-IAD, cache-hhn-etou8220037-HHN
last-modified
Wed, 19 Apr 2023 19:26:46 GMT
server
nginx
x-timer
S1682105517.042530,VS0,VE92
etag
"9c493d2e9b61cc5740598047fa0558e3"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
2133, 1

Redirect headers

date
Fri, 21 Apr 2023 19:31:56 GMT
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/0z1m5a4b-120.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
q6teQVxJk1Pu8lHaat5NhlKwOzIaBaya8qV6doLzOruUS2QUt3_ung==
XwSvaCKl-33887826.mp4-1.ts
videos-cloudfront.jwpsrv.com/64438d6c_e2d71834c2a9c6ff607729e5bb1ef83a716e540e/content/conversions/ReDAXyY4/videos/
282 KB
283 KB
XHR
General
Full URL
https://videos-cloudfront.jwpsrv.com/64438d6c_e2d71834c2a9c6ff607729e5bb1ef83a716e540e/content/conversions/ReDAXyY4/videos/XwSvaCKl-33887826.mp4-1.ts
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.26.9/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:5600:3:37c9:30c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
otfp /
Resource Hash
c32d10eb2d93c323c646187507e289bf304f948b265815b00830cd1122a6b719

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:56 GMT
via
1.1 varnish, 1.1 varnish, 1.1 fde85e7daa13f95cf6b8f5fa09c62ef6.cloudfront.net (CloudFront)
x-backend
https://s3-external-1.amazonaws.com
x-amz-cf-pop
FRA56-P7
x-cache
RefreshHit from cloudfront
fastly-stats
otfp=1
content-length
289144
x-served-by
cache-iad-kjyo7100038-IAD, cache-hhn-etou8220058-HHN
server
otfp
x-timer
S1682052061.830329,VS0,VE1
etag
"0s6V8sg7Z7nTXeUsXX45xy6ozlXnmyhxvxtw4EMkSvCaBIKuoT_2IDiEbplK5Rfs83ODrCmscsRa2dMD6GZnKmQQWQ"
vary
Accept-Encoding
content-type
video/mp2t
x-fastly-otfp-info
ss=0.000 sl=4.000 vl=136.467 rs=320x180
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt
x-amz-cf-id
4MPEG-8hPw0fFIfAp5IsbdXNGjakvXGXJXVS8fDnrVEWES8LV4jlRA==
x-cache-hits
3, 1
main.19.8.400.js
static.adsafeprotected.com/ Frame AD9F
200 KB
63 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.19.8.400.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=928934&campId=970x250&pubId=128864101&chanId=68750341&placementId=399614941&pubCreative=113098299181&pubOrder=415819741&cb=981655824&custom=index&custom2=1&adsafe_par&impId=261ce371-e07b-11ed-bc90-06d8cca89c2a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:b600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f97a39d86834a134b359233cc1b720a106b910d8eab5a5c28aea34400c6d7ff0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 20:30:35 GMT
x-amz-version-id
9BUnpPANWGwKG0lesMwpAnHwbT.x8zbq
content-encoding
gzip
via
1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
2674882
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 21 Mar 2023 18:43:44 GMT
server
AmazonS3
etag
W/"2e8e5f6f251e442e71ad1eeec0beab78"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
_M_gymKNtD8ivAIKNqqnzV7kBGG9mVqZZST9VUnyBO1v6PN37tq8ow==
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/
0
201 B
XHR
General
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-hhn-etou8220034-HHN
date
Fri, 21 Apr 2023 19:31:57 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1682105517.068915,VS0,VE3
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/
0
58 B
XHR
General
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-hhn-etou8220034-HHN
date
Fri, 21 Apr 2023 19:31:57 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1682105517.068894,VS0,VE2
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
collect
region1.analytics.google.com/g/
0
45 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-CBS6P3K53Q&gtm=45je34j0&_p=577896869&_gaz=1&cid=1219204526.1682105516&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAI&_s=1&sid=1682105516&sct=1&seg=0&dl=https%3A%2F%2Fo.canada.com%2F&dt=Canada.Com%20%7C%20Homepage%20%7C%20Canada.Com&en=ad_impression&_fv=1&_ss=1&_c=1&ep.query_id=CNOh_q3bu_4CFeNjpAQdou8HnA
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CBS6P3K53Q&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:31:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://o.canada.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
251 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CBS6P3K53Q&cid=1219204526.1682105516&gtm=45je34j0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CBS6P3K53Q&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:31:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://o.canada.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/
0
251 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-CBS6P3K53Q&gtm=45je34j0&_p=577896869&cid=1219204526.1682105516&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAI&_s=2&sid=1682105516&sct=1&seg=0&dl=https%3A%2F%2Fo.canada.com%2F&dt=Canada.Com%20%7C%20Homepage%20%7C%20Canada.Com&en=ad_impression&_c=1&ep.query_id=CNSh_q3bu_4CFeNjpAQdou8HnA&_et=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CBS6P3K53Q&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:31:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://o.canada.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
408 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-CBS6P3K53Q&cid=1219204526.1682105516&gtm=45je34j0&aip=1&z=1061537760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:31:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
identify
identity.mparticle.com/v1/ Frame
0
0
Preflight
General
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-mp-key
Access-Control-Request-Method
POST
Origin
https://o.canada.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
age
3243
date
Fri, 21 Apr 2023 19:31:56 GMT
server
Kestrel
strict-transport-security
max-age=900
via
1.1 varnish
x-cache
HIT
x-cache-hits
1431
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-fra-eddf8230063-FRA
x-timer
S1682105517.989391,VS0,VE0
identify
identity.mparticle.com/v1/
175 B
243 B
XHR
General
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
bf57b82160513c464cb01716fe2cf65484a4db8051915015fee34e05dcce01da
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-99b65fde89a1a145894d2d51d283cc83
Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-fra-eddf8230063-FRA
date
Fri, 21 Apr 2023 19:31:57 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=900
server
Kestrel
x-timer
S1682105517.032684,VS0,VE113
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/
0
58 B
XHR
General
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-hhn-etou8220034-HHN
date
Fri, 21 Apr 2023 19:31:57 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1682105517.068930,VS0,VE4
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/
0
58 B
XHR
General
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-hhn-etou8220034-HHN
date
Fri, 21 Apr 2023 19:31:57 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1682105517.068879,VS0,VE4
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
truncated
/ Frame 31F6
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
457d8eb5038ac6145e6c6fef2106c06ec5a9fc3b34f45db27af66e5f9a06568e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
identify
api.permutive.com/v2.0/
50 B
88 B
XHR
General
Full URL
https://api.permutive.com/v2.0/identify?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
17088c608eae712ec37c502e772852ef73c9e5f32c8f9f261621bcde5830433c

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 21 Apr 2023 19:31:57 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
request.php
hal900029.redintelligence.net/ Frame A69A
Redirect Chain
  • https://hal900029.redintelligence.net/request.php?zone=htlmx5cd89bk&nw=20&renderingType=javascript&namespace=f9c34faa0a&subid=&uid=83df7d97484a0172&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900029.redintelligence.net/request.php?zone=htlmx5cd89bk&nw=20&renderingType=javascript&namespace=f9c34faa0a&subid=&uid=83df7d97484a0172&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
4 KB
2 KB
Script
General
Full URL
https://hal900029.redintelligence.net/request.php?zone=htlmx5cd89bk&nw=20&renderingType=javascript&namespace=f9c34faa0a&subid=&uid=83df7d97484a0172&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7567641301338255845%26mt_id%3D6622404%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fo.canada.com%2F&ancestorOrigins=https%3A%2F%2Fo.canada.com%2Chttps%3A%2F%2Fo.canada.com&random=582211460554&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
HTTP/1.1
Server
88.99.219.174 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
690b71aed37c267ace5a4d55bee2b8c9c79b39d063e8be7d36c8d53491ee5a7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 19:31:57 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
91007500126201500951435012301029
Connection
close
Content-Length
1323
Expires
Fri, 21 Apr 2023 20:31:57 +0200

Redirect headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 19:31:57 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=htlmx5cd89bk&nw=20&renderingType=javascript&namespace=f9c34faa0a&subid=&uid=83df7d97484a0172&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7567641301338255845%26mt_id%3D6622404%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fo.canada.com%2F&ancestorOrigins=https%3A%2F%2Fo.canada.com%2Chttps%3A%2F%2Fo.canada.com&random=582211460554&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Fri, 21 Apr 2023 20:31:57 +0200
view
securepubads.g.doubleclick.net/pcs/ Frame 74FC
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsutiTc4FeC6vmfRC4JLYFLWijjFV930Mk2qG3PSA5ikps3DVFcC9mouUyMew00kg4oNIMqi0EuUe82Qh7_TSmUicfdrmCQ1uO1RkOQYNGD_L6WWuUX2sZfKZZawUqUZAT5IpkUK2ndTFQo5a0I1L0FdAhKsW014rAYhZlfU45ecqzcfe7OoOzc_7EIVVYZhgdssXREKnmWluFunPHKNiQXHD0Otz7UJ68KvYpLV3m4aTX-3XcnaCNQyBjHp25525yab0bTwg2KtPwBid91NCnwNQiTvTsw1wZv4aM0oLrUuFX6cXY_f7iRb-2atxg&sai=AMfl-YT1EHttEjgVwOKe0OvX9zXw2sT8RCeU0uCuWuRMOwaoHrU9y743TMncYWllIaCIwvNrzDdoWLJuR0t40FB6yc4SBYeal83LpSL5jXpFqdmQTa9zOGQFtXhWIpha-38&sig=Cg0ArKJSzDO7fgvaPqG0EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 21 Apr 2023 19:31:57 GMT
/
onetag-geo.s-onetag.com/
555 B
967 B
Fetch
General
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-32.fra56.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 13:45:29 GMT
via
1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront), 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6, FRA56-P5
age
20788
x-amzn-requestid
dbf959ca-eefc-4862-8823-9db17c3f115c
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
Duv7DHC1iYcFRuA=
content-length
555
x-amz-cf-id
teKMr7zko6eMlK1S8ir39ZHnL5NikPLXP0ibyx0dnsRr04f-1--08Q==
beacon.min.js
signal-beacon.s-onetag.com/
22 KB
7 KB
Script
General
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-74.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c37a134e735f9a3dc9916bbed8f5e576f89b9f26537a59544d74004962b1a8ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 01:28:09 GMT
x-amz-version-id
h0jfx2_ld0LSppgdK5454e6x8dlC_h3s
content-encoding
gzip
last-modified
Wed, 01 Mar 2023 12:13:37 GMT
server
AmazonS3
via
1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
etag
W/"fd89ceeda84b55780ed4e8f97b752a7a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
age
65029
x-amz-cf-id
1ohefmTfqjEJVPNOQ0iqJht9ww7WAFK8BZiYwpKl6ktkEi4jqR0zyQ==
1685973801652415
connect.facebook.net/signals/config/
380 KB
109 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1685973801652415?v=2.9.102&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
818d74e31525630616a16da094b6daf345f6b384f71bc1d66c1c72646f668470
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 21 Apr 2023 19:31:57 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
/8CWbjlFwCtsPAvUc5r1N46AHqjyAH88dynQmM9il+jrQEhDVGXRcXpTKpcq0Oet565b0oq/hVm72SEoGsaJSw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/
4 B
206 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=577896869&t=pageview&_s=1&dl=https%3A%2F%2Fo.canada.com%2F&ul=en-us&de=UTF-8&dt=Canada.Com%20%7C%20Homepage%20%7C%20Canada.Com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACAABBAAAACAEK~&jid=1522361780&gjid=449095498&cid=1219204526.1682105516&tid=UA-213173459-10&_gid=1866035120.1682105517&_r=1&_slc=1&gtm=45He34j0n81P3Q4QHW&cd2=2023-04-21T19%3A31%3A56.795%2B00%3A00&cd7=anonymous&cd17=0&cd23=canada.com&cd24=Cheetah&cd25=13.3.0&cd26=v79.3&cd27=0&cd28=GTM-P3Q4QHW&cd29=49&cd31=index&cd52=index&cd65=false&cd1=1219204526.1682105516&z=1336591594
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:31:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://o.canada.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
3 B
70 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=577896869&t=pageview&_s=1&dl=https%3A%2F%2Fo.canada.com%2F&ul=en-us&de=UTF-8&dt=Canada.Com%20%7C%20Homepage%20%7C%20Canada.Com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACAABBAAAACAEK~&jid=1484485174&gjid=1756031875&cid=1219204526.1682105516&tid=UA-138335866-21&_gid=1866035120.1682105517&_r=1&_slc=1&gtm=45He34j0n81P3Q4QHW&z=1666168344
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:31:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://o.canada.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.19.8.400.js
static.adsafeprotected.com/ Frame B32D
200 KB
63 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.19.8.400.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=928934&campId=970x250&pubId=4811995650&chanId=68750341&placementId=6271300695&pubCreative=138431019205&pubOrder=3184962652&cb=2015102179&custom=index&custom2=2&adsafe_par&impId=261ce372-e07b-11ed-bc90-06d8cca89c2a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:b600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f97a39d86834a134b359233cc1b720a106b910d8eab5a5c28aea34400c6d7ff0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 20:30:35 GMT
x-amz-version-id
9BUnpPANWGwKG0lesMwpAnHwbT.x8zbq
content-encoding
gzip
via
1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
2674882
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 21 Mar 2023 18:43:44 GMT
server
AmazonS3
etag
W/"2e8e5f6f251e442e71ad1eeec0beab78"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
tj3fk8cjjq9ZBoD5Ag_SLYdU9DxMmqTyTzMeqPoHa0qicIY8prEgeg==
/
p1.parsely.com/plogger/
43 B
257 B
Image
General
Full URL
https://p1.parsely.com/plogger/?rand=1682105517079&plid=d17e1bdd-8692-45dc-ba03-c4f0a4cfedcd&idsite=o.canada.com&url=https%3A%2F%2Fo.canada.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22login_status%22%3A%22anonymous%22%7D&sid=1&surl=https%3A%2F%2Fo.canada.com%2F&sref=&sts=1682105517074&slts=0&title=Canada.Com+%7C+Homepage+%7C+Canada.Com&date=Fri+Apr+21+2023+19%3A31%3A57+GMT%2B0000+(GMT)&action=pageview&pvid=674b3e1c-59d8-4f49-b9f5-2aabcf4f2620&u=pid%3D9df0bd56-a353-471e-9870-75d5e970d4ba
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.81.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-81-234.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 19:31:57 GMT
Cache-Control
no-cache
Last-Modified
Friday, 21-Apr-2023 19:31:57 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304190101&jk=1687788293031206&bg=!HB-lH0vNAAYfNdXmPzU7ADkAdvg8WsfOjuMTnkMRay95nmhIPvSXJnKG2lQLH4qJqDPj5aBQNGwDDPXcUI3D0hDiQvYyZCMJ5qoCAAAAfVIAAAACaAEHmQLej8S6weFI1lk1mH5tILp3Urs5M8UekKOAv2QTgkPPLTl2ZuWZWKv4GnM6S21Bb8eL-1ME0TYu8pLyFx0Gs4A3DpXfXtW8JXc6bFbxpREV4ED_pAvl7NgrKcTRc4zipHJO4L1nBg22Rftf7trKeJuuQETRlWXTQeheSD2sQ9drpkaarNVQcuYFymGtDKxOoDj8DHlNlCC4fhzWQBJ8qkV7pUQFwzGwHXozhRmymV6BiM_sn-bhXRc6pNCPFnqViuRxNZWvnukOKOI2XQ97tOtNOCBFf0A-CWAXJV2nSn2L19zsKmMRckPxtSrbC70lvoK_jBEyyypnCpMm_sfNBJ86PIt4EBNRFlyoXUYCyfAjdBMNOqK60GlhjNBngb-iRZ97JcgZsky4rAtd0JEr09ydxE31iQ3rQ6Al7EmlsVK-BwCoBS4d7u20_qx28d8zqoOVNI5s6wAZsWMIxTdUN8OwgY46r1kwwTN0BzdtTdY7MsvQOefROdPUOIiMs2-5j2sZSa1w7eZSKpZM4XQ2GHwomdQxbFxmTS8fnk9n3ccHlWpHq8U0EBbwOw2_9qlwTESnlCkeQ43JcV5cbmcIM_qTypB2jPpwULFkJF_mfyv548_LvoVbUU6alzXXoweAluuJJfretPNWRgJTDOl6RBnbiDGENlzbrEtgULQYmTYbrzEOJ4cF_YRblaJfz5QMc1lrRx8eVgIc72YgfrxI7QHRMZ90MBHoitze2vHc3j3xfJvk_r3k67px2Jd08C-IQvibKCfFLcuCh3b5WZ6Yr054rPQOhB7kF51J-efBPP5WgBcbdkzp8i_oMviK3wJrreRGgYRgrVxF0oTlU5iQ6cY-pV4aUMOxZfUMpGFTURTYNsNP8ADC4bUOXMQqK0kW4lH0mpY5TVdnDinvMzP5_7cwVvbI0R7LMjbovibSg19GfiqFSOJPvrqR0UucL8VPCoTzmeIMOSTdiCQWRUtE260
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

audiences
api.permutive.com/audience-matching/v1/id/e2301df0-f692-496c-a1a4-8e9ba98652f2/
12 B
25 B
XHR
General
Full URL
https://api.permutive.com/audience-matching/v1/id/e2301df0-f692-496c-a1a4-8e9ba98652f2/audiences?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 21 Apr 2023 19:31:57 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
content-type
application/json
8cfcb4cf-e2c6-4b1c-b3de-0a7c7ddc04e8
https://o.canada.com/
84 KB
0
Other
General
Full URL
blob:https://o.canada.com/8cfcb4cf-e2c6-4b1c-b3de-0a7c7ddc04e8
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
38e33cb66d9e6c0ebb591c68943277b0c0f243f3137490010da38c701d0304cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
86284
Content-Type
text/javascript
406ca262f66ac066b3a5.js
sdk.mrf.io/statics/
36 KB
9 KB
Script
General
Full URL
https://sdk.mrf.io/statics/406ca262f66ac066b3a5.js
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:325a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d46f578389f55d019566c270d4f339ed6f4465346d67378ae8c942e56c1299f3

Request headers

Referer
https://o.canada.com/
Origin
https://o.canada.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:57 GMT
content-encoding
gzip
via
1.1 2f72de1f504b6784c7adb04e7fe314f2.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
x-amz-cf-pop
FRA60-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
19
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 29 Mar 2023 08:47:19 GMT
server
cloudflare
etag
W/"cc6530f7f74d19fb1261eea8f519b22a"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
timing-allow-origin
*
cf-ray
7bb80cda0ec09bfe-FRA
x-amz-cf-id
4g_wmcfo55MohKIb27OEmItQei5f5NcZJFEtnNWec83m2R4AJj6SIg==
ingest.php
events.newsroom.bi/
50 B
848 B
XHR
General
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.144.218 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy04.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 21 Apr 2023 19:31:57 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
66
collect
stats.g.doubleclick.net/j/
4 B
151 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-213173459-10&cid=1219204526.1682105516&jid=1522361780&gjid=449095498&_gid=1866035120.1682105517&_u=YCDACAAABAAAACAEK~&z=840631524
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 21 Apr 2023 19:31:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://o.canada.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
XwSvaCKl-33887832.mp4.m3u8
videos-cloudfront.jwpsrv.com/64438d6c_72738203310e95ace7f3d5fe72f14772c2c1f8c5/content/conversions/ReDAXyY4/videos/
2 KB
866 B
XHR
General
Full URL
https://videos-cloudfront.jwpsrv.com/64438d6c_72738203310e95ace7f3d5fe72f14772c2c1f8c5/content/conversions/ReDAXyY4/videos/XwSvaCKl-33887832.mp4.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.26.9/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:5600:3:37c9:30c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
otfp /
Resource Hash
76284052130997bbe259a8a591e8fbab0a165099b6b22df1b44ebf7ca21722ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:05:52 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 fde85e7daa13f95cf6b8f5fa09c62ef6.cloudfront.net (CloudFront)
x-backend
https://s3-external-1.amazonaws.com
x-amz-cf-pop
FRA56-P7
age
92061
x-cache
Hit from cloudfront
fastly-stats
otfp=1
content-length
242
x-served-by
cache-iad-kcgs7200136-IAD, cache-hhn-etou8220065-HHN
server
otfp
x-timer
S1682043974.268023,VS0,VE1
etag
"RH2QEGJktjNvAcUQJE3Rtxc52rayFc8-10BnUHvPrgXmS-GqdcroA5JxShfdh89oiVZcOt4t-jJyT8QSMN4xwCARJR3O"
vary
Accept-Encoding
content-type
application/x-mpegurl
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt
x-amz-cf-id
pjaitLmv7hkgGLMgyKkkziR28mg-5ynk0uyB7qzLa4Nj_M_j0VGEHQ==
x-cache-hits
5, 1
sca.17.6.2.js
static.adsafeprotected.com/ Frame AC4C
91 KB
23 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:b600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
18330941
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
89DnQNkz_7--vx4k661pLPuqKFtFUUkhfdKrlsQ4IMRhlACcifEZdg==
mon
pixel.adsafeprotected.com/
43 B
216 B
Image
General
Full URL
https://pixel.adsafeprotected.com/mon?anId=928934&campId=970x250&pubId=128864101&chanId=68750341&placementId=399614941&pubCreative=113098299181&pubOrder=415819741&cb=981655824&custom=index&custom2=1&adsafe_par&impId=261ce371-e07b-11ed-bc90-06d8cca89c2a&adsafe_url=https%3A%2F%2Fo.canada.com%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:3b2e40f6-bc33-3abb-2a7d-973668b42f32,c:arWRgl,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-67fb65999c-j4cfm,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:315.108.970.250,am:i,cc:315.108.970.250,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:236,mot:0,app:0,maw:0,fm:tC5NkbJ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.928934%7C181%7C182%7C191,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:250,oid:2d9656f6-e07b-11ed-98ce-065c13683b1e,v:19.8.400,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.135.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-135-85.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:31:57 GMT
server
nginx
x-server-name
app08.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
223 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=3b2e40f6-bc33-3abb-2a7d-973668b42f32&tv=%7Bc:arWRgm,pingTime:-8,time:251,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:251,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:250,wc:0.0.1600.1200,ac:315.108.970.250,am:i,cc:315.108.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B12~100%5D,as:%5B12~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tC5NkbJ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.928934%7C181%7C182%7C191,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:251%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:7b32:ecc:3bb3:8669 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:31:57 GMT
server
nginx
x-server-name
ip-10-31-7-207.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=3b2e40f6-bc33-3abb-2a7d-973668b42f32&tv=%7Bc:arWRgz,pingTime:0,time:264,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:250%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:264,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:250,wc:0.0.1600.1200,ac:315.108.970.250,am:i,cc:315.108.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B25~100%5D,as:%5B25~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tC5NkbJ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.928934%7C181%7C182%7C191,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:251%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:7b32:ecc:3bb3:8669 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:31:57 GMT
server
nginx
x-server-name
dt01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
events
jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/
41 B
156 B
Fetch
General
Full URL
https://jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/events
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
331944618efcd63257f48ea16e38dd7c5b04e0aa348dd6a9f6eabd4e9dcc8645

Request headers

Accept
text/plain;charset=UTF-8
Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-hhn-etou8220034-HHN
date
Fri, 21 Apr 2023 19:31:57 GMT
content-encoding
gzip
via
1.1 varnish
server
Kestrel
x-timer
S1682105517.211085,VS0,VE3
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-213173459-10&cid=1219204526.1682105516&jid=1522361780&_u=YCDACAAABAAAACAEK~&z=1899400883
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:31:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-213173459-10&cid=1219204526.1682105516&jid=1522361780&_u=YCDACAAABAAAACAEK~&z=1899400883
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:31:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=3b2e40f6-bc33-3abb-2a7d-973668b42f32&tv=%7Bc:arWRgY,pingTime:-2,time:289,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:173,beZ:175,mfA:409,cmA:411,inA:411,inZ:415,prA:415,prZ:419,si:424,poA:425,poZ:436,cmZ:436,mfZ:436,loA:440,loZ:442,ltA:462,ltZ:462,mdA:175,mdZ:369%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.254,dom:body%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:250%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:289,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:250,wc:0.0.1600.1200,ac:315.108.970.250,am:i,cc:315.108.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B50~100%5D,as:%5B50~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tC5NkbJ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.928934%7C181%7C182%7C191,idMap:18*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:251,slid:%5Bgoogle_ads_iframe_/3081/ccn.com/index_0,google_ads_iframe_/3081/ccn.com/index_0__container__,ad-1,ad__inner-1,main-content%5D,sinceFw:36,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:7b32:ecc:3bb3:8669 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:31:57 GMT
server
nginx
x-server-name
dt16.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sca.17.6.2.js
static.adsafeprotected.com/ Frame 4A2C
91 KB
23 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:b600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
18330941
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
7U9rVr5kAjtSLaDUvlx45r3NZrY0YvIdqD3KqNFK1P7-pp3SPULW_g==
mon
pixel.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://pixel.adsafeprotected.com/mon?anId=928934&campId=970x250&pubId=4811995650&chanId=68750341&placementId=6271300695&pubCreative=138431019205&pubOrder=3184962652&cb=2015102179&custom=index&custom2=2&adsafe_par&impId=261ce372-e07b-11ed-bc90-06d8cca89c2a&adsafe_url=https%3A%2F%2Fo.canada.com%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:3cb6de02-f110-15fa-fb8b-613ff163a2da,c:arWRhv,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-67fb65999c-jd4p6,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:315.1183.970.250,am:i,cc:315.1183.970.250,piv:7,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:160,mot:0,app:0,maw:0,fm:tC5Nkef+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C183%7C19*.928934%7C191,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:166,oid:2d965753-e07b-11ed-bf5e-eac6a0d52e8f,v:19.8.400,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.135.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-135-85.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:31:57 GMT
server
nginx
x-server-name
app11.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=3cb6de02-f110-15fa-fb8b-613ff163a2da&tv=%7Bc:arWRhw,pingTime:-8,time:167,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:167,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:166,wc:0.0.1600.1200,ac:315.1183.970.250,am:i,cc:315.1183.970.250,piv:7,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B6~1%5D,as:%5B6~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tC5Nkef+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C183%7C19*.928934%7C191,idMap:19*,rmeas:1,rend:1,renddet:IMG.qs,siq:167%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:7b32:ecc:3bb3:8669 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:31:57 GMT
server
nginx
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=3cb6de02-f110-15fa-fb8b-613ff163a2da&tv=%7Bc:arWRhH,pingTime:-2,time:178,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:313,beZ:315,mfA:474,cmA:474,inA:474,inZ:475,prA:475,prZ:477,si:480,poA:480,poZ:486,cmZ:486,mfZ:486,loA:489,loZ:490,ltA:491,ltZ:491,mdA:315,mdZ:387%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:7,vs:o,r:l,w:970,h:250,t:166%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:178,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:166,wc:0.0.1600.1200,ac:315.1183.970.250,am:i,cc:315.1183.970.250,piv:7,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B17~1%5D,as:%5B17~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tC5Nkef+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C183%7C19*.928934%7C191,idMap:19*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:IMG.qs,siq:167,slid:%5Bgoogle_ads_iframe_/3081/ccn.com/index_1,google_ads_iframe_/3081/ccn.com/index_1__container__,ad-2,ad__inner-2,main-content%5D,sinceFw:11,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:7b32:ecc:3bb3:8669 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:31:57 GMT
server
nginx
x-server-name
dt15.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=3b2e40f6-bc33-3abb-2a7d-973668b42f32&tv=%7Bc:arWRhS,time:345,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:345,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:250,wc:0.0.1600.1200,ac:315.108.970.250,am:i,cc:315.108.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B106~100%5D,as:%5B106~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tC5NkbJ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.928934%7C181%7C182%7C19.928934%7C191,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:251%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:7b32:ecc:3bb3:8669 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:31:57 GMT
server
nginx
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
rfv.php
compassdata.mrf.io/
27 B
468 B
XHR
General
Full URL
https://compassdata.mrf.io/rfv.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.144.218 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy04.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryzccK1JvdhW7zH7AA

Response headers

date
Fri, 21 Apr 2023 19:31:57 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
42
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=3cb6de02-f110-15fa-fb8b-613ff163a2da&tv=%7Bc:arWRia,time:207,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:207,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:166,wc:0.0.1600.1200,ac:315.1183.970.250,am:i,cc:315.1183.970.250,piv:7,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B46~1%5D,as:%5B46~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tC5Nkef+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C183%7C19*.928934%7C191,idMap:19*,rmeas:1,rend:1,renddet:IMG.qs,siq:167%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:7b32:ecc:3bb3:8669 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:31:57 GMT
server
nginx
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
thirdpartycookie
api.viafoura.co/v2/o.canada.com/
45 B
646 B
XHR
General
Full URL
https://api.viafoura.co/v2/o.canada.com/thirdpartycookie?section=
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4846:b2d5:abb3:78ee:3922 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356

Request headers

Accept
application/json, text/plain, */*
Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-instance-id
i-0d5bbfa84039deb7a
pragma
no-cache
date
Fri, 21 Apr 2023 19:31:57 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://o.canada.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Fri, 21 Apr 2023 19:31:57 GMT
/
adv.office-partner.de/ Frame CDC5
930 B
931 B
Document
General
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request.php?zone=htlmx5cd89bk&nw=20&renderingType=javascript&namespace=f9c34faa0a&subid=&uid=83df7d97484a0172&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7567641301338255845%26mt_id%3D6622404%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fo.canada.com%2F&ancestorOrigins=https%3A%2F%2Fo.canada.com%2Chttps%3A%2F%2Fo.canada.com&random=582211460554&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://o.canada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Fri, 21 Apr 2023 19:31:57 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Fri, 28 Apr 2023 19:31:57 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn-engine
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
htlp
futalis.de/ Frame 9F8E
Redirect Chain
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=91007500126201500951435012301029&ra_cnt_active=1&ra_cnt=1
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2628011022
350 B
401 B
Document
General
Full URL
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2628011022
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request.php?zone=htlmx5cd89bk&nw=20&renderingType=javascript&namespace=f9c34faa0a&subid=&uid=83df7d97484a0172&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7567641301338255845%26mt_id%3D6622404%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fo.canada.com%2F&ancestorOrigins=https%3A%2F%2Fo.canada.com%2Chttps%3A%2F%2Fo.canada.com&random=582211460554&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.14.134 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lb-2.futalis.de
Software
/
Resource Hash
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer
https://o.canada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
350
content-type
text/html; charset=utf-8

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
date
Fri, 21 Apr 2023 19:31:57 GMT
location
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2628011022
p3p
policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server
Apache
xphp81
true
link.html
track.webgains.com/ Frame A69A
2 KB
2 KB
Script
General
Full URL
https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=91007500126201500951435012301029&nw=1
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.168.48.81 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-168-48-81.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
2e35bf65da4693968ba63c8295b9dd40cb3fef34cf1ddeeafd8e79f4b80ae1ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:57 GMT
last-modified
Fri, 21 Apr 2023 19:31:57 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Fri, 21 Apr 2023 19:32:57 GMT
activityi;dc_pre=CI_k5q7bu_4CFYGoGAodq1cMVA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7040209637351.578
8019191.fls.doubleclick.net/ Frame 7B93
Redirect Chain
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7040209637351.578?
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CI_k5q7bu_4CFYGoGAodq1cMVA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7040209637351.578?
391 B
327 B
Document
General
Full URL
https://8019191.fls.doubleclick.net/activityi;dc_pre=CI_k5q7bu_4CFYGoGAodq1cMVA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7040209637351.578?
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
3acda166db3d17db93e3ac90837589684ce4635628dac43659fe0261dbc27e2b
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://o.canada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
218
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 21 Apr 2023 19:31:57 GMT
expires
Fri, 21 Apr 2023 19:31:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 21 Apr 2023 19:31:57 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8019191.fls.doubleclick.net/activityi;dc_pre=CI_k5q7bu_4CFYGoGAodq1cMVA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7040209637351.578?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal900029.redintelligence.net/ Frame 5299
7 KB
2 KB
Document
General
Full URL
https://hal900029.redintelligence.net/request_content.php?s=91007500126201500951435012301029&a=11e12815
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request.php?zone=htlmx5cd89bk&nw=20&renderingType=javascript&namespace=f9c34faa0a&subid=&uid=83df7d97484a0172&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7567641301338255845%26mt_id%3D6622404%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fo.canada.com%2F&ancestorOrigins=https%3A%2F%2Fo.canada.com%2Chttps%3A%2F%2Fo.canada.com&random=582211460554&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
723fcfc8e7b1bb228ec7a3e8786677486e620eee27dcf7eda3c91bb7d64821b5

Request headers

Referer
https://o.canada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2169
Content-Type
text/html; charset=utf-8
Date
Fri, 21 Apr 2023 19:31:57 GMT
Expires
Fri, 21 Apr 2023 20:31:57 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
cshow.php
www.awin1.com/ Frame A69A
43 B
702 B
Image
General
Full URL
https://www.awin1.com/cshow.php?s=2874697&v=22610&q=408799&r=296283&pref1=91007500126201500951435012301029&pv=1
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.85.47.224 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-85-47-224.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 19:31:57 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
cshow.php
www.awin1.com/ Frame A69A
43 B
702 B
Image
General
Full URL
https://www.awin1.com/cshow.php?s=2338577&v=11830&q=357066&r=296283&pref1=91007500126201500951435012301029&pv=1
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.85.47.224 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-85-47-224.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 19:31:57 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
rd_log
ams3-ib.adnxs.com/ Frame A69A
0
929 B
Script
General
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fo.canada.com%2F&e=wqT_3QKBDciBBgAAAwDWAAUBCKvJi6IGEJrh_MjI6ZqObRgAKjYJGZ8CYDyDzj8R0VzprWiQxj8ZAAABAgzgPyHRDRIEKRcNJAAxARm4AADgPzD2i88JOIk9QKccSAJQ4ouKygFYzY5jYABonsdmeO3zBYABAYoBA1VTRJIFBvBMmAHKB6AB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDY2Nzg4NzMsIDApO3VmKCdpJywgNzY4ODA0MiwgMCkFFCxnJywgMTkyMDQ3MDkVKTBzJywgMjc5NTQwNTg2FRYwcicsIDQyMzc5MDA1MAUW9F4BkgLVBCE2WEJhZkFpNnFlb1pFT0tMaXNvQkdBQWd6WTVqTUFFNEFFQUFTS2NjVVBhTHp3bFlBR0RfX19fX0QyZ0FjQUY0QVlBQkFZZ0JBWkFCQVpnQkFhQUJBcWdCQXJBQkFMa0JnNnhGVl9iVHl6X0JBWEo4MXRvd2c4NF95UUVBQUFBQUFBRHdQOWtCa0lncGtVUXY3VF9nQWVxZTFRUDFBUUFBd0VDWUFnQ2dBZ0MxQWdBQUFBQzlBZ0FBQUFEQUFnSElBZ0hRQWdIWUFnSGdBZ0RvQWdENEFnQ0FBd0dZQXdHaUF3NEk1LWZ6S2hBRUdBRXRwUG1ZTzZJRERnaVFnY01sRUFvWUFTMEFBSUFfb2dNT0NPeUxrQ1lRQ3hnQ0xRQUFBQUM2QXdsQlRWTXpPall3TmpuZ0E2NF9nQVRKemJRSmlBVE1rTFFLa0FRQW1BUUVvQVFVd1FRQUFBBd0QQUFNa0UNCiRBQUFEWUJBRHhCAQsNAURpQVcxTDVnRjZ1YWxoUUdwQlENGRRQQV9zUVUNDQFIBEVGAQcJAQRESgUoHE9Bdmc5NF8wLigABE5rFSjAOERfZ0JaNjZBZkFGNVpTVUNmZ0YyZEtYQTRJR0EwVlZVb2dHQUpBR0FaZ0dBS0VHQQldMEFHRUNvQmdTeUJpUUoNEwEBAFIBBQ0BAFoNCAEBAGgBBQkBQEM0QmdvLpoCmQEhU3hNTVVnOlkCKE0yT1l5QUFLQUF4CTEBbXxBNkNVRk5Vek02TmpBMk9VQ3VQMG1RaUNtUlJDX3RQMT1ABEZrETcFORUBAEcdGABIHTAMSGdBaS5pAsB3Li7YAgDgAoSgPeoCFWh0dHBzOi8vby5jYW5hZGEuY29tL_ICEQoGQURWX0lEEgc2aYQc8gISCgZDUEcBFAAIcXABFQgFQ1ABFAQJMnFvPPICDQoIQURWX0ZSRVESATAFEBxSRU1fVVNFUgUQAAwJIBhDT0RFEgDyAQ8BWREPEAsKB0NQFQ4QEAoFSU8BYQgHNzZl-QDyASEESU8VITgTCg9DVVNUT01fTU9ERUwBKxQA8gIaChYyFgAcTEVBRl9OQU0FcQgeCho2HQAIQVNUAT4QSUZJRUQBPhwVCghTUExJVAFNGdnwhoADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA-GtC-ADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAw4MC4yNTUuNy4xMDmoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQOMzYyMyNBTVMzOjYwNjnaBAIIAeAEAfAE4qFkIIgFAZgFAKAF_xEBGAHABQDJBQAFARTwP9IFCQkFC3gAAADYBQHgBQHwBb0E-gUECAAQAJAGAJgGALgGAMEGASAwAADwP9AGmA7aBhYKEAkRGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAft8wXSBw0VYwEmCNoHBgFdcBgA4AcA6gcCCADwB_6dAYoIAhAAlQgAAIA_mAgB&s=efa1dcddc2b9e8dd972f025136467ca0f4589885&bdref=https%3A%2F%2Fo.canada.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fo.canada.com%2F,https%3A%2F%2Fo.canada.com%2F,https%3A%2F%2Fo.canada.com%2F&
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 19:31:57 GMT
AN-X-Request-Uuid
8aa0cf41-20b4-40bd-b656-1080543c5ee6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.109; 80.255.7.109; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
multimedia.php
events.newsroom.bi/
12 B
0
Fetch
General
Full URL
https://events.newsroom.bi/multimedia.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/406ca262f66ac066b3a5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.144.218 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy04.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:31:57 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
12
vevent
ams3-ib.adnxs.com/ Frame A69A
0
948 B
Ping
General
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fo.canada.com%2F&e=wqT_3QLRCuhRBQAAAwDWAAUBCKvJi6IGENHUxN__3evHVBgAKjYJWYtPATCesT8RfgbUm1HzrT8ZAAAAYLgeIkAhfg0SACkRJMgxAAAAwB6F9z8w84vPCTiJPUAdSAhQ9427tgFYzY5jYABonsdmeO3zBYABAYoBA1VTRJIFBvSbAZgBygegAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKEoD3qAhVodHRwczovL28uY2FuYWRhLmNvbS-AAwCIAwGQAwCYAxegAwGqA9AGCocGaHR0cDovL3RhZ3MubWF0aHRhZy5jb20vbm90aWZ5L2ltZz9leGNoPWFwbiZzX2V4Y2g9YXBuJmlkPTVhVzk1cTJqTHpJekx5QXZXa1JyTkUxNlJYcE9SRlYwVFVSQmQwMURNSGROUkVGM1RGUkJkMDFFUVhSTlJFRjNUVVJCZDAxRVFYZE5SRUYzTHpjMU5qYzJOREV6TURFek16Z3lOVFU0TkRVdk5qWXlNalF3TkM4ME5UWXlNekV5THpFekwwdDRaak5vYUhWUE1HbFlZVFJwU0Rab2VWZDZOMUJOZGtkTllUVmxNMU4xV1Vkc2JubzJVVTlwYnpBdk1TOHhNeTh3THpBdk9UVTJPREF6THpFek5UZzRPVEE0TmpFdk1qRTJOVE0yTHpZMU1UZzNNUzh4THpBdk1DOU5SRUYzVFVSQmQFxARSTgHEEFRVTXdkBRAMZE1WRQ3kEEUxRVFYLQQIVVJCCSAgY3ZNQzh3THpBDQgAY2L8AAxlbkpvASh8TmpBMUx6VXpMems1T1M4ek1qSXZPREF1TWpVMUxqY3UFUPCLakF3TUM4eE5qZ3lNVEExTlRFMUx6RTJPREl4TVRneE1UVXZNVE12TnpneE55OC9TeHpjdlFIZnJvX2VwU1FpUVJYYnFmQVJGeUUmbm9kZWlkPTM3NzEmZ3JvdXA9enJoJmF1Y3Rpb25pZD03NTY3NjQxMzAxMzM4MjU1ODQ1JnBic19hdWN0aW9uaWRSIgAcc2hhcmRrZXlSHQDwhnByaWNlPSR7QVVDVElPTl9QUklDRX0mYnA9YV9hZ2lpY2EmbmZ5X2FjdD1MRDV3ZjNVJmJmaXA9MTg1LjI5LjEzNS41OCZzaWQ9NDU2MjMxMiZjaWQ9NjYyMjQwNCZzcmM9YXBpJnR5cGU9bnVybCZjbGllbnQ9czJzEhM3NTY3NjQxMzAxMxHPsBoTNjA5MzI4MTE2NjYwMjg3MzQyNSIJMzgyNjUwMTAzKgYxMDE5MzY6BzY2MgFj8IvAA6wCyAMA2APhrQvgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTA5qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8AT3jbu2AYgFAZgFAKAFlpLx6uPos-BTwAUAyQUAAAAAAADwP9IFCQkAAAkOcNgFAeAFAfAFi-tL-gUECAAQAJAGAJgGALgGAMEGCSMs8D_QBvmrAdoGFgoQCRIZAZgQABgA4AYB8gYCCACABwGIBwCgBwGqBwY2NTE4NzHIB-3zBdIHDQkRMQEvCNoHBgFncBgA4AcA6gcCCADwB_6dAYoIAhAAlQgAAIA_mAgB&s=550abcb847d8d3b817546b5a28a0c0f10950caaf&type=nv&nvt=5&jm=1003&px=315&py=108&bw=970&bh=250&sid=5298621491395528118&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=20170227&sw=1600&sh=1200&pw=1600&ph=7146&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 19:31:57 GMT
AN-X-Request-Uuid
a0f98944-fc06-4aa0-9186-88a9f703fa62
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://o.canada.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.109; 80.255.7.109; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
intl-messageformat.0e09ec0cffaa9801c650.js
cdn.viafoura.net/chunks/vendors~languages/
17 KB
5 KB
Script
General
Full URL
https://cdn.viafoura.net/chunks/vendors~languages/intl-messageformat.0e09ec0cffaa9801c650.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:6c00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6c9614f1401dc42fe6f751a15a8367f368a9039e6d7a0ae21ad2cbb76206636

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:24:32 GMT
x-amz-version-id
LVAK1LJtUVH1Hv6FbAXWI.xfuh1EQ_jP
content-encoding
br
via
1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
94045
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 20 Apr 2023 17:24:07 GMT
server
AmazonS3
etag
W/"22eca6d9b05cdf46afddc24ceaffb6fe"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
wZNrmPY7YYHhDCieGND0XtUGjYEwYITKmSJzPhkDkuT4yMyKVh4frA==
intl-messageformat.d368d82b6d71f102ea2c.js
cdn.viafoura.net/chunks/languages/
135 B
615 B
Script
General
Full URL
https://cdn.viafoura.net/chunks/languages/intl-messageformat.d368d82b6d71f102ea2c.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:6c00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8caeab78359986955e2826084c61cba11bc2c792be07f05e48fc3d6ef0132bc9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:24:33 GMT
x-amz-version-id
JMfNUFx5zMo_.hoRKPZ6JjvesHlJrC3g
via
1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
94045
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
135
last-modified
Thu, 20 Apr 2023 17:24:02 GMT
server
AmazonS3
etag
"2a09d84c825486142e012415a4a950ba"
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
WMZTy_KyHGt5Ec6U-Uilvso7bS-HbXExuf8frDJGKsVA1rdoVW5Mkw==
en-us-base-json.d7b4184767ddff7fd583.js
cdn.viafoura.net/chunks/languages/
19 KB
5 KB
Script
General
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-base-json.d7b4184767ddff7fd583.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:6c00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9c47aa1425aeedba880457b3e0911b5fd58de6d1a632f88caa5523b0954cf61c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:24:32 GMT
x-amz-version-id
Jde8Y_3_qb5IDHpRF_wTYt72KVtHefNr
content-encoding
br
via
1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
94046
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 20 Apr 2023 17:24:03 GMT
server
AmazonS3
etag
W/"db8be6937c473cdc816fd49641baecb2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
c9KQDJZY2ihwPEcbUE3HcLoQNjxYBLeFm1OHz6LfTDNsVSuudp-Ydw==
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=3b2e40f6-bc33-3abb-2a7d-973668b42f32&tv=%7Bc:arWRm7,pingTime:-10,time:608,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEyLjAuNTYxNS4xMjEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1682105517518%7C%7C3e593f168c686f1e0db36770f32a9261%7C%7Cd7e4f3761ec4d518bf16fea4156937e7%7C%7C5fa6e896bac358caaed31582445585ed%7C%7C01dc9cb095995b605d05b53e6182ea7d%7C%7C389db31813607410ea41944f23bcf28e%7C%7C90ef2f734755d5234a6cbc74275de692%7C%7Ccec299a196b1332860ad3621ae5cbc16%7C%7C1663701684%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:7b32:ecc:3bb3:8669 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:31:57 GMT
server
nginx
x-server-name
dt05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
css
fonts.googleapis.com/ Frame 5299
5 KB
769 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=91007500126201500951435012301029&a=11e12815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7bc65b9b935eee5be74ed156fd16e55e9bbfd127cd3341208e7d4fc64addc1cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 21 Apr 2023 19:31:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 21 Apr 2023 19:12:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 21 Apr 2023 19:31:57 GMT
/
hal9000.redintelligence.net/scale/ Frame 5299
56 KB
56 KB
Image
General
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=125&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=91007500126201500951435012301029&a=11e12815
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.38.64.201.138.clients.your-server.de
Software
Apache /
Resource Hash
0387da9010261ab4e5bef6194af94474a9228a6afdb73223e8778d1d6d994e39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 19:31:57 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
57466
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 5299
62 KB
63 KB
Image
General
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=125&url=https://cdn.contentspread.net/24i/advertiser/59171/creativesup/vega-1200x627.jpg
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=91007500126201500951435012301029&a=11e12815
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.38.64.201.138.clients.your-server.de
Software
Apache /
Resource Hash
dae7ddb5ba85772b9f2739baddb8a322a457aba1a457a2b4c81ef6850a100002

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 19:31:57 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
63850
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 5299
46 KB
46 KB
Image
General
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=125&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=91007500126201500951435012301029&a=11e12815
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.38.64.201.138.clients.your-server.de
Software
Apache /
Resource Hash
3b9aa2938145da6c6e5d66e207a72840c1cf6f940c6f870e7c4ce1b90ec67c68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 19:31:57 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
47178
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 5299
64 KB
64 KB
Image
General
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=125&url=https://cdn.contentspread.net/24i/advertiser/32783/creativesup/1200x627-1.jpg
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=91007500126201500951435012301029&a=11e12815
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.38.64.201.138.clients.your-server.de
Software
Apache /
Resource Hash
6d3061f28b0b38b1f437401c289b9cb3f0e5365533654aa6f3daff3f33ff9d8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 19:31:57 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/png
LoginRadiusV2.js
auth.lrcontent.com/v2/
199 KB
46 KB
Script
General
Full URL
https://auth.lrcontent.com/v2/LoginRadiusV2.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:48e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68a335c0d87dce935fee1811892070e78c514828d50bfe2ae21fde739ec1002c
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:57 GMT
strict-transport-security
max-age= 63072000; includeSubdomains; preload
via
1.1 beda7ef1ba9a3d6628bdfdae06bd482c.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
gzip
age
482
x-amz-cf-pop
AMS1-P2
cf-polished
origSize=1238069
x-cache
Hit from cloudfront
cf-bgj
minify
last-modified
Mon, 13 Dec 2021 05:19:58 GMT
server
cloudflare
etag
W/"ae3463c4a59ae100b160ed4dd5dbf4b8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7bb80cdcd9b9362b-FRA
x-amz-cf-id
0kHGAJ8wHpWZ5lu67dlbQvDBNeDlHjUzdE_jdSEOCx_y7WL7D6XBxQ==
ingest
i.viafoura.co/v3/o.canada.com/
67 B
390 B
Ping
General
Full URL
https://i.viafoura.co/v3/o.canada.com/ingest
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.11.97 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-11-97.compute-1.amazonaws.com
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://o.canada.com
date
Fri, 21 Apr 2023 19:31:57 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/png
content-length
67
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=3cb6de02-f110-15fa-fb8b-613ff163a2da&tv=%7Bc:arWRn3,pingTime:-10,time:510,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEyLjAuNTYxNS4xMjEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1682105517518%7C%7C3e593f168c686f1e0db36770f32a9261%7C%7Cd7e4f3761ec4d518bf16fea4156937e7%7C%7C5fa6e896bac358caaed31582445585ed%7C%7C01dc9cb095995b605d05b53e6182ea7d%7C%7C389db31813607410ea41944f23bcf28e%7C%7C90ef2f734755d5234a6cbc74275de692%7C%7Ccec299a196b1332860ad3621ae5cbc16%7C%7C1663701684,sca:%7Bspg:3b2e40f6-bc33-3abb-2a7d-973668b42f32%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:7b32:ecc:3bb3:8669 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:31:57 GMT
server
nginx
x-server-name
dt01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1685973801652415&ev=PageView&dl=https%3A%2F%2Fo.canada.com%2F&rl=&if=false&ts=1682105517610&sw=1600&sh=1200&v=2.9.102&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22514537319740368%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22503487844400487%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%221042784969583558%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%22858678751523779%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[4]=%7B%22extractorID%22%3A%221127243281129742%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[5]=%7B%22extractorID%22%3A%22497819211464386%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&cs_est=true&fbp=fb.1.1682105517610.400275295&it=1682105517052&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f128:181:face:b00c:0:25de Sofia, Bulgaria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 21 Apr 2023 19:31:57 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
viewability
hal900029.redintelligence.net/ Frame 5299
0
150 B
Script
General
Full URL
https://hal900029.redintelligence.net/viewability?s=91007500126201500951435012301029&a=445908cd&vb=m
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=91007500126201500951435012301029&a=11e12815
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/request_content.php?s=91007500126201500951435012301029&a=11e12815
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 19:31:57 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
gtm.js
www.googletagmanager.com/ Frame CDC5
106 KB
41 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0ae8b5909646db07cd9c2f9fe853a20e1801b47700c5ba88f78dfa14bd3d3b3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41607
x-xss-protection
0
last-modified
Fri, 21 Apr 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 21 Apr 2023 19:31:57 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 5299
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900029.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 11:33:32 GMT
x-content-type-options
nosniff
age
201505
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13052
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Apr 2024 11:33:32 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 5299
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900029.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:05:23 GMT
x-content-type-options
nosniff
age
62794
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 Apr 2024 02:05:23 GMT
svod-module-js.94b7bc8ce15d628282ac.js
cdn.viafoura.net/chunks/vuex_store/
6 KB
3 KB
Script
General
Full URL
https://cdn.viafoura.net/chunks/vuex_store/svod-module-js.94b7bc8ce15d628282ac.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:6c00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
33eed00bcfb57f612fd7279735f1b7007f8dfc636c1ac62025acec15e8810775

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:24:33 GMT
x-amz-version-id
DDD7XTAeD4iSKbQnLE27zmDzO_VAh7bV
content-encoding
br
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
age
94045
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 20 Apr 2023 17:24:06 GMT
server
AmazonS3
etag
W/"43869bfff5836bf85c70d018e53440d0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
ThOCdE46BYfWc4Yb1FzUX_PbT2qNZpHuqHF80t9Oox5CMgOK3IKn_A==
pvClk.min.js
analytics.webgains.io/ Frame A69A
85 KB
31 KB
Script
General
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=91007500126201500951435012301029&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-120.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 10:19:46 GMT
content-encoding
gzip
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
last-modified
Wed, 15 Mar 2023 17:26:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
33132
etag
W/"876c293e6c37046ecb0c11ce2e276942"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
_0mB2hDxdVS7yp-CX3pS79Q68OPUoNmwbGdwOPsrtTd6wwFzFsf0ug==
1x1_0.png
cdn.track.production.webgains.team/7121/ Frame A69A
3 KB
3 KB
Image
General
Full URL
https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1682105817&Signature=ZAjYlC~K-W7dV-kout6Zn7K-AX5dts82R5z4LepQDrh6oINeLYATBR5YSCiiQO38NeKYWHsD0EjvjhY3UsnNaSAk8YQhWoZN5ezli081sng6ft27hwqtx0H9DKW7uJpkSXH36wTeLJ7Vm5gffxTXINbKO5x7Wf6I~GVg~JdJtqW2YluJLrFNNTaodEqhUa1Z4u2ta5NpViHcZZ18wo260XHI0SAhAvCNhzi-IhfSit5z2CntPfC5xrJ~QtMFbF0w9hhd2RbQormM9rgLQxzaxW0bX1muFd9bNvDqy85edE-ni76ZfsiInTaT~U1f3Yobl9Z7BUZTNRo1SC~h5WDoBA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-53.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 21 Apr 2023 18:43:37 GMT
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
2901
etag
"4e57de0506fbdb487ffcd53b450caee1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2808
x-amz-cf-id
KaVExeHp8EaUFtrYeKk2gPzQnSDem5oYzwf3m-wJyWznt3gOh-2ykw==
appInfo
config.lrcontent.com/ciam/ Frame
0
0
Preflight
General
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:49e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://o.canada.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
x-requested-with
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://o.canada.com
allow
GET, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7bb80cde496bbbc5-FRA
date
Fri, 21 Apr 2023 19:31:57 GMT
server
cloudflare
vary
Origin
appInfo
config.lrcontent.com/ciam/
4 KB
1 KB
XHR
General
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Requested by
Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:49e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93a557f41179732c40fd51469ae8a7f7a8170259f6948b6adea8ea623e8144f0

Request headers

Referer
https://o.canada.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:57 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
access-control-allow-origin
https://o.canada.com
cache-control
max-age=86400
cf-ray
7bb80cdeca25bbc5-FRA
ts.js
cdn.retailads.net/ Frame 9F8E
5 KB
5 KB
Script
General
Full URL
https://cdn.retailads.net/ts.js
Requested by
Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2628011022
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a01:4f8:d0a:2321::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futalis.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:57 GMT
last-modified
Wed, 05 Apr 2023 20:14:46 GMT
server
Apache
etag
"1416-5f89c717cdc2f"
content-type
application/javascript
xphp81
true
accept-ranges
bytes
content-length
5142
login
postmedia.hub.loginradius.com/ssologin/ Frame
0
0
Preflight
General
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://o.canada.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
x-requested-with
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin
https://o.canada.com
Connection
keep-alive
Date
Fri, 21 Apr 2023 19:31:58 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-LoginRadius-Server
Primary - IDX - AWS
X-Server
ms_idx_primary
login
postmedia.hub.loginradius.com/ssologin/
38 B
546 B
XHR
General
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Requested by
Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://o.canada.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 19:31:58 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://o.canada.com
X-LoginRadius-Server
Primary - IDX - AWS
Access-Control-Allow-Credentials
true
X-Server
ms_idx_primary
Connection
keep-alive
Content-Length
38
/
www.facebook.com/tr/ Frame 739B
0
69 B
Document
General
Full URL
https://www.facebook.com/tr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f128:181:face:b00c:0:25de Sofia, Bulgaria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://o.canada.com
Referer
https://o.canada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://o.canada.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Fri, 21 Apr 2023 19:31:58 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=3b2e40f6-bc33-3abb-2a7d-973668b42f32&tv=%7Bc:arWRwJ,pingTime:1,time:1266,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:250%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1266,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:250,wc:0.0.1600.1200,ac:315.108.970.250,am:i,cc:315.108.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1027~100%5D,as:%5B1027~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:171,fm:tC5NkbJ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.928934%7C181%7C182%7C19.928934%7C191,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:251,sis:396%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:7b32:ecc:3bb3:8669 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:31:58 GMT
server
nginx
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=3b2e40f6-bc33-3abb-2a7d-973668b42f32&tv=%7Bc:arWRwK,pingTime:1,time:1267,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:250%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1267,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:250,wc:0.0.1600.1200,ac:315.108.970.250,am:i,cc:315.108.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1028~100%5D,as:%5B1028~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:171,fm:tC5NkbJ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.928934%7C181%7C182%7C19.928934%7C191,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:251,sis:396,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:7b32:ecc:3bb3:8669 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:31:58 GMT
server
nginx
x-server-name
dt06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=3b2e40f6-bc33-3abb-2a7d-973668b42f32&tv=%7Bc:arWRwK,pingTime:1,time:1267,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:250%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1267,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:250,wc:0.0.1600.1200,ac:315.108.970.250,am:i,cc:315.108.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1028~100%5D,as:%5B1028~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:171,fm:tC5NkbJ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.928934%7C181%7C182%7C19.928934%7C191,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:251,sis:396,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:7b32:ecc:3bb3:8669 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:31:58 GMT
server
nginx
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
events
api.permutive.com/v2.0/batch/
101 B
130 B
XHR
General
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
5c99be41a3ecc8d28f4849c988b7a21dddd6ae501713598d3dd90816aeccb5a0

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 21 Apr 2023 19:31:58 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
vevent
ams3-ib.adnxs.com/ Frame A69A
0
948 B
Ping
General
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fo.canada.com%2F&e=wqT_3QLRCuhRBQAAAwDWAAUBCKvJi6IGENHUxN__3evHVBgAKjYJWYtPATCesT8RfgbUm1HzrT8ZAAAAYLgeIkAhfg0SACkRJMgxAAAAwB6F9z8w84vPCTiJPUAdSAhQ9427tgFYzY5jYABonsdmeO3zBYABAYoBA1VTRJIFBvSbAZgBygegAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKEoD3qAhVodHRwczovL28uY2FuYWRhLmNvbS-AAwCIAwGQAwCYAxegAwGqA9AGCocGaHR0cDovL3RhZ3MubWF0aHRhZy5jb20vbm90aWZ5L2ltZz9leGNoPWFwbiZzX2V4Y2g9YXBuJmlkPTVhVzk1cTJqTHpJekx5QXZXa1JyTkUxNlJYcE9SRlYwVFVSQmQwMURNSGROUkVGM1RGUkJkMDFFUVhSTlJFRjNUVVJCZDAxRVFYZE5SRUYzTHpjMU5qYzJOREV6TURFek16Z3lOVFU0TkRVdk5qWXlNalF3TkM4ME5UWXlNekV5THpFekwwdDRaak5vYUhWUE1HbFlZVFJwU0Rab2VWZDZOMUJOZGtkTllUVmxNMU4xV1Vkc2JubzJVVTlwYnpBdk1TOHhNeTh3THpBdk9UVTJPREF6THpFek5UZzRPVEE0TmpFdk1qRTJOVE0yTHpZMU1UZzNNUzh4THpBdk1DOU5SRUYzVFVSQmQFxARSTgHEEFRVTXdkBRAMZE1WRQ3kEEUxRVFYLQQIVVJCCSAgY3ZNQzh3THpBDQgAY2L8AAxlbkpvASh8TmpBMUx6VXpMems1T1M4ek1qSXZPREF1TWpVMUxqY3UFUPCLakF3TUM4eE5qZ3lNVEExTlRFMUx6RTJPREl4TVRneE1UVXZNVE12TnpneE55OC9TeHpjdlFIZnJvX2VwU1FpUVJYYnFmQVJGeUUmbm9kZWlkPTM3NzEmZ3JvdXA9enJoJmF1Y3Rpb25pZD03NTY3NjQxMzAxMzM4MjU1ODQ1JnBic19hdWN0aW9uaWRSIgAcc2hhcmRrZXlSHQDwhnByaWNlPSR7QVVDVElPTl9QUklDRX0mYnA9YV9hZ2lpY2EmbmZ5X2FjdD1MRDV3ZjNVJmJmaXA9MTg1LjI5LjEzNS41OCZzaWQ9NDU2MjMxMiZjaWQ9NjYyMjQwNCZzcmM9YXBpJnR5cGU9bnVybCZjbGllbnQ9czJzEhM3NTY3NjQxMzAxMxHPsBoTNjA5MzI4MTE2NjYwMjg3MzQyNSIJMzgyNjUwMTAzKgYxMDE5MzY6BzY2MgFj8IvAA6wCyAMA2APhrQvgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTA5qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8AT3jbu2AYgFAZgFAKAFlpLx6uPos-BTwAUAyQUAAAAAAADwP9IFCQkAAAkOcNgFAeAFAfAFi-tL-gUECAAQAJAGAJgGALgGAMEGCSMs8D_QBvmrAdoGFgoQCRIZAZgQABgA4AYB8gYCCACABwGIBwCgBwGqBwY2NTE4NzHIB-3zBdIHDQkRMQEvCNoHBgFncBgA4AcA6gcCCADwB_6dAYoIAhAAlQgAAIA_mAgB&s=550abcb847d8d3b817546b5a28a0c0f10950caaf&type=pv&jm=1003&px=315&py=108&bw=970&bh=250&sf=1&sid=5298621491395528118&vd=ct~0|rr~5&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=20170227&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 19:31:58 GMT
AN-X-Request-Uuid
1a9f16ea-f07d-48a0-875f-a159c75db139
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://o.canada.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.109; 80.255.7.109; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dc_pre=CI_k5q7bu_4CFYGoGAodq1cMVA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7040209637351.578
adservice.google.com/ddm/fls/z/ Frame 7B93
42 B
262 B
Image
General
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CI_k5q7bu_4CFYGoGAodq1cMVA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7040209637351.578
Requested by
Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CI_k5q7bu_4CFYGoGAodq1cMVA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7040209637351.578?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8019191.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:31:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking-event
api.webgains.io/ Frame A69A
16 B
232 B
Fetch
General
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.81.67 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-81-67.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 21 Apr 2023 19:31:58 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame
0
0
Preflight
General
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.81.67 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-81-67.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://o.canada.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Fri, 21 Apr 2023 19:31:58 GMT
server
nginx
view
securepubads.g.doubleclick.net/pcs/ Frame 31F6
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu5yO77ZO2SbbCwfYfp6O5M5hNCxZxlPSK4eM7oiyxLm7fL-sSE1uof2ibflaKfNRQsl0p2H1Yf7HAZubOqasR36RxcMQKDtlm-Ef9seFNLC9npq-4iv0CEbvvhzTYX-rQG2mGqnk35yy-D1J2BeuLZHJtHtcBp2pCgcXGO9QJu9d-u44UTS0dWqdgT7GH26Jo_7n5jV8wcCpjwDWZEf09w-bT7aBe5nB3nmUkke4hSRtqceKq385T5nosbiB4f9y-bVo31UJ-VjTypbnO-HTjbKZgm-PvfDga5HAHfqoISBqFuP8Cim9fWn68qdjLJ&sai=AMfl-YTrmTC1gnnAK4o8qE99sB_VtpqCVUnrpUKRX4FHcvzexe-w45R9m68n8tKW_XmXpxoRcF7VTPvki72gJUDUH38AIq6gCnCDysXpvFf3y3DD05TlmQXCLu_UoSI-Mmw&sig=Cg0ArKJSzGvL-j8jIKVMEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:31:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 21 Apr 2023 19:31:58 GMT
viewability
hal900029.redintelligence.net/ Frame 5299
0
150 B
Script
General
Full URL
https://hal900029.redintelligence.net/viewability?s=91007500126201500951435012301029&a=445908cd&vb=v
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=91007500126201500951435012301029&a=11e12815
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/request_content.php?s=91007500126201500951435012301029&a=11e12815
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 19:31:58 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
activeview
pagead2.googlesyndication.com/pcs/ Frame 31F6
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvhBgiMxOR_j4shvYNn0BpDzNoRj6x4RTu-0NFGNL-vrhlz3ZCtUvgPV3RLtSh5mF-xQ_TbL2GRe2GBprgqiDei4Ep_3aXOLASBD7rStKx9qJigB70A&sig=Cg0ArKJSzJBvLydnkuOFEAE&id=lidar2&mcvt=1000&p=108,315,358,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230419&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=4217552496&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682105516733&rpt=1901&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:31:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
metrics
api.permutive.com/v2.0/internal/
2 B
37 B
XHR
General
Full URL
https://api.permutive.com/v2.0/internal/metrics?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 21 Apr 2023 19:32:00 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
content-type
text/plain;charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
recirculation.php
events.newsroom.bi/
12 B
713 B
XHR
General
Full URL
https://events.newsroom.bi/recirculation.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.144.218 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy04.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash
a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:32:00 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
12
envelope
lexicon.33across.com/v1/
49 B
247 B
XHR
General
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a0000344KfnAAE&gdpr=0&src=pbjs&ver=7.40.0
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Apr 2023 19:32:00 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://o.canada.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
async_usersync.html
acdn.adnxs.com/dmp/ Frame 38AC
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://o.canada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
44252
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 21 Apr 2023 19:32:00 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 29 Mar 2023 07:13:44 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
3345, 399427
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220042-HHN
X-Timer
S1682105520.491156,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame D012
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://o.canada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 21 Apr 2023 19:32:00 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame C62B
0
91 B
Document
General
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Fri, 21 Apr 2023 19:32:00 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CEEE
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.228.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-228-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://o.canada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=47336
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 21 Apr 2023 19:32:00 GMT
expires
Sat, 22 Apr 2023 08:40:56 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 8C66
3 KB
1 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://o.canada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
216
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7bb80cee7b3d9b7d-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 19:32:00 GMT
expires
Fri, 21 Apr 2023 23:32:00 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
p
sb.scorecardresearch.com/
43 B
298 B
Image
General
Full URL
https://sb.scorecardresearch.com/p?c1=19&c2=10276888&ns_ap_an=unknown&ns_ap_pn=js&ns_ap_pv=5&c12=_&name=foreground&ns_ap_ec=1&ns_ap_ev=start&ns_ap_device=Win32&ns_ap_id=1682105520403&ns_ap_csf=1&ns_ap_bi=unknown&ns_ap_pfm=webbrowser&ns_ap_pfv=Chrome%20112.0.5615.121&ns_ap_ver=unknown&ns_ap_sv=7.7.0%2B211006&ns_ap_bv=7.7.0%2B211006&ns_ap_smv=6.4&ns_type=view&ns_ap_gs=1682105515401&ns_ts=1682105515400&ns_ap_cfg=1110101-110-3C-7D0-A-1F-1E-1E-12C-A&ns_ap_env=0-0-2&ns_ap_ut=60000&ns_ap_ar=unknown&ns_ap_cs=1&ns_ap_fg=1&ns_ap_dft=0&ns_ap_dbt=0&ns_ap_dit=0&ns_ap_as=1&ns_ap_das=0&ns_ap_usage=0&ns_radio=unknown&ns_ap_install=1682105515401&ns_ap_ft=0&ns_ap_bt=0&ns_ap_it=0&ns_ap_res=1600x1200&ns_ap_sd=1600x1200&ns_ap_po=0x0&ns_ap_lang=en-US&ns_ap_jb=unknown&ns_c=UTF-8&c7=https%3A%2F%2Fo.canada.com%2F&c8=Canada.Com%20%7C%20Homepage%20%7C%20Canada.Com&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:32:00 GMT
via
1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
lUahcgi7ApFwivMBpkMbv2NJz2TihuditdFjTp1bzDBKxANSFYtlmQ==
usermatch
ssum-sec.casalemedia.com/ Frame CA32
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
2 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
1e9d4a550a265cc3f2ed6db92999a819176bde58858c2b7b462e8b6c99d52c41

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1818
Content-Type
text/html
Date
Fri, 21 Apr 2023 19:32:00 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Fri, 21 Apr 2023 19:32:00 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usync.js
eus.rubiconproject.com/ Frame D012
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
59a4db763b675f31982d935341ab6a6908ba1ad790b149084a83586b9859540a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 19:32:00 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2023 04:24:15 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=31935
Connection
keep-alive
Content-Length
10019
Expires
Sat, 22 Apr 2023 04:24:15 GMT
async_usersync
ib.adnxs.com/ Frame 38AC
0
857 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 19:32:00 GMT
AN-X-Request-Uuid
a4f0b1db-39f8-4659-9807-27bc0b7f8548
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.109; 80.255.7.109; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame CEEE
2 KB
3 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=87279301&p=160305&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
7fe6fce06ebf2fd34dc2f3bb581307b60fdf34d9c20bc15d6260e838dd8bb0fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 19:31:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
crum
dsum-sec.casalemedia.com/ Frame CA32
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZELksA.3e0pjjxt25pWo7AAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPOUNP_PGOwxHbE6yYwCUTs&google_cver=1&google_hm=2
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPOUNP_PGOwxHbE6yYwCUTs&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 19:32:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:32:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPOUNP_PGOwxHbE6yYwCUTs&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame CA32
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZELksA-3e0pjjxt25pWo7AAABKIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGwuk2MsBlZPoThVgbim_6Q&google_cver=1
43 B
766 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGwuk2MsBlZPoThVgbim_6Q&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 19:32:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:32:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGwuk2MsBlZPoThVgbim_6Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame CA32
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZELksA-3e0pjjxt25pWo7AAABKIAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZELksA-3e0pjjxt25pWo7AAABKIAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZELksA-3e0pjjxt25pWo7AAABKIAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 19:32:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VHED4RYA0BGK4G0EYPH8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 19:32:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AS5ECQTMKTSNK7J1D9CW
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZELksA-3e0pjjxt25pWo7AAABKIAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame CA32
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 21 Apr 2023 19:32:00 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rum
dsum-sec.casalemedia.com/ Frame CA32
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=84561b8a-6c3b-7772-53fafe6f
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=84561b8a-6c3b-7772-53fafe6f
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 19:32:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

date
Fri, 21 Apr 2023 19:32:00 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=84561b8a-6c3b-7772-53fafe6f
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
sync
ssbsync.smartadserver.com/api/ Frame CA32
0
45 B
Image
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:32:00 GMT
content-length
0
crum
dsum-sec.casalemedia.com/ Frame CA32
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 19:32:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma
no-cache
Date
Fri, 21 Apr 2023 19:32:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame CA32
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=NLl5g8Yo1PPWuc5
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=NLl5g8Yo1PPWuc5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 19:32:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 19:32:00 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-775-g5f74e41#rel-ec2-master i-0a06c616171ab44f5@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=NLl5g8Yo1PPWuc5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame CA32
43 B
353 B
Image
General
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZELksA.3e0pjjxt25pWo7AAA%261186
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:32:00 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
30344
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7bb80cf0d8a19b67-FRA
content-length
43
expires
Sat, 22 Apr 2023 19:32:00 GMT
tap.php
pixel.rubiconproject.com/ Frame D012
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOpjzKybmJHFKr3fabknGqg&google_cver=1
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOpjzKybmJHFKr3fabknGqg&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:32:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOpjzKybmJHFKr3fabknGqg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame D012
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/vOVk0fB279UeXUTiItjk3cn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-znViMXlE2oIsVurdvmmdMTUF.fIOE5eGKRHItg--~A
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-znViMXlE2oIsVurdvmmdMTUF.fIOE5eGKRHItg--~A
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 21 Apr 2023 19:32:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-znViMXlE2oIsVurdvmmdMTUF.fIOE5eGKRHItg--~A
content-length
0
setuid
px.ads.linkedin.com/ Frame D012
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGQY6Y4S-1D-JRP3
0
647 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGQY6Y4S-1D-JRP3
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:32:00 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: A58DD682DDF84BFA8BE40C252AFA4B5E Ref B: FRAEDGE1318 Ref C: 2023-04-21T19:32:01Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX53bYQEHqMLDJDYAb9eA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGQY6Y4S-1D-JRP3
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame D012
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 21 Apr 2023 19:32:00 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame D012
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDcxM2FhNTgyNzVjYzViOGUwOGIwNzUxYWFiNDA1MTI5MWRmNmQzMw
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDcxM2FhNTgyNzVjYzViOGUwOGIwNzUxYWFiNDA1MTI5MWRmNmQzMw
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:32:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDcxM2FhNTgyNzVjYzViOGUwOGIwNzUxYWFiNDA1MTI5MWRmNmQzMw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame D012
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEdRWTZZNFMtMUQtSlJQMw==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEC8CbuZ9zo7iXFy1G1iDIUg&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdRWTZZNFMtMUQtSlJQMw==&google_push=
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdRWTZZNFMtMUQtSlJQMw==&google_push=
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:32:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdRWTZZNFMtMUQtSlJQMw==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
Expires
0
ecm3
s.amazon-adsystem.com/ Frame D012
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Y_oYmx6IRhCkZd33yeLWSQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Y_oYmx6IRhCkZd33yeLWSQ
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Y_oYmx6IRhCkZd33yeLWSQ
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 19:32:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
C6WRFZYBKDHAT1EPEDEQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Y_oYmx6IRhCkZd33yeLWSQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame D012
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=sZVLYsbjR3aekZp4YK9v9A&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=sZVLYsbjR3aekZp4YK9v9A
43 B
479 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=sZVLYsbjR3aekZp4YK9v9A
Protocol
HTTP/1.1
Server
52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 19:32:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ES9X2ZKTKHYVGW2AQEK9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=sZVLYsbjR3aekZp4YK9v9A
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 11F8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:45906442-e4ad-4a00-a9c9-deea8528581a&gdpr=0&gdpr_consent=
42 B
324 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:45906442-e4ad-4a00-a9c9-deea8528581a&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 21 Apr 2023 19:32:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 21 Apr 2023 19:32:01 GMT
Expires
Fri, 21 Apr 2023 19:32:00 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 830 785530e master cdg-pixel-x26 config_version:"unknown"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:45906442-e4ad-4a00-a9c9-deea8528581a&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame EDAB
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5077674839012819457
42 B
195 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5077674839012819457
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 21 Apr 2023 19:32:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5077674839012819457
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame A7A8
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://widget.eu.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybac...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 21 Apr 2023 19:32:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Fri, 21 Apr 2023 19:32:01 GMT
expires
Fri, 21 Apr 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1902264
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame 3503
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559727366041940
42 B
195 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559727366041940
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 21 Apr 2023 19:32:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Fri, 21 Apr 2023 19:32:01 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559727366041940
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
Pug
image2.pubmatic.com/AdServer/ Frame B9F9
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=JgoPAHUKWQI9Ww8BKQsWBiAIAlc9DAlUIlghrpmk
42 B
418 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=JgoPAHUKWQI9Ww8BKQsWBiAIAlc9DAlUIlghrpmk
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 21 Apr 2023 19:32:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Fri, 21 Apr 2023 19:32:00 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=JgoPAHUKWQI9Ww8BKQsWBiAIAlc9DAlUIlghrpmk
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CEEE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tiMnrcfyTUiyTJ7WRuMV0g%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
4 KB
4 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Server
2.19.228.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-228-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:32:00 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=47336
accept-ranges
bytes
content-length
5554
expires
Sat, 22 Apr 2023 08:40:56 GMT

Redirect headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:32:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame CEEE
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=B62327AD-C7F2-4D48-B24C-9ED646E315D2&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.240.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-240-52.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:32:00 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.2.9
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame CEEE
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2681491014
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=B62327AD-C7F2-4D48-B24C-9ED646E315D2
0
284 B
Image
General
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=B62327AD-C7F2-4D48-B24C-9ED646E315D2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:32:01 GMT
via
1.1 google
last-modified
Fri, 21 Apr 2023 19:32:01 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=B62327AD-C7F2-4D48-B24C-9ED646E315D2
date
Fri, 21 Apr 2023 19:32:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame CEEE
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=B62327AD-C7F2-4D48-B24C-9ED646E315D2
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZmxpRmFxa0tZWFZTbzJXR0FObDJ6Wkx0dw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=2195365206489049563&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B
Image
General
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
HTTP/1.1
Server
52.5.106.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-106-217.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 19:32:01 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 21 Apr 2023 19:32:01 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame CEEE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjYyMzI3QUQtQzdGMi00RDQ4LUIyNEMtOUVENjQ2RTMxNUQy&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 21 Apr 2023 19:32:00 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:32:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame CEEE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELurCMTCuG1xQ-97AHRxdYA&google_cver=1
42 B
529 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELurCMTCuG1xQ-97AHRxdYA&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 21 Apr 2023 19:31:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:32:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELurCMTCuG1xQ-97AHRxdYA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame CEEE
43 B
612 B
Image
General
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:32:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 20 Apr 2023 19:32:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame CEEE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2195365206489049563
42 B
472 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2195365206489049563
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 21 Apr 2023 19:32:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:32:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2195365206489049563
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame CEEE
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 21 Apr 2023 19:32:00 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
recirculation.php
events.newsroom.bi/
12 B
713 B
XHR
General
Full URL
https://events.newsroom.bi/recirculation.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.144.218 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy04.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash
a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:32:01 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
12
async_usersync
ib.adnxs.com/ Frame 38AC
0
857 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 19:32:01 GMT
AN-X-Request-Uuid
65557577-bc88-40ae-9f40-34a6fd73e90f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.109; 80.255.7.109; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
collect
region1.analytics.google.com/g/
0
54 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-CBS6P3K53Q&gtm=45je34j0&_p=577896869&cid=1219204526.1682105516&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=3&dl=https%3A%2F%2Fo.canada.com%2F&sid=1682105516&sct=1&seg=1&dt=Canada.Com%20%7C%20Homepage%20%7C%20Canada.Com&en=page_view&ep.debug_mode=false&ep.gtm_version=49&ep.gtm_container_id=GTM-P3Q4QHW&ep.ad_blocker_enabled=false&ep.user_status=anonymous&ep.page_type=index&ep.session_uuid=3ED21F30-87B9-420C-C064-F692F560576B&ep.platform=Cheetah&ep.platform_version=13.3.0&ep.fem_version=v79.3&ep.mp_id=1002713992352102186&ep.brand=canada.com&ep.timestamp=2023-04-21T19%3A31%3A57.009%2B00%3A00&ep.ga_client_id=1219204526.1682105516&ep.main_category=index&ep.metered_content=false&_et=49&up.mp_id=1002713992352102186&up.client_id=1219204526.1682105516
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CBS6P3K53Q&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:32:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://o.canada.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/
43 B
222 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=3b2e40f6-bc33-3abb-2a7d-973668b42f32&tv=%7Bc:arWSzf,pingTime:5,time:5266,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:250%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5266,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:250,wc:0.0.1600.1200,ac:315.108.970.250,am:i,cc:315.108.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5027~100%5D,as:%5B5027~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:137,fm:tC5NkbJ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.928934%7C181%7C182%7C19.928934%7C191,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:251,sis:396%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:7b32:ecc:3bb3:8669 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 19:32:02 GMT
server
nginx
x-server-name
ip-10-31-7-207.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
multimedia.php
events.newsroom.bi/
12 B
0
Fetch
General
Full URL
https://events.newsroom.bi/multimedia.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/406ca262f66ac066b3a5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.144.218 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy04.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 19:32:02 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
12
SPug
simage4.pubmatic.com/AdServer/ Frame CEEE
0
260 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160305&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:32:01 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Verdicts & Comments Add Verdict or Comment

137 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 boolean| credentialless function| setNptTechAdblockerCookie object| script object| LRNameSpace object| LoginRadiusDefaults function| LoginRadiusUtility function| LoginRadiusApiFramework function| setLoginRadiusDefaultSchema function| setLoginRadiusModuleFunctions function| LoginRadiusHooksModel function| SetLoginRadiusCommonFunctions function| LoginRadiusControllers function| LoginRadiusV2 function| FormValidator object| hash object| modern_script_elem object| legacy_script_elem object| ytAdTargetingLoadEvent function| script_onload string| locSrc object| ytVideoAdTargetingConfig object| webpackJsonpFrontEndModules object| tp object| FrontEndModules object| googletag object| permutive object| apstag object| pbjs object| ggeac object| google_tag_data object| google_js_reporting_queue object| headertag object| Criteo function| headertag_render function| sovrn_render object| pbjsChunk object| _pbjsGlobals object| webpackChunkdjango_content_services object| BlockAdBlock object| blockAdBlock boolean| apstagLOADED object| apscustom object| _aps undefined| google_measure_js_timing object| __iasPET object| diagPixSentCodes object| __iasAdRefreshConfig object| __permutive object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_135 object| Criteo_135 object| Sailthru string| iasScores object| PublisherCommonId object| ns_ object| jwDefaults object| webpackChunkjwplayer function| jwplayer object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| GoogleGcLKhOms object| vf object| vfQ object| dataLayer object| mParticle object| gtm_data_layer object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| closure_lm_956093 object| COMSCORE object| _comscore object| google_tag_manager object| mpOneTrustKit object| GoogleTagManagerKit function| OptanonWrapper object| dl_mparticle object| mp_data_layer object| _vfP boolean| vfLoaded function| setImmediate function| clearImmediate object| viafoura object| cast object| closure_lm_45042 string| GoogleAnalyticsObject function| ga function| e function| t object| marfeel function| fbq function| _fbq object| PARSELY function| autotrack function| gtag function| onYouTubeIframeAPIReady object| __connect object| gaplugins object| gaData function| _ga_originalSendHitTask function| _typeof object| google_image_requests object| webpackChunk_marfeel_marfeel_sdk object| __mrfCompass object| __IntegralASExec number| lnt_z

89 Cookies

Domain/Path Name / Value
o.canada.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.canada.com/ Name: pbjs_sharedId
Value: 2761ed64-1062-4942-a3d7-8195063f218a
.canada.com/ Name: permutive-id
Value: e2301df0-f692-496c-a1a4-8e9ba98652f2
.liadm.com/ Name: lidid
Value: 5c1dab7b-74fd-4a73-8f7c-1ef74c2e5e33
o.canada.com/ Name: political-ad-opt-out
Value: {"data":false,"exp":604800000,"ts":1682105514963,"mac":389168994}
o.canada.com/ Name: sailthru_pageviews
Value: 1
.23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/ Name: pxid
Value: 72466ff1-9345-40fa-8512-a36c852dd423
o.canada.com/ Name: __adblocker
Value: false
.doubleclick.net/ Name: IDE
Value: AHWqTUltCVqAh1K_IhYqH4GR5sryW_QSysYY6AYbN3WkXX6XP4BFRDnOLK6Pp3cilgc
.rubiconproject.com/ Name: khaos
Value: LGQY6Y4S-1D-JRP3
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qp8ZaVhFTCevQNb0fGVcfL/XWaA1sYWTLG+SmvwaNDOnoeg2yw1vjlhB6NGWVotE2BymPvo8pleP2bDzJ4tek1PjSjwqiqHOTs=
.adnxs.com/ Name: icu
Value: ChgIh71PEAoYASABKAEwq8mLogY4AUABSAEQq8mLogYYAA..
.adnxs.com/ Name: uuid2
Value: 9053532663770077280
o.canada.com/ Name: sailthru_content
Value: e0e63ee57f02752e397065170b7057a9
o.canada.com/ Name: sailthru_visitor
Value: fbf599fc-a185-404b-8c30-7a8c50446bc6
.yahoo.com/ Name: A3
Value: d=AQABBKvkQmQCEHjsIYvaGk0-5Rd6JIESeGEFEgEBAQE2RGRMZAAAAAAA_eMAAA&S=AQAAAiJ8WUHC9bM1DV4qsAx4oow
.criteo.com/ Name: uid
Value: e3f7c10b-e477-47c5-9f7e-a25824bff11a
o.canada.com/ Name: x-id
Value: {"data":{"adLight":false,"id":"4z0rnm66iwgp749i3234kyrb2ecp21xro1kedftudb","updated":1682105516257},"exp":604800000,"ts":1682105516257,"mac":403328003}
fem.gprod.postmedia.digital/ Name: x-id
Value: {"data":{"adLight":false,"id":"4z0rnm66iwgp749i3234kyrb2ecp21xro1kedftudb","updated":1682105516257},"exp":604800000,"ts":1682105516266,"mac":403328933}
.canada.com/ Name: cto_bundle
Value: HY7kzl9kMzNHS1VpbGxBcHRZRUsyazhhUjlRQUV3V1pxaUxIUWlvR0o1c2hyRVd4UGkxRjZVc2l3azRuU2RObmJpTDdvNVNlJTJCa0Jrd0RiNTE1M0ZTano5WUxMMFIlMkY3dTVSTnRDQ2Nsb2hMS3clMkJ4c0xqbkJGWTRqMUNFUVBjdTlzb3Rpd3RIaHFWQVIxSjZ6cFdqQUloYTRoUFElM0QlM0Q
.canada.com/ Name: __gads
Value: ID=f95704896f47821c:T=1682105515:S=ALNI_MYzOha_RkipAmk-uj-KimO9iNF3cw
.canada.com/ Name: __gpi
Value: UID=00000c06da006b99:T=1682105515:RT=1682105515:S=ALNI_MYvZSjbWuHOYADEQQjmS8BzHlDxIA
.mathtag.com/ Name: uuid
Value: 45906442-e4ad-4a00-a9c9-deea8528581a
.canada.com/ Name: _ga_CBS6P3K53Q
Value: GS1.1.1682105516.1.1.1682105517.59.0.0
.canada.com/ Name: _ga
Value: GA1.2.1219204526.1682105516
.canada.com/ Name: _gid
Value: GA1.2.1866035120.1682105517
.canada.com/ Name: _gat_UA-213173459-10
Value: 1
.canada.com/ Name: _gat_UA-138335866-21
Value: 1
.canada.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://o.canada.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1682105517074%2C%22slts%22:0}
.canada.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=9df0bd56-a353-471e-9870-75d5e970d4ba%22%2C%22session_count%22:1%2C%22last_session_ts%22:1682105517074}
.canada.com/ Name: ___nrbic
Value: %7B%22previousVisit%22%3A1682105517%2C%22currentVisitStarted%22%3A1682105517%2C%22sessionId%22%3A%22002e1c42-3152-4b01-90c6-fde7fe4c413a%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//o.canada.com/%22%2C%22referrer%22%3A%22%22%7D
.canada.com/ Name: ___nrbi
Value: %7B%22firstVisit%22%3A1682105517%2C%22userId%22%3A%224fb14997-e9a0-424a-856b-64c6d2ed13d8%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1682105517%2C%22timesVisited%22%3A1%7D
.canada.com/ Name: compass_uid
Value: 4fb14997-e9a0-424a-856b-64c6d2ed13d8
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 933e4c024f279d90
.canada.com/ Name: mprtcl-v4_4662F03F
Value: {'gs':{'ie':1|'dt':'us1-99b65fde89a1a145894d2d51d283cc83'|'av':'1.0.0'|'cgid':'94d20032-ae40-4e0c-0254-c05f0fe04086'|'das':'60e440ae-d230-4ac6-a91c-4dc7ecbfe25c'|'csm':'WyIxMDAyNzEzOTkyMzUyMTAyMTg2Il0='|'sid':'3ED21F30-87B9-420C-C064-F692F560576B'|'les':1682105517187|'ssd':1682105516508}|'l':1|'1002713992352102186':{'fst':1682105516923|'ui':'eyIwIjoiNHowcm5tNjZpd2dwNzQ5aTMyMzRreXJiMmVjcDIxeHJvMWtlZGZ0dWRiIn0='}|'cu':'1002713992352102186'}
events.newsroom.bi/ Name: 1528_u
Value: 4fb14997-e9a0-424a-856b-64c6d2ed13d8
events.newsroom.bi/ Name: 1528_lv
Value: null
events.newsroom.bi/ Name: 1528_ut
Value: 0
.viafoura.co/ Name: VfSess
Value: o82fgurptbtfsjg8o80pma055e
.viafoura.co/ Name: vfThirdpartyCookiesEnabled
Value: true
.retailads.net/ Name: ppb2172
Value: 2628011022
o.canada.com/ Name: _vfz
Value: o%2Ecanada%2Ecom.00000000-0000-4000-8000-90e188e7f27f.1682105518.1.medium=direct|source=|sharer_uuid=|terms=
.canada.com/ Name: _vfa
Value: o%2Ecanada%2Ecom.00000000-0000-4000-8000-90e188e7f27f.e0239a69-c0bc-46d1-87b8-90ed728d6ddf.1682105518.1682105518.1682105518.1
.canada.com/ Name: _vfb
Value: o%2Ecanada%2Ecom.00000000-0000-4000-8000-90e188e7f27f.2..1682105518....
.canada.com/ Name: _fbp
Value: fb.1.1682105517610.400275295
.awin1.com/ Name: awpv11830
Value: 296283|1682105517|2e056c60-e07b-11ed-afd4-223664211a24
.awin1.com/ Name: awpv22610
Value: 296283|1682105517|2e04d020-e07b-11ed-89a2-223974343f8d
.awin1.com/ Name: AWSESS
Value: 408799:2874697
.office-partner.de/ Name: source
Value: {"webgains_webgains":{"timestamp":1682105517698,"clickCookie":false}}
.futalis.de/ Name: raSIDb
Value: 2628011022
.viafoura.co/ Name: vfDeviceId
Value: 28933d9f-cadb-4398-b932-1a6da9d77fb9
.casalemedia.com/ Name: CMID
Value: ZELksA.3e0pjjxt25pWo7AAA
.casalemedia.com/ Name: CMPS
Value: 1186
.casalemedia.com/ Name: CMPRO
Value: 1186
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: B62327AD-C7F2-4D48-B24C-9ED646E315D2
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 160305:2
.pubmatic.com/ Name: DPSync3
Value: 1683244800%3A241_235_201_245
.pubmatic.com/ Name: SyncRTB3
Value: 1683331200%3A35%7C1683244800%3A21_161_56_8_220_13_7_46_54
.w55c.net/ Name: wfivefivec
Value: NLl5g8Yo1PPWuc5
.w55c.net/ Name: matchcasale
Value: 5
.brand-display.com/ Name: _knxq_
Value: 84561b8a-6c3b-7772-53fafe6f.1682105520.0.1682105520.1682105520
.adform.net/ Name: C
Value: 1
.quantserve.com/ Name: d
Value: EI8BCwHnKPijAA
.quantserve.com/ Name: mc
Value: 6442e4b0-e4395-4069e-22f2f
.weborama.fr/ Name: AFFICHE_W
Value: kXqdMjQckyOR95
.simpli.fi/ Name: suid
Value: F08F0394B2AC4DF395CCCAE3B2F6514A
.de17a.com/ Name: guid
Value: 1.5077674839012819457
.adform.net/ Name: uid
Value: 2195365206489049563
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESELurCMTCuG1xQ-97AHRxdYA&KRTB&16514-CAESELurCMTCuG1xQ-97AHRxdYA&KRTB&23025-CAESELurCMTCuG1xQ-97AHRxdYA&KRTB&23386-CAESELurCMTCuG1xQ-97AHRxdYA
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-JgoPAHUKWQI9Ww8BKQsWBiAIAlc9DAlUIlghrpmk&KRTB&19420-JgoPAHUKWQI9Ww8BKQsWBiAIAlc9DAlUIlghrpmk&KRTB&22979-JgoPAHUKWQI9Ww8BKQsWBiAIAlc9DAlUIlghrpmk&KRTB&23462-JgoPAHUKWQI9Ww8BKQsWBiAIAlc9DAlUIlghrpmk
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3Mjc2MzMwMbQ0MRDiM9QNKyqP8Cs01y0uL3YBANRJSswlAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmFkaGBqCiSMDQE_XWgXEAAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3Mjc2MzMwMbQ0MRDiM9QNKyqP8Cs01y0uL3YBANRJSswlAAAA
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-5077674839012819457
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5108559727366041940
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-2195365206489049563&KRTB&23263-2195365206489049563&KRTB&23481-2195365206489049563
.pubmatic.com/ Name: PugT
Value: 1682105521
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:45906442-e4ad-4a00-a9c9-deea8528581a&KRTB&16736-uid:45906442-e4ad-4a00-a9c9-deea8528581a&KRTB&23019-uid:45906442-e4ad-4a00-a9c9-deea8528581a&KRTB&23114-uid:45906442-e4ad-4a00-a9c9-deea8528581a
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.linkedin.com/ Name: bcookie
Value: "v=2&b31ba24d-f0b7-4ef6-8fbb-2eb3cc4a62d9"
.linkedin.com/ Name: li_gc
Value: MTswOzE2ODIxMDU1MjE7MjswMjFhqsMd6IpP0gWdWSvKi6qkumWQozsb32hd/t/RemIFuA==
.linkedin.com/ Name: lidc
Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2576:u=1:x=1:i=1682105521:t=1682191921:v=2:sig=AQFPEqv1I8BtbeXp9kZZkmFFGkAMokfx"
.audrte.com/ Name: arcki2
Value: fliFaqkKYXVSo2WGANl2zZLtw!20220908!1682105521258!ip#80.255.7.109
.audrte.com/ Name: arcki2_pubmatic
Value: B62327AD-C7F2-4D48-B24C-9ED646E315D2!20220908!1682105521261
.amazon-adsystem.com/ Name: ad-id
Value: A3T6UBiZQEz2jYfmWR63lds
.audrte.com/ Name: arcki2_ddp2
Value: fliFaqkKYXVSo2WGANl2zZLtw!20220908!1682105521448
.audrte.com/ Name: arcki2_adform
Value: 2195365206489049563!20220908!1682105521639

3 Console Messages

Source Level URL
Text
rendering warning URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js(Line 9)
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 466)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=B62327AD-C7F2-4D48-B24C-9ED646E315D2&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co
8019191.fls.doubleclick.net
8365c3be5f302f2ff3c8b4c0c178bb69.safeframe.googlesyndication.com
a.audrte.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ads.pubmatic.com
ads.rubiconproject.com
adservice.google.com
adservice.google.de
adv.office-partner.de
ak.sail-horizon.com
ams3-ib.adnxs.com
analytics.webgains.io
ap.lijit.com
api.permutive.com
api.sail-personalize.com
api.viafoura.co
api.webgains.io
as-sec.casalemedia.com
assets-jpcust.jwpsrv.com
auth.lrcontent.com
b1sync.zemanta.com
bidder.criteo.com
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
c2shb.ssp.yahoo.com
canada.com
cdn.adnxs.com
cdn.adsafeprotected.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.jwplayer.com
cdn.parsely.com
cdn.permutive.com
cdn.retailads.net
cdn.track.production.webgains.team
cdn.viafoura.net
cm.g.doubleclick.net
cms.quantserve.com
compassdata.mrf.io
config.lrcontent.com
connect.facebook.net
cr.frontend.weborama.fr
d5p.de17a.com
dcs-static.gprod.postmedia.digital
dis.criteo.com
dmp.adform.net
dmp.brand-display.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
entitlements.jwplayer.com
eus.rubiconproject.com
events.newsroom.bi
fastlane.rubiconproject.com
fem.gprod.postmedia.digital
fonts.googleapis.com
fonts.gstatic.com
futalis.de
get.s-onetag.com
googlesync.permutive.com
gum.criteo.com
hal9000.redintelligence.net
hal900029.redintelligence.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.viafoura.co
ib.adnxs.com
identity.mparticle.com
idsync.frontend.weborama.fr
idx.liadm.com
image2.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
js-sec.indexww.com
jssdkcdns.mparticle.com
jssdks.mparticle.com
lexicon.33across.com
match.adsrvr.org
micro.rubiconproject.com
mug.criteo.com
o.canada.com
onetag-geo.s-onetag.com
p.rfihub.com
p1.parsely.com
pagead2.googlesyndication.com
ping-meta-prd.jwpltx.com
pixel.adsafeprotected.com
pixel.mathtag.com
pixel.rubiconproject.com
pm.w55c.net
postmedia-d.openx.net
postmedia.hub.loginradius.com
pr-bh.ybp.yahoo.com
prd.jwpltx.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
px.ads.linkedin.com
region1.analytics.google.com
s.amazon-adsystem.com
s0.2mdn.net
sb.scorecardresearch.com
sdk.mrf.io
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
simage2.pubmatic.com
simage4.pubmatic.com
smartcdn.gprod.postmedia.digital
ssbsync.smartadserver.com
ssl.p.jwpcdn.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
storage.googleapis.com
sync.crwdcntrl.net
sync.mathtag.com
tags.mathtag.com
token.rubiconproject.com
tpc.googlesyndication.com
track.webgains.com
u.openx.net
um.simpli.fi
videos-cloudfront.jwpsrv.com
widget.eu.criteo.com
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.npttech.com
104.18.10.47
104.18.11.47
104.18.24.185
104.19.149.54
104.85.47.224
104.98.130.104
13.225.78.96
13.32.106.197
13.32.99.105
138.201.64.38
142.250.184.198
142.250.185.194
143.204.89.74
151.101.65.108
152.199.22.243
162.55.144.218
167.233.14.134
178.250.1.9
18.133.81.67
18.156.195.47
18.160.82.73
18.168.48.81
18.185.12.185
18.66.100.58
18.66.112.32
18.66.112.84
18.66.147.120
185.29.134.244
185.29.134.245
185.64.189.110
185.64.189.112
185.64.190.78
185.64.190.80
185.80.39.216
185.86.139.94
185.89.210.141
185.89.210.212
193.0.160.131
198.47.127.20
2.18.233.201
2.19.228.187
2.20.217.188
2001:4860:4802:32::36
2001:4860:4802:36::178
213.155.156.181
216.52.2.91
23.35.236.188
23.37.42.132
2600:1901:0:8344::
2600:1f18:1aca:4282:7b32:ecc:3bb3:8669
2600:1f18:44f0:4846:b2d5:abb3:78ee:3922
2600:9000:223c:6c00:8:2ae1:d740:93a1
2600:9000:223f:b600:8:48e:53c0:93a1
2600:9000:225e:7a00:1:a3fa:7cc0:93a1
2600:9000:2491:5600:3:37c9:30c0:93a1
2602:803:c003:200::51
2606:4700:10::6816:48e8
2606:4700:10::6816:49e8
2606:4700:3033::6815:325a
2606:4700::6810:5814
2606:4700::6812:af
2606:4700:e0::ac40:650c
2620:100:a005::17
2620:100:a005::6
2620:116:800d:21:7eb1:3826:be7e:d981
2620:1ec:21::14
2a00:1450:4001:800::200a
2a00:1450:4001:806::2001
2a00:1450:4001:80b::2006
2a00:1450:4001:80b::2010
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:827::2008
2a00:1450:4001:828::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:400c:c0b::9a
2a01:4f8:d0a:2321::2
2a02:2638:3::c
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f128:181:face:b00c:0:25de
2a04:4e42:400::626
2a04:4e42:600::645
2a04:4e42::645
2a05:d018:d29:3605:a683:f440:187e:f470
2a0b:4d07:102::1
3.33.220.150
34.107.254.252
34.111.129.221
34.111.131.239
34.111.151.213
34.111.249.109
34.111.67.160
34.117.54.29
34.149.157.221
34.204.208.84
34.98.64.218
35.156.216.158
35.204.74.118
35.241.9.51
37.157.4.41
52.1.40.206
52.46.151.131
52.5.106.217
52.57.125.56
52.94.220.185
54.162.11.97
54.246.240.52
63.34.81.234
65.9.66.33
69.173.144.138
69.173.144.165
70.42.32.255
74.119.118.138
74.119.118.149
88.99.219.174
99.81.135.85
99.83.154.140
99.86.4.53
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
01eca4a441fa8a9ef085e41c69e198952f7530644fbc3d1ff093545c7864d1d7
0387da9010261ab4e5bef6194af94474a9228a6afdb73223e8778d1d6d994e39
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07b8cd5004bef57df6f470ccbd907dc46dcb1b76148166b41bdc0ac225e0bb46
082812e87cfbb7d95e05ca4f1af9cf93b90d60b2642b171a1439be9df16d0466
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
092cd9c4826b6efb6273c803188196fd09f420563712dea4adcecb61a26fc83b
095020de02654e91b936ce6663eb744166ad3121db61e1c35d10ee2e06bd70de
0992f9c1d5f638b715628fb17069a252835a0b3435467945eed579dcb660d817
0ae8b5909646db07cd9c2f9fe853a20e1801b47700c5ba88f78dfa14bd3d3b3c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c34ddb0391d36e510f59648df20c9fd53fc36411368fc82e1a9476c60cc9da7
0e5a5431b1a7bfecbf681243556f01b3e0e2b02e8621d7366a1d63804edb1052
0e72d013e79451e4b8a4921419dea75533763d65651fbe75275aa6a5d3acf229
0ffafb73246f5e2d8087021e2e09ab3c9e2be03bb4124667b9f9287d7288bb39
15f83050cc6ec90d6b548db10f3b2363dfce0ff8ac93c3c0cd65020b5a482a3f
1607b4bc492c7ef6f107c44882616ff245d777bf7399a97eacd5de718da9d6c8
17088c608eae712ec37c502e772852ef73c9e5f32c8f9f261621bcde5830433c
177ef68b60dfcce3948991f1f84d80ee162561ae67c2282faef41db6eb4e0c42
179c0c99d595565aea4c66ba49828fe6012a209f2403ed128ed62c67386c930e
179c493864283938999b1e6cfb14839f78f9b25d1ec30faabbf9ea18216b23e5
1819c90878c447095a2185503ea2f26d5cfb9e088b989062e3ad845a2c369272
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19857629e139501e0746c61584a3b5bfeff6441b18ea0185147570abe9a0c7a5
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d02e97d2bc153f00c9cdd2f379a26e6dc7fd6c82aa5c14c0fdbc5b1d694f2de
1dc35beabaf0947ab51f16c8f8b2dadabedc7b6ac08836e9419d18c9badbf6b5
1e6ca03f49ae740f13907bf4d41cdcf922ae62284ac9a2b6d1c5846f1f9af4db
1e9d4a550a265cc3f2ed6db92999a819176bde58858c2b7b462e8b6c99d52c41
1f31bfbf8314cbefa674c26a79b2ae9c0bc7c685ae35226cb66c98fb4d5dfefc
1f8c46ca475f30c11e1db5fe45bbceb2ba37032e2f5e7bc551ac0a80ca56f7b4
219e9f67e1bbf2b76266a6180a3604deea56e0c5e1fd4d74095037d472b36afb
21ac25f1546e0756a9b2b8c5832d6a120653b60020b80aa69e15610a86c423d1
21ffdb412e26db2cf4fc4bfb9a659d314ea64a3c9f68221dc1cb2aa17afad118
22dc2818feac3faf2342b046e731e0f4911c76a254d6ef3231e90179bd0935f2
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
2474a9c4e71d383499ceb8ddbef2fb14db7eaf9d29c3b5277e42b7ba9f469622
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2741a76f8222fcac27cd53da970a385f9c0f0252f8bd440fdeed058dfdf10952
276b5244682738d09b1f2ea556faf7d6d967c844fa95c762c121a0957ebe4503
29f96d7dbf7a8ef4837454ec25f650ffae323bea3ec1782b50bc84532e3a97cc
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
2c470984efff845d5290f15d3a01552b4bff15c1e40a48c944233a5bc5f69539
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e35bf65da4693968ba63c8295b9dd40cb3fef34cf1ddeeafd8e79f4b80ae1ef
2f28c008f0ce667d697ccc95a07377e8562c0c28dd910f864724a265f75671e4
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f8463521fbf7fa7d2e84a203be60b42908057c9ecf4c5cf0323de73a6f282f4
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
3151e33d06603419c364949fc9d2644045fea83bd9580886fd5388cbff467e36
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
331944618efcd63257f48ea16e38dd7c5b04e0aa348dd6a9f6eabd4e9dcc8645
33eed00bcfb57f612fd7279735f1b7007f8dfc636c1ac62025acec15e8810775
34ab18ea385dc6969e61c4c5962dd735410c9840271412c480ff8fc959991da3
35334400bec8f4c230e7b91c17c4cc96e17caebb6e144bf43dab0e57c4cf90e5
35e5a8881e34365a13399b7c568c2427717401560f9b6b41fdb75f904718e2e4
36dd2e74c11b45f40f4c51151787ecf875dfe14601fec4a3240692ef2336544b
3765c827835b648cc260ae2d788cd5d099c3ccac31537d04964d526e5bff533f
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38e33cb66d9e6c0ebb591c68943277b0c0f243f3137490010da38c701d0304cc
3ac01602a680fd35035a37b390f16b13e3fdf151afbf8dbf0f820e5d8d2202b1
3acda166db3d17db93e3ac90837589684ce4635628dac43659fe0261dbc27e2b
3b9aa2938145da6c6e5d66e207a72840c1cf6f940c6f870e7c4ce1b90ec67c68
3c4b94a47215a3712f8e0c5060cb586cd2a5726a95fc12b4f38a6811381421b6
3cfa09fd8d0ccfa990f5b81e8fbc8c6f50a8ecc7f0260b89a567f5100741e9c4
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fde76cacc186420d0405496f66f9cd00a7c14a38a9ffa4b626a09affe83cc2a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44646e7a5577d1b30d00771cc79c7261dac30e52aab2cb237561aea959a9f0e9
457d8eb5038ac6145e6c6fef2106c06ec5a9fc3b34f45db27af66e5f9a06568e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
478d7db2012e97743162bb73dab95c045e3533bade97a2c0b0f435c2ebbeebe8
49262cbd305b40a32de0c41a27e4a5aafc65927c0b7f0e6163e0e5b3739eab85
4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859
4a41ecdd9d7d60c4335b95ece39b66da593a02af74149022fc5c592ab8743229
4a7a659a1b8a811f331f5b6fd5d0eed07a4ce6d43adbf7be275edeb526553b7a
4a92acdc96f84e778bb492f3fe59250e9a923bf3a7cc546f952262528a467b11
4ed96f3afeb45430fc1965604e45e7c97e3662fa7830782195a5fbad7ff3a459
521c60f0c979eeeabc2dcabee0d4ecdcc8c1c91e2654b4ea243d4957e4bd1ed1
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148
52873b49651559e5b6ad65ddc945885d34b94b379d12a3a860afa2b3eb40d867
530c33ffa7996b9705e59c73ab52e87c6095002e00615f1cf2e00ffe00d17cc6
5427e10c23520fbca480e8750c7e03dc2858eee594081879ea72a559bbd9fa81
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
575557369f8893b7c66413f52ba7add234ad1d4654fbfe2ce0931a5e7a6e5baa
581d258b926c1cb7d85cd813ab77712c0c7b0ab3c3efdbe98a8cec08a6674060
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59a4db763b675f31982d935341ab6a6908ba1ad790b149084a83586b9859540a
59c01d3a87aba7509f64488a639195961163184d682168eb9d587a0a6f801a9a
5a7a5314edb2dda052187abeb7e967f32485d1c7ad08c5f7cfcbdffe8d8bf36b
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5c99be41a3ecc8d28f4849c988b7a21dddd6ae501713598d3dd90816aeccb5a0
5ce69af4940a08ea9dd52a568fa32b839efa9a4f13114654959bfa8223819620
5ee034cfaa3960ab9dc1f583caa01241284658db37650ec94f7534ba895c3d05
5f59629d0412eb1ca4954f860d43a0ef971574859f7f71ff1c6670cef18ea3f5
604b9cf337c21d5ffee6265583dcb1ff9fc38cda8bfd50ac6925325f843a2375
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62c497767d55594e3b59c46d675754f0510e6494fe80e7afd99f343cc6e47900
6333459bbba841d16299dfee81d2019bf4b4133760e6b375168a4b4ce03a9079
6342cb9dc3c060e563089dfc844b2b9465b41b9701ef9c9b3493bcf564057e6e
63c80e333ec4cf5788615d26fbfd54ac5c3291cd01a7da6dfe6124b6b8d50b99
67d87e0c0c48649776175b5c581a896df462d1d241bbf73dcd31942cd53a8fbb
68a335c0d87dce935fee1811892070e78c514828d50bfe2ae21fde739ec1002c
690b71aed37c267ace5a4d55bee2b8c9c79b39d063e8be7d36c8d53491ee5a7e
6a64fe4ec075f42a46581e7c683dda8a1e9785914fa5caa3a833a57751ec8cd4
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6baac3ad71b0e139bb374ad569fb40f9316db512d4827f774d7349c70778b48e
6c5396da8d8457713b751b38bfacfbd1eafa4a70588e894bd96fa4b04bcfa78a
6d3061f28b0b38b1f437401c289b9cb3f0e5365533654aa6f3daff3f33ff9d8d
6e900b6f19f73c6310b8fe29e20e86f77fd63749f99b2fb36a23057c0171b79a
6e9ba075c98efb22256a5fc825dfc9607f1e0196538599d131ef9f2872fa7dde
6ef68379a69640d0c20a69c71426a5d0a49d1118dd9ecfeddbe81ba25c326bbc
70a656cfd60a4412d9fa2ebc58cce61685699e3e104743fbac5e440db942c22c
71953c2522ed53a92a0ccbc21a8c088f37d22ddb3eb571289637926768305f6f
723fcfc8e7b1bb228ec7a3e8786677486e620eee27dcf7eda3c91bb7d64821b5
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
74d949a4dda66c61f5be6df01a9b3c2b513021d12e148964869d504fad9ef024
76284052130997bbe259a8a591e8fbab0a165099b6b22df1b44ebf7ca21722ae
7907168dc2255877321693175558860b45a3eeecddd7665ad5b158d5a3de92f5
79905a8b70c5de153ebf267463fc2d6b8d1c737beb6c09d50fac5d61189300a6
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7
7bc65b9b935eee5be74ed156fd16e55e9bbfd127cd3341208e7d4fc64addc1cb
7ca568a4abd5b2d8ddb8b76f75e6f0cbc307d0019842f113ec4c5b0c44bf5cd2
7d31113d3a5c0016c1e52514ecaeda6b8879a5a23dd6fb67f1cb5bc008fb3f24
7f403f1af6606203ed4edced0e85b8146f830c4e61eb3ec17a19005760897a4a
7fe6fce06ebf2fd34dc2f3bb581307b60fdf34d9c20bc15d6260e838dd8bb0fc
7ffae9e2ad2e03f24be4dfe7a8c14b87cc82d5b56d26133a4bff995a9f94459b
8066031766ce3c5063073441845bad55e37eed9e6eff119ab846f552d250b091
818d74e31525630616a16da094b6daf345f6b384f71bc1d66c1c72646f668470
82022fa41d13a72f88952e3979f12660c6461738dc1d350ca529d2e37909972c
823f575059de9e8da4895298dac4bd323962d09d617e4aeae606f09536dc56e7
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
84877b8a1446370ea19d84090c1281f9b6cbf64ba0c7e355c0a42ab185c85cef
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86b27d5ac9d341e4b562d80f192c556dc8eb2893102461c14d052946de91bbfc
8c48b93cd82074f96dd39e8cf1460faf8bb2de243bd6c725d01f571330e377b3
8c5a33eaec1f774cc6795ae95883441e2b5a34794d5a7ac2780e3fd7e55a0544
8caeab78359986955e2826084c61cba11bc2c792be07f05e48fc3d6ef0132bc9
8cb06ab44ee02fd2719632262c2c4b2764676eb753710eb9ca99dd431a3099f5
8ce0f5ae7bee69ea6ce3ed3fb7cdcbb1b93d4a1935dde9ce1ca29abfe21235b4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f9164ffff3e5d74f9d77b54f93c97de53ad77dc53a0bbbdc109f79fd2afa865
904b15ed9306732c2de1d25708075fedb35400b625196c94003867d0c3196155
91eb404d7c8309bf15a6407396d060c4cf8c636f248471a53bb5e66706ccbf0a
925abf3e95dd81547dc17dcbd96ac29eed1a93ef9caa21e101d03c02d73c57fd
93a557f41179732c40fd51469ae8a7f7a8170259f6948b6adea8ea623e8144f0
96965e9198593fe808f8fa9b2edd88eb18484bcd2ac1c4013fcc8a788a2f62f3
96dfdf3db055abdcf55f9b71426fd3cbfd73b80c3492e8fc35e101d1e461ff90
99e2c72b815a7fe7d1c09bd02659ae12dab9db5f44365349f39b511fb09cba0e
9a4c225e3059c9ec1712ed6c4154c0f79985402dffb38a938d6581cad5946889
9c14d1d9608c1f14225617cfed30a14ff6429e20777f7c304290413beb5d35d5
9c18640014cb8be01b3712883cb601370a8a691b2910d616a188f8e916be280c
9c47aa1425aeedba880457b3e0911b5fd58de6d1a632f88caa5523b0954cf61c
9c9dc9d9b9b35b90d91e41f9f5bcda7704e53afa2b222ef0727e5d6593b32db9
9cb17f36b28a6ea9becc0686bfdf5eb3c9687e4aa0f933d25886a448bc31331c
9d799961163bc310e9b528b76ced3dd459085488c92a0713ce48f2ee67c4a06b
9f3315236dc60ee664a7d896175be16b93fad685f213f1f727cd83a69bfaa2be
a178bd02afbb6d31490dea788229a580c29211ca0519cf054e4851ed463aef32
a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
a345a18e5d3f6c07451cb14dd480bfad123f03663912b581265d617d4725fe9a
a437be2b92b1d11f3562c903ad893e62b5312e8565a4dd4d24c6e00251392083
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a502862fcb5962862e8bd5b2cd2df1182eb1bdc075b4eac3d573f43e846bcb93
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27
a605f554398f3664fa0fa05fa0a5d08405e44234f6879a6f3016b7c30289a9f1
a6516337bf8c304df648ce25ecd89e807b766e691885247e86d069f430f7eaac
ab021fd388f86ebe1afb31d6c97ccf6509459bff1b501831cc6fc507eec58024
ab31f40034920c1b534146957bf16fd87455ee28193b564863bae4014b6fc9c4
ac7bbc8b5538b696ea0a5c3e9b30bb0ee3d8f646cc815f724b57b75df96ec0fc
add6d72b7bad57dd0a1324fd768592bdb0abee6a934c74d12ee8d9405ec3a348
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee9a10d3ffa3dc4daf0ea79b7f151d3e0935e8e9d4cd81790002d98f3481c54
b0a67f3b980cbd420c108073729ab45a3c8cbfbffb39141f75e2530428fc4ecc
b0e1b58919532ecbedd604dc6d8f72cc5ada25bae80b518061ccc79b0d56640e
b120396386be73f614d7566cbaa7c7e97d76210ba5665243306423ca1f70f809
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15a3c9997687ceb8acb60f1ec5e658ca9debf4d5a0f5abbe94490d212da5bdf
b207a079553d1075b4b924723b9f29467821fb89a9912577321df4a033266267
b36929edc97506b13316f1ee18bc06e44be322676dbadd8a5689ef4b62911080
b43506b6c7500b58ee5a5a58c6250e7e6597c67a5b4be660aebf88f0a2a8de97
b445bad8e6fcb75a280aab0d13732970ddcb3e855e14f5281ec4200b871ac7ef
b48743091fa7f477ba4780fe108d6a622bf01de9e6047d7855a59e04ba87f916
b649640b73b1e1d4944f7d5912123369d8d5c680b0ecea681744802e3bd15cb4
b9b4f4daa5cf7deb7b20df72a534952835704580cb8785db45c2113c228087cf
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
bb40f88f520dc06aa3e594ff3fe6f10b7b3623374e2f983a2af29731dd973738
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bcfa4e9901abcf24cecda2f7d296b954eea016cc7e9a0afff1623f9ba6258828
bf57b82160513c464cb01716fe2cf65484a4db8051915015fee34e05dcce01da
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c1a59f8bdfea0998b5c3030f34e98dd678b6b79afe1486b173543f109cad51d8
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c32d10eb2d93c323c646187507e289bf304f948b265815b00830cd1122a6b719
c34e73186f6a6a8b0e0482f529be8e90ab6b07d53c01f1ef3a28e413fa85e579
c37a134e735f9a3dc9916bbed8f5e576f89b9f26537a59544d74004962b1a8ef
c3b66e70d3dae3e359fb54b663ca061040d6f28ebd38fb579d634bff5f55fede
c3eb54cad84c114640c18a5bed91503cc79a039d9b2f5e459ef9d3b93400af8f
c6e3194d14fc8f2cf36f2bf2abdb7286b0c288d2e718d5d1623b677c15a59a4a
c843c33ccd262782405dd3b16ef2e820cb36a03109002ef9ec29a137efff8c27
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9e6b44ff03ce9ff9ed5f9966f6110d1e5406bfcfa2f1cd27dd9b5ada22feeb0
c9f3eb7ef4f07d64e54bed90394322e2e8e497066adbf95713ad811cd482d757
cb9cdabc95c3e5faa6d6a891d5a9f7d415927f2aa23860bb9a368cffb73d1df9
cd090578f949988d88531c0c98339766364ed6cdcfd7bca0d49905c44e56a260
ce50b5f36a11512d9455810020c3c71284b093ee66d26d76e16d8c64bf5c17f2
ced3553fbf17f8efee6874437b0201c1de697f287c6198e5a2860d5336bafd62
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d013e25c3ed322056ae5bf61f416e23b6db04de1356c72d0c896a95b86c8f5e0
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d2a25fff8bcc4cafd152c72b10d763468fdabf7c556eba97d5378c49228e36b0
d313757775c99965549cd4798be91e2c9514bd5e27436f3ba7e5e9ad5f1c787d
d46f578389f55d019566c270d4f339ed6f4465346d67378ae8c942e56c1299f3
d49ad5b802fcc1b63fe0d45c9502282c94193e10f35fa8bb6fe74b1cee1f5fed
d4e0293f1518151cb34061f0a4f3b9b56e1d86cea431c6f3802b7b2d4428d32b
d4e3ce725f71e490d2403ef9921e00107d5bb11d834a2a5b947a9cf6883db9af
d5dc0ad78230e45c600c565d60462acf4feafc58c7a915b129f03fe389cf2b33
d66cb3a72f22b81cc7dc07d1f8ce6fa56985f85839a1d4df1e13d430a3b9cd2b
d7138c8c59b5b685e318370f4e180cba56384df7e78b32d6a3f7942b8ded0b8a
d71dde094c5ec9d9290f0fad530291ca020c979c59348a536b2bd741768a75df
dae7ddb5ba85772b9f2739baddb8a322a457aba1a457a2b4c81ef6850a100002
dc5f18223b1a8a5c768d7e1a6e61e1f6c724d385921f6353ba01ff9ef19d59e5
dd80a1e1b04dcfe0597e73ab2bdcd4378cfa3b7fb33f1ecc18b2f5b63bff5fe7
dd8e3ac8907a8af46def8034684a9a697d00a62e08bd73d273bc1cebf8c48217
dd95f4a502384eeed52cfce2c6ecd19d877c813ebb794d8c9d6c0baa32753b51
de240838374fc82ed43828f26284173a7c6ecb54493ee14b97c562e11a1315de
e036db18f788e13370eaf8f88047b8d5e05628f1f534ffa2e58c0ba76a6bada7
e0ad0fb8d50d005114ba2f8062bf8e96da0576dcca58b8e2b1de45e1a80c2c8a
e0be2e6b539a67a5126f28a1bce1d854ffbee3cccba2e1fe7a23a65bcabd4da6
e252ba32ffa0c8478b38ac5619c7b60a0befc4425fa8d765f3fe3ab1d44de072
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ba86f4b77800708c17938240e0c6f1ad870ed4c1beb95ffd4f053409027efd
e764fde5c1384295b7b68c71b574288e61ae1525fc86677174e2f61cfe7b1ebe
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ec5e8bdd195cceea062b48abe6d0a3b340337e62fe7807f683304115c1ee8fd9
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee5dd0a4359b47cc49bbeaa01ee01d9ab77226267bc4999dce2331f35dd4b930
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f078fc0cc9d56aaf66dc96426c8dadab932a4530a1de31dddcfb916ca7acc89f
f37f82d9d0c419df9240794590e3836492d0be21a2a3736298463c49940ab561
f4b014d5d9c62b5640d2971c2a1b8dedf275350cb4ec22a33da5e3520da1919d
f4b01fa9015e87a8a2cc7c7bd08156fdb456cd0e89249a08f189fea4a6495163
f4d6b8130cb43f9481aad42bba75a692c0adbce23fc57bd0b34d6e069882a5bc
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6c9614f1401dc42fe6f751a15a8367f368a9039e6d7a0ae21ad2cbb76206636
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
f9709ee304271fffffec5b790a1df9f934521e3ff2c7bcd9af3e3178024536dd
f97a39d86834a134b359233cc1b720a106b910d8eab5a5c28aea34400c6d7ff0
f9d7ed6d561f96ca06fb3912adcc155a0fa0db34d0eee351908dc9493c79e1c0
fbae1f5945b9cfa3537ebb968ce9c10cfd1fce9923bf6676d1ab6c659c2ec741
fbe2776528321e86eab1c9f37320995207af2ddc97a41f452b022e7a2495c987
fc3d7253917505f87f64ed3c57cca8965b34eb514176091b9cc081be757b1b93
fdd0c16fee1dc36290fe200f8b77d146d422818afe7a4025ac8e81a86c196812
ffdaf861cd113e4d1b5c82a6edfb6a2ae989bf8005a9771d929336d210e094a3