urlscan.io logo urlscan.io
SecurityTrails logo

canoe.com Open in urlscan Pro
34.117.147.204  Public Scan

Go To Rescan Add Verdict Report
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Submission: On January 23 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 123 IPs in 7 countries across 115 domains to perform 428 HTTP transactions. The main IP is 34.117.147.204, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is canoe.com. The Cisco Umbrella rank of the primary domain is 787748.
TLS certificate: Issued by GTS CA 1D4 on November 25th 2023. Valid for: 3 months.
This is the only time canoe.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 34.117.147.204 396982 (GOOGLE-CL...)
1 172.253.122.95 15169 (GOOGLE)
5 142.251.163.154 15169 (GOOGLE)
3 3.162.114.192 16509 (AMAZON-02)
2 23.205.2.235 16625 (AKAMAI-AS)
1 18.239.183.15 16509 (AMAZON-02)
14 34.117.54.29 396982 (GOOGLE-CL...)
1 13.225.195.59 16509 (AMAZON-02)
2 104.26.0.62 13335 (CLOUDFLAR...)
2 54.192.51.24 16509 (AMAZON-02)
1 172.64.143.6 13335 (CLOUDFLAR...)
9 66.6.101.151 11320 (LIGHTEDGE...)
4 104.18.5.235 13335 (CLOUDFLAR...)
5 13.107.6.158 8068 (MICROSOFT...)
1 151.101.130.114 54113 (FASTLY)
2 5 3.161.213.3 16509 (AMAZON-02)
4 142.251.16.94 15169 (GOOGLE)
1 172.64.146.86 13335 (CLOUDFLAR...)
1 54.192.51.46 16509 (AMAZON-02)
2 151.101.193.229 54113 (FASTLY)
1 23.4.232.54 16625 (AKAMAI-AS)
2 104.18.35.167 13335 (CLOUDFLAR...)
1 104.26.1.62 13335 (CLOUDFLAR...)
2 172.64.97.32 13335 (CLOUDFLAR...)
3 44.197.141.205 14618 (AMAZON-AES)
1 13.225.199.75 16509 (AMAZON-02)
3 74.119.119.131 19750 (AS-CRITEO)
1 18.160.46.85 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 35.241.9.51 396982 (GOOGLE-CL...)
3 7 68.67.160.24 29990 (ASN-APPNEX)
6 157.185.177.205 54994 (ML-1432-5...)
14 172.253.62.132 15169 (GOOGLE)
13 172.253.63.97 15169 (GOOGLE)
9 34.107.254.252 396982 (GOOGLE-CL...)
2 5 35.244.193.51 396982 (GOOGLE-CL...)
1 185.64.190.77 62713 (AS-PUBMATIC)
1 8.43.72.32 26667 (RUBICONPR...)
4 23 172.64.151.101 13335 (CLOUDFLAR...)
1 104.17.118.17 13335 (CLOUDFLAR...)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
2 74.119.119.139 19750 (AS-CRITEO)
1 35.190.39.111 15169 (GOOGLE)
1 35 18.173.219.124 16509 (AMAZON-02)
1 3.208.43.177 14618 (AMAZON-AES)
3 52.201.104.25 14618 (AMAZON-AES)
1 12 52.46.128.147 16509 (AMAZON-02)
4 31.13.66.19 32934 (FACEBOOK)
5 52.0.185.94 14618 (AMAZON-AES)
3 23.204.76.201 16625 (AKAMAI-AS)
4 23.202.153.103 16625 (AKAMAI-AS)
4 34.98.64.218 396982 (GOOGLE-CL...)
1 2 63.251.86.50 32475 (SINGLEHOP...)
1 6 23.92.190.69 32475 (SINGLEHOP...)
14 15 172.253.115.155 15169 (GOOGLE)
3 4 3.233.146.200 14618 (AMAZON-AES)
2 2 74.119.119.150 ()
7 7 52.223.40.198 16509 (AMAZON-02)
2 207.198.113.89 13768 (COGECO-PEER1)
1 23.62.230.139 20940 (AKAMAI-ASN1)
1 1 34.192.6.95 14618 (AMAZON-AES)
4 4 35.207.24.140 15169 (GOOGLE)
3 3 185.184.8.90 204995 (RTB-HOUSE...)
1 1 8.2.110.134 46636 (NATCOWEB)
1 52.206.97.127 14618 (AMAZON-AES)
2 2 35.236.220.17 396982 (GOOGLE-CL...)
1 1 35.71.131.137 16509 (AMAZON-02)
3 4 8.43.72.97 26667 (RUBICONPR...)
2 2 54.145.242.45 ()
7 7 35.211.178.172 19527 (GOOGLE-2)
2 31.13.66.35 32934 (FACEBOOK)
4 3.214.92.171 14618 (AMAZON-AES)
2 3.221.185.93 14618 (AMAZON-AES)
1 1 69.173.151.100 26667 (RUBICONPR...)
1 67.220.228.200 16509 (AMAZON-02)
1 13.107.42.14 8068 (MICROSOFT...)
6 8 54.165.252.120 14618 (AMAZON-AES)
4 4 3.225.218.10 14618 (AMAZON-AES)
1 23.62.230.165 20940 (AKAMAI-ASN1)
7 142.251.167.132 15169 (GOOGLE)
4 172.253.122.156 15169 (GOOGLE)
11 142.251.111.155 15169 (GOOGLE)
1 209.204.227.132 27381 (CASALE-MEDIA)
2 54.192.51.29 16509 (AMAZON-02)
2 69.20.43.192 27357 (RACKSPACE)
2 172.253.62.154 15169 (GOOGLE)
1 142.251.163.149 15169 (GOOGLE)
4 34.203.152.105 14618 (AMAZON-AES)
2 2 199.38.167.130 54312 (ROCKETFUEL)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
3 172.64.149.180 13335 (CLOUDFLAR...)
8 3.212.108.81 14618 (AMAZON-AES)
5 54.192.51.52 16509 (AMAZON-02)
4 151.101.2.133 54113 (FASTLY)
3 52.3.151.154 14618 (AMAZON-AES)
4 142.251.167.139 15169 (GOOGLE)
2 172.67.159.162 13335 (CLOUDFLAR...)
1 18.67.76.51 16509 (AMAZON-02)
1 18.239.162.56 16509 (AMAZON-02)
6 216.239.34.181 15169 (GOOGLE)
3 172.253.63.155 15169 (GOOGLE)
3 172.253.62.94 15169 (GOOGLE)
1 54.144.144.142 14618 (AMAZON-AES)
1 54.234.200.2 14618 (AMAZON-AES)
1 172.253.62.106 15169 (GOOGLE)
1 13.35.77.95 16509 (AMAZON-02)
4 151.101.194.133 54113 (FASTLY)
4 104.36.115.113 62713 (AS-PUBMATIC)
6 172.253.63.84 15169 (GOOGLE)
4 172.253.115.141 15169 (GOOGLE)
2 4 34.111.113.62 396982 (GOOGLE-CL...)
1 40.76.134.238 8075 (MICROSOFT...)
1 2 35.71.139.29 16509 (AMAZON-02)
7 104.36.113.107 62713 (AS-PUBMATIC)
15 8.28.7.83 62713 (AS-PUBMATIC)
1 151.101.129.108 54113 (FASTLY)
2 2 192.184.68.166 14618 (AMAZON-AES)
1 63.251.28.133 13789 (INTERNAP-...)
4 4 159.127.42.41 25751 (VALUECLICK)
2 2 52.54.137.154 14618 (AMAZON-AES)
2 2 50.116.194.21 6336 (TURN-US-ASN)
2 2 64.202.112.127 23352 (SERVERCEN...)
2 52.0.95.35 14618 (AMAZON-AES)
1 54.192.51.124 16509 (AMAZON-02)
1 3.161.213.46 16509 (AMAZON-02)
1 3.217.51.221 14618 (AMAZON-AES)
1 1 23.83.76.73 395954 (LEASEWEB-...)
1 1 198.148.27.131 19189 (PULSEPOINT)
2 2 150.136.25.38 31898 (ORACLE-BM...)
1 2 151.101.130.49 54113 (FASTLY)
1 2 35.170.24.131 14618 (AMAZON-AES)
1 54.163.110.6 14618 (AMAZON-AES)
1 52.23.66.193 14618 (AMAZON-AES)
4 8.28.7.84 62713 (AS-PUBMATIC)
1 1 52.44.173.38 14618 (AMAZON-AES)
1 38.91.45.7 398989 (DEEPINTENT)
1 1 162.210.196.208 ()
2 2 52.3.195.166 14618 (AMAZON-AES)
1 1 54.164.228.18 14618 (AMAZON-AES)
1 18.160.10.111 16509 (AMAZON-02)
2 3 35.244.154.8 396982 (GOOGLE-CL...)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
1 1 38.68.201.140 174 (COGENT-174)
1 34.196.213.92 14618 (AMAZON-AES)
1 162.19.96.13 16276 (OVH)
1 2 104.18.25.173 ()
1 1 82.145.213.8 ()
1 1 35.214.131.35 ()
1 1 69.90.254.78 ()
1 1 74.121.140.211 ()
1 52.3.115.129 ()
1 52.44.42.21 ()
1 2 50.17.222.114 ()
428 123
1    34.117.147.204 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 204.147.117.34.bc.googleusercontent.com
canoe.com
1    172.253.122.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f95.1e100.net
fonts.googleapis.com
5    142.251.163.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f154.1e100.net
securepubads.g.doubleclick.net
3    3.162.114.192 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-114-192.iad61.r.cloudfront.net
c.amazon-adsystem.com
2    23.205.2.235 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-2-235.deploy.static.akamaitechnologies.com
micro.rubiconproject.com
ads.rubiconproject.com
1    18.239.183.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-183-15.bos50.r.cloudfront.net
cdn.adsafeprotected.com
14    34.117.54.29 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 29.54.117.34.bc.googleusercontent.com
dcs-static.gprod.postmedia.digital
fem.gprod.postmedia.digital
1    13.225.195.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-195-59.yul62.r.cloudfront.net
ak.sail-horizon.com
2    104.26.0.62 (None, )

ASN13335 (CLOUDFLARENET, US)
tags.qortex.ai
2    54.192.51.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-24.yul62.r.cloudfront.net
cdn.jwplayer.com
1    172.64.143.6 (United States)

ASN13335 (CLOUDFLARENET, US)
www.npttech.com
9    66.6.101.151 (Lavaca, United States)

ASN11320 (LIGHTEDGE-AS-02, US)
entertainment.service.amuniversal.com
4    104.18.5.235 (None, )

ASN13335 (CLOUDFLARENET, US)
auth.lrcontent.com
config.lrcontent.com
5    13.107.6.158 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: bingforbusiness.com
edge-auth.microsoft.com
1    151.101.130.114 (United States)

ASN54113 (FASTLY, US)
ssl.p.jwpcdn.com
5    3.161.213.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-213-3.yul62.r.cloudfront.net
sb.scorecardresearch.com
4    142.251.16.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f94.1e100.net
fonts.gstatic.com
1    172.64.146.86 (United States)

ASN13335 (CLOUDFLARENET, US)
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1    54.192.51.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-46.yul62.r.cloudfront.net
config.aps.amazon-adsystem.com
2    151.101.193.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    23.4.232.54 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-4-232-54.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
2    104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    104.26.1.62 (None, )

ASN13335 (CLOUDFLARENET, US)
events.qortex.ai
2    172.64.97.32 (United States)

ASN13335 (CLOUDFLARENET, US)
api.fouanalytics.com
3    44.197.141.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-197-141-205.compute-1.amazonaws.com
pixel.adsafeprotected.com
1    13.225.199.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-199-75.yul62.r.cloudfront.net
aax.amazon-adsystem.com
3    74.119.119.131 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    18.160.46.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-46-85.iad55.r.cloudfront.net
tags.crwdcntrl.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    35.241.9.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.9.241.35.bc.googleusercontent.com
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co
7    68.67.160.24 (Jersey City, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
secure.adnxs.com
6    157.185.177.205 (Monrovia, United States)

ASN54994 (ML-1432-54994, CA)
avatar.amuniversal.com
14    172.253.62.132 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f132.1e100.net
lh3.googleusercontent.com
eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com
13    172.253.63.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f97.1e100.net
www.googletagmanager.com
9    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
5    35.244.193.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
1    185.64.190.77 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    8.43.72.32 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
23    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
1    104.17.118.17 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
2    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
1    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
35    18.173.219.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-219-124.jfk52.r.cloudfront.net
securegames.iwin.com
1    3.208.43.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-43-177.compute-1.amazonaws.com
m.iwin.com
3    52.201.104.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-104-25.compute-1.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
12    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
4    31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net
connect.facebook.net
5    52.0.185.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-185-94.compute-1.amazonaws.com
match.sharethrough.com
3    23.204.76.201 (Miami, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-204-76-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    23.202.153.103 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-202-153-103.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
google-bidout-d.openx.net
us-u.openx.net
2    63.251.86.50 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
6    23.92.190.69 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
15    172.253.115.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f155.1e100.net
cm.g.doubleclick.net
4    3.233.146.200 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-146-200.compute-1.amazonaws.com
i.liadm.com
2    74.119.119.150 (None, )

ASN- ()
dis.criteo.com
7    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    207.198.113.89 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    23.62.230.139 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-62-230-139.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
1    34.192.6.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-6-95.compute-1.amazonaws.com
um4.eqads.com
4    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    8.2.110.134 (United States)

ASN46636 (NATCOWEB, US)
cs.krushmedia.com
1    52.206.97.127 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-97-127.compute-1.amazonaws.com
sync-km.ads.yieldmo.com
2    35.236.220.17 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 17.220.236.35.bc.googleusercontent.com
um.simpli.fi
1    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
data.adsrvr.org
4    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    54.145.242.45 (None, )

ASN- ()
sync.srv.stackadapt.com
7    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    31.13.66.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-iad3.facebook.com
www.facebook.com
4    3.214.92.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-92-171.compute-1.amazonaws.com
postmedia.hub.loginradius.com
2    3.221.185.93 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-185-93.compute-1.amazonaws.com
events.iwin.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    67.220.228.200 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
8    54.165.252.120 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-252-120.compute-1.amazonaws.com
match.prod.bidr.io
4    3.225.218.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com
ups.analytics.yahoo.com
1    23.62.230.165 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-62-230-165.deploy.static.akamaitechnologies.com
hb.yahoo.net
7    142.251.167.132 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f132.1e100.net
tpc.googlesyndication.com
4    172.253.122.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f156.1e100.net
www.googletagservices.com
googleads.g.doubleclick.net
11    142.251.111.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f155.1e100.net
pagead2.googlesyndication.com
1    209.204.227.132 (Canada)

ASN27381 (CASALE-MEDIA, CA)
a960.casalemedia.com
2    54.192.51.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-29.yul62.r.cloudfront.net
static.adsafeprotected.com
2    69.20.43.192 (United States)

ASN27357 (RACKSPACE, US)
cs.lkqd.net
2    172.253.62.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f154.1e100.net
googleads4.g.doubleclick.net
1    142.251.163.149 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f149.1e100.net
s0.2mdn.net
4    34.203.152.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-152-105.compute-1.amazonaws.com
pr-bh.ybp.yahoo.com
2    199.38.167.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
3    172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
8    3.212.108.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-108-81.compute-1.amazonaws.com
dt.adsafeprotected.com
5    54.192.51.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-52.yul62.r.cloudfront.net
cdn.viafoura.net
4    151.101.2.133 (United States)

ASN54113 (FASTLY, US)
jssdkcdns.mparticle.com
jssdks.mparticle.com
3    52.3.151.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-151-154.compute-1.amazonaws.com
api.viafoura.co
4    142.251.167.139 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f139.1e100.net
www.google-analytics.com
2    172.67.159.162 (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.mrf.io
1    18.67.76.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-76-51.iad89.r.cloudfront.net
get.s-onetag.com
1    18.239.162.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-162-56.bos50.r.cloudfront.net
cdn.parsely.com
6    216.239.34.181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
3    172.253.63.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net
stats.g.doubleclick.net
3    172.253.62.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f94.1e100.net
www.google.ca
1    54.144.144.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-144-142.compute-1.amazonaws.com
p1.parsely.com
1    54.234.200.2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-200-2.compute-1.amazonaws.com
i.viafoura.co
1    172.253.62.106 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f106.1e100.net
www.google.com
1    13.35.77.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-77-95.bos50.r.cloudfront.net
placement-prd.jwpltx.com
4    151.101.194.133 (United States)

ASN54113 (FASTLY, US)
identity.mparticle.com
4    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
6    172.253.63.84 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f84.1e100.net
accounts.google.com
4    172.253.115.141 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f141.1e100.net
csp.withgoogle.com
4    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    40.76.134.238 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
us01.z.antigena.com
2    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
7    104.36.113.107 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
15    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    192.184.68.166 (United States)

ASN14618 (AMAZON-AES, US)
cms.quantserve.com
1    63.251.28.133 (Secaucus, United States)

ASN13789 (INTERNAP-BLK3, US)
ads.stickyadstv.com
4    159.127.42.41 (United States)

ASN25751 (VALUECLICK, US)
PTR: iad11-nessy-float1.dotomi.com
casale-match.dotomi.com
pubmatic-match.dotomi.com
2    52.54.137.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-137-154.compute-1.amazonaws.com
ads.creative-serving.com
2    50.116.194.21 (United States)

ASN6336 (TURN-US-ASN, US)
PTR: presentation-atl1.turn.com
ad.turn.com
2    64.202.112.127 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    52.0.95.35 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-95-35.compute-1.amazonaws.com
prebid-a.rubiconproject.com
1    54.192.51.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-124.yul62.r.cloudfront.net
onetag-geo.s-onetag.com
1    3.161.213.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-213-46.yul62.r.cloudfront.net
signal-beacon.s-onetag.com
1    3.217.51.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-51-221.compute-1.amazonaws.com
cm.adgrx.com
1    23.83.76.73 (Los Angeles, United States)

ASN395954 (LEASEWEB-USA-LAX, US)
rtb-csync.smartadserver.com
1    198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    150.136.25.38 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    35.170.24.131 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-24-131.compute-1.amazonaws.com
thrtle.com
1    54.163.110.6 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-163-110-6.compute-1.amazonaws.com
crb.kargo.com
1    52.23.66.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-66-193.compute-1.amazonaws.com
sync.bfmio.com
4    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
1    52.44.173.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-173-38.compute-1.amazonaws.com
sync.ipredictive.com
1    38.91.45.7 (Ashburn, United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
1    162.210.196.208 (None, )

ASN- ()
sync.aralego.com
2    52.3.195.166 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-195-166.compute-1.amazonaws.com
pm.w55c.net
1    54.164.228.18 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-228-18.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
1    18.160.10.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-111.iad12.r.cloudfront.net
synchroscript.deliveryengine.adswizz.com
3    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
1    38.68.201.140 (Ashburn, United States)

ASN174 (COGENT-174, US)
pmp.mxptint.net
1    34.196.213.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-213-92.compute-1.amazonaws.com
rtb.adentifi.com
1    162.19.96.13 (France)

ASN16276 (OVH, FR)
PTR: haproxy04.cl13.ovh.mrf.io
events.newsroom.bi
2    104.18.25.173 (None, )

ASN- ()
a.tribalfusion.com
s.tribalfusion.com
1    82.145.213.8 (None, )

ASN- ()
t.adx.opera.com
1    35.214.131.35 (None, )

ASN- ()
csync.loopme.me
1    69.90.254.78 (None, )

ASN- ()
ums.acuityplatform.com
1    74.121.140.211 (None, )

ASN- ()
sync.mathtag.com
1    52.3.115.129 (None, )

ASN- ()
bpi.rtactivate.com
1    52.44.42.21 (None, )

ASN- ()
i6.liadm.com
2    50.17.222.114 (None, )

ASN- ()
io.narrative.io
Apex Domain
Subdomains		 Transfer
38 iwin.com
securegames.iwin.com — Cisco Umbrella Rank: 451425
m.iwin.com — Cisco Umbrella Rank: 515509
events.iwin.com — Cisco Umbrella Rank: 371251
5 MB
34 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459
ads.pubmatic.com — Cisco Umbrella Rank: 535
image6.pubmatic.com — Cisco Umbrella Rank: 805
image2.pubmatic.com — Cisco Umbrella Rank: 912
simage2.pubmatic.com — Cisco Umbrella Rank: 870
image4.pubmatic.com — Cisco Umbrella Rank: 1237
simage4.pubmatic.com — Cisco Umbrella Rank: 1277
39 KB
27 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 594
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
236 KB
24 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 478
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 497
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622
a960.casalemedia.com — Cisco Umbrella Rank: 145242
dsum.casalemedia.com — Cisco Umbrella Rank: 1367
17 KB
20 googlesyndication.com
eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
198 KB
18 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 314
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 591
aax.amazon-adsystem.com — Cisco Umbrella Rank: 395
s.amazon-adsystem.com — Cisco Umbrella Rank: 326
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 801
86 KB
15 amuniversal.com
entertainment.service.amuniversal.com — Cisco Umbrella Rank: 371931
avatar.amuniversal.com — Cisco Umbrella Rank: 141806
1009 KB
14 postmedia.digital
dcs-static.gprod.postmedia.digital — Cisco Umbrella Rank: 100889
fem.gprod.postmedia.digital — Cisco Umbrella Rank: 122053
212 KB
14 adsafeprotected.com
cdn.adsafeprotected.com — Cisco Umbrella Rank: 3571
pixel.adsafeprotected.com — Cisco Umbrella Rank: 851
static.adsafeprotected.com — Cisco Umbrella Rank: 721
dt.adsafeprotected.com — Cisco Umbrella Rank: 719
129 KB
14 rubiconproject.com
micro.rubiconproject.com — Cisco Umbrella Rank: 2971
ads.rubiconproject.com — Cisco Umbrella Rank: 2076
fastlane.rubiconproject.com — Cisco Umbrella Rank: 520
eus.rubiconproject.com — Cisco Umbrella Rank: 579
token.rubiconproject.com — Cisco Umbrella Rank: 477
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1274
pixel.rubiconproject.com Failed
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 2989
194 KB
13 google.com
analytics.google.com — Cisco Umbrella Rank: 154
www.google.com — Cisco Umbrella Rank: 2
accounts.google.com — Cisco Umbrella Rank: 23
248 KB
13 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
1018 KB
12 googleusercontent.com
lh3.googleusercontent.com
62 KB
10 permutive.com
api.permutive.com — Cisco Umbrella Rank: 2271
cdn.permutive.com — Cisco Umbrella Rank: 3125
51 KB
8 mparticle.com
jssdkcdns.mparticle.com — Cisco Umbrella Rank: 6679
identity.mparticle.com — Cisco Umbrella Rank: 3089
jssdks.mparticle.com — Cisco Umbrella Rank: 6177
116 KB
8 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 555
4 KB
8 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 357
data.adsrvr.org — Cisco Umbrella Rank: 5024
3 KB
8 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 671 Failed
ce.lijit.com — Cisco Umbrella Rank: 859
7 KB
8 yahoo.com
c2shb.pubgw.yahoo.com Failed
ups.analytics.yahoo.com — Cisco Umbrella Rank: 358
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495
4 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 253
secure.adnxs.com — Cisco Umbrella Rank: 490
acdn.adnxs.com — Cisco Umbrella Rank: 598
24 KB
7 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 373
4 KB
7 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1299
lexicon.33across.com — Cisco Umbrella Rank: 1517
10 KB
6 openx.net
rtb.openx.net Failed
oajs.openx.net — Cisco Umbrella Rank: 1736
u.openx.net — Cisco Umbrella Rank: 683
google-bidout-d.openx.net — Cisco Umbrella Rank: 1735
us-u.openx.net — Cisco Umbrella Rank: 524
1 KB
5 viafoura.net
cdn.viafoura.net — Cisco Umbrella Rank: 12957
214 KB
5 liadm.com
i.liadm.com — Cisco Umbrella Rank: 550
i6.liadm.com
3 KB
5 sharethrough.com
btlr.sharethrough.com Failed
match.sharethrough.com — Cisco Umbrella Rank: 508
2 KB
5 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 177
6 KB
5 microsoft.com
edge-auth.microsoft.com — Cisco Umbrella Rank: 41324
307 KB
4 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 3039
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3439
1 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 501
1 KB
4 withgoogle.com
csp.withgoogle.com — Cisco Umbrella Rank: 424
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
4 viafoura.co
api.viafoura.co — Cisco Umbrella Rank: 13187
i.viafoura.co — Cisco Umbrella Rank: 13541
4 KB
4 loginradius.com
postmedia.hub.loginradius.com — Cisco Umbrella Rank: 127540
1 KB
4 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1282
2 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
183 KB
4 criteo.com
bidder.criteo.com Failed
gum.criteo.com — Cisco Umbrella Rank: 423
dis.criteo.com
7 KB
4 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2253
creativecdn.com — Cisco Umbrella Rank: 564
3 KB
4 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1005
bcp.crwdcntrl.net — Cisco Umbrella Rank: 898
sync.crwdcntrl.net
13 KB
4 gstatic.com
fonts.gstatic.com
61 KB
4 lrcontent.com
auth.lrcontent.com — Cisco Umbrella Rank: 60316
config.lrcontent.com — Cisco Umbrella Rank: 24269
100 KB
3 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 451
899 B
3 google.ca
www.google.ca — Cisco Umbrella Rank: 9185
622 B
3 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 5021
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 6723
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 7257
19 KB
3 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 644
cdn.indexww.com — Cisco Umbrella Rank: 1576
2 KB
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 657
75 KB
3 qortex.ai
tags.qortex.ai — Cisco Umbrella Rank: 23301
events.qortex.ai — Cisco Umbrella Rank: 19471
14 KB
2 narrative.io
io.narrative.io
643 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 790
880 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 875
1 KB
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1397
684 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 716
767 B
2 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1913
2 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 626
1020 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 843
943 B
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 4277
1 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764
1004 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 412
732 B
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 3040
p1.parsely.com — Cisco Umbrella Rank: 2229
22 KB
2 mrf.io
sdk.mrf.io — Cisco Umbrella Rank: 9261
58 KB
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 841
2 KB
2 lkqd.net
cs.lkqd.net — Cisco Umbrella Rank: 2307
617 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
131 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
185 B
2 stackadapt.com
sync.srv.stackadapt.com
3 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 856
1 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 722
374 B
2 fouanalytics.com
api.fouanalytics.com — Cisco Umbrella Rank: 12197
758 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 324
2 KB
2 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 2653
23 KB
1 rtactivate.com
bpi.rtactivate.com
109 B
1 mathtag.com
sync.mathtag.com
739 B
1 acuityplatform.com
ums.acuityplatform.com
674 B
1 loopme.me
csync.loopme.me
219 B
1 opera.com
t.adx.opera.com
552 B
1 newsroom.bi
events.newsroom.bi — Cisco Umbrella Rank: 7316
845 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1259
285 B
1 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 4970
701 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 4748
404 B
1 adswizz.com
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 2704
201 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1604
342 B
1 aralego.com
sync.aralego.com
401 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1026
339 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 906
554 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1716
425 B
1 kargo.com
crb.kargo.com — Cisco Umbrella Rank: 1149
359 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 523
1009 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 669
796 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1563
196 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 562
654 B
1 antigena.com
us01.z.antigena.com — Cisco Umbrella Rank: 4022
1 jwpltx.com
placement-prd.jwpltx.com — Cisco Umbrella Rank: 133429
203 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1515
425 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 336
3 MB
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 773
650 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 349
517 B
1 yieldmo.com
sync-km.ads.yieldmo.com — Cisco Umbrella Rank: 17456
612 B
1 krushmedia.com
cs.krushmedia.com — Cisco Umbrella Rank: 3182
561 B
1 eqads.com
um4.eqads.com — Cisco Umbrella Rank: 2702
271 B
1 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 2009
296 B
1 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 4356
514 B
1 prmutv.co
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co — Cisco Umbrella Rank: 173134
379 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1833
8 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1157
17 KB
1 permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app — Cisco Umbrella Rank: 136809
116 KB
1 jwpcdn.com
ssl.p.jwpcdn.com — Cisco Umbrella Rank: 2844
20 KB
1 npttech.com
www.npttech.com — Cisco Umbrella Rank: 7784
3 KB
1 sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 3585
33 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
1 KB
1 canoe.com
canoe.com — Cisco Umbrella Rank: 787748
19 KB
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 adroll.com Failed
d.adroll.com Failed
0 ctnsnet.com Failed
cm.ctnsnet.com Failed
0 media.net Failed
prebid.media.net Failed
428 115
Domain Requested by
35 securegames.iwin.com 1 redirects entertainment.service.amuniversal.com
securegames.iwin.com
15 simage2.pubmatic.com ads.pubmatic.com
canoe.com
15 cm.g.doubleclick.net 14 redirects s.amazon-adsystem.com
13 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
13 www.googletagmanager.com entertainment.service.amuniversal.com
www.googletagmanager.com
securegames.iwin.com
fem.gprod.postmedia.digital
www.google-analytics.com
jssdkcdns.mparticle.com
canoe.com
12 s.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
ssum-sec.casalemedia.com
ce.lijit.com
match.sharethrough.com
ads.pubmatic.com
12 lh3.googleusercontent.com entertainment.service.amuniversal.com
11 pagead2.googlesyndication.com eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
10 dcs-static.gprod.postmedia.digital canoe.com
dcs-static.gprod.postmedia.digital
9 api.permutive.com 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
9 entertainment.service.amuniversal.com canoe.com
entertainment.service.amuniversal.com
8 dt.adsafeprotected.com canoe.com
8 match.prod.bidr.io 6 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
7 image2.pubmatic.com ads.pubmatic.com
7 tpc.googlesyndication.com securepubads.g.doubleclick.net
eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
7 x.bidswitch.net 7 redirects
7 match.adsrvr.org 7 redirects
7 ssum-sec.casalemedia.com 2 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com
js-sec.indexww.com
6 accounts.google.com securegames.iwin.com
accounts.google.com
6 analytics.google.com www.googletagmanager.com
6 ce.lijit.com 1 redirects s.amazon-adsystem.com
ce.lijit.com
6 avatar.amuniversal.com entertainment.service.amuniversal.com
6 ib.adnxs.com 2 redirects 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
micro.rubiconproject.com
acdn.adnxs.com
5 cdn.viafoura.net fem.gprod.postmedia.digital
cdn.viafoura.net
5 match.sharethrough.com s.amazon-adsystem.com
match.sharethrough.com
5 lexicon.33across.com 2 redirects canoe.com
micro.rubiconproject.com
5 sb.scorecardresearch.com 2 redirects canoe.com
fem.gprod.postmedia.digital
5 edge-auth.microsoft.com canoe.com
edge-auth.microsoft.com
5 securepubads.g.doubleclick.net canoe.com
securepubads.g.doubleclick.net
www.googletagservices.com
4 pixel.tapad.com 2 redirects ads.pubmatic.com
canoe.com
4 csp.withgoogle.com canoe.com
4 image6.pubmatic.com ads.pubmatic.com
4 identity.mparticle.com jssdkcdns.mparticle.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 pr-bh.ybp.yahoo.com ssum-sec.casalemedia.com
ads.pubmatic.com
4 ups.analytics.yahoo.com 4 redirects
4 postmedia.hub.loginradius.com fem.gprod.postmedia.digital
auth.lrcontent.com
4 token.rubiconproject.com 3 redirects eus.rubiconproject.com
4 rtb.mfadsrvr.com 4 redirects
4 i.liadm.com 3 redirects ssum-sec.casalemedia.com
4 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
micro.rubiconproject.com
4 connect.facebook.net securegames.iwin.com
connect.facebook.net
canoe.com
4 fonts.gstatic.com fonts.googleapis.com
4 fem.gprod.postmedia.digital canoe.com
fem.gprod.postmedia.digital
3 idsync.rlcdn.com 2 redirects canoe.com
3 simage4.pubmatic.com ads.pubmatic.com
3 jssdks.mparticle.com jssdkcdns.mparticle.com
3 www.google.ca canoe.com
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 api.viafoura.co cdn.viafoura.net
3 creativecdn.com 3 redirects
3 ads.pubmatic.com s.amazon-adsystem.com
ads.pubmatic.com
micro.rubiconproject.com
3 static.criteo.net securepubads.g.doubleclick.net
micro.rubiconproject.com
static.criteo.net
3 pixel.adsafeprotected.com cdn.adsafeprotected.com
canoe.com
3 c.amazon-adsystem.com canoe.com
c.amazon-adsystem.com
2 io.narrative.io 1 redirects canoe.com
2 pubmatic-match.dotomi.com 2 redirects
2 pippio.com 2 redirects
2 pm.w55c.net 2 redirects
2 thrtle.com 1 redirects ads.pubmatic.com
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 sync.technoratimedia.com 2 redirects
2 prebid-a.rubiconproject.com micro.rubiconproject.com
2 b1sync.zemanta.com 2 redirects
2 ad.turn.com 2 redirects
2 ads.creative-serving.com 2 redirects
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 casale-match.dotomi.com 2 redirects
2 cms.quantserve.com 2 redirects
2 eb2.3lift.com 1 redirects ads.pubmatic.com
2 config.lrcontent.com auth.lrcontent.com
2 sdk.mrf.io canoe.com
sdk.mrf.io
2 js-sec.indexww.com ssum-sec.casalemedia.com
micro.rubiconproject.com
2 p.rfihub.com 2 redirects
2 googleads4.g.doubleclick.net googleads.g.doubleclick.net
2 cs.lkqd.net googleads.g.doubleclick.net
2 static.adsafeprotected.com pixel.adsafeprotected.com
canoe.com
2 googleads.g.doubleclick.net eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com
pagead2.googlesyndication.com
2 www.googletagservices.com securepubads.g.doubleclick.net
eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com
2 events.iwin.com securegames.iwin.com
2 www.facebook.com connect.facebook.net
canoe.com
2 sync.srv.stackadapt.com 2 redirects
2 eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 um.simpli.fi 2 redirects
2 pixel-sync.sitescout.com ssum-sec.casalemedia.com
canoe.com
2 dis.criteo.com 2 redirects
2 u.openx.net s.amazon-adsystem.com
micro.rubiconproject.com
2 bcp.crwdcntrl.net tags.crwdcntrl.net
canoe.com
2 gum.criteo.com static.criteo.net
gum.criteo.com
2 oajs.openx.net 1 redirects canoe.com
2 ap.lijit.com micro.rubiconproject.com
signal-beacon.s-onetag.com
2 api.fouanalytics.com tags.qortex.ai
canoe.com
2 cdn-ima.33across.com canoe.com
securepubads.g.doubleclick.net
2 cdn.jsdelivr.net micro.rubiconproject.com
securepubads.g.doubleclick.net
2 auth.lrcontent.com canoe.com
cdn.viafoura.net
2 cdn.jwplayer.com canoe.com
cdn.jwplayer.com
2 tags.qortex.ai canoe.com
tags.qortex.ai
1 sync.crwdcntrl.net canoe.com
1 i6.liadm.com canoe.com
1 bpi.rtactivate.com canoe.com
1 sync.mathtag.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 csync.loopme.me 1 redirects
1 t.adx.opera.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 events.newsroom.bi sdk.mrf.io
1 rtb.adentifi.com canoe.com
1 pmp.mxptint.net 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 synchroscript.deliveryengine.adswizz.com canoe.com
1 beacon.lynx.cognitivlabs.com 1 redirects
1 sync.aralego.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 sync.ipredictive.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 sync.bfmio.com ads.pubmatic.com
1 crb.kargo.com ads.pubmatic.com
1 us-u.openx.net ads.pubmatic.com
1 bh.contextweb.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 signal-beacon.s-onetag.com get.s-onetag.com
1 onetag-geo.s-onetag.com get.s-onetag.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 cdn.indexww.com ssum-sec.casalemedia.com
1 ads.stickyadstv.com ssum-sec.casalemedia.com
1 acdn.adnxs.com micro.rubiconproject.com
1 us01.z.antigena.com ads.pubmatic.com
1 placement-prd.jwpltx.com canoe.com
1 www.google.com canoe.com
1 i.viafoura.co cdn.viafoura.net
1 p1.parsely.com canoe.com
1 cdn.parsely.com www.googletagmanager.com
1 get.s-onetag.com www.googletagmanager.com
1 jssdkcdns.mparticle.com fem.gprod.postmedia.digital
1 s.company-target.com 1 redirects
1 secure.adnxs.com 1 redirects
1 s0.2mdn.net eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com
1 a960.casalemedia.com eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com
1 hb.yahoo.net s.amazon-adsystem.com
1 px.ads.linkedin.com s.amazon-adsystem.com
1 aax-eu.amazon-adsystem.com s.amazon-adsystem.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 data.adsrvr.org 1 redirects
1 sync-km.ads.yieldmo.com ce.lijit.com
1 cs.krushmedia.com 1 redirects
1 um4.eqads.com 1 redirects
1 qsearch-a.akamaihd.net canoe.com
1 m.iwin.com entertainment.service.amuniversal.com
1 esp.rtbhouse.com invstatic101.creativecdn.com
1 cdn.permutive.com 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1 htlb.casalemedia.com micro.rubiconproject.com
1 fastlane.rubiconproject.com micro.rubiconproject.com
1 hbopenbid.pubmatic.com micro.rubiconproject.com
1 23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 events.qortex.ai tags.qortex.ai
1 secure.cdn.fastclick.net canoe.com
1 ads.rubiconproject.com micro.rubiconproject.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app fem.gprod.postmedia.digital
1 ssl.p.jwpcdn.com cdn.jwplayer.com
1 www.npttech.com canoe.com
1 ak.sail-horizon.com canoe.com
1 cdn.adsafeprotected.com canoe.com
1 micro.rubiconproject.com canoe.com
1 fonts.googleapis.com canoe.com
1 canoe.com
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 pixel.rubiconproject.com Failed s.amazon-adsystem.com
0 d.adroll.com Failed ssum-sec.casalemedia.com
0 cm.ctnsnet.com Failed ssum-sec.casalemedia.com
0 btlr.sharethrough.com Failed micro.rubiconproject.com
0 bidder.criteo.com Failed micro.rubiconproject.com
0 prebid.media.net Failed micro.rubiconproject.com
0 rtb.openx.net Failed micro.rubiconproject.com
0 c2shb.pubgw.yahoo.com Failed micro.rubiconproject.com
428 181
Subject Issuer Validity Valid
canoe.com
GTS CA 1D4		 2023-11-25 -
2024-02-23		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-12-30 -
2024-12-04		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-22 -
2024-06-19		 a year crt.sh
gprod.postmedia.digital
GTS CA 1D4		 2024-01-02 -
2024-04-01		 3 months crt.sh
ak.sail-horizon.com
Amazon RSA 2048 M02		 2023-12-04 -
2024-12-30		 a year crt.sh
qortex.ai
GTS CA 1P5		 2023-12-20 -
2024-03-19		 3 months crt.sh
jwplayer.com
Amazon RSA 2048 M02		 2023-10-27 -
2024-11-23		 a year crt.sh
npttech.com
GTS CA 1P5		 2023-12-28 -
2024-03-27		 3 months crt.sh
entertainment.service.amuniversal.com
Go Daddy Secure Certificate Authority - G2		 2023-12-08 -
2025-01-08		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-29 -
2024-04-28		 a year crt.sh
edge-auth.microsoft.com
Microsoft Azure RSA TLS Issuing CA 04		 2023-11-28 -
2024-11-22		 a year crt.sh
*.jwplayer.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-30 -
2024-09-30		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
permutive.app
Cloudflare Inc ECC CA-3		 2024-01-05 -
2024-04-04		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-01-21 -
2025-02-19		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
fouanalytics.com
E1		 2024-01-05 -
2024-04-04		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M01		 2023-03-29 -
2024-04-27		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-12-23 -
2024-03-22		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2024-01-22 -
2024-04-22		 3 months crt.sh
*.prmutv.co
R3		 2023-11-29 -
2024-02-27		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
ssl.cdngc.net
GlobalSign RSA OV SSL CA 2018		 2023-04-28 -
2024-05-25		 a year crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
api.permutive.com
R3		 2023-12-15 -
2024-03-14		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2023-12-26 -
2024-12-25		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2024-01-05 -
2024-04-04		 3 months crt.sh
*.iwin.com
Amazon RSA 2048 M02		 2023-11-26 -
2024-12-24		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-01 -
2024-12-21		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.sitescout.com
GeoTrust TLS RSA CA G1		 2024-01-15 -
2025-02-01		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-16 -
2024-05-15		 a year crt.sh
*.loginradius.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-12 -
2024-11-11		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-13 -
2024-12-22		 a year crt.sh
*.match.prod.bidr.io
Amazon RSA 2048 M02		 2023-11-28 -
2024-12-25		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
*.lkqd.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-10 -
2024-07-20		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-01-10 -
2024-06-26		 6 months crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M02		 2023-05-09 -
2024-06-07		 a year crt.sh
viafoura.com
Amazon RSA 2048 M02		 2023-08-08 -
2024-09-06		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2023-12-11 -
2024-12-10		 a year crt.sh
jssdkcdns.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2023-05-02 -
2024-06-02		 a year crt.sh
*.s-onetag.com
Amazon RSA 2048 M03		 2023-11-04 -
2024-12-01		 a year crt.sh
*.parsely.com
Amazon RSA 2048 M02		 2023-05-06 -
2024-06-03		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
jwpltx.com
Amazon RSA 2048 M03		 2023-10-12 -
2024-11-09		 a year crt.sh
identity.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2023-05-08 -
2024-06-08		 a year crt.sh
jssdks.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2023-09-16 -
2024-10-17		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.appspot.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA		 2023-04-03 -
2024-04-02		 a year crt.sh
lexicon.33across.com
GTS CA 1D4		 2024-01-23 -
2024-04-22		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.prod.use1.green.ops.kargo.com
Amazon RSA 2048 M03		 2023-12-11 -
2025-01-08		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2023-12-01 -
2025-01-01		 a year crt.sh
deliveryengine.adswizz.com
Amazon RSA 2048 M02		 2023-07-04 -
2024-08-01		 a year crt.sh
*.tapad.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-18 -
2024-09-17		 a year crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
ssl03.cert.cl13.k8s.mrf.io
R3		 2024-01-11 -
2024-04-10		 3 months crt.sh
rtactivate.com
Amazon RSA 2048 M01		 2023-03-14 -
2024-04-11		 a year crt.sh

This page contains 57 frames:

Primary Page: https://canoe.com/puzzles/?amu=/mah-jong-quest
Frame ID: 3E1EC0BED070294DD078FD3C6DCF3F80
Requests: 159 HTTP requests in this frame

Frame: https://entertainment.service.amuniversal.com/content/mah-jong-quest?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BIskZvTaoc44BYsaqYAFseu06yEkzUnsY7cObOpAez%2BUfuw4IVdMbT%0Au6fng9IZIDQFkYPAK6AYeg%3D%3D&embed_type=puzzle&template_type=default
Frame ID: 998EC5B43C26650D22083418FC480528
Requests: 28 HTTP requests in this frame

Frame: https://fem.gprod.postmedia.digital/v94.0/xd.html
Frame ID: 8C1A42E557028BE8BA741842171E1FE4
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=canoe.com
Frame ID: 4B14E12C75F44B49D4BB36316CD3DBD6
Requests: 2 HTTP requests in this frame

Frame: https://securegames.iwin.com/m/console/v_313/
Frame ID: D8B4055C4E6082B6A65FBE70CE25A425
Requests: 21 HTTP requests in this frame

Frame: https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/
Frame ID: A60500B97F5BF37C02BDFD98A163F451
Requests: 23 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&dcc=t
Frame ID: 499233DA50DB4B2BC34F2DDD1E0A68ED
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 0C46F965858F362362EED9E76027A66F
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 85AD77E42E1DE34F28BE0AE7763B9223
Requests: 9 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: 45F28D7B8BEDF0AC2C7BC438AA811009
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 38E859A08C1765DACC68EFDA355A4B6C
Requests: 19 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: A5DA2B1B45155AA363FA0DF9494D925A
Requests: 20 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: C004856CD75EEAAB062AC5E59F8A3FCC
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=1288365238792369274&ex=appnexus.com
Frame ID: 60B6D295320B5DC89BE2277D93936981
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Frame ID: BC4D8D5C31A1F5121D934454C01196D4
Requests: 7 HTTP requests in this frame

Frame: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=513d6b27-860c-4d07-89da-b3dc4cb5d10c&expiration=1713890561
Frame ID: 03375CFB84F01C81201414EA9C6E20DF
Requests: 1 HTTP requests in this frame

Frame: https://eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0F2AFCEA129476DF8EE371860EFACAF3
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=928934&campId=728x90&pubId=4811995650&chanId=21690693772&placementId=6322821734&pubCreative=138436152095&pubOrder=3215561405&cb=1432650536&custom=index&custom2=1&adsafe_par&impId=67867ef1-ba0e-11ee-a53d-0af29215ae01
Frame ID: BE5FD804E6FB7A3A2CA6749633C11206
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuNhqg6Gj_BLFwsqjA4QHY2BVAG38CV8s0yAcp-d536qAK3ioZp-cjOSTyHVNfWjp2PvHplVvl7Ccq1zYrxlhhL45JmBIcsy0UrHGjEZKAjoahLHIBnkvbY6YV8VcpVHdQpngOMZ-91dMzpugmRdn4qfsSrPfvM35NG94ysVNRsLNhbwJBQ4o2i5FhY4g4WyQfIMjBl3hgAsgHOch0GV0BRCkGBTUYeCF7d_qMRmjb-lSrI58a3lBjANJKbQqfxF5KzA2gwPCITVatjKWi-w13dvvPnKyMQyJ-NB-x0_4KwpJN_iOlgtesMTIauOceGOuUlIZf1dyVG5nWgAWt9nhGwGGd2rYnT7B3Fyz_r61A4hlHNr30d0haF_pgaUQ7qEcQVJVtwmypu2zzyHk7Ss3Sv&sai=AMfl-YQD276SqdolwBxP9P6C_cQVM4f1Zg1mTvT7a5Z6o7k0mEvBRqzzVw_BPjcIbmmqaL-kEJbBkZ6bJqpJmFA11Unkcb4GAdvbkNAlwC4jzGscQdVrpubx8ww6xNY7rvq4MQmd9jY82aLyKdPzdnBEDG0&sig=Cg0ArKJSzLc9AaKift4pEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: A308C3FD4E46D3B93AEA88B2164212F1
Requests: 7 HTTP requests in this frame

Frame: https://eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 239A2801D43B8EEEAC0A513E86379C8B
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLHZsgIQw5rPAhjGgI77ATAB&v=APEucNWnW_og2VRVah1gxczgaxYzAHj6n3nAJwwjPxRHeQg2FINMbT5SRISLKnWUTRAUwedGFf6NiqJ9y-9dMNTF24jzQ9bwtA
Frame ID: 2B8B629BBE4F02EC3A77DE0D54FA0F58
Requests: 5 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184713&gdpr=0
Frame ID: ADB811F24A4AA67D23DF7A0E9BFAE7FF
Requests: 10 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 81EFC2D36AC7E1FB79756A5C8E5F3640
Requests: 1 HTTP requests in this frame

Frame: https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=0295efc4-8406-42f9-af7c-adaa753d5255&send_session_started=true&client_id=a2f5b229-db73-4076-8a05-f85b0fd8a6e8&locale=en-US&context=signin
Frame ID: 6DCEB52DFDA5CFDBEADA386E3C43F468
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 65E5370A24168856742D25AB92BEB4B4
Requests: 3 HTTP requests in this frame

Frame: https://accounts.google.com/gsi/button?type=icon&shape=square&theme=outline&text=signin_with&size=small&client_id=238531725567-d93kvm0isfq740t15a0btdc3m4gq8lif.apps.googleusercontent.com&iframe_id=gsi_158353_685630&as=MpiuZPfQnTaHQWZO31dtjQ
Frame ID: 49A05901E3A817758E47720053D485FF
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/gsi/button?type=standard&shape=rectangular&theme=outline&text=signin_with&size=small&logo_alignment=left&client_id=238531725567-d93kvm0isfq740t15a0btdc3m4gq8lif.apps.googleusercontent.com&iframe_id=gsi_158371_257981&as=MpiuZPfQnTaHQWZO31dtjQ
Frame ID: 6341871ECBDFCFAB580C93CDE025000E
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/gsi/button?type=icon&shape=square&theme=outline&text=signin_with&size=small&client_id=238531725567-d93kvm0isfq740t15a0btdc3m4gq8lif.apps.googleusercontent.com&iframe_id=gsi_158373_917573&as=MpiuZPfQnTaHQWZO31dtjQ
Frame ID: 7E36F6D6A3A751B3B814A42D74346562
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/gsi/button?type=icon&shape=square&theme=outline&text=signin_with&size=small&client_id=238531725567-d93kvm0isfq740t15a0btdc3m4gq8lif.apps.googleusercontent.com&iframe_id=gsi_158375_158463&as=MpiuZPfQnTaHQWZO31dtjQ
Frame ID: 5C45507653560E7358F271DDB57EBDDA
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=ED8F601A-59AF-4F56-BE0B-66862A6798BD&redir=true&gdpr=0&gdpr_consent=
Frame ID: D7E9580D1E1092522A841FA3041C9C8D
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDED8F601A-59AF-4F56-BE0B-66862A6798BD
Frame ID: F9BBE151220E1E8343A3D60BA8969473
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Frame ID: 79D9877C2BABA3DD195335E7C7FAD6D5
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 2F285B5E8656310481DD1583CD2742D4
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Frame ID: FF72DEAFC515BE253FF728C1F6168C91
Requests: 19 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 9FD02887A1A25C73F9F16C8C928B563C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F8D7B65D1CAEEB483DFE5FF600C4E347
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcanoe.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 82FDA736E9ED68DC805DCB5877F7E402
Requests: 10 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: F4B9CAE578257CC21C1791E33F225B53
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1288365238792369274&gdpr=0&gdpr_consent=
Frame ID: D95D045AB001AD199FADE301B729D3F9
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 84CF1C740F903C28307586C08599A87C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACC6E7LX9kAABNfeivnhQ&gdpr=0
Frame ID: E2FC1E7A2A6A3F29A08A21724E673D55
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=Za-shAAQq7UOEQBH
Frame ID: 852CB6C9459600A78F21EBA2C074C77B
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDED8F601A-59AF-4F56-BE0B-66862A6798BD
Frame ID: 8DFEC56F25EFC0CAC1CEA9EABEC54D4C
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: AF6D25272746807D3A809B421A849EC9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a3bee66b-d742-4693-b5cb-a6a9f2d75f7b&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: E9B1D2B4CA3660296D6E334634A9699F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=5vPjCrWlulz9peQPs_OvW7byulj99bNUs_SvrEz1
Frame ID: 159B5B543C51E5EB635217E9CA5766A6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:KxMFboV61RsjRi5&gdpr=0&gdpr_consent=
Frame ID: 98F78ECA038D876D704C12B2B83D59A7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=98fce637-555e-4db6-a6ed-945258c53f7e&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID}
Frame ID: 670233F2A4852F435CCACB4380249F9D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=jp2ZdJInVj9ahj7CSNdiFFYwD_A&gdpr=0&gdpr_consent=
Frame ID: DE05DAB615F1D742C2B6CEFA629B7493
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 25C66E109D452CFE5769344B3239E24E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=969470222452115177
Frame ID: E5BB245195EDD48021EF7DE81672AEAF
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 488143F9D7D6409E5C4429090E622595
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUca0ac3cd26f24472bde223ad3f2d489b
Frame ID: 7EF7BB650492C19082E06C9AF1D0EB2C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 2BF2DB8BC043F576DEA470DBFD707BC2
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: 7FD9E96F81B8EEF2BE5A6A8EB22A7772
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=880340822475
Frame ID: 5C65342F6BF8F7CAAA74410A356FCD6D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7ca465af-ec87-4d00-b27c-82e56c2d0515&gdpr=0&gdpr_consent=
Frame ID: 53C91EA5B16E1813F7E22604F119DF3A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Puzzles and Games | Canoe.ComCanoe.comUser

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • paths(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • require.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

428
Requests

81 %
HTTPS

0 %
IPv6

115
Domains

181
Subdomains

123
IPs

7
Countries

12663 kB
Transfer

22341 kB
Size

152
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://sb.scorecardresearch.com/cs/10276888/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 41
  • https://sb.scorecardresearch.com/b?c1=2&c2=10276888&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1706028152224&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F%3Famu%3D%2Fmah-jong-quest&c8=Puzzles%20and%20Games%20%7C%20Canoe.Com&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1706028152224&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F%3Famu%3D%2Fmah-jong-quest&c8=Puzzles%20and%20Games%20%7C%20Canoe.Com&c9=
Request Chain 84
  • https://lexicon.33across.com/v1/envelope?pid=0015a0000344KfnAAE&src=aps&ver=1.3.0 HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0015a0000344KfnAAE&src=aps&ver=1.3.0&b=1&g=nS7or2hMX3YJ1Wra0jyGcj%2FtRmDM4gOrybNYN4oOG00%3D
Request Chain 102
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F%3Famu%3D%2Fmah-jong-quest&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F%3Famu%3D%2Fmah-jong-quest&rid=esp&cc=1
Request Chain 104
  • https://lexicon.33across.com/v1/envelope?pid=0015a0000344KfnAAE&src=esp&ver=1.3.0 HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0015a0000344KfnAAE&src=esp&ver=1.3.0&b=1&g=nGI2hWyw6KmbDb27KmYxR5N1kaTSLZ%2BmQdqHiBRYzww%3D
Request Chain 122
  • https://securegames.iwin.com/data/gtm.json HTTP 301
  • https://m.iwin.com/online-games
Request Chain 133
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&dcc=t
Request Chain 155
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 160
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=1288365238792369274&ex=appnexus.com
Request Chain 161
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 301
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 302
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Request Chain 163
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Za_semtaVxDTT_gsvb43vwAAA9oAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=Za_semtaVxDTT_gsvb43vwAAA9oAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFtyeaTeBmXIOuh2cR5Ours&google_cver=1
Request Chain 164
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=Za-semtaVxDTT-gsvb43vwAA%26986&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=Za-semtaVxDTT-gsvb43vwAA%26986&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=3330af610ea14ec5b9aec4a730a531e5 HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ HTTP 302
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-9v_N_lRnWZ0JqkzxhKuPUWEx5CqcrXPqryj-nw
Request Chain 165
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://match.adsrvr.org/track/cmb/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0e0d8cbc-0294-4a4b-abc3-1e542e539358&expiration=1708620155&gdpr=0&gdpr_consent=
Request Chain 166
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Za-semtaVxDTT-gsvb43vwAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=Za-semtaVxDTT-gsvb43vwAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENuYqYVaiESZrzowUxQV9uE&google_cver=1
Request Chain 173
  • https://um4.eqads.com/um/cs HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=513d6b27-860c-4d07-89da-b3dc4cb5d10c&expiration=1713890561
Request Chain 176
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=77cf63a8-29b1-4d76-bcd2-2b3b45ae629b
Request Chain 177
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=RXFw8qmrqYBh-xK4NyTnJGcatYzvq4ECLfv3jdXuSmc&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
Request Chain 178
  • https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-km.ads.yieldmo.com/sync?pn_id=km&id=f236f38a-9415-5ce9-a32a-705f78c0d14d
Request Chain 179
  • https://um.simpli.fi/lj_match?r=1706028154537&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=937D271B510D4F7F831380187136CD0A
Request Chain 180
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=19dcc08a-2999-4450-b559-752a3027538a&gdpr=0&gdpr_consent=
Request Chain 185
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=0e0d8cbc-0294-4a4b-abc3-1e542e539358&gdpr=0&gdpr_consent=
Request Chain 186
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=ZjY3YzY1NzktNmFkZS00ZTM0LWExY2YtYjA5NWI5YjFlMTUz HTTP 302
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Request Chain 187
  • https://sync.srv.stackadapt.com/sync?nid=15&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-8e9d9974-9227-563f-5a86-3ec248d76214$ip$86.48.15.240&gdpr=0&gdpr_consent=
Request Chain 188
  • https://x.bidswitch.net/sync?ssp=sharethrough&user_id=f67c6579-6ade-4e34-a1cf-b095b9b1e153&gdpr=0&gdpr_consent=&gdpr_pd=1&us_privacy=&expires=365 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sharethrough&user_id=f67c6579-6ade-4e34-a1cf-b095b9b1e153&gdpr=0&gdpr_consent=&gdpr_pd=1&us_privacy=&expires=365 HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=sharethrough&bsw_user_id=a3bee66b-d742-4693-b5cb-a6a9f2d75f7b&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=sharethrough&bsw_user_id=a3bee66b-d742-4693-b5cb-a6a9f2d75f7b&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=77cf63a8-29b1-4d76-bcd2-2b3b45ae629b&ssp=sharethrough&gdpr=0 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=a3bee66b-d742-4693-b5cb-a6a9f2d75f7b&seat_user_id=&seat_key=&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 195
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LRQL43MN-1U-7G9H HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LRQL43MN-1U-7G9H&ex=d-rubiconproject.com&status=ok
Request Chain 196
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWYyNzFhM2IyMjQ0M2QyMmM5NmE5NzAyYTRhNDVhMGI4MTgzZTg1Ng
Request Chain 197
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBRrzjc8k58xt52qYM0sm_U&google_cver=1
Request Chain 199
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/gEik4Z4phepny8CiRITD-Mn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-maw4jDxE2oLSXHEA2h29AkrphIP8Ewi2eTFlJQ--~A
Request Chain 200
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=YvDqeRlFT4yn9bsOi0MEMg&rk=usync-na
Request Chain 202
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://match.adsrvr.org/track/cmb/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0e0d8cbc-0294-4a4b-abc3-1e542e539358&gdpr=0&gdpr_consent=&expires=30
Request Chain 203
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRQL43MN-1U-7G9H
Request Chain 204
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFJRTDQzTU4tMVUtN0c5SA== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIiIcFMAhEHwHDvrc9HXN7k&google_cver=1
Request Chain 210
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LRQL43MN-1U-7G9H&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LRQL43MN-1U-7G9H&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1BazR3emExRTJ1RlY1SWE1VnBONl9FRzdoaU5VU1B3Rn5B&ovsid=LRQL43MN-1U-7G9H&dpid=58160
Request Chain 231
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm HTTP 302
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESELDihI4AtPhmLUtYN7G3PkQ&google_cver=1
Request Chain 233
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENuYqYVaiESZrzowUxQV9uE&google_cver=1
Request Chain 234
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Za-semtaVxDTT-gsvb43vwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENuYqYVaiESZrzowUxQV9uE&google_cver=1
Request Chain 242
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1288365238792369274
Request Chain 245
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Za_semtaVxDTT_gsvb43vwAAA9oAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFtyeaTeBmXIOuh2cR5Ours&google_cver=1
Request Chain 247
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=969470222452115177
Request Chain 248
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1721752963&external_user_id=8ff3b37e-4a8d-4449-b73e-6bf9141fdf3e
Request Chain 342
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7Y9gGlmvT1a-C2aGKmeYvQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 343
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=ED8F601A-59AF-4F56-BE0B-66862A6798BD HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=ED8F601A-59AF-4F56-BE0B-66862A6798BD HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=7a6ae2f0-2655-493e-8615-e345dceafb1c%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0e0d8cbc-0294-4a4b-abc3-1e542e539358&ttd_puid=7a6ae2f0-2655-493e-8615-e345dceafb1c%2C%2C
Request Chain 345
  • https://eb2.3lift.com/xuid?mid=7976&xuid=ED8F601A-59AF-4F56-BE0B-66862A6798BD&dongle=u6nf&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=ED8F601A-59AF-4F56-BE0B-66862A6798BD&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
Request Chain 346
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RUQ4RjYwMUEtNTlBRi00RjU2LUJFMEItNjY4NjJBNjc5OEJE&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 347
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIxcm7xe7_RQf2kqWWHryEM&google_cver=1
Request Chain 348
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:379EDC97AC90427FAF93A23828F07680
Request Chain 349
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0e0d8cbc-0294-4a4b-abc3-1e542e539358&gdpr=0&gdpr_consent=
Request Chain 360
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=QUu1oBId7PZaHbKlFEv58RFK7PJaTeX-FEw17RHb
Request Chain 362
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Za_semtaVxDTT_gsvb43vwAAA9oAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Za_semtaVxDTT_gsvb43vwAAA9oAAAIB
Request Chain 363
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=6e890aecd37f1310&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAHdqz9RA7mpAM1LB10AAAAAAA&expiration=1706114560&is_secure=true
Request Chain 364
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=a3bee66b-d742-4693-b5cb-a6a9f2d75f7b&gdpr=&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=a3bee66b-d742-4693-b5cb-a6a9f2d75f7b&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=070c53d6-38c1-44b5-afe9-e64964f7c566&ssp=index&expires=30&user_group=5&bsw_param=a3bee66b-d742-4693-b5cb-a6a9f2d75f7b HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=a3bee66b-d742-4693-b5cb-a6a9f2d75f7b&gdpr=&gdpr_consent=&us_privacy=
Request Chain 365
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4060097250248549399
Request Chain 367
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://b1sync.zemanta.com/usersync/index/?gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=2&us_privacy= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=atqV7FJne8x1b99eMKEe&puid=
Request Chain 378
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1288365238792369274&gdpr=0&gdpr_consent=
Request Chain 380
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDQzZFN0xYOWtBQUJOZmVpdm5oUQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AACC6E7LX9kAABNfeivnhQ&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csyn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=8825338180922886739&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AACC6E7LX9kAABNfeivnhQ&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D8825338180922886739%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=8825338180922886739&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AACC6E7LX9kAABNfeivnhQ&pid=558502&do=add&gdpr=0 HTTP 303
  • https://sync.technoratimedia.com/services?uid=AACC6E7LX9kAABNfeivnhQ&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D8825338180922886739%26gdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 307
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26nuid%3D4123C853331A49F4A5FF345CA2AD21E1%26att%3D1%26pid%3D82%26cb%3Dhttps%253A%252F%252Fmatch.prod.bidr.io%252Fcookie-sync%253Fgdpr%253D0%2526userid%253D8825338180922886739%2526gdpr%253D0%2526gdpr%253D0%2526bee_sync_partners%253Dpm%2526bee_sync_current_partner%253Dsyn%2526bee_sync_initiator%253Dadx%2526bee_sync_hop_count%253D4%26uid%3D HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&nuid=4123C853331A49F4A5FF345CA2AD21E1&att=1&pid=82&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D8825338180922886739%26gdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&uid=Za-semtaVxDTT-gsvb43vwAA%26986 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=8825338180922886739&gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACC6E7LX9kAABNfeivnhQ&gdpr=0
Request Chain 381
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=Za-shAAQq7UOEQBH
Request Chain 383
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=ED8F601A-59AF-4F56-BE0B-66862A6798BD&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=ED8F601A-59AF-4F56-BE0B-66862A6798BD&vxii_pid=12&vxii_pid1=10067&vxii_rcid=bd7b90d5-3f0e-427f-ac7c-0c98a7dee95c
Request Chain 387
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=ED8F601A-59AF-4F56-BE0B-66862A6798BD&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-cS7rW8BE2uXGW8c.OOwTsKZeRreKJZM-~A&gdpr=0
Request Chain 388
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=98266aef-761d-4de3-92dc-68db6608aabe&gdpr=0&gdpr_consent=
Request Chain 397
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.aralego.com/bsw_sync?ucf_nid=par-E2B44D84BBBDED8A0B297323E4B4A68&dsp_id=445&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=a3bee66b-d742-4693-b5cb-a6a9f2d75f7b&gdpr=0&gdpr_consent=&gdpr_pd=&usprivacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=445&user_id=&ssp=pubmatic&bsw_param=a3bee66b-d742-4693-b5cb-a6a9f2d75f7b HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a3bee66b-d742-4693-b5cb-a6a9f2d75f7b&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 398
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=5vPjCrWlulz9peQPs_OvW7byulj99bNUs_SvrEz1
Request Chain 399
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:KxMFboV61RsjRi5&gdpr=0&gdpr_consent=
Request Chain 400
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=98fce637-555e-4db6-a6ed-945258c53f7e&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID}
Request Chain 402
  • https://idsync.rlcdn.com/712188.gif?partner_uid=ED8F601A-59AF-4F56-BE0B-66862A6798BD&gdpr=0&gdpr_consent= HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CPy7KxIwCiwIARCFpQoaJEVEOEY2MDFBLTU5QUYtNEY1Ni1CRTBCLTY2ODYyQTY3OThCRBAAGg0Igtm_rQYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=7b0aa423d84dd78cdd000f834711a667e3ee8a02688386ab1998e33b4119b735791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA3YjBhYTQyM2Q4NGRkNzhjZGQwMDBmODM0NzExYTY2N2UzZWU4YTAyNjg4Mzg2YWIxOTk4ZTMzYjQxMTliNzM1NzkxNDI2YjU0MTdkY2UyMRAAGgwIhNm_rQYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA3YjBhYTQyM2Q4NGRkNzhjZGQwMDBmODM0NzExYTY2N2UzZWU4YTAyNjg4Mzg2YWIxOTk4ZTMzYjQxMTliNzM1NzkxNDI2YjU0MTdkY2UyMRAAGgwIhNm_rQYSBAgCEABCAEoA&google_gid=CAESEG1DuIT2I16tdN14iVlb9EQ&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=e139cdb6-3253-440e-981e-99eced25c82c
Request Chain 405
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=ED8F601A-59AF-4F56-BE0B-66862A6798BD&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=3b9ba61f47bb109a&is_secure=true&networkId=17100&version=1&nuid=ED8F601A-59AF-4F56-BE0B-66862A6798BD&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHmBI9TC6sxgMi2GCmAAAAAAA&expiration=1706114562&nuid=ED8F601A-59AF-4F56-BE0B-66862A6798BD&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 407
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4060097250248549399&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 408
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CA5_10FBF828B_4770A69A&r=https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 415
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=jp2ZdJInVj9ahj7CSNdiFFYwD_A&gdpr=0&gdpr_consent=
Request Chain 416
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 417
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=969470222452115177
Request Chain 418
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 419
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUca0ac3cd26f24472bde223ad3f2d489b
Request Chain 420
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 422
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=880340822475
Request Chain 423
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7ca465af-ec87-4d00-b27c-82e56c2d0515&gdpr=0&gdpr_consent=
Request Chain 425
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=ED8F601A-59AF-4F56-BE0B-66862A6798BD HTTP 303
  • https://i6.liadm.com/s/75145?bidder_id=195755&bidder_uuid=ED8F601A-59AF-4F56-BE0B-66862A6798BD
Request Chain 427
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:ED8F601A-59AF-4F56-BE0B-66862A6798BD HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=6f9cce80-ba0e-11ee-b5dd-063bb86db637&companyId=673&id=pubmatic_id:ED8F601A-59AF-4F56-BE0B-66862A6798BD
Request Chain 428
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=RXFw8qmrqYBh-xK4NyTnJGcatYzvq4ECLfv3jdXuSmc&pi=pubmatic&gdpr=0&gdpr_consent=

428 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
canoe.com/puzzles/ 		107 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.147.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
204.147.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
5ea5a00a65192a1f5a33d030006e9ac955ea8c883114c67a9c8c4297fb55d7ee
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=180
content-encoding
gzip
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 16:42:31 GMT
expires
Tue, 23 Jan 2024 16:41:46 GMT
last-modified
Tue, 23 Jan 2024 16:37:41 GMT
permissions-policy
autoplay=(*), camera=(*), display-capture=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), microphone=(*), payment=(*)
referrer-policy
strict-origin-when-cross-origin
server
istio-envoy
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-dcs-cache-page
HIT
x-envoy-decorator-operation
pmd-nginx-proxy.nginx-proxy.svc.cluster.local:80/*
x-envoy-upstream-service-time
1768
x-frame-options
SAMEORIGIN
x-pmd-backend
pmd-nginx-proxy-84b7bb6c96-c699r
x-pmd-cache
STALE
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f95.1e100.net
Software
ESF /
Resource Hash
64bd62679fbefcfd46fb16c93bccda65b4716fdb1714a7d0912f14601dc082e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 23 Jan 2024 16:42:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 16:40:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Jan 2024 16:42:31 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
45625dc77e8007c7571b026e246e8b7d8b4c51eaf2f57e4b2783a945cab4e885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29655
x-xss-protection
0
server
cafe
etag
247 / 19745 / m202401180101 / config-hash: 1061630321124036141
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 23 Jan 2024 16:42:31 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.114.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-114-192.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66db01e9328733a5f6a6bad62ab921f53837d6eb11d81a3a4995c3e747821a50

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:12 GMT
content-encoding
gzip
via
1.1 38ecebcaa39c8742da2b6336935bb446.cloudfront.net (CloudFront), 1.1 1448cc53c16b560cf86c5348358d4682.cloudfront.net (CloudFront)
last-modified
Thu, 18 Jan 2024 20:22:22 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, IAD61-P2
age
2900
x-amz-server-side-encryption
AES256
etag
W/"60bfb96bc5dd4ca3429ef2f4df9e17d2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
36m1Nk9cc9LBXow2vGQaRERd2U9TarATP9gM2vMabbGnDjuKzUeAOA==
14648.js
micro.rubiconproject.com/prebid/dynamic/ 		575 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://micro.rubiconproject.com/prebid/dynamic/14648.js
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.2.235 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-2-235.deploy.static.akamaitechnologies.com
Software
Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash
89ff09e3f01130048679d910a3e402117f9c6f12cbd41c219ade525946d1dad4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:31 GMT
content-encoding
gzip
server
Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary
accept-encoding, referer
edge-cache-tag
prod-prebid-14648_Canoe_Web.js
content-type
text/javascript;charset=UTF-8
cache-control
public, must-revalidate, max-age=14400
content-length
162180
expires
Tue, 23 Jan 2024 19:25:53 GMT
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.239.183.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-183-15.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 16 Jan 2024 22:21:02 GMT
Via
1.1 444cff119449030682546c5e05bfd1da.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
BOS50-P4
Age
584490
ETag
"51636de3ce868a2172f9e6996c2934e0"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22521
X-Amz-Cf-Id
PbsnnuEM1DpIe9r6KF3BCOo4qHylp7dHeYFwfkRWXo7GHvJVsMCjqA==
output.e13822da2ca5.css
dcs-static.gprod.postmedia.digital/15.2.1/CACHE/css/ 		29 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.2.1/CACHE/css/output.e13822da2ca5.css
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e13822da2ca587d1d53b050cb267bbfea098e785e496dfb833bf4ae38555a087

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 22:55:35 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1704399608
age
1014416
x-guploader-uploadid
ABPtcPpnC3QnSchEv3WbdkuZEkIWlbwKdpG_HiLWELT41JalD-kd3EgSqxyhdWXmwA7778FWeXpSbBeV
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2529
last-modified
Wed, 10 Jan 2024 18:00:57 GMT
server
UploadServer
etag
W/"e294df1b7807772797bf8455e49389d1"
vary
Accept-Encoding
x-goog-generation
1704909657471900
x-goog-hash
crc32c=7LFLRw==, md5=4pTfG3gHdyeXv4RV5JOJ0Q==
access-control-allow-origin
*
content-type
text/css
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
29809
accept-ranges
none
output.8e879b749634.css
dcs-static.gprod.postmedia.digital/15.2.1/CACHE/css/ 		89 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.2.1/CACHE/css/output.8e879b749634.css
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
af7af603d012ddfd269d068e68a3e88dc56305a1ae53593d790d05eddebd0f69

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:14:43 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1704399607
age
1117668
x-guploader-uploadid
ABPtcPpmT190n2exQazVoFX0S7F5JXvl-AyI--XbQQ1U1seR67vTjY8xo6t25-2snS0bGwxzuPGaVmYG
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14523
last-modified
Wed, 10 Jan 2024 18:00:55 GMT
server
UploadServer
etag
W/"ac6ad9315f1e219cb08bbdb029182a2e"
vary
Accept-Encoding
x-goog-generation
1704909655858026
x-goog-hash
crc32c=0sQuOw==, md5=rGrZMV8eIZywi72wKRgqLg==
access-control-allow-origin
*
content-type
text/css
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
91329
accept-ranges
none
spm.v1.min.js
ak.sail-horizon.com/spm/ 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-59.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ed1c626af66981552aac1e9cd693fb3bbf73411f1af5ad340723545258fab7e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:32:41 GMT
content-encoding
gzip
via
1.1 523a43752798afeed1084674b07d844c.cloudfront.net (CloudFront)
last-modified
Tue, 29 Aug 2023 21:44:22 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
age
590
x-amz-server-side-encryption
AES256
etag
W/"edee28fbd3a5c9f3c17e0333554b5646"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600; must-revalidate
x-amz-cf-id
1w-auP7KYiFgeu9DQ-SfOyc4fIgDLAbJXDoMbJaSn0DLY9Vdr_WKHQ==
fem.js
fem.gprod.postmedia.digital/v94.0/ 		380 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v94.0/fem.js
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d743899b78431bf5a679df7a9fdba7017229b49a8951a9c118f3556d8a6e632d

Request headers

Referer
https://canoe.com/
Origin
https://canoe.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 08:29:51 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1704229360
age
375160
x-guploader-uploadid
ABPtcPrWMc0j5ECKVgsL1vlSV8kiHcIKE90pluogaQuD7rBSGDoM4O0i5yaFnVcz-xY5Zz6COanBM4rb-weQI2o
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109089
last-modified
Tue, 02 Jan 2024 21:03:43 GMT
server
UploadServer
etag
W/"789f7840bba8792f251d8242266af500"
vary
Accept-Encoding
x-goog-generation
1704229423211415
x-goog-hash
crc32c=ou3ihg==, md5=eJ94QLuoeS8lHYJCJmr1AA==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
389551
accept-ranges
none
content-type
application/javascript
bootstrapper
tags.qortex.ai/ 		24 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.qortex.ai/bootstrapper?group-id=VOasUCJt3E6ILpo1BnYrpw&video-container=.jw-wrapper&continuous-load=true
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
eaa1fe6daa6d6efa271e07a942dd6cd521cf367b0f2a1470512f43dc315ad50c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2024 16:46:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
168
etag
W/"122"
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rguDbHYhc0nxfuYrO%2BUJWAA08z%2Bu1HDNODNOq3ixkp5GF1Lg9GTQQrPqshTy27DN58Vh%2BSZznTYY2pNBPjTAln%2FXnGUSWuF6j5x2J4mWKE97lU6aKebx%2BJLne%2BptUFjO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
84a17d8e3bc139f0-YYZ
embed.js
cdn.jwplayer.com/v2/sites/ReDAXyY4/placements/ 		58 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/sites/ReDAXyY4/placements/embed.js
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-24.yul62.r.cloudfront.net
Software
openresty /
Resource Hash
a075f92744836d04b6d6baea13c646a1376afa236c13827f37e52420050b3a64

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:40:30 GMT
content-encoding
gzip
via
1.1 5632fe5930775cf7bdf993a5c3c6fa2e.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
YUL62-C2
age
121
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
x-robots-tag
noindex, indexifembedded
content-length
22525
x-amz-cf-id
Opu2HUm_F-3ZcRhKMoGmxeegxBWmEz-x5LX97Ud2hTAnqLbRSSJYTQ==
advertising.js
www.npttech.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.143.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:32 GMT
x-amz-version-id
AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
AK76M50Q9FJC14CC
age
1327
alt-svc
h3=":443"; ma=86400
x-amz-id-2
GGFimkieNq/KLCI4yl9Z/v8Sn76iqXml1BPLTfyEYNrL7VEM5vPteDyF7rn0C7FsecAfUj7uPCA=
last-modified
Tue, 18 Oct 2022 13:20:01 GMT
server
cloudflare
etag
W/"df0e1827cd8f289a645f38d8fecaf6e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZ6JZ8rrJxnbKWGboRjEW0zTJ6AzrV%2F18%2Bx0Fa2rmCR30CY7fUmyUhM1Icgwzz22RycoJmAMpVV8jEtlFDETBr%2FWUAwxRz%2BF9ewQBT3rb6pqs32gj0rCZH7J2picI6XbZQs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
cf-ray
84a17d8e68b741ba-EWR
application-client.js
entertainment.service.amuniversal.com/assets/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://entertainment.service.amuniversal.com/assets/application-client.js
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.6.101.151 Lavaca, United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS
Software
/
Resource Hash
8d797b58dbbb90837bff92450e25c5a0fc90040116e51311437d9f2c4f03c94b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:42:32 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Nov 2020 18:20:09 GMT
ETag
"8d797b58dbbb90837bff92450e25c5a0fc90040116e51311437d9f2c4f03c94b"
Vary
Accept-Encoding
Content-Type
application/javascript
Status
200 OK
Cache-Control
public,max-age=600
Connection
Keep-Alive
Keep-Alive
timeout=5, max=55
Content-Length
7846
LoginRadiusV2.js
auth.lrcontent.com/v2/js/ 		211 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.lrcontent.com/v2/js/LoginRadiusV2.js
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.5.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdd5eb5886d055428379d1938f01e5a186f7f8dbf3efc851ad9e04914302eb59
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:31 GMT
strict-transport-security
max-age= 63072000; includeSubdomains; preload
via
1.1 18b0fca4845f3542d7f0566683e26626.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
gzip
x-amz-cf-pop
YUL62-C2
age
769
cf-polished
origSize=1336927
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
cf-bgj
minify
last-modified
Mon, 04 Dec 2023 07:20:23 GMT
server
cloudflare
etag
W/"34dedade3a8f1aa4aa0db4d3bf475de7"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
84a17d8d6d9f36a8-YYZ
x-amz-cf-id
0lTYlShJSRlVYIgHw_tmGm9TK9BQPZHf1s1QOFvTE84j4hT_P57c5Q==
expires
Tue, 23 Jan 2024 20:42:31 GMT
ms_auth_client.min.js
edge-auth.microsoft.com/js/ 		279 KB
280 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge-auth.microsoft.com/js/ms_auth_client.min.js
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
bingforbusiness.com
Software
/
Resource Hash
feb2160dccd8b0345096a272f9753c529fa2f32b843400805851dc714372d9d5
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'nonce-iDgeMmstTku2U8p5IDn9D8OTp0NipYkgnn9tovs0DdSLFwx2I5G+TKfcThG3c39Zc7AaXfIWiXKTIIangjrZGnx/xDDpMphAhr26NZ/TULZLDwzMYIy+5K8pzSQ8LZFv0tzccjIODiEuPcQ8XCJyIMPVDIzvVAiqUcy1BNbXjQQ=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'strict-dynamic' 'nonce-iDgeMmstTku2U8p5IDn9D8OTp0NipYkgnn9tovs0DdSLFwx2I5G+TKfcThG3c39Zc7AaXfIWiXKTIIangjrZGnx/xDDpMphAhr26NZ/TULZLDwzMYIy+5K8pzSQ8LZFv0tzccjIODiEuPcQ8XCJyIMPVDIzvVAiqUcy1BNbXjQQ=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
date
Tue, 23 Jan 2024 16:42:32 GMT
last-modified
Mon, 01 Jan 1601 16:13:01 GMT
x-msedge-ref
Ref A: C5EAAEB4AC6A4B8794B2416F0347B3C1 Ref B: CH1AA2020605035 Ref C: 2024-01-23T16:42:32Z
etag
"87edcdff88"
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
285448
shared.2985cfdc4158.js
dcs-static.gprod.postmedia.digital/15.2.1/CACHE/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.2.1/CACHE/js/shared.2985cfdc4158.js
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
31bb647caffd6b5e814011355c22ad1cc15ca16e82a9bc64c887a3b1a3aa70b8

Request headers

Referer
https://canoe.com/
Origin
https://canoe.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 18:28:06 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1704399607
age
166465
x-guploader-uploadid
ABPtcPobVNALeqn0HDPeTaQwkMp8Z8WHlM4j-EKLHhnTsC2DntY3gjJNgpHC0DHpGKqkXFeBigLXMnSk
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7519
last-modified
Wed, 10 Jan 2024 18:00:58 GMT
server
UploadServer
etag
W/"6bcf46784f0935bb863f38bf709e4fdb"
vary
Accept-Encoding
x-goog-generation
1704909658060703
x-goog-hash
crc32c=fzlbZA==, md5=a89GeE8JNbuGPzi/cJ5P2w==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
20870
accept-ranges
none
content-type
application/javascript
main.3e80addd74a4.js
dcs-static.gprod.postmedia.digital/15.2.1/CACHE/js/ 		134 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.2.1/CACHE/js/main.3e80addd74a4.js
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3e80addd74a44579cc08ffc12989b8ab8dc136713c977c6da3aed5369b752409

Request headers

Referer
https://canoe.com/
Origin
https://canoe.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 18:28:06 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1704399607
age
166465
x-guploader-uploadid
ABPtcPquIV-XT21bPl40EPqNpTM_T-nrThq_9Go4dc-srgNptJetd7AUpX1gYvsvT32rcoxJ8q7D4yp7
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46375
last-modified
Wed, 10 Jan 2024 18:00:58 GMT
server
UploadServer
etag
W/"d318024817c13557c3e306ab5bfd41ce"
vary
Accept-Encoding
x-goog-generation
1704909658042897
x-goog-hash
crc32c=3rdnxA==, md5=0xgCSBfBNVfD4warW/1Bzg==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
136803
accept-ranges
none
content-type
application/javascript
geo.json
cdn.jwplayer.com/v2/ 		40 B
269 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/geo.json
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/v2/sites/ReDAXyY4/placements/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-24.yul62.r.cloudfront.net
Software
/
Resource Hash
ad32d3c936d1030661f1c8f55b25db870167fc7c02134fd7e9dbe1d31029fb41

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 23 Jan 2024 16:41:12 GMT
via
1.1 036a9c4a824b984cd31ef0e9e0ecd306.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
80
x-amz-cf-id
GpstEcnp02ZYXfOTULOUMqUU9VC0nzglDRCGIo4FmrBN1L3C5V3yZA==
x-cache
Hit from cloudfront
index.js
ssl.p.jwpcdn.com/player/services/jwpsrv/v/4/ 		68 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/services/jwpsrv/v/4/index.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/v2/sites/ReDAXyY4/placements/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f733263ba0d482063be46904102884233d3e14ebc2818968db52579a7bdaf83

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:32 GMT
content-encoding
gzip
via
1.1 varnish
age
1966
x-cache
HIT
content-length
20535
x-served-by
cache-yyz4563-YYZ
last-modified
Wed, 13 Dec 2023 06:00:18 GMT
server
AmazonS3
x-timer
S1706028152.024732,VS0,VE0
etag
"1d1853b5560baf12b94fc6c5f4860bd2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
132
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/10276888/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Server
3.161.213.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-3.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 06:50:22 GMT
content-encoding
gzip
via
1.1 ddaa088f1b6b5a9bcdc791a053431534.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:02:23 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
age
35538
x-amz-server-side-encryption
AES256
etag
W/"77ff4ede4693897337a38594321529a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
Mobqg67Ebo1q7nrweZ_ampLYs-Ev_39NSn2dPL0iV_VY3wlxBMcsNQ==

Redirect headers

date
Tue, 23 Jan 2024 16:42:32 GMT
via
1.1 ddaa088f1b6b5a9bcdc791a053431534.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
YUL62-P1
x-cache
Miss from cloudfront
location
/internal-cs/default/beacon.js
content-length
0
x-amz-cf-id
j-341tKR4FQSREOvKvAZoUmcW1ZFvhLRU079xstm-a9xoEv6Qk3chw==
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://canoe.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 04:18:33 GMT
x-content-type-options
nosniff
age
44639
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 04:18:33 GMT
PN_xRfK9oXHga0XdZsg_.woff2
fonts.gstatic.com/s/martel/v10/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/martel/v10/PN_xRfK9oXHga0XdZsg_.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
b52af4f6849257bb609f2078d51dc45ad49c0f9b5ff217cf6f9c1c8afcb9a8df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://canoe.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 10:54:34 GMT
x-content-type-options
nosniff
age
20878
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18860
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:03:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 10:54:34 GMT
NGSpv5_NC0k9P_v6ZUCbLRAHxK1EbiusdUmm.woff2
fonts.gstatic.com/s/heebo/v22/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/heebo/v22/NGSpv5_NC0k9P_v6ZUCbLRAHxK1EbiusdUmm.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
41fa01c782917e3f2c7ec4c60602f471ee628280908b71da13d4b127626ac85b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://canoe.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 07:40:46 GMT
x-content-type-options
nosniff
age
32506
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11076
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:52:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 07:40:46 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://canoe.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 10:05:34 GMT
x-content-type-options
nosniff
age
23818
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 10:05:34 GMT
23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/ 		467 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v94.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64ad8774812be6d5ba993fc09a10b2d4daf6bbf2c4290447e0835dc3c31069ae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:32 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
23dc09d6-b664-425a-a76e-0eed6a6cc102
age
0
x-guploader-uploadid
ABPtcPpkb--sSwioKAcUlEX3rEfwxuLxXduFQ8xk2XNW4rZhj96QcLBnaXeSkgFc6WXP-aWzxAgwy-jDJZv2nJc
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
content-length
118427
last-modified
Wed, 17 Jan 2024 15:11:27 GMT
server
cloudflare
etag
"9104f04147eda21881493bab30a75d3b"
vary
Accept-Encoding
x-goog-generation
1705504287868628
content-type
application/javascript
x-goog-hash
crc32c=zZ2+ww==, md5=kQTwQUftohiBSTurMKddOw==
cache-control
public, max-age=900
x-goog-stored-content-length
118427
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84a17d8ec82b7114-YYZ
expires
Tue, 23 Jan 2024 16:57:32 GMT
3528
config.aps.amazon-adsystem.com/configs/ 		532 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3528
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-46.yul62.r.cloudfront.net
Software
CloudFront /
Resource Hash
b9df090a780c244b84fa12207ec5a14280b6a14393729f2a0561ac183fe05b43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:18 GMT
via
1.1 f7da5d3db9ee44e1812f138a4bdfd564.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
YUL62-C2
age
14
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
532
x-amz-cf-id
WgwJSDkJXVLgJ7hK1VKSlfHa7lgms6kbZwyzNgfRzy71YtbudQC0_Q==
config
c.amazon-adsystem.com/cdn/prod/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3528&u=https%3A%2F%2Fcanoe.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.114.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-114-192.iad61.r.cloudfront.net
Software
Server /
Resource Hash
55e2dcc70dcb2cd2dd134dcbfc9ea460d3dce79a667191d9618bb708f9619c63

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 11:35:02 GMT
via
1.1 1448cc53c16b560cf86c5348358d4682.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD61-P2
age
18449
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://canoe.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1112
x-amz-cf-id
NTATJnP8xU91v6h_HUVhWaZdSgLO7eMdhtckNxWRjBE_q1tqfpSH0g==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.114.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-114-192.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:18:10 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 362048055e32798c3baf11d093fb4a46.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD61-P2
age
1463
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
rKmZiptoCIHmHNJqhJFmCV8NJtWn6Kjdh4KgdrU-81kBhq1Ol2iI0A==
14648-pbjs-floors.json
ads.rubiconproject.com/floors/ 		83 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/floors/14648-pbjs-floors.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.2.235 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-2-235.deploy.static.akamaitechnologies.com
Software
Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash
3f52e3d7ea27d46d7295964ff0fa222267950377162591262a8cbfe7c8d7c5ab

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 16:42:32 GMT
content-encoding
gzip
last-modified
Tue, 23 Jan 2024 15:40:31 GMT
server
Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1500
access-control-allow-credentials
true
accept-ranges
bytes
content-length
6490
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240123
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7bef437be0c5802131ee139b165bb3cba663c8caf738532d47a8a00f28c6a726
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 23 Jan 2024 16:42:32 GMT
x-content-type-options
nosniff
content-encoding
br
age
2502
x-jsd-version
1.0.1944
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
844
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4540-YYZ
x-jsd-version-type
version
etag
W/"642-hTGB73cYXqycecG4wyoNZyPINGs"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/ 		430 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
5dd0b5724f4bbac4bd58de274236fce36135ce302364b3b8ff5c4c3631e81139
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:40:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
104
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138095
x-xss-protection
0
server
cafe
etag
16105826302836755247
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 22 Jan 2025 16:40:48 GMT
mah-jong-quest
entertainment.service.amuniversal.com/content/ Frame 998E 		26 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://entertainment.service.amuniversal.com/content/mah-jong-quest?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BIskZvTaoc44BYsaqYAFseu06yEkzUnsY7cObOpAez%2BUfuw4IVdMbT%0Au6fng9IZIDQFkYPAK6AYeg%3D%3D&embed_type=puzzle&template_type=default
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/assets/application-client.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.6.101.151 Lavaca, United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS
Software
/
Resource Hash
ebc902ac73d375ad33971bc8f92fd948cc0fd6bba1d1881b8c5437e9a0a8950b
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Referer
https://canoe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, private, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
6117
Content-Type
text/html; charset=utf-8
Date
Tue, 23 Jan 2024 16:42:32 GMT
ETag
W/"ebc902ac73d375ad33971bc8f92fd948-gzip"
Keep-Alive
timeout=5, max=90
Status
200 OK
Vary
Accept-Encoding
X-Frame-Options
ALLOWALL
X-Request-Id
210dacdf-2652-45b3-9936-11f65d3353c5
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.4.232.54 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-4-232-54.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:32 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
x-serial
1
x-check-cacheable
YES
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
x-akamai-pragma-client-ip
10.44.130.72, 4.7.166.99
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Tue, 23 Jan 2024 16:57:32 GMT
ima.js
cdn-ima.33across.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ima.js
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
497d93c13f61bf8214719cab3a9d1b3b58d84009d36b640f12e257b733fb249a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:32 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Dec 2023 19:21:35 GMT
server
cloudflare
age
506227
etag
W/"65833ebf-2810"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
84a17d8f9e80a1ed-YYZ
expires
Fri, 26 Jan 2024 16:42:32 GMT
icon-soc-fb.svg
dcs-static.gprod.postmedia.digital/15.2.1/websites/images/share-icons/ 		775 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/15.2.1/websites/images/share-icons/icon-soc-fb.svg
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
40e562e806ce113ae7879d0dd76db82797b5c274794751c260381f2c8b283641

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:11:34 GMT
x-goog-meta-goog-reserved-file-mtime
1704399610
age
1117858
x-guploader-uploadid
ABPtcPqm-SZb5gXlcJru8JT47G23yayfxdZ_YBgNGQWhnNEujGwKHUoIsc2yDt4qEmwy-Ozp0yf0A5QYgbUWigE
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
775
last-modified
Wed, 10 Jan 2024 18:01:38 GMT
server
UploadServer
etag
"993353c51244defcc16154eac23ff88d"
x-goog-generation
1704909698838210
x-goog-hash
crc32c=Z/aKUg==, md5=mTNTxRJE3vzBYVTqwj/4jQ==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
775
accept-ranges
bytes
icon-soc-tw-white.svg
dcs-static.gprod.postmedia.digital/15.2.1/websites/images/share-icons/ 		575 B
810 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/15.2.1/websites/images/share-icons/icon-soc-tw-white.svg
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9e163e69a01d2ce1e0c682f1a658dfcda7ea0ce2fd370d697a4a9285c86ef6eb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:11:34 GMT
x-goog-meta-goog-reserved-file-mtime
1704399610
age
1117858
x-guploader-uploadid
ABPtcPqGnmXwmE3Bhv9z-vNARAL-WD5FKhBzvDVahiXRC6S3rDp0uA38OEk9_yKEnjKh80gX3V0KV6Zp28UqGbJygY0o054y55RB
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
575
last-modified
Wed, 10 Jan 2024 18:01:38 GMT
server
UploadServer
etag
"962f9e913be056fe4b2f24db6048e72f"
x-goog-generation
1704909698997233
x-goog-hash
crc32c=Lzt2WA==, md5=li+ekTvgVv5LLyTbYEjnLw==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
575
accept-ranges
bytes
player-event
events.qortex.ai/api/v1/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: tags.qortex.ai
URL: https://tags.qortex.ai/bootstrapper?group-id=VOasUCJt3E6ILpo1BnYrpw&video-container=.jw-wrapper&continuous-load=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.1.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 23 Jan 2024 16:42:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nj44M5pr%2BE2AqcevEho0VQaHmpYQOC6hZ9cNffX0iKSFXbqsgEQj7zKZVRbca%2BwBo12Q7eYtWWhdx3s0hCqti0fnYSZA9%2BdT%2FA9YfskbMIA8bWcEoWPco6x2jOIA9WBV280%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
84a17d8fa8cb36c3-YYZ
content-length
0
cx-bootstrapper-init
tags.qortex.ai/cxo/ 		49 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.qortex.ai/cxo/cx-bootstrapper-init
Requested by
Host: tags.qortex.ai
URL: https://tags.qortex.ai/bootstrapper?group-id=VOasUCJt3E6ILpo1BnYrpw&video-container=.jw-wrapper&continuous-load=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ba7e0e72735ea304bac8a43e87c2da1b7ee2d6705e8548a2fde134beb08d7b48

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2024 16:46:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
58
etag
W/"122"
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E6AsHLHY2fiqZMcMwBemgEvkGjddZMF0OqLha5Eo%2Fr419TwPOyejMLZ7KFPyXwevOuwqfPh3nExTeCrNnji%2FZQojsDzOxnKnPyVc6XFSb4qWIEtwlEAjlP54Ih1RRFBA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
84a17d8f6e1039f0-YYZ
init-3392tkd9ir9ggbv3f0mu.js
api.fouanalytics.com/api/ 		0
488 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.fouanalytics.com/api/init-3392tkd9ir9ggbv3f0mu.js
Requested by
Host: tags.qortex.ai
URL: https://tags.qortex.ai/bootstrapper?group-id=VOasUCJt3E6ILpo1BnYrpw&video-container=.jw-wrapper&continuous-load=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.97.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3G%2B0qSLVctN0a2UheD5SqpWtfln5KYmIglIK1eS1xUqfclAXSD%2BIvSVCDxeE8t1UCoJYds9f3T4a9kr3Kn3CTa2NJ2cthvKHgcAhjAlqKacVCUZutwtZgYIrMLmL%2FzfdQSvQOs02SA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
cf-ray
84a17d8fe8714345-EWR
alt-svc
h3=":443"; ma=86400
expires
0
noscript-3392tkd9ir9ggbv3f0mu.gif
api.fouanalytics.com/api/ 		0
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.fouanalytics.com/api/noscript-3392tkd9ir9ggbv3f0mu.gif
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.97.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mBxhajruwad3kt3EKcJXFIUB8UnOPPIYT7hDuXyiu0rKWxQJ8kpzkPhBxM28fMosWa8eYv04UwcXAALMD00K2bgpUTGzZkC2umdqHCncYJ7poVHLKkM9TsqPItZOfMprZRGBNEszMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
cf-ray
84a17d8fe8744345-EWR
alt-svc
h3=":443"; ma=86400
expires
0
xd.html
fem.gprod.postmedia.digital/v94.0/ Frame 8C1A 		165 B
438 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v94.0/xd.html
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v94.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
08a6364cc8a5ea74bba1d5286957fc821d303eacb1608e08537f0306f354bafa

Request headers

Referer
https://canoe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1127592
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=31622400
content-length
165
content-type
text/html
date
Wed, 10 Jan 2024 15:29:20 GMT
etag
"5401749c174d17b1ae1237ec1b921d9c"
last-modified
Tue, 02 Jan 2024 21:03:45 GMT
server
UploadServer
x-cache-hit
hit
x-goog-generation
1704229425265892
x-goog-hash
crc32c=BuyMXg== md5=VAF0nBdNF7GuEjfsG5IdnA==
x-goog-meta-goog-reserved-file-mtime
1704229360
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
165
x-guploader-uploadid
ABPtcPrfntUvfCi_4Ro3Fi3sRhiwQzC3aoqVHkKeZYC93AxwUK6Y9-cSLj3JlV7eTR52AbsVy5NJyBXeyG_ldPMKg4-gfA
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=10276888&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1706028152224&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F%3Famu%3D%2Fmah-jong-quest&c8=Puzzl...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1706028152224&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F%3Famu%3D%2Fmah-jong-quest&c8=Puzz...
0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1706028152224&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F%3Famu%3D%2Fmah-jong-quest&c8=Puzzles%20and%20Games%20%7C%20Canoe.Com&c9=
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Server
3.161.213.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-3.yul62.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:32 GMT
via
1.1 ddaa088f1b6b5a9bcdc791a053431534.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
YUL62-P1
x-amz-cf-id
3WEzCzJmeyJQGMzZMUQRvmi0Pzjn0zhPN1k-F5C3fWvuJy258XF2Zw==
x-cache
Miss from cloudfront

Redirect headers

date
Tue, 23 Jan 2024 16:42:32 GMT
via
1.1 ddaa088f1b6b5a9bcdc791a053431534.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
YUL62-P1
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=10276888&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1706028152224&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F%3Famu%3D%2Fmah-jong-quest&c8=Puzzles%20and%20Games%20%7C%20Canoe.Com&c9=
content-length
0
x-amz-cf-id
2wLxOi3nEaxG9iOvMYBj3hlXhJXRjeEdahWspgo7qJa2GA_84R8y8w==
xd.js
fem.gprod.postmedia.digital/v94.0/ Frame 8C1A 		67 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v94.0/xd.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v94.0/xd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2d91504858b1adf23a9a4605b6a1ba64a5c8358d22bd070b521d6d3624e4ddd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fem.gprod.postmedia.digital/v94.0/xd.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 15:29:20 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1704229360
age
1127592
x-guploader-uploadid
ABPtcPpf5nelbVdcoZSXtWvU_LPOZEEsMcsVYLfksLAD_ufh0Cw9yYgWB76YZuXaqq0SK3AEL3HG6_Zq
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21169
last-modified
Tue, 02 Jan 2024 21:03:45 GMT
server
UploadServer
etag
W/"6587ec1d632745722a6cbdda763c7c55"
vary
Accept-Encoding
x-goog-generation
1704229425299926
x-goog-hash
crc32c=6uqRIw==, md5=ZYfsHWMnRXIqbL3adjx8VQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
68978
accept-ranges
none
1193ab1b423b6539df7b4.js
dcs-static.gprod.postmedia.digital/15.2.1/websites/js/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.2.1/websites/js/1193ab1b423b6539df7b4.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.2.1/CACHE/js/shared.2985cfdc4158.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3f7c2b147316b3286f816d1d85c0d2c539ce8be5b6b851443f5bc0c6274a03f1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:11:18 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1704399608
age
1117874
x-guploader-uploadid
ABPtcPpoTSJtIP6hpdOQUMtUk6zoxoRuEy2GiEq-6brzLLLKNIyiiuViXCa0RN6-4kCdm29GCUvIqHYITnMiEOrrD1qr6Jm53lHw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4390
last-modified
Wed, 10 Jan 2024 18:01:40 GMT
server
UploadServer
etag
W/"b7125612c91b8bc7d44febc13c01cee2"
vary
Accept-Encoding
x-goog-generation
1704909700590282
x-goog-hash
crc32c=ylNeow==, md5=txJWEskbi8fUT+vBPAHO4g==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
15526
accept-ranges
none
a22185a71907d8927c8537.js
dcs-static.gprod.postmedia.digital/15.2.1/websites/js/ 		224 B
253 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.2.1/websites/js/a22185a71907d8927c8537.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.2.1/CACHE/js/shared.2985cfdc4158.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e6214b2559f67192d41d07d928357497936f068d2953d63646bbfe104b1d68c5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:11:18 GMT
x-goog-meta-goog-reserved-file-mtime
1704399609
age
1117874
x-guploader-uploadid
ABPtcPqLV82wnHdLvVNS5P6lpLxYf4vIjHaQefsty7ZR-vt8DMdE_4S24_02dEkzWDIbWP5vrVYzlACKiGHthW4
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
224
last-modified
Wed, 10 Jan 2024 18:01:43 GMT
server
UploadServer
etag
"4ee0e989a064cf6630bf9ebee4879191"
x-goog-generation
1704909703373459
x-goog-hash
crc32c=jUJANA==, md5=TuDpiaBkz2Ywv56+5IeRkQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
224
accept-ranges
bytes
7380f428297495c9787e0.js
dcs-static.gprod.postmedia.digital/15.2.1/websites/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.2.1/websites/js/7380f428297495c9787e0.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.2.1/CACHE/js/shared.2985cfdc4158.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8d3d191d44b6a042adb3ac86d403f8eaa0f7d28056ce74fb3ec3bc65aff5178f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 23:36:31 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1704399609
age
1011961
x-guploader-uploadid
ABPtcPoQ8L4BnilIquR6Ni64b6A99wp2pbB-a3q0QlgDAeW7s4JZ9wuk4Wf-nrs6saCawyQ1vRAHfDxuJnIijMS4s7YSsw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2823
last-modified
Wed, 10 Jan 2024 18:01:43 GMT
server
UploadServer
etag
W/"16a345a6eb36c4391df09d45582d99e7"
vary
Accept-Encoding
x-goog-generation
1704909703139777
x-goog-hash
crc32c=eCv7Ug==, md5=FqNFpus2xDkd8J1FWC2Z5w==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
6981
accept-ranges
none
4f4d1628a8065ccff16624.js
dcs-static.gprod.postmedia.digital/15.2.1/websites/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.2.1/websites/js/4f4d1628a8065ccff16624.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.2.1/CACHE/js/shared.2985cfdc4158.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
43a42702c59bc37d11cb776ffd904de25fe945c6028ef290dabfd0e977a88366

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:11:18 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1704399609
age
1117874
x-guploader-uploadid
ABPtcPq9pV8O5LWPWFIjLP1NApMqs_44LAkRRny003YHh2mbDeArdrMD0SLqbBOfd0cE0ACimP7OVSrzQ6cyML8caC0dPTXGzgUt
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2085
last-modified
Wed, 10 Jan 2024 18:01:42 GMT
server
UploadServer
etag
W/"c6326d88acc6beb06cf9db5fffaee6c6"
vary
Accept-Encoding
x-goog-generation
1704909702545418
x-goog-hash
crc32c=hqW8ug==, md5=xjJtiKzGvrBs+dtf/67mxg==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
6047
accept-ranges
none
pub
pixel.adsafeprotected.com/services/ 		567 B
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=928934&slot=%7Bid:ad-1,ss:%5B1200.90,970.90,728.90%5D,p:/3081/SMCO_CPTL_CAN_EN_WEB/life/diversions/puzzles/index,t:display%7D&slot=%7Bid:ad-rr1,ss:%5B300.250,300.600,300.1050%5D,p:/3081/SMCO_CPTL_CAN_EN_WEB/life/diversions/puzzles/index,t:display%7D&slot=%7Bid:ad-2,ss:%5B6.6,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_CPTL_CAN_EN_WEB/life/diversions/puzzles/index,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=f81572b8-3de3-1e01-c129-d3b31daf9289&url=https%253A%252F%252Fcanoe.com%252Fpuzzles%252F%253Famu%253D%252Fmah-jong-quest
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.141.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-141-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
eb79fe4c0d5acf64766230f6bab29b40f0c37ed56710dbae8d6689aa6f1ccc8e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:32 GMT
server
nginx
x-server-name
app58.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://canoe.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
bid
aax.amazon-adsystem.com/e/dtb/ 		189 B
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3528&u=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F%3Famu%3D%2Fmah-jong-quest&pid=5e3xYn9oQKlF8&cb=0&ws=1600x1200&v=24.116.2102&t=2000&slots=%5B%7B%22sd%22%3A%22ad-1%22%2C%22s%22%3A%5B%221200x90%22%2C%22970x90%22%2C%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22ad-rr1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x1050%22%5D%7D%2C%7B%22sd%22%3A%22ad-2%22%2C%22s%22%3A%5B%226x6%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.199.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-199-75.yul62.r.cloudfront.net
Software
Server /
Resource Hash
a8277b69a2582f48ef7806fff1bffd21c0189ff23106b6a459ab3125aad73996
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:33 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 56afed1ff867622bc96040c761f69a64.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-C1
x-amz-rid
H1SQT45C0NRZSKJ27P20
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://canoe.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
189
x-amz-cf-id
HWy7cB1NOt8dqDHmdcijC8_QrzZn97dEvpVAtERBu73vuzB5aii0zQ==
publishertag.ids.js
static.criteo.net/js/ld/ 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
885cb38c43b35c7ff9befe60f6c96f653d15befa0770f5f2ea0ea5cbc5d03a68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 18 Jan 2024 07:12:05 GMT
server
nginx
etag
W/"65a8cf45-a585"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 24 Jan 2024 16:42:32 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.46.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-46-85.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 23:31:12 GMT
content-encoding
gzip
via
1.1 bdf2aab533e801e16a7a135842a2ee18.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P2
age
61882
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
HU6oQ-bkyfGbJXh2zZJRCuKqpNMfFX-buXMQqJZhTMGOD1ebSCmiBg==
ob.js
cdn-ima.33across.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:32 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Dec 2023 19:21:40 GMT
server
cloudflare
age
506227
etag
W/"65833ec4-2d18"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
84a17d904fa2a1ed-YYZ
expires
Fri, 26 Jan 2024 16:42:32 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
815 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 23 Jan 2024 16:42:32 GMT
x-content-type-options
nosniff
content-encoding
br
age
32466
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230042-FRA, cache-yyz4564-YYZ
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:32 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
32ec4948c0bb14d84a265f8471c8bf8e
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 02:15:51 GMT
content-encoding
gzip
age
1175201
x-guploader-uploadid
ABPtcPpu7wC6ouaYbu8xfBkFfeFjIzRIxkDigAAT2bfsJrQpd7GTbO684qLPYF0AaOvvj3f9SD3ujqZQpkbC405Iv0MSKotPw7LU
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Thu, 09 Jan 2025 02:15:51 GMT
pxid
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/ 		46 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/pxid?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
686278006237fa351c954c930a81b385e9267fe8ed2854504193bc6d46e5152e

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 16:42:33 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://canoe.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
getuidj
ib.adnxs.com/ 		11 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:33 GMT
an-x-request-uuid
8d96a236-1997-44df-b32d-0e915be71fe8
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://canoe.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
86.48.15.240; 86.48.15.240; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
application-uu-79b8bc5284ce122857feca100bbb6d6ed8c6b96bb7942a276e418e30a466f74c.css
entertainment.service.amuniversal.com/assets/ Frame 998E 		256 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://entertainment.service.amuniversal.com/assets/application-uu-79b8bc5284ce122857feca100bbb6d6ed8c6b96bb7942a276e418e30a466f74c.css
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/content/mah-jong-quest?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BIskZvTaoc44BYsaqYAFseu06yEkzUnsY7cObOpAez%2BUfuw4IVdMbT%0Au6fng9IZIDQFkYPAK6AYeg%3D%3D&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.6.101.151 Lavaca, United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS
Software
/
Resource Hash
b260521dc91bb9be40d0cb9e8ae37b39c94703b68d7d29cbcd5aad0922665a83

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/content/mah-jong-quest?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BIskZvTaoc44BYsaqYAFseu06yEkzUnsY7cObOpAez%2BUfuw4IVdMbT%0Au6fng9IZIDQFkYPAK6AYeg%3D%3D&embed_type=puzzle&template_type=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:42:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Feb 2022 22:25:13 GMT
ETag
"3fed0-5d82a1f8b4440-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
33843
theme-plugins-f1fc7fe6169405625fd46a53184cbfae4e50f0dd9923ee73abba444a738a4b4a.css
entertainment.service.amuniversal.com/assets/ Frame 998E 		52 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://entertainment.service.amuniversal.com/assets/theme-plugins-f1fc7fe6169405625fd46a53184cbfae4e50f0dd9923ee73abba444a738a4b4a.css
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/content/mah-jong-quest?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BIskZvTaoc44BYsaqYAFseu06yEkzUnsY7cObOpAez%2BUfuw4IVdMbT%0Au6fng9IZIDQFkYPAK6AYeg%3D%3D&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.6.101.151 Lavaca, United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS
Software
/
Resource Hash
c62298477bd42f1c46d68b84e392835c73934351c1575fc42e913a5ea0500e42

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/content/mah-jong-quest?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BIskZvTaoc44BYsaqYAFseu06yEkzUnsY7cObOpAez%2BUfuw4IVdMbT%0Au6fng9IZIDQFkYPAK6AYeg%3D%3D&embed_type=puzzle&template_type=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:42:32 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Nov 2020 18:28:00 GMT
ETag
"cec4-5b5572b7dcc00-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
8026
application-uu-2134742a119db4aaaa1b97530e584110627c9024c1c8e8301375238ea92b687d.js
entertainment.service.amuniversal.com/assets/ Frame 998E 		226 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://entertainment.service.amuniversal.com/assets/application-uu-2134742a119db4aaaa1b97530e584110627c9024c1c8e8301375238ea92b687d.js
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/content/mah-jong-quest?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BIskZvTaoc44BYsaqYAFseu06yEkzUnsY7cObOpAez%2BUfuw4IVdMbT%0Au6fng9IZIDQFkYPAK6AYeg%3D%3D&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.6.101.151 Lavaca, United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS
Software
/
Resource Hash
2134742a119db4aaaa1b97530e584110627c9024c1c8e8301375238ea92b687d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/content/mah-jong-quest?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BIskZvTaoc44BYsaqYAFseu06yEkzUnsY7cObOpAez%2BUfuw4IVdMbT%0Au6fng9IZIDQFkYPAK6AYeg%3D%3D&embed_type=puzzle&template_type=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:42:32 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Dec 2023 21:28:00 GMT
ETag
"389ed-60c429bb57800-gzip"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
small_hero.png
avatar.amuniversal.com/feature_avatars/hero_images/features/iwbtq/ Frame 998E 		133 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatar.amuniversal.com/feature_avatars/hero_images/features/iwbtq/small_hero.png
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/content/mah-jong-quest?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BIskZvTaoc44BYsaqYAFseu06yEkzUnsY7cObOpAez%2BUfuw4IVdMbT%0Au6fng9IZIDQFkYPAK6AYeg%3D%3D&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.185.177.205 Monrovia, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
8688fdf6e3efd80df384cc29676c43037fd0f408473d3ffc39784e409478f66b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:42:32 GMT
Via
1.1 PS-DFW-01ItT28:9 (W), 1.1 PSmgasbIAD1pb76:16 (W)
Last-Modified
Wed, 10 Aug 2016 14:04:18 GMT
Server
PWS/8.3.1.0.8
Age
29509
ETag
"2132a-539b820132443"
X-Ws-Request-Id
65afec78_PSmgasbIAD1pb76_12191-2118
Content-Type
image/png
Cache-Control
max-age=604800
X-Px
ht PSmgasbIAD1pb76IAD
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
135978
small_hero.png
avatar.amuniversal.com/feature_avatars/hero_images/features/iwjq/ Frame 998E 		154 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatar.amuniversal.com/feature_avatars/hero_images/features/iwjq/small_hero.png
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/content/mah-jong-quest?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BIskZvTaoc44BYsaqYAFseu06yEkzUnsY7cObOpAez%2BUfuw4IVdMbT%0Au6fng9IZIDQFkYPAK6AYeg%3D%3D&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.185.177.205 Monrovia, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
29f1bc9eb6cbe5424450fcdbc1a8e67f6ededb34efc7ff957138efcac658551d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:42:32 GMT
Via
1.1 PS-IAD-01kGb234:4 (W), 1.1 PSmgasbIAD1pb76:17 (W)
Last-Modified
Wed, 09 Dec 2015 19:58:58 GMT
Server
PWS/8.3.1.0.8
Age
10087
ETag
"267e7-5267c855555d9"
X-Ws-Request-Id
65afec78_PSmgasbIAD1pb76_12815-46268
Content-Type
image/png
Cache-Control
max-age=604800
X-Px
ht PSmgasbIAD1pb76IAD
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
157671
ACg8ocLrnCUX4QHBVVHmzZ_XcS5oK1ItC6boPLARUTb20SRO=s96-c
lh3.googleusercontent.com/a/ Frame 998E 		810 B
879 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/a/ACg8ocLrnCUX4QHBVVHmzZ_XcS5oK1ItC6boPLARUTb20SRO=s96-c
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/content/mah-jong-quest?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BIskZvTaoc44BYsaqYAFseu06yEkzUnsY7cObOpAez%2BUfuw4IVdMbT%0Au6fng9IZIDQFkYPAK6AYeg%3D%3D&embed_type=puzzle&template_type=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
fife /
Resource Hash
4c6b6c8da20edd569432113f173f867bfaa101f8740a40c256b7eb4ed74e87ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:48 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
810
x-xss-protection
0
expires
Wed, 24 Jan 2024 16:42:48 GMT
ACg8ocKhRq3IPw7-UejnfQeAnyG8Rf_y8HCnHBFeVzD9v8kPCC0=s96-c
lh3.googleusercontent.com/a/ Frame 998E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/a/ACg8ocKhRq3IPw7-UejnfQeAnyG8Rf_y8HCnHBFeVzD9v8kPCC0=s96-c
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/content/mah-jong-quest?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BIskZvTaoc44BYsaqYAFseu06yEkzUnsY7cObOpAez%2BUfuw4IVdMbT%0Au6fng9IZIDQFkYPAK6AYeg%3D%3D&embed_type=puzzle&template_type=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
fife /
Resource Hash
dbca2740bb00affd001d40381dfce11695a3e7918462dd18a0ed20cfd7bc54f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 13:49:36 GMT
x-content-type-options
nosniff
age
10392
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2764
x-xss-protection
0
server
fife
etag
"v2792"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 24 Jan 2024 13:49:36 GMT
ACg8ocIoJBo4oUDgNmlHR4co2i_iKsHGhcu4bXY7GTJnVkTp=s96-c
lh3.googleusercontent.com/a/ Frame 998E 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/a/ACg8ocIoJBo4oUDgNmlHR4co2i_iKsHGhcu4bXY7GTJnVkTp=s96-c
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/content/mah-jong-quest?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BIskZvTaoc44BYsaqYAFseu06yEkzUnsY7cObOpAez%2BUfuw4IVdMbT%0Au6fng9IZIDQFkYPAK6AYeg%3D%3D&embed_type=puzzle&template_type=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
fife /
Resource Hash
e4a65c0f597590122673ee0b23d6bb6d4f4368941c8f1ec2fc5dce1f1c262407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:48 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1062
x-xss-protection
0
expires
Wed, 24 Jan 2024 16:42:48 GMT
small_hero.png
avatar.amuniversal.com/feature_avatars/hero_images/features/iwmm/ Frame 998E 		168 KB
169 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatar.amuniversal.com/feature_avatars/hero_images/features/iwmm/small_hero.png
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/content/mah-jong-quest?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BIskZvTaoc44BYsaqYAFseu06yEkzUnsY7cObOpAez%2BUfuw4IVdMbT%0Au6fng9IZIDQFkYPAK6AYeg%3D%3D&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.185.177.205 Monrovia, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
2e30db2c675882741e60a0845ba1beef26f2a45690cbd870f4d7a7dec6411634

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:42:32 GMT
Via
1.1 PS-IAD-01v1h233:4 (W), 1.1 PSmgasbIAD1pb76:13 (W)
Last-Modified
Tue, 09 Aug 2016 16:22:28 GMT
Server
PWS/8.3.1.0.8
Age
596240
ETag
"2a184-539a5f059d2f1"
X-Ws-Request-Id
65afec78_PSmgasbIAD1pb76_12815-46274
Content-Type
image/png
Cache-Control
max-age=604800
X-Px
ht PSmgasbIAD1pb76IAD
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
172420
small_hero.png
avatar.amuniversal.com/feature_avatars/hero_images/features/iwbt/ Frame 998E 		139 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatar.amuniversal.com/feature_avatars/hero_images/features/iwbt/small_hero.png
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/content/mah-jong-quest?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BIskZvTaoc44BYsaqYAFseu06yEkzUnsY7cObOpAez%2BUfuw4IVdMbT%0Au6fng9IZIDQFkYPAK6AYeg%3D%3D&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.185.177.205 Monrovia, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
c954edb6430c4b312e6f09ec5cfb2b31c167aaff1550014809a79417d027221c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:42:32 GMT
Via
1.1 PS-DFW-01ItT28:2 (W), 1.1 PSmgasbIAD1pb76:17 (W)
Last-Modified
Wed, 09 Dec 2015 16:26:03 GMT
Server
PWS/8.3.1.0.8
Age
495806
ETag
"22b18-526798be711fb"
X-Ws-Request-Id
65afec78_PSmgasbIAD1pb76_12815-46276
Content-Type
image/png
Cache-Control
max-age=604800
X-Px
ht PSmgasbIAD1pb76IAD
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
142104
ACg8ocLz9bBmXXM15AIFcrM4JCpZ0J8fcxMBkMzDuf9n2zSKLyQ=s96-c
lh3.googleusercontent.com/a/ Frame 998E 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/a/ACg8ocLz9bBmXXM15AIFcrM4JCpZ0J8fcxMBkMzDuf9n2zSKLyQ=s96-c
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/content/mah-jong-quest?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BIskZvTaoc44BYsaqYAFseu06yEkzUnsY7cObOpAez%2BUfuw4IVdMbT%0Au6fng9IZIDQFkYPAK6AYeg%3D%3D&embed_type=puzzle&template_type=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
fife /
Resource Hash
0eb82b5bfb09b6802b3fcc15cf5a9d11687ae0e1348867e68f22965900bb0282
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:23:53 GMT
x-content-type-options
nosniff
age
1135
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5147
x-xss-protection
0
server
fife
etag
"v16d"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 24 Jan 2024 16:23:53 GMT
ACg8ocJyFmkLp9GJhJSOmcSbnTlY78ERqie7xM6udcZUvLTk=s96-c
lh3.googleusercontent.com/a/ Frame 998E 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/a/ACg8ocJyFmkLp9GJhJSOmcSbnTlY78ERqie7xM6udcZUvLTk=s96-c
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/content/mah-jong-quest?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BIskZvTaoc44BYsaqYAFseu06yEkzUnsY7cObOpAez%2BUfuw4IVdMbT%0Au6fng9IZIDQFkYPAK6AYeg%3D%3D&embed_type=puzzle&template_type=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
fife /
Resource Hash
ea6e3a3460f4dad3f9b94d461d6b177d8b0b4b7720b80ba583b076d2e3df46cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:48 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
x-xss-protection
0
expires
Wed, 24 Jan 2024 16:42:48 GMT
ACg8ocLtmrKFPEHFihWh-ZRjfzgpBa8V3JOHvNx2yvU-dN5KN3tP=s96-c
lh3.googleusercontent.com/a/ Frame 998E 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/a/ACg8ocLtmrKFPEHFihWh-ZRjfzgpBa8V3JOHvNx2yvU-dN5KN3tP=s96-c
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/content/mah-jong-quest?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BIskZvTaoc44BYsaqYAFseu06yEkzUnsY7cObOpAez%2BUfuw4IVdMbT%0Au6fng9IZIDQFkYPAK6AYeg%3D%3D&embed_type=puzzle&template_type=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
fife /
Resource Hash
430090125ef811071a57dbeea484ed986fba1a94791a73911c552f8ad322ff45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:48 GMT
x-content-type-options
nosniff
server
fife
etag
"vb774"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19486
x-xss-protection
0
expires
Wed, 24 Jan 2024 16:42:48 GMT
small_hero.png
avatar.amuniversal.com/feature_avatars/hero_images/features/iwfcx/ Frame 998E 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatar.amuniversal.com/feature_avatars/hero_images/features/iwfcx/small_hero.png
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/content/mah-jong-quest?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BIskZvTaoc44BYsaqYAFseu06yEkzUnsY7cObOpAez%2BUfuw4IVdMbT%0Au6fng9IZIDQFkYPAK6AYeg%3D%3D&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.185.177.205 Monrovia, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
fa7d5a0d00d6589d5b9047aa2339163fa3629a9ad6a98dac0ca8b939b8089866

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:42:32 GMT
Via
1.1 PSmglsjLAX2ay162:4 (W), 1.1 PSmgasbIAD1pb76:18 (W)
Last-Modified
Fri, 22 Jan 2016 16:48:27 GMT
Server
PWS/8.3.1.0.8
Age
145664
ETag
"182e1-529eefd08da86"
X-Ws-Request-Id
65afec78_PSmgasbIAD1pb76_12191-2127
Content-Type
image/png
Cache-Control
max-age=604800
X-Px
ht PSmgasbIAD1pb76IAD
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
99041
ACg8ocJdzWpYbPrvU9xWpGSBKxwzuK_I3NJAWfMInFapw0KVmHE=s96-c
lh3.googleusercontent.com/a/ Frame 998E 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/a/ACg8ocJdzWpYbPrvU9xWpGSBKxwzuK_I3NJAWfMInFapw0KVmHE=s96-c
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/content/mah-jong-quest?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BIskZvTaoc44BYsaqYAFseu06yEkzUnsY7cObOpAez%2BUfuw4IVdMbT%0Au6fng9IZIDQFkYPAK6AYeg%3D%3D&embed_type=puzzle&template_type=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
fife /
Resource Hash
72cb3bda94611a2e8e2be0d79afad124b074286afa29d04d04e8cfffbbeb33b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 14:10:10 GMT
x-content-type-options
nosniff
age
9158
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20486
x-xss-protection
0
server
fife
etag
"v392"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 24 Jan 2024 14:10:10 GMT
ACg8ocLqIHbieQ-5uqOI1EJFkBxaEBFQQ-l26MDI05L8qUNR=s96-c
lh3.googleusercontent.com/a/ Frame 998E 		804 B
893 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/a/ACg8ocLqIHbieQ-5uqOI1EJFkBxaEBFQQ-l26MDI05L8qUNR=s96-c
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/content/mah-jong-quest?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BIskZvTaoc44BYsaqYAFseu06yEkzUnsY7cObOpAez%2BUfuw4IVdMbT%0Au6fng9IZIDQFkYPAK6AYeg%3D%3D&embed_type=puzzle&template_type=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
fife /
Resource Hash
345a15554e6c204f0e93d9ff074448a8e96a4dc09032551f84ce21f95de0fdb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 14:10:40 GMT
x-content-type-options
nosniff
server
fife
age
9128
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
804
x-xss-protection
0
expires
Wed, 24 Jan 2024 14:10:40 GMT
ACg8ocIdyCz2pL59OnfZ7ccA0ICQ73KpS7ImRnDM46gFZHOd=s96-c
lh3.googleusercontent.com/a/ Frame 998E 		411 B
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/a/ACg8ocIdyCz2pL59OnfZ7ccA0ICQ73KpS7ImRnDM46gFZHOd=s96-c
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/content/mah-jong-quest?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BIskZvTaoc44BYsaqYAFseu06yEkzUnsY7cObOpAez%2BUfuw4IVdMbT%0Au6fng9IZIDQFkYPAK6AYeg%3D%3D&embed_type=puzzle&template_type=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
fife /
Resource Hash
9c4ce7d1d6f0b160a0fe211bc4eb29ffc2e67d3ec2de4f381ef177f24fac4d49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 13:11:39 GMT
x-content-type-options
nosniff
server
fife
age
12669
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
411
x-xss-protection
0
expires
Wed, 24 Jan 2024 13:11:39 GMT
small_hero.png
avatar.amuniversal.com/feature_avatars/hero_images/features/iwsudoc/ Frame 998E 		80 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatar.amuniversal.com/feature_avatars/hero_images/features/iwsudoc/small_hero.png
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/content/mah-jong-quest?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BIskZvTaoc44BYsaqYAFseu06yEkzUnsY7cObOpAez%2BUfuw4IVdMbT%0Au6fng9IZIDQFkYPAK6AYeg%3D%3D&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.185.177.205 Monrovia, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
ee798d6580dbc795274caa6a773f304c8a6f3ac395d83e2d4bb8233155447779

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:42:33 GMT
Via
1.1 PS-IAD-01X29235:2 (W), 1.1 PSmgasbIAD1pb76:16 (W)
Last-Modified
Fri, 22 Jan 2016 22:00:51 GMT
Server
PWS/8.3.1.0.8
Age
143700
ETag
"14088-529f35a3c3490"
X-Ws-Request-Id
65afec79_PSmgasbIAD1pb76_12191-2133
Content-Type
image/png
Cache-Control
max-age=604800
X-Px
ht PSmgasbIAD1pb76IAD
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
82056
ACg8ocKewSX8dK5d_5-xb9VaZM5ODN6x5Rk12YGUlXW8_Q7Ujg=s96-c
lh3.googleusercontent.com/a/ Frame 998E 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/a/ACg8ocKewSX8dK5d_5-xb9VaZM5ODN6x5Rk12YGUlXW8_Q7Ujg=s96-c
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/content/mah-jong-quest?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BIskZvTaoc44BYsaqYAFseu06yEkzUnsY7cObOpAez%2BUfuw4IVdMbT%0Au6fng9IZIDQFkYPAK6AYeg%3D%3D&embed_type=puzzle&template_type=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
fife /
Resource Hash
14e55a3e22f2b9efee792491d7dc1842f8a9692f2a6fe79dcadba2d367009ecd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 13:41:39 GMT
x-content-type-options
nosniff
age
10869
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7574
x-xss-protection
0
server
fife
etag
"v37"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 24 Jan 2024 13:41:39 GMT
ACg8ocIIPnLpjLeAJPnei6iMvdIILmRRgxZPVU8dOg5wf8au=s96-c
lh3.googleusercontent.com/a/ Frame 998E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/a/ACg8ocIIPnLpjLeAJPnei6iMvdIILmRRgxZPVU8dOg5wf8au=s96-c
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/content/mah-jong-quest?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BIskZvTaoc44BYsaqYAFseu06yEkzUnsY7cObOpAez%2BUfuw4IVdMbT%0Au6fng9IZIDQFkYPAK6AYeg%3D%3D&embed_type=puzzle&template_type=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
fife /
Resource Hash
87f0bb06c796e1a728baf66418b6a6d6863a3dc7464c6a87e979f5c2c7d12a95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 13:44:26 GMT
x-content-type-options
nosniff
server
fife
age
10702
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1696
x-xss-protection
0
expires
Wed, 24 Jan 2024 13:44:26 GMT
ACg8ocJzxraNe4pooyIPmBoBizWfxfOOGSw63Ss8G37BsrZZ=s96-c
lh3.googleusercontent.com/a/ Frame 998E 		503 B
565 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/a/ACg8ocJzxraNe4pooyIPmBoBizWfxfOOGSw63Ss8G37BsrZZ=s96-c
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/content/mah-jong-quest?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BIskZvTaoc44BYsaqYAFseu06yEkzUnsY7cObOpAez%2BUfuw4IVdMbT%0Au6fng9IZIDQFkYPAK6AYeg%3D%3D&embed_type=puzzle&template_type=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
fife /
Resource Hash
d2e3a98f7195f6f7814b2f676869d8b4b23c1b7301833a96b8d3ec304c7734f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 14:10:10 GMT
x-content-type-options
nosniff
server
fife
age
9158
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
503
x-xss-protection
0
expires
Wed, 24 Jan 2024 14:10:10 GMT
application-uu-postload-864291837e175e466ebdcea6ccd2bc3f2425b0165cef96adced833c93c04e993.js
entertainment.service.amuniversal.com/assets/ Frame 998E 		1 KB
837 B 		Script
General
Check archive.org
Download Go to
Full URL
https://entertainment.service.amuniversal.com/assets/application-uu-postload-864291837e175e466ebdcea6ccd2bc3f2425b0165cef96adced833c93c04e993.js
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/content/mah-jong-quest?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BIskZvTaoc44BYsaqYAFseu06yEkzUnsY7cObOpAez%2BUfuw4IVdMbT%0Au6fng9IZIDQFkYPAK6AYeg%3D%3D&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.6.101.151 Lavaca, United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS
Software
/
Resource Hash
864291837e175e466ebdcea6ccd2bc3f2425b0165cef96adced833c93c04e993

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/content/mah-jong-quest?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BIskZvTaoc44BYsaqYAFseu06yEkzUnsY7cObOpAez%2BUfuw4IVdMbT%0Au6fng9IZIDQFkYPAK6AYeg%3D%3D&embed_type=puzzle&template_type=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:42:32 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Dec 2023 21:28:00 GMT
ETag
"41a-60c429bb57800-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
520
fa7b00d6-1007-4183-86c1-152aaa124663
https://canoe.com/ 		160 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://canoe.com/fa7b00d6-1007-4183-86c1-152aaa124663
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
81b2404aa38c79fe36d258e34f049b0882b90586d653886a8e44d53da3084124

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
164119
Content-Type
bd2fc835-95a7-46d4-8def-507075db5176
https://canoe.com/ 		160 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://canoe.com/bd2fc835-95a7-46d4-8def-507075db5176
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
81b2404aa38c79fe36d258e34f049b0882b90586d653886a8e44d53da3084124

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
164119
Content-Type
gtm.js
www.googletagmanager.com/ Frame 998E 		181 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TGGXGGJD
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/content/mah-jong-quest?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BIskZvTaoc44BYsaqYAFseu06yEkzUnsY7cObOpAez%2BUfuw4IVdMbT%0Au6fng9IZIDQFkYPAK6AYeg%3D%3D&embed_type=puzzle&template_type=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e3bd10a829da926755ca1dc072448b40119c9830c308fbc9b365e7ed72d01e95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65516
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 23 Jan 2024 16:42:33 GMT
geoip
api.permutive.com/v2.0/ 		256 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
c7469f7e2251a5311ea3e0b5cd90de930c66a42d140bda43748ebfa3827d898c

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 16:42:32 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://canoe.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
188
watson
api.permutive.com/v2.0/ 		419 B
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/watson?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
6fdaba437a6dd87377ad7a23aa9c991a396d9e8f22a2553af551dd1a2413a4fe

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 16:42:32 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://canoe.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
263
envelope
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0015a0000344KfnAAE&src=aps&ver=1.3.0
  • https://lexicon.33across.com/v1/envelope?pid=0015a0000344KfnAAE&src=aps&ver=1.3.0&b=1&g=nS7or2hMX3YJ1Wra0jyGcj%2FtRmDM4gOrybNYN4oOG00%3D
42 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a0000344KfnAAE&src=aps&ver=1.3.0&b=1&g=nS7or2hMX3YJ1Wra0jyGcj%2FtRmDM4gOrybNYN4oOG00%3D
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:32 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://canoe.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Tue, 23 Jan 2024 16:42:32 GMT
via
1.1 google
referrer-policy
unsafe-url
vary
origin
access-control-allow-origin
https://canoe.com
location
https://lexicon.33across.com/v1/envelope?pid=0015a0000344KfnAAE&src=aps&ver=1.3.0&b=1&g=nS7or2hMX3YJ1Wra0jyGcj%2FtRmDM4gOrybNYN4oOG00%3D
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
prebidjs
rtb.openx.net/openrtbb/ 		0
0
prebid
prebid.media.net/rtb/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
translator
hbopenbid.pubmatic.com/ 		0
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://canoe.com
date
Tue, 23 Jan 2024 16:42:32 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		379 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
01de44c97128f6036bf902691ec397d3ef5224fe17a76b983af1f8a2383e288b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:33 GMT
an-x-request-uuid
97556b43-3eff-46d8-a937-76f0dda71cdb
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://canoe.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
86.48.15.240; 86.48.15.240; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
379
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		689 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14648&site_id=359816&zone_id=2596732&size_id=2%3B15%3B15&alt_size_ids=55%3B10%3B2%2C55%2C57&eid_pubcid.org=094886c2-8ec8-4e18-86fa-f6b86ad75961%5E1&rf=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F%3Famu%3D%2Fmah-jong-quest&tg_i.domain=canoe.com&tg_i.page=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F%3Famu%3D%2Fmah-jong-quest&tg_i.aupname=%2F3081%2FSMCO_CPTL_CAN_EN_WEB%2Flife&tg_i.pbadslot=%2F3081%2FSMCO_CPTL_CAN_EN_WEB%2Flife%2Fdiversions%2Fpuzzles%2Findex%23ad-1%3B%2F3081%2FSMCO_CPTL_CAN_EN_WEB%2Flife%2Fdiversions%2Fpuzzles%2Findex%23ad-rr1%3B%2F3081%2FSMCO_CPTL_CAN_EN_WEB%2Flife%2Fdiversions%2Fpuzzles%2Findex%23ad-2&tk_flint=dmpbjs_v8.23.0&x_source.tid=a4d2a294-dd62-45f8-bd7e-6e8d1ba15091&l_pb_bid_id=290889907cc2d1a%3B30e877fc9d949a9%3B313c4d2fb966663&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=4dd2d694-6b4c-4d10-b5d6-43b2f9f5ed89%3B83c4e003-6ffb-4582-94aa-4ecefeb77258%3B28cacf48-e41e-4eb9-911a-5b85e26589e7&rp_hard_floor=0.25&rp_maxbids=1&p_gpid=%2F3081%2FSMCO_CPTL_CAN_EN_WEB%2Flife%2Fdiversions%2Fpuzzles%2Findex%23ad-1%3B%2F3081%2FSMCO_CPTL_CAN_EN_WEB%2Flife%2Fdiversions%2Fpuzzles%2Findex%23ad-rr1%3B%2F3081%2FSMCO_CPTL_CAN_EN_WEB%2Flife%2Fdiversions%2Fpuzzles%2Findex%23ad-2&slots=3&rand=0.35411565767553155
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4d4ad3f7b58a637e740dc2e6d4c8811b84e14927b1ad0cff41520be1d7e29d1d

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:33 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://canoe.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
489 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=901911
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a06331303fbdeef626f62596de3e3daa5725b95a0c8f67f2199f812780762fe

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P4bUhyL9xkRf1SmnBsgBYikauybX4LXju1qTlmu%2FszwSFL0m2BXwfNBW%2B3rrdqmsEIRFX6MLiNUyl2NFRUC5uaDW0Eg5%2B8nu90H7UjsflWMIkZPkhpKq%2F%2FB53UBMxp1pve9Lf6XF"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://canoe.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
84a17d9bbaf53703-YYZ
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
bid
ap.lijit.com/rtb/ 		0
0
23dc09d6-b664-425a-a76e-0eed6a6cc102-models.bin
cdn.permutive.com/models/v2/ 		73 KB
50 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/models/v2/23dc09d6-b664-425a-a76e-0eed6a6cc102-models.bin
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.118.17 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fea622897ff5ed212a80d8a559c08cd8c82b26c15f0fb2e69295f632d62366c9

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 16:42:35 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-oid
23dc09d6-b664-425a-a76e-0eed6a6cc102
age
0
x-guploader-uploadid
ABPtcPr6c0MJHxwh1qoo8tKu8lnw4tQQifqAxhZZwlu16Dvr6TU9uo-wepEi-NJCGmn_BepPsUUn9NSZ_P62Wm7iCDwNXA
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
50516
last-modified
Wed, 10 Jan 2024 06:02:27 GMT
server
cloudflare
etag
"ae8391b4074ab9d0e0e7bced5b50b924"
vary
Accept-Encoding
x-goog-generation
1704866547991524
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=t7Zhag==, md5=roORtAdKudDg57ztW1C5JA==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
50516
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84a17da51b72a204-YYZ
expires
Tue, 23 Jan 2024 16:33:09 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F%3Famu%3D%2Fmah-jong-quest&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F%3Famu%3D%2Fmah-jong-quest&rid=esp&cc=1
85 B
193 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F%3Famu%3D%2Fmah-jong-quest&rid=esp&cc=1
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
4debb89822c86cee7033fdca866e5144980c9deaff2cd25afe9bedd413c8c9bb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:40 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-EbrnYwuFexExcOpnvQUNEFpAbi0"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://canoe.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Tue, 23 Jan 2024 16:42:40 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://canoe.com
location
/esp?url=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F%3Famu%3D%2Fmah-jong-quest&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
syncframe
gum.criteo.com/ Frame 4B14 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=canoe.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
8deb4dcd9ce02afc82cd8ee1938a02d0c40bd438fa8da4f22a255676fbe543e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://canoe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 16:42:33 GMT
server
Kestrel
server-processing-duration-in-ticks
664189
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
envelope
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0015a0000344KfnAAE&src=esp&ver=1.3.0
  • https://lexicon.33across.com/v1/envelope?pid=0015a0000344KfnAAE&src=esp&ver=1.3.0&b=1&g=nGI2hWyw6KmbDb27KmYxR5N1kaTSLZ%2BmQdqHiBRYzww%3D
42 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a0000344KfnAAE&src=esp&ver=1.3.0&b=1&g=nGI2hWyw6KmbDb27KmYxR5N1kaTSLZ%2BmQdqHiBRYzww%3D
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:32 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://canoe.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Tue, 23 Jan 2024 16:42:32 GMT
via
1.1 google
referrer-policy
unsafe-url
vary
origin
access-control-allow-origin
https://canoe.com
location
https://lexicon.33across.com/v1/envelope?pid=0015a0000344KfnAAE&src=esp&ver=1.3.0&b=1&g=nGI2hWyw6KmbDb27KmYxR5N1kaTSLZ%2BmQdqHiBRYzww%3D
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
encrypt
esp.rtbhouse.com/ 		241 B
514 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
aa7234c2da9742d8cdbf14d16f9770869a795427fd9e1cfa85f43ca6276cb38c

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Jan 2024 16:42:32 GMT
via
1.1 google, 1.1 google
server
Google Frontend
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
661e82e7554cdbebc942f4acb0c5fdd5
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With
content-length
241
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
mahjong-quest
securegames.iwin.com/provider/uclick/play/ Frame D8B4 		190 B
981 B 		Document
General
Check archive.org
Download Go to
Full URL
https://securegames.iwin.com/provider/uclick/play/mahjong-quest?iframe=iframe?iframe=iframe&clientId=2496&featureId=iwmjq&sda=n&title=n&chat=n&signin=n&data=https%3A%2F%2Fuclick.iwin.com&ref=//canoe.com/puzzles
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/content/mah-jong-quest?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BIskZvTaoc44BYsaqYAFseu06yEkzUnsY7cObOpAez%2BUfuw4IVdMbT%0Au6fng9IZIDQFkYPAK6AYeg%3D%3D&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-124.jfk52.r.cloudfront.net
Software
/
Resource Hash
42f9d39ebf19efc7f8a0fbe6ad8ffabb47c5fd4ed9e603febac3962e99f68c88

Request headers

Referer
https://entertainment.service.amuniversal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
Access-Control-Allow-Methods
POST, PUT, DELETE, GET, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Request-Method
*
Age
358
Cache-Control
public, max-age=1800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
164
Content-Type
text/html; charset=utf-8
Date
Tue, 23 Jan 2024 16:42:33 GMT
ETag
"65735cb8-be"
Expires
Mon, 22 Jan 2024 17:12:14 GMT
Last-Modified
Fri, 08 Dec 2023 18:13:12 GMT
Vary
Accept-Encoding
Via
1.1 6c1e463b1907685097cce9e63f1cf75a.cloudfront.net (CloudFront)
X-Amz-Cf-Id
mv11by4Ui5CSFCk4HbwpZy5GDbwhA_eLy-etuxknOm-kkmQLOuhrrA==
X-Amz-Cf-Pop
JFK52-P1
X-Cache
Hit from cloudfront
X-UA-Compatible
IE=Edge,chrome=1
segment
api.permutive.com/adv/v2/ 		44 B
99 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
56270e9e004db8efacc195a58790c8d397f757832b0f40a48e825d8f0fe7712f

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 23 Jan 2024 16:42:32 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44
content-type
application/json
raleway-medium-webfont-e80025d59b966e390e81818a115bcf1c8147512973c698731adfee1dbd942572.woff2
entertainment.service.amuniversal.com/assets/ Frame 998E 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://entertainment.service.amuniversal.com/assets/raleway-medium-webfont-e80025d59b966e390e81818a115bcf1c8147512973c698731adfee1dbd942572.woff2
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/assets/application-uu-79b8bc5284ce122857feca100bbb6d6ed8c6b96bb7942a276e418e30a466f74c.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.6.101.151 Lavaca, United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS
Software
/
Resource Hash
e80025d59b966e390e81818a115bcf1c8147512973c698731adfee1dbd942572

Request headers

Referer
https://entertainment.service.amuniversal.com/assets/application-uu-79b8bc5284ce122857feca100bbb6d6ed8c6b96bb7942a276e418e30a466f74c.css
Origin
https://entertainment.service.amuniversal.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:42:32 GMT
Last-Modified
Mon, 30 Nov 2020 18:20:09 GMT
Connection
Keep-Alive
Accept-Ranges
bytes
ETag
"5ad8-5b5570f6ae840"
Content-Length
23256
Keep-Alive
timeout=5, max=92
raleway-light-webfont-5af8716da375c22814f1f4b9b13e9e8239a54be1f95c6e2af7bb983a2410ba5c.woff2
entertainment.service.amuniversal.com/assets/ Frame 998E 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://entertainment.service.amuniversal.com/assets/raleway-light-webfont-5af8716da375c22814f1f4b9b13e9e8239a54be1f95c6e2af7bb983a2410ba5c.woff2
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/assets/application-uu-79b8bc5284ce122857feca100bbb6d6ed8c6b96bb7942a276e418e30a466f74c.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.6.101.151 Lavaca, United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS
Software
/
Resource Hash
5af8716da375c22814f1f4b9b13e9e8239a54be1f95c6e2af7bb983a2410ba5c

Request headers

Referer
https://entertainment.service.amuniversal.com/assets/application-uu-79b8bc5284ce122857feca100bbb6d6ed8c6b96bb7942a276e418e30a466f74c.css
Origin
https://entertainment.service.amuniversal.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:42:32 GMT
Last-Modified
Mon, 30 Nov 2020 18:20:09 GMT
Connection
Keep-Alive
Accept-Ranges
bytes
ETag
"5b68-5b5570f6ae840"
Content-Length
23400
Keep-Alive
timeout=5, max=95
fontawesome-webfont-199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1.woff
entertainment.service.amuniversal.com/assets/font-awesome/ Frame 998E 		64 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://entertainment.service.amuniversal.com/assets/font-awesome/fontawesome-webfont-199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1.woff
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/assets/theme-plugins-f1fc7fe6169405625fd46a53184cbfae4e50f0dd9923ee73abba444a738a4b4a.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.6.101.151 Lavaca, United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS
Software
/
Resource Hash
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Referer
https://entertainment.service.amuniversal.com/assets/theme-plugins-f1fc7fe6169405625fd46a53184cbfae4e50f0dd9923ee73abba444a738a4b4a.css
Origin
https://entertainment.service.amuniversal.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:42:32 GMT
Last-Modified
Mon, 30 Nov 2020 18:28:00 GMT
ETag
"ffac-5b5572b7dcc00"
Content-Type
application/font-woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
65452
/
securegames.iwin.com/m/console/v_313/ Frame D8B4 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://securegames.iwin.com/m/console/v_313/
Requested by
Host: securegames.iwin.com
URL: https://securegames.iwin.com/provider/uclick/play/mahjong-quest?iframe=iframe?iframe=iframe&clientId=2496&featureId=iwmjq&sda=n&title=n&chat=n&signin=n&data=https%3A%2F%2Fuclick.iwin.com&ref=//canoe.com/puzzles
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-124.jfk52.r.cloudfront.net
Software
/
Resource Hash
9085790bc286fc03e43b1a9ad10128e7b8202fe0332d4c93ff67338f84089056

Request headers

Referer
https://securegames.iwin.com/provider/uclick/play/mahjong-quest?iframe=iframe?iframe=iframe&clientId=2496&featureId=iwmjq&sda=n&title=n&chat=n&signin=n&data=https%3A%2F%2Fuclick.iwin.com&ref=//canoe.com/puzzles
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes bytes
Age
637341
Cache-Control
public, max-age=31536000
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1047
Content-Type
text/html
Date
Tue, 16 Jan 2024 07:40:12 GMT
ETag
"3616544848+gzip"
Expires
Wed, 15 Jan 2025 07:40:12 GMT
Last-Modified
Thu, 08 Dec 2022 10:50:06 GMT
Vary
Accept-Encoding
Via
1.1 6c1e463b1907685097cce9e63f1cf75a.cloudfront.net (CloudFront)
X-Amz-Cf-Id
FVwuouWADlaay_IqNHJX47-RomHHsnH03O_ZgN7GQC3kgmzW6B7gQg==
X-Amz-Cf-Pop
JFK52-P1
X-Cache
Hit from cloudfront
main.less.css
securegames.iwin.com/m/console/v_313/site-console/css/app/ Frame D8B4 		102 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securegames.iwin.com/m/console/v_313/site-console/css/app/main.less.css
Requested by
Host: securegames.iwin.com
URL: https://securegames.iwin.com/m/console/v_313/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-124.jfk52.r.cloudfront.net
Software
/
Resource Hash
600a7f178e74cf227051f057b1b54c0277341f6a71914c09b766126ef0d5f90c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securegames.iwin.com/m/console/v_313/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 08 Jan 2024 09:57:22 GMT
Content-Encoding
gzip
Via
1.1 6c1e463b1907685097cce9e63f1cf75a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
JFK52-P1
Age
1320311
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
16563
Last-Modified
Thu, 08 Dec 2022 10:50:06 GMT
ETag
"2625741660+gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
X-Amz-Cf-Id
SvwQyzMwm8axlM8d4eLuCRcuJW-1335-u3NeRjb2rNGpzN-HepeyTg==
Expires
Tue, 07 Jan 2025 09:57:22 GMT
require.js
securegames.iwin.com/m/console/v_313/site-console/js/ Frame D8B4 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securegames.iwin.com/m/console/v_313/site-console/js/require.js
Requested by
Host: securegames.iwin.com
URL: https://securegames.iwin.com/m/console/v_313/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-124.jfk52.r.cloudfront.net
Software
/
Resource Hash
912cc294d0de9f7e737ecbd968834e11027f59047a3073c060c0112513d773f2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securegames.iwin.com/m/console/v_313/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 16 Jan 2024 07:17:04 GMT
Content-Encoding
gzip
Via
1.1 6c1e463b1907685097cce9e63f1cf75a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
JFK52-P1
Age
638729
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
6298
Last-Modified
Thu, 08 Dec 2022 10:50:06 GMT
ETag
"622260545+gzip"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
X-Amz-Cf-Id
3P99BREsLFP3zXFrk2Jn46b5qztewc2XtGUm2rpEA-kqh6CLAibFPQ==
Expires
Wed, 15 Jan 2025 07:17:04 GMT
js
www.googletagmanager.com/gtag/ Frame 998E 		294 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-D62HWTQP6Y&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGGXGGJD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
3d62b75e61765eb12487f03345114edeb6c535d027156e0ca768ec7afa7ad6a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
97730
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 23 Jan 2024 16:42:33 GMT
main.js
securegames.iwin.com/m/console/v_313/site-console/js/ Frame D8B4 		523 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securegames.iwin.com/m/console/v_313/site-console/js/main.js
Requested by
Host: securegames.iwin.com
URL: https://securegames.iwin.com/m/console/v_313/site-console/js/require.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-124.jfk52.r.cloudfront.net
Software
/
Resource Hash
f065c87ccbdaf40a969620650e1e3f479ebb00369c87e714a454c6ea66b9a46d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securegames.iwin.com/m/console/v_313/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 14 Jan 2024 01:28:55 GMT
Content-Encoding
gzip
Via
1.1 6c1e463b1907685097cce9e63f1cf75a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
JFK52-P1
Age
832418
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
139877
Last-Modified
Mon, 28 Aug 2023 15:45:09 GMT
ETag
"1751776033+gzip"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
X-Amz-Cf-Id
xTX-ozS1JlscbMApxyS75w-XYHgAbhnErXJPlNVOnwLQwXDKg9WFgg==
Expires
Mon, 13 Jan 2025 01:28:55 GMT
events
api.permutive.com/v2.0/batch/ 		101 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
f6bad4ed775047b9dedbb460056e923d1a013f6f023f2ca8428edc749f1a648f

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 16:42:33 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://canoe.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
home.html
securegames.iwin.com/m/console/v_313/site-console/views/ Frame D8B4 		15 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securegames.iwin.com/m/console/v_313/site-console/views/home.html
Requested by
Host: securegames.iwin.com
URL: https://securegames.iwin.com/m/console/v_313/site-console/js/main.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-124.jfk52.r.cloudfront.net
Software
/
Resource Hash
10fd19987fe77295a94dc1705bba56980c2c4ba3859e76b3f7248a476ad4b6a5

Request headers

Accept
application/json, text/plain, */*
Referer
https://securegames.iwin.com/m/console/v_313/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 21 Jan 2024 09:42:05 GMT
Content-Encoding
gzip
Via
1.1 6c1e463b1907685097cce9e63f1cf75a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
JFK52-P1
Age
198028
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
6121
Last-Modified
Thu, 08 Dec 2022 10:50:06 GMT
ETag
"3608038882"
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes, bytes
X-Amz-Cf-Id
cppkIKoO4JE9iyEKpr-dqQyveSU2PyD5E9oNZAj0PAeJ5_rCPnQ5fQ==
Expires
Mon, 20 Jan 2025 09:42:05 GMT
sprites.png
securegames.iwin.com/m/console/v_313/site-console/css/app/ Frame D8B4 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securegames.iwin.com/m/console/v_313/site-console/css/app/sprites.png
Requested by
Host: securegames.iwin.com
URL: https://securegames.iwin.com/m/console/v_313/site-console/css/app/main.less.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-124.jfk52.r.cloudfront.net
Software
/
Resource Hash
68d58fedffba037ce6ccb99e29a9944b1a60f44630b95f0bcc41ea41eb2e7322

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securegames.iwin.com/m/console/v_313/site-console/css/app/main.less.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 09:21:23 GMT
Via
1.1 6c1e463b1907685097cce9e63f1cf75a.cloudfront.net (CloudFront)
Last-Modified
Thu, 08 Dec 2022 10:50:06 GMT
X-Amz-Cf-Pop
JFK52-P1
Age
1840870
ETag
"4164586214"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
44622
X-Amz-Cf-Id
QKFx9wTUU8VFwJYqk_n8orCehOXt3aaucDKt38abXaHw6KiwaAlrlg==
Expires
Wed, 01 Jan 2025 09:21:23 GMT
progress.gif
securegames.iwin.com/m/console/v_313/site-console/img/ Frame D8B4 		769 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securegames.iwin.com/m/console/v_313/site-console/img/progress.gif
Requested by
Host: securegames.iwin.com
URL: https://securegames.iwin.com/m/console/v_313/site-console/css/app/main.less.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-124.jfk52.r.cloudfront.net
Software
/
Resource Hash
e6f3afe265986e684ce3c5a19901e43753328ced4ff16dc360d3768be03cff2c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securegames.iwin.com/m/console/v_313/site-console/css/app/main.less.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 16 Jan 2024 07:42:18 GMT
Via
1.1 f5b6caeff9422ffe5c739ff6cf167922.cloudfront.net (CloudFront)
Last-Modified
Thu, 08 Dec 2022 10:50:06 GMT
X-Amz-Cf-Pop
JFK52-P1
Age
637215
ETag
"738900541"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
769
X-Amz-Cf-Id
QAu2sfhLsPqInwgdlaJqCbTrJ7ewAmubc7EABO2QC2Vo0OrW6lJllA==
Expires
Wed, 15 Jan 2025 07:42:18 GMT
truncated
/ Frame D8B4 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c0ae202bdbb35b4c08d044b9a3f5e799dd17ef00ac057c8a46764cd731246779

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
game_details.json
securegames.iwin.com/m/iwin/mahjong-quest/v_60/ Frame D8B4 		493 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/game_details.json
Requested by
Host: securegames.iwin.com
URL: https://securegames.iwin.com/m/console/v_313/site-console/js/main.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-124.jfk52.r.cloudfront.net
Software
/
Resource Hash
bd25794bfae9dff93514644e3b8361c2c3642752e5ee84ae5c083c7aeea4e398

Request headers

Accept
application/json, text/plain, */*
Referer
https://securegames.iwin.com/m/console/v_313/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 15:00:26 GMT
Via
1.1 6c1e463b1907685097cce9e63f1cf75a.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Mar 2016 19:30:12 GMT
X-Amz-Cf-Pop
JFK52-P1
Age
6127
ETag
"4190534834"
X-Cache
Hit from cloudfront
Content-Type
application/octet-stream
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
493
X-Amz-Cf-Id
MH0c8ViWW7786ZXm-lT9kV2GytpZKxNCyT8ha-VU6iu-mZy1ypNocg==
Expires
Tue, 23 Jan 2024 19:00:26 GMT
online-games
m.iwin.com/ Frame D8B4
Redirect Chain
  • https://securegames.iwin.com/data/gtm.json
  • https://m.iwin.com/online-games
104 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.iwin.com/online-games
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/content/mah-jong-quest?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BIskZvTaoc44BYsaqYAFseu06yEkzUnsY7cObOpAez%2BUfuw4IVdMbT%0Au6fng9IZIDQFkYPAK6AYeg%3D%3D&embed_type=puzzle&template_type=default
Protocol
H2
Server
3.208.43.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-43-177.compute-1.amazonaws.com
Software
/
Resource Hash
6e923c9175b2e878e38be0452882107ab1b41cadffbcc3bfe7a7019caaacbb93
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securegames.iwin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:33 GMT
content-encoding
gzip
access-control-request-method
*
age
10707
content-length
15019
x-ua-compatible
IE=Edge,chrome=1
last-modified
Fri, 08 Dec 2023 18:13:12 GMT
etag
"65735cb8-19e5e"
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, PUT, DELETE, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=1800
vary
Origin,Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
expires
Tue, 23 Jan 2024 14:14:06 GMT

Redirect headers

Date
Tue, 23 Jan 2024 14:55:58 GMT
Access-Control-Request-Method
*
Via
1.1 f5b6caeff9422ffe5c739ff6cf167922.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
JFK52-P1
Age
6395
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
184
X-UA-Compatible
IE=Edge,chrome=1
X-FRAME-OPTIONS
SAMEORIGIN
Access-Control-Allow-Methods
POST, PUT, DELETE, GET, OPTIONS
Content-Type
text/html; charset=utf-8
Location
https://m.iwin.com/online-games
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
X-Amz-Cf-Id
P8KNAXfFYNtb3uJHPTzWhraBBGs3acVJxdax29r0KpdSHM46--l0ww==
map
bcp.crwdcntrl.net/6/ 		156 B
609 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.104.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-104-25.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
69e93f912858a6aeefa2fc1f2b137dc63a734c5dfe05faa356e96e997f6c6396

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:33 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://canoe.com
cache-control
no-cache
x-server
10.40.52.247
access-control-allow-credentials
true
content-length
156
expires
0
identify
api.permutive.com/v2.0/ 		50 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
49342ffccaa0e1636d0f3085d7121872a987d9ea333c41426d393335eb7a7815

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 16:42:33 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://canoe.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
uclick.json
securegames.iwin.com/provider/ Frame D8B4 		781 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securegames.iwin.com/provider/uclick.json
Requested by
Host: securegames.iwin.com
URL: https://securegames.iwin.com/m/console/v_313/site-console/js/main.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-124.jfk52.r.cloudfront.net
Software
/
Resource Hash
d651ad7eae445421bd7bcc1b311239cfe95f65f9816703fc534c5f83435aa25f

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://securegames.iwin.com/m/console/v_313/
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:39:29 GMT
Access-Control-Request-Method
*
Via
1.1 f5b6caeff9422ffe5c739ff6cf167922.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
JFK52-P1
Age
188
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
781
X-UA-Compatible
IE=Edge,chrome=1
Last-Modified
Fri, 08 Dec 2023 18:13:12 GMT
ETag
"65735cb8-30d"
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, PUT, DELETE, GET, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
X-Amz-Cf-Id
etbfScfKzEwR58blj5GYJk-rayvGVJmy-OY0fi-zMvqfhvEXP-q6GQ==
Expires
Tue, 23 Jan 2024 15:10:54 GMT
uclick.json
securegames.iwin.com/provider/ Frame D8B4 		781 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securegames.iwin.com/provider/uclick.json
Requested by
Host: securegames.iwin.com
URL: https://securegames.iwin.com/m/console/v_313/site-console/js/main.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-124.jfk52.r.cloudfront.net
Software
/
Resource Hash
d651ad7eae445421bd7bcc1b311239cfe95f65f9816703fc534c5f83435aa25f

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://securegames.iwin.com/m/console/v_313/
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:39:29 GMT
Access-Control-Request-Method
*
Via
1.1 6c1e463b1907685097cce9e63f1cf75a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
JFK52-P1
Age
188
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
781
X-UA-Compatible
IE=Edge,chrome=1
Last-Modified
Fri, 08 Dec 2023 18:13:12 GMT
ETag
"65735cb8-30d"
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, PUT, DELETE, GET, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
X-Amz-Cf-Id
xJmkXlThUlEj34EOFv7mHcRThldDY581LNcYhYa7VTjsQ5qF3ogHoQ==
Expires
Tue, 23 Jan 2024 15:10:54 GMT
/
securegames.iwin.com/m/iwin/mahjong-quest/v_60/ Frame A605 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/
Requested by
Host: securegames.iwin.com
URL: https://securegames.iwin.com/m/console/v_313/site-console/js/main.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-124.jfk52.r.cloudfront.net
Software
/
Resource Hash
db40be46a368ab3e7548e09d8d28380e59409377cfd4489905455b3505f62444

Request headers

Referer
https://securegames.iwin.com/m/console/v_313/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Age
1352291
Cache-Control
public, max-age=31536000
Connection
keep-alive
Content-Encoding
gzip
Content-Length
688
Content-Type
text/html
Date
Mon, 08 Jan 2024 01:04:22 GMT
ETag
"833344114+gzip"
Expires
Tue, 07 Jan 2025 01:04:22 GMT
Last-Modified
Wed, 02 Mar 2016 19:30:12 GMT
Vary
Accept-Encoding
Via
1.1 f5b6caeff9422ffe5c739ff6cf167922.cloudfront.net (CloudFront)
X-Amz-Cf-Id
6Wiu5mxhtG30HXC1G3qbf1JGME6A8wgluqnj77iV0eRaqplDeSHMqQ==
X-Amz-Cf-Pop
JFK52-P1
X-Cache
Hit from cloudfront
gtm.js
www.googletagmanager.com/ Frame D8B4 		171 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WQW49ZB
Requested by
Host: securegames.iwin.com
URL: https://securegames.iwin.com/m/console/v_313/site-console/js/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
2a9e00610b3b643de02bceeafb874e3ebcbea859605a8aa3a1f165790f97d239
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securegames.iwin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62607
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 23 Jan 2024 16:42:33 GMT
mjq.css
securegames.iwin.com/m/iwin/mahjong-quest/v_60/ Frame A605 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/mjq.css
Requested by
Host: securegames.iwin.com
URL: https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-124.jfk52.r.cloudfront.net
Software
/
Resource Hash
4455585c34abd7708a9d5a4414fae412aa5994e884231a27671e167faa2e592d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 17:44:24 GMT
Content-Encoding
gzip
Via
1.1 f5b6caeff9422ffe5c739ff6cf167922.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
JFK52-P1
Age
687489
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
606
Last-Modified
Wed, 02 Mar 2016 19:30:12 GMT
ETag
"3719028391+gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes, bytes
X-Amz-Cf-Id
00u_ualrEdoI0aq6Yz0hLKmkHAn3snumBNOS80ofhZOKZYvVESnraw==
Expires
Tue, 14 Jan 2025 17:44:24 GMT
iconsole.js
securegames.iwin.com/m/iwin/mahjong-quest/ Frame A605 		82 B
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securegames.iwin.com/m/iwin/mahjong-quest/iconsole.js
Requested by
Host: securegames.iwin.com
URL: https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-124.jfk52.r.cloudfront.net
Software
/
Resource Hash
c704422aafb675b9272447d343329391f479d4aab004700782886ffee2a244f9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 16 Jan 2024 11:26:16 GMT
Content-Encoding
gzip
Via
1.1 6c1e463b1907685097cce9e63f1cf75a.cloudfront.net (CloudFront)
Last-Modified
Mon, 19 Jan 2015 12:11:39 GMT
X-Amz-Cf-Pop
JFK52-P1
Age
623777
ETag
"2206750958"
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Id
uw1JkcQG6PllWZK5ehsmeh5Fj3fCOQ2BzAbyQx1TzmIAhWxFvsqpwA==
Expires
Wed, 15 Jan 2025 11:26:16 GMT
howler.min.js
securegames.iwin.com/m/iwin/mahjong-quest/v_60/ Frame A605 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/howler.min.js?v=1
Requested by
Host: securegames.iwin.com
URL: https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-124.jfk52.r.cloudfront.net
Software
/
Resource Hash
161aa41ca904d0f038db859fb6f947e17b73007b8208bbb1692a2e6dd991d18b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 10 Jan 2024 09:56:51 GMT
Content-Encoding
gzip
Via
1.1 86f58a7ba760944d1efd0f2fe2242e1e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
JFK52-P1
Age
1147542
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
5437
Last-Modified
Wed, 02 Mar 2016 19:30:07 GMT
ETag
"2367439779"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes, bytes
X-Amz-Cf-Id
aHcS0Y0AfUxR5l-k4d0jMdEA7y7-qP4M36k22r2i-XuKZRQuIC01Jg==
Expires
Thu, 09 Jan 2025 09:56:51 GMT
mjq-all-min.js
securegames.iwin.com/m/iwin/mahjong-quest/v_60/ Frame A605 		259 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/mjq-all-min.js?v=1
Requested by
Host: securegames.iwin.com
URL: https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-124.jfk52.r.cloudfront.net
Software
/
Resource Hash
c13fd7db791aba2295b1470bd143d00c7637d7aa7383877d792ddcd1611e1324

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 09 Jan 2024 11:27:53 GMT
Content-Encoding
gzip
Via
1.1 f5b6caeff9422ffe5c739ff6cf167922.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
JFK52-P1
Age
1228480
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
56493
Last-Modified
Wed, 02 Mar 2016 19:30:12 GMT
ETag
"3336240735+gzip"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes, bytes
X-Amz-Cf-Id
mg9F2S7p-hezQ2KKF1Nxt1LG3hVkbMHobV5oo8r2KJdPeyTTvUqPsQ==
Expires
Wed, 08 Jan 2025 11:27:53 GMT
iu3
s.amazon-adsystem.com/ Frame 4992
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&dcc=t
318 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
859a68d1c7b4ff51622aae539e55da3c453f6d2f26b279ee5eaa2a6850724ade
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://canoe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
318
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 23 Jan 2024 16:42:34 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
Z5QB6YHZ4JB04QK04QEW

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Tue, 23 Jan 2024 16:42:34 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
JJCWD07F2MHEZDDT2609
iconsole.js
securegames.iwin.com/m/console/v_313/ Frame A605 		45 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securegames.iwin.com/m/console/v_313/iconsole.js
Requested by
Host: securegames.iwin.com
URL: https://securegames.iwin.com/m/iwin/mahjong-quest/iconsole.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-124.jfk52.r.cloudfront.net
Software
/
Resource Hash
091fa867686554a13fe1d783d79e005350166698d9908dab893e958b88995426

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 08 Jan 2024 11:28:16 GMT
Content-Encoding
gzip
Via
1.1 6c1e463b1907685097cce9e63f1cf75a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
JFK52-P1
Age
1314857
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
13756
Last-Modified
Thu, 08 Dec 2022 10:50:06 GMT
ETag
"756282178+gzip"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes, bytes
X-Amz-Cf-Id
yA6zjNfyOJDurwxlG9jnWB9mD40y2f1qUNStnxxqyAUdavzYbcqQzg==
Expires
Tue, 07 Jan 2025 11:28:16 GMT
js
www.googletagmanager.com/gtag/ Frame D8B4 		263 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YRPJEL47G4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQW49ZB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
bb4a1e40af6cab12f939d11069833e7226e997662cad38248f13ca14952efd88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securegames.iwin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90088
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 23 Jan 2024 16:42:33 GMT
CFSamuraiBob.ttf
securegames.iwin.com/m/iwin/mahjong-quest/v_60/ Frame A605 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/CFSamuraiBob.ttf
Requested by
Host: securegames.iwin.com
URL: https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/mjq.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-124.jfk52.r.cloudfront.net
Software
/
Resource Hash
087c15b6b573a98343ff97ee72ae181918bca936b43799b68fec800cee315dc5

Request headers

Referer
https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/mjq.css
Origin
https://securegames.iwin.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 16:19:08 GMT
Via
1.1 f5b6caeff9422ffe5c739ff6cf167922.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Mar 2016 19:30:07 GMT
X-Amz-Cf-Pop
JFK52-P1
Age
2075005
ETag
"2360026053"
X-Cache
Hit from cloudfront
Content-Type
application/octet-stream
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
7932
X-Amz-Cf-Id
coBHyO3XWpmAw5iwaSLvHKrTHUJugBgbAXj5Z_P3tbW6q3K5L63ATw==
Expires
Sun, 29 Dec 2024 16:19:08 GMT
state
api.permutive.com/v1.0/ 		0
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 23 Jan 2024 16:42:33 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
paths.json
securegames.iwin.com/m/iwin/mahjong-quest/v_60/ Frame A605 		139 B
680 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/paths.json
Requested by
Host: securegames.iwin.com
URL: https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/mjq-all-min.js?v=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-124.jfk52.r.cloudfront.net
Software
/
Resource Hash
2446287ed8c4f295e960e60bf540772c5a15993fd284ef9d2ddda02c19f80dd0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 21:32:35 GMT
Via
1.1 f5b6caeff9422ffe5c739ff6cf167922.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Mar 2016 19:30:07 GMT
X-Amz-Cf-Pop
JFK52-P1
Age
673798
ETag
"1753965829"
X-Cache
Hit from cloudfront
Content-Type
application/octet-stream
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
139
X-Amz-Cf-Id
68ZKR4m26yI6hrBE69XAYub23WvNQlu5XtdtofAyUzl1pDBuHjtRWQ==
Expires
Tue, 14 Jan 2025 21:32:35 GMT
mjq.json
securegames.iwin.com/m/iwin/mahjong-quest/v_60/ Frame A605 		11 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/mjq.json
Requested by
Host: securegames.iwin.com
URL: https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/mjq-all-min.js?v=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-124.jfk52.r.cloudfront.net
Software
/
Resource Hash
12a1cfd83c0a6f8dd0cc13fedcae3db3b7097f9a1756ac1653b58d157475fc47

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 21 Jan 2024 10:29:09 GMT
Via
1.1 f5b6caeff9422ffe5c739ff6cf167922.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Mar 2016 19:30:07 GMT
X-Amz-Cf-Pop
JFK52-P1
Age
195205
ETag
"555664270"
X-Cache
Hit from cloudfront
Content-Type
application/octet-stream
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
11298
X-Amz-Cf-Id
krA_u6t-rXvAwb6kjIUZObiPbZ9lEvKjEILXbRi4gOaD5FkiZKeX1g==
Expires
Mon, 20 Jan 2025 10:29:09 GMT
json
gum.criteo.com/sid/ Frame 4B14 		425 B
570 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertagids&domain=canoe.com&sn=ChromeSyncframe&so=0&topUrl=canoe.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=canoe.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
ace4596c62ac94dbffa02034cfa8e947f82e5803f154f06b54e5e22b3b9d86aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=canoe.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:33 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1169841
expires
0
mjq_mainmenu.mp3
securegames.iwin.com/m/iwin/mahjong-quest/v_60/audio/ Frame A605 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/audio/mjq_mainmenu.mp3
Requested by
Host: securegames.iwin.com
URL: https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/howler.min.js?v=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-124.jfk52.r.cloudfront.net
Software
/
Resource Hash
934841c8e3bb5b30f34087dd83c00da20e9e670be9c85bb70ea1ec0221077ef9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 09 Jan 2024 07:27:46 GMT
Via
1.1 f5b6caeff9422ffe5c739ff6cf167922.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Mar 2016 19:30:10 GMT
X-Amz-Cf-Pop
JFK52-P1
Age
1242888
ETag
"1492205882"
X-Cache
Hit from cloudfront
Content-Type
audio/mpeg
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
1066631
X-Amz-Cf-Id
aF9GYAxM4xjaXn74rWQE6rM0-aQSJAHYLdgUKXWmuRMW9oFD7UnbyA==
Expires
Wed, 08 Jan 2025 07:27:46 GMT
mjq_audiosprite.ogg
securegames.iwin.com/m/iwin/mahjong-quest/v_60/audio/ Frame A605 		309 KB
309 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/audio/mjq_audiosprite.ogg
Requested by
Host: securegames.iwin.com
URL: https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/howler.min.js?v=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-124.jfk52.r.cloudfront.net
Software
/
Resource Hash
ae5ccbceae29e19160f4695ad5312d643fb41e4f6cb871ab65cc9d5540c62e9e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 10 Jan 2024 09:56:52 GMT
Via
1.1 6c1e463b1907685097cce9e63f1cf75a.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Mar 2016 19:30:10 GMT
X-Amz-Cf-Pop
JFK52-P1
Age
1147542
ETag
"2882499157"
X-Cache
Hit from cloudfront
Content-Type
application/ogg
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
315971
X-Amz-Cf-Id
jDlUOcqe-QjfDo2K0PIXVlbZt7AS6AsLObNhykvxUyqow5jEt8sbWA==
Expires
Thu, 09 Jan 2025 09:56:52 GMT
objects.json
securegames.iwin.com/m/iwin/mahjong-quest/v_60/ Frame A605 		21 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/objects.json?v=2
Requested by
Host: securegames.iwin.com
URL: https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/mjq-all-min.js?v=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-124.jfk52.r.cloudfront.net
Software
/
Resource Hash
b899c756652f1f1e560eab76cbabefb4dc276d9bfd6a715b7b4c5324ae848b3d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 08 Jan 2024 00:02:57 GMT
Via
1.1 86f58a7ba760944d1efd0f2fe2242e1e.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Mar 2016 19:30:10 GMT
X-Amz-Cf-Pop
JFK52-P1
Age
1355977
ETag
"2910178231"
X-Cache
Hit from cloudfront
Content-Type
application/octet-stream
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
21048
X-Amz-Cf-Id
QaDNZLGALVZh3xvMcDoY6btL5eVGzOMLa-ZunlBz1B3mHVHGiyqxPg==
Expires
Tue, 07 Jan 2025 00:02:57 GMT
sdk.js
connect.facebook.net/en_US/ Frame D8B4 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: securegames.iwin.com
URL: https://securegames.iwin.com/m/console/v_313/site-console/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
b4b7653989f51a7b24e4f8e4df6bb9076ab800556b5d718eb642fdb368fdec4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securegames.iwin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 23 Jan 2024 16:42:34 GMT
content-md5
elJKAbJNakfBU5IZuXNWkg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-debug
Q9TEpF6AqqG5KY4zJIZIfHoRJMNUU+0tVXdmEJ6s+oYWHVRNoXVLsF3sxNyFkt3Gh+SvegGaNqTG6BR83+mQRg==
x-fb-content-md5
cec38147ce0ca5da6bccd648d7cd5be6
cross-origin-opener-policy
same-origin-allow-popups
etag
"14ea17f4ddf0a06e1a90471eeddc2a69"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Tue, 23 Jan 2024 16:49:36 GMT
artassets1536.json
securegames.iwin.com/m/iwin/mahjong-quest/v_60/images/ Frame A605 		9 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/images/artassets1536.json?v=2
Requested by
Host: securegames.iwin.com
URL: https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/mjq-all-min.js?v=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-124.jfk52.r.cloudfront.net
Software
/
Resource Hash
619b8f6ccc3cb780c3100915b8d48eccc94a1d90322fb3501a9b2f7a8bce9d78

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 25 Dec 2023 05:29:51 GMT
Via
1.1 6c1e463b1907685097cce9e63f1cf75a.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Mar 2016 19:30:11 GMT
X-Amz-Cf-Pop
JFK52-P1
Age
2545963
ETag
"1707662518"
X-Cache
Hit from cloudfront
Content-Type
application/octet-stream
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
9694
X-Amz-Cf-Id
3fhGg00XVHFUuPE2Z1Q39jjaVOlo7aC3O2iHi4Q1gLJujJnU2EtnIg==
Expires
Tue, 24 Dec 2024 05:29:51 GMT
background1536mainhub.jpg
securegames.iwin.com/m/iwin/mahjong-quest/v_60/images/ Frame A605 		528 KB
529 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/images/background1536mainhub.jpg
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/content/mah-jong-quest?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BIskZvTaoc44BYsaqYAFseu06yEkzUnsY7cObOpAez%2BUfuw4IVdMbT%0Au6fng9IZIDQFkYPAK6AYeg%3D%3D&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-124.jfk52.r.cloudfront.net
Software
/
Resource Hash
60d1d35e6cb1e20643d3d3edd1b99d3c7c136dc03fd77cf26940b53cc1a86900

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 19 Jan 2024 20:12:40 GMT
Via
1.1 6c1e463b1907685097cce9e63f1cf75a.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Mar 2016 19:30:11 GMT
X-Amz-Cf-Pop
JFK52-P1
Age
332994
ETag
"3138018540"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
540888
X-Amz-Cf-Id
G3dEWWDJh_WxPMNRZas7CH5uqugOg3ii5iDjXWvgKeSnMFRAgbCTHg==
Expires
Sat, 18 Jan 2025 20:12:40 GMT
tinysplash1536.png
securegames.iwin.com/m/iwin/mahjong-quest/v_60/images/ Frame A605 		130 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/images/tinysplash1536.png
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/content/mah-jong-quest?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BIskZvTaoc44BYsaqYAFseu06yEkzUnsY7cObOpAez%2BUfuw4IVdMbT%0Au6fng9IZIDQFkYPAK6AYeg%3D%3D&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-124.jfk52.r.cloudfront.net
Software
/
Resource Hash
0c7f778a8b165d1bb3074bd3087cf791476c042823c29d8817c8279602b85495

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 19:58:59 GMT
Via
1.1 f5b6caeff9422ffe5c739ff6cf167922.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Mar 2016 19:30:11 GMT
X-Amz-Cf-Pop
JFK52-P1
Age
1802615
ETag
"2881373387"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
133021
X-Amz-Cf-Id
Bmx6xV_Il3JTjf3wTvlCub9V5FZR-wCnQodtOl1h5MHijkifeUilGA==
Expires
Wed, 01 Jan 2025 19:58:59 GMT
tinymainhub1536.png
securegames.iwin.com/m/iwin/mahjong-quest/v_60/images/ Frame A605 		647 KB
647 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/images/tinymainhub1536.png
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/content/mah-jong-quest?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BIskZvTaoc44BYsaqYAFseu06yEkzUnsY7cObOpAez%2BUfuw4IVdMbT%0Au6fng9IZIDQFkYPAK6AYeg%3D%3D&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-124.jfk52.r.cloudfront.net
Software
/
Resource Hash
ad809631be9cab6220c50f787919f41ce84dc84ef031fb58d005a4eb6c03db5c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 07 Jan 2024 22:40:49 GMT
Via
1.1 86f58a7ba760944d1efd0f2fe2242e1e.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Mar 2016 19:30:11 GMT
X-Amz-Cf-Pop
JFK52-P1
Age
1360905
ETag
"3865218681"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
662215
X-Amz-Cf-Id
SVaPDZBoDf8D8xbdAH7ETlYcRnNxXMk6E6myqv9hyS-1vIU_giYzMw==
Expires
Mon, 06 Jan 2025 22:40:49 GMT
tinytileblank1536.png
securegames.iwin.com/m/iwin/mahjong-quest/v_60/images/ Frame A605 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/images/tinytileblank1536.png
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/content/mah-jong-quest?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BIskZvTaoc44BYsaqYAFseu06yEkzUnsY7cObOpAez%2BUfuw4IVdMbT%0Au6fng9IZIDQFkYPAK6AYeg%3D%3D&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-124.jfk52.r.cloudfront.net
Software
/
Resource Hash
27dcd8942a1eac1fc63353434d4dadbc3308cd9719dcaa13444104db0f8e04b0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 08 Jan 2024 13:56:45 GMT
Via
1.1 e328ac0201f987aaffe67063ed27028c.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Mar 2016 19:30:11 GMT
X-Amz-Cf-Pop
JFK52-P1
Age
1305949
ETag
"3781937500"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
2845
X-Amz-Cf-Id
QSiZELccAq2ZwILj62NiR7JLeMZ2IOg4cYJOPw_zcRRcqdBdKR4ZQw==
Expires
Tue, 07 Jan 2025 13:56:45 GMT
tinytiles1536.png
securegames.iwin.com/m/iwin/mahjong-quest/v_60/images/ Frame A605 		147 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/images/tinytiles1536.png
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/content/mah-jong-quest?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BIskZvTaoc44BYsaqYAFseu06yEkzUnsY7cObOpAez%2BUfuw4IVdMbT%0Au6fng9IZIDQFkYPAK6AYeg%3D%3D&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-124.jfk52.r.cloudfront.net
Software
/
Resource Hash
a6f717ba80fa2a7521384f8ff800bfdbf538dd1e058e457872332f8e77563572

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 07 Jan 2024 05:59:30 GMT
Via
1.1 e328ac0201f987aaffe67063ed27028c.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Mar 2016 19:30:11 GMT
X-Amz-Cf-Pop
JFK52-P1
Age
1420984
ETag
"413159663"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
150912
X-Amz-Cf-Id
ppr_pQiKtL6lNt4IlIb3C4dCJgq5Mx8_cQgwGCZtI004kFo3T1EOYg==
Expires
Mon, 06 Jan 2025 05:59:30 GMT
tinytilesdark1536.png
securegames.iwin.com/m/iwin/mahjong-quest/v_60/images/ Frame A605 		133 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/images/tinytilesdark1536.png
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/content/mah-jong-quest?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BIskZvTaoc44BYsaqYAFseu06yEkzUnsY7cObOpAez%2BUfuw4IVdMbT%0Au6fng9IZIDQFkYPAK6AYeg%3D%3D&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-124.jfk52.r.cloudfront.net
Software
/
Resource Hash
9aecc6987f61132fbfe6f042c3694726a4e9854d00d43f87b57887eab85bd4fc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 28 Dec 2023 21:16:40 GMT
Via
1.1 f5b6caeff9422ffe5c739ff6cf167922.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Mar 2016 19:30:11 GMT
X-Amz-Cf-Pop
JFK52-P1
Age
2229954
ETag
"3415043880"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
136437
X-Amz-Cf-Id
lp2-W9Rh-JjaRYJJ4xc3VhBTlFO-J2AC1Qp4gHX0VaXE4bgIIlYhrQ==
Expires
Fri, 27 Dec 2024 21:16:40 GMT
tinytilesselected1536.png
securegames.iwin.com/m/iwin/mahjong-quest/v_60/images/ Frame A605 		166 KB
167 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/images/tinytilesselected1536.png
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/content/mah-jong-quest?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BIskZvTaoc44BYsaqYAFseu06yEkzUnsY7cObOpAez%2BUfuw4IVdMbT%0Au6fng9IZIDQFkYPAK6AYeg%3D%3D&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-124.jfk52.r.cloudfront.net
Software
/
Resource Hash
4b495ee1b92aeee83f8683b011462f4cff516c65b450b7d46884b5009b452fe6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 19 Jan 2024 20:12:40 GMT
Via
1.1 6c1e463b1907685097cce9e63f1cf75a.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Mar 2016 19:30:11 GMT
X-Amz-Cf-Pop
JFK52-P1
Age
332994
ETag
"109289052"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
170213
X-Amz-Cf-Id
30FqWDZd47OeEGU0IyMzRssX6Od2_wlxOz2nQ_s39AYKj-LzjMSHVw==
Expires
Sat, 18 Jan 2025 20:12:40 GMT
pr
s.amazon-adsystem.com/v3/ Frame 0C46 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
ac7ca55b33370eb23e1ab6bb953ded98cb80ace0ff35807ea41730f847634f6b
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
2008
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 23 Jan 2024 16:42:34 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
665DE1BHDFVR99F4PTWC
sdk.js
connect.facebook.net/en_US/ Frame D8B4 		303 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=71239b7fc1481d434a3e4e919c26d3ec
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
b9c72de22833d8df48e490f9aa14feadbd033e4ad766307b58d0a4e38db39108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://securegames.iwin.com/
Origin
https://securegames.iwin.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 23 Jan 2024 16:42:34 GMT
content-md5
0/IwWt89TjyiQL7m2+72Jg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88457
x-fb-debug
oIvtwl7jRIeHQaXhXMdCU6x9X8dyCYLsPov0FQGWafnYc7OWue0hZBEBKlxb8cJ5Th3bdiWwAtpwSD1c4vJAQA==
x-fb-content-md5
f63acea2a92dc3f7bfbbb79d6f96aaf4
cross-origin-opener-policy
same-origin-allow-popups
etag
"31499d3e5f0813e5dadc5cb5de7e1992"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Wed, 22 Jan 2025 15:44:50 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 85AD
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
852 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f8154c7996ed749afc631f3f11b702a002eb99b5ede80cbd63c567379ac14c4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
84a17d9ccd443703-YYZ
content-encoding
br
content-type
text/html
date
Tue, 23 Jan 2024 16:42:34 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jxOrHxsAwhvwG0VxII%2FL%2BE1qlWwPPk73Ix9vo7f4tpMIO%2FIjGSb3gOLZEDjg8OgvebMXomLAb02fIle4qJQ5E0erZ8ckU5vQnPEBQCBwI057zMndAN29YsH62lacqoKS3P%2BN0JX%2Fqd%2BVWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
84a17d9c6c7c3703-YYZ
content-length
0
date
Tue, 23 Jan 2024 16:42:34 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ZKqjUSWPte88nLxtaS7CVB%2BzCTGUInfpTC7%2B64CAZDe8Ruk5YLSReD9cyoqgmyQ%2FXTt6UdXKC59%2Bm0391vk9329hNCQFLwX%2BwyqivQ0WTf5BgNEJFnTTJ%2FHWZGh2upBGyvJxVCC0mtpfw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
match.sharethrough.com/jwumXNuB/v1/ Frame 45F2 		667 B
852 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.185.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-185-94.compute-1.amazonaws.com
Software
/
Resource Hash
3d7d05ba095e1a1e98b220584ceb1e6a7beb3e885e7bbbb3f005e505ef671b5c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
667
date
Tue, 23 Jan 2024 16:42:34 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 38E8 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.204.76.201 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-76-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=43493
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 23 Jan 2024 16:42:37 GMT
expires
Wed, 24 Jan 2024 04:47:30 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame A5DA 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.202.153.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-153-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 23 Jan 2024 16:42:34 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
cm
u.openx.net/w/1.0/ Frame C004 		199 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
151
content-type
text/html
date
Tue, 23 Jan 2024 16:42:34 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame 60B6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=1288365238792369274&ex=appnexus.com
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=1288365238792369274&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 23 Jan 2024 16:42:34 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
602F1Z4DD1PTVD8SFGX4

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
e5c88fc1-b73e-4cbb-9618-1487e410ccd6
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 16:42:34 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://s.amazon-adsystem.com/ecm3?id=1288365238792369274&ex=appnexus.com
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
86.48.15.240; 86.48.15.240; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
amazon
ce.lijit.com/beacon/ Frame BC4D
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.69 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
d3de6c621f23961dd8953316a384939c6f40a46aa89f7e566d506a49c5544490

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
478
Content-Type
text/html
Date
Tue, 23 Jan 2024 16:42:34 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap3ewr1

Redirect headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
0
Date
Tue, 23 Jan 2024 16:42:34 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Location
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap3ewr1
usync.js
eus.rubiconproject.com/ Frame A5DA 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.202.153.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-153-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
04877ee93fc507bf82ffde243cca15bbefed395eb1d1385558b46d5c27b27997

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:42:34 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Jan 2024 12:28:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=71148
Connection
keep-alive
Content-Length
10965
Expires
Wed, 24 Jan 2024 12:28:22 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 85AD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Za_semtaVxDTT_gsvb43vwAAA9oAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=Za_semtaVxDTT_gsvb43vwAAA9oAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFtyeaTeBmXIOuh2cR5Ours&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFtyeaTeBmXIOuh2cR5Ours&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sgb4xw0hoyQgQ5tn118evAoG35tj5AkREQTnHOTU4QDN9QVGEEMjYFqEh9hSRAH6t7DUxMKqiWAGxKjBLUTYmJALxiMOcZKQ5oiK7x2ec1He5w5qP%2BkLL3oZs38S%2FuFL7ocwmkmG0Ph7kg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84a17d9f1a9c36fe-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFtyeaTeBmXIOuh2cR5Ours&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
28292
i.liadm.com/s/ Frame 85AD
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=Za-semtaVxDTT-gsvb43vwAA%26986&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=Za-semtaVxDTT-gsvb43vwAA%26986&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=3330af610ea14ec5b9aec4a730a531e5
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-9v_N_lRnWZ0JqkzxhKuPUWEx5CqcrXPqryj-nw
43 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-9v_N_lRnWZ0JqkzxhKuPUWEx5CqcrXPqryj-nw
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
3.233.146.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-146-200.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:42:45 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
1
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:45 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-9v_N_lRnWZ0JqkzxhKuPUWEx5CqcrXPqryj-nw
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1424521
content-length
0
expires
Tue, 23 Jan 2024 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 85AD
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://match.adsrvr.org/track/cmb/casale?
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0e0d8cbc-0294-4a4b-abc3-1e542e539358&expiration=1708620155&gdpr=0&gdpr_consent=
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0e0d8cbc-0294-4a4b-abc3-1e542e539358&expiration=1708620155&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mkcM3e4LUdRjBj12x3ksaHRS4AJrG6p6%2FJEDyMIQCuYRa736lhCydb7280WOKtctTRDztSOnmur5eIEWGwre8S4uGjkEbdVG96W1dd342ewsFQ8Ij38U5qi4JP%2Fghs%2FwtQcQ5BNisOcq5A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84a17da32a4236fe-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0e0d8cbc-0294-4a4b-abc3-1e542e539358&expiration=1708620155&gdpr=0&gdpr_consent=
date
Tue, 23 Jan 2024 16:42:35 GMT
server
Kestrel
content-length
323
crum
dsum-sec.casalemedia.com/ Frame 85AD
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Za-semtaVxDTT-gsvb43vwAA
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=Za-semtaVxDTT-gsvb43vwAA&google_tc=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENuYqYVaiESZrzowUxQV9uE&google_cver=1
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENuYqYVaiESZrzowUxQV9uE&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2BAgIXm9%2B4heepbhx2TX2%2FlU89UuB9pVKlrpMZD29uPRjTymjjdtxQj9sGmcNkcjKVbVSVInGtFeam1uq8Hju%2FEPqGnnMMc49gfwFDALuFIV9ArLE5fEJXvmFuUQc8Yuj3kxsjz42ACK1A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84a17d9f7b2736fe-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENuYqYVaiESZrzowUxQV9uE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
cm.ctnsnet.com/int/ Frame 85AD 		0
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 85AD 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.198.113.89 Herndon, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Tue, 23 Jan 2024 16:42:42 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
tp_out
d.adroll.com/cm/index/ Frame 85AD 		0
0
ecm3
s.amazon-adsystem.com/ Frame 85AD 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=Za_semtaVxDTT_gsvb43vwAAA9oAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 16:42:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KG3RKAG2G4W3JMPEA7W0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
log
qsearch-a.akamaihd.net/ 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=projectevents&project=prebid&acid=a4d2a294-dd62-45f8-bd7e-6e8d1ba15091&cid=8CUKB9454&crid=316243816|316243816|316243816&adunit_count=3&dn=canoe.com&requrl=https://canoe.com/puzzles/?amu=/mah-jong-quest&istop=true&event=client_timeout&value=3&rd=2000
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.230.139 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-62-230-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 16:42:37 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Tue, 23 Jan 2024 16:42:37 GMT
ca852450ddef2c05d8cb.js
fem.gprod.postmedia.digital/v94.0/chunks/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v94.0/chunks/ca852450ddef2c05d8cb.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v94.0/fem.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b1631a16b9a272828ad99cdb2ff9beb5ca3f1bcfe33741fc51fb9fb1e764e227

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 16:22:56 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1704229360
age
1297178
x-guploader-uploadid
ABPtcPpTKkCeM8Hb_S3cNsFFh7skntpX5soXRGbdlhjwpXc5drB_YdLzKlqNd4BCurpyULBbOcpdudolFl6y7j0FYG2JfcvG7RX4
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1108
last-modified
Tue, 02 Jan 2024 21:03:42 GMT
server
UploadServer
etag
W/"b8c89500a3911a44ff74904e79f8d535"
vary
Accept-Encoding
x-goog-generation
1704229422607263
x-goog-hash
crc32c=5hc1ug==, md5=uMiVAKORGkT/dJBOefjVNQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
3199
accept-ranges
none
crum
dsum-sec.casalemedia.com/ Frame 0337
Redirect Chain
  • https://um4.eqads.com/um/cs
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=513d6b27-860c-4d07-89da-b3dc4cb5d10c&expiration=1713890561
43 B
732 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=513d6b27-860c-4d07-89da-b3dc4cb5d10c&expiration=1713890561
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
84a17dcbb9dc36fe-YYZ
content-length
43
content-type
image/gif
date
Tue, 23 Jan 2024 16:42:41 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pX0F7Gg9CXt3jUircyf%2BXPfKV%2Bj7C7r1sBlYbqO2uH3pO2RAenIxO%2BISyGKfLYIOPdQuRtUKze2VMPWJBDIpD7vPu21YJ1H3e2ROUmeYfCxYOEKjHBtGnmtjqwvAuvjf2dvc2NVku5curg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache
content-length
0
date
Tue, 23 Jan 2024 16:42:41 GMT
expires
0
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=513d6b27-860c-4d07-89da-b3dc4cb5d10c&expiration=1713890561
publishertag.prebid.139.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 24 Jan 2024 16:42:34 GMT
ecm3
s.amazon-adsystem.com/ Frame BC4D 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=IClKbPZHDBYZiiS8QPeXqF_A&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 16:42:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XKZHSFPZMPZ0NZHG9C3J
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame BC4D
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=77cf63a8-29b1-4d76-bcd2-2b3b45ae629b
43 B
883 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=77cf63a8-29b1-4d76-bcd2-2b3b45ae629b
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.69 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 16:42:37 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
//ce.lijit.com/merge?pid=87&3pid=77cf63a8-29b1-4d76-bcd2-2b3b45ae629b
date
Tue, 23 Jan 2024 16:42:37 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
merge
ce.lijit.com/ Frame BC4D
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1
  • https://ce.lijit.com/merge?pid=86&3pid=RXFw8qmrqYBh-xK4NyTnJGcatYzvq4ECLfv3jdXuSmc&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=RXFw8qmrqYBh-xK4NyTnJGcatYzvq4ECLfv3jdXuSmc&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.69 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 16:42:42 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=RXFw8qmrqYBh-xK4NyTnJGcatYzvq4ECLfv3jdXuSmc&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
pragma
no-cache
date
Tue, 23 Jan 2024 16:42:42 GMT, Tue, 23 Jan 2024 16:42:42 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
sync-km.ads.yieldmo.com/ Frame BC4D
Redirect Chain
  • https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent=
  • https://sync-km.ads.yieldmo.com/sync?pn_id=km&id=f236f38a-9415-5ce9-a32a-705f78c0d14d
43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-km.ads.yieldmo.com/sync?pn_id=km&id=f236f38a-9415-5ce9-a32a-705f78c0d14d
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
H2
Server
52.206.97.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-97-127.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:35 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 16:42:35 GMT
Server
nginx
Location
https://sync-km.ads.yieldmo.com/sync?pn_id=km&id=f236f38a-9415-5ce9-a32a-705f78c0d14d
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
merge
ce.lijit.com/ Frame BC4D
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1706028154537&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=2&3pid=937D271B510D4F7F831380187136CD0A
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=937D271B510D4F7F831380187136CD0A
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.69 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 16:42:39 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Tue, 23 Jan 2024 16:42:39 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=937D271B510D4F7F831380187136CD0A
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 22 Jan 2024 16:42:39 GMT
merge
ce.lijit.com/ Frame BC4D
Redirect Chain
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=27&3pid=19dcc08a-2999-4450-b559-752a3027538a&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=27&3pid=19dcc08a-2999-4450-b559-752a3027538a&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.69 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 16:42:42 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=27&3pid=19dcc08a-2999-4450-b559-752a3027538a&gdpr=0&gdpr_consent=
date
Tue, 23 Jan 2024 16:42:42 GMT
server
Kestrel
content-length
223
ads
securepubads.g.doubleclick.net/gampad/ 		208 KB
30 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1679994063500029&correlator=3121816817420983&eid=31080495%2C31080527%2C31079724%2C31079527&output=ldjh&gdfp_req=1&vrg=202401180101&ptt=17&impl=fifs&iu_parts=3081%2CSMCO_CPTL_CAN_EN_WEB%2Clife%2Cdiversions%2Cpuzzles%2Cindex&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5%2C%2F0%2F1%2F2%2F3%2F4%2F5%2C%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1200x90%7C970x90%7C728x90%2C300x250%7C300x600%7C300x1050%2C6x6%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1706028154628&lmt=1706027861&adxs=200%2C1238%2C797&adys=154%2C848%2C1685&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F%3Famu%3D%2Fmah-jong-quest&vis=1&psz=1600x90%7C300x1050%7C1600x250&msz=1600x-1%7C300x-1%7C1600x-1&fws=4%2C4%2C4&ohw=1600%2C1600%2C1600&ga_vid=1384250816.1706028155&ga_sid=1706028155&ga_hid=367411620&ga_fc=false&a3p=EhsKDDMzYWNyb3NzLmNvbRjM78650zFIAFICCG8SGgoNY3J3ZGNudHJsLm5ldBIAGLP2zrnTMUgAEjsKCnB1YmNpZC5vcmcSJDA5NDg4NmMyLThlYzgtNGUxOC04NmZhLWY2Yjg2YWQ3NTk2MRiZ7s650zFIABIdCg5lc3AuY3JpdGVvLmNvbRii7M650zFIAFICCGQS1gEKCHJ0YmhvdXNlEsABdVJUR1pIT3RtRUZNMC9GR2RBUU5VbGkxSTN1c2F1WmVRblR4Y0Q3NTlXTXp3QWRwTmNHZ2JPTFJEZ1h4bzJGOXN4M3FPOFZ3ZWF2NDNaTnowYnRVdmJYNEM2WlJYL1NQSXY2YjhQK0ZYTW9Jc0w0eDl6aG5wSkZZV2FBR0xTUDFEU2QxTEJIRHd0NlNzSGlERkozWTZCcGI1NDBvcllQbmo1SzRkUWdqNDB6VU9iWWY3VldwR3FSZkt0SDRWUm1tGN_xzrnTMUgAEhQKBW9wZW54GKPszrnTMUgAUgIIZA..&dlt=1706028151821&idt=463&prev_scp=loc%3D1%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D67867ef1-ba0e-11ee-a53d-0af29215ae01%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%2C90%7Cloc%3Drr1%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D67867ef2-ba0e-11ee-a53d-0af29215ae01%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%7Cloc%3D2%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D67867ef3-ba0e-11ee-a53d-0af29215ae01%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40&cust_params=permutive%3D96400%252Cbsjr%252Cbrrj%252Crts%26prmtvvid%3Da016a2f8-7330-406f-8add-893318f14369%26prmtvwid%3D23dc09d6-b664-425a-a76e-0eed6a6cc102%26no_pol%3Dtrue%26page%3Dindex%26pr%3Dcanoe%26sensitive%3Dn%26negative%3Dn%26ck%3Dlife%26sck%3Ddiversions%252Cpuzzles%26imp%3Dpuzzles%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3D%26prmtvsdk%3Dweb&adks=1740580364%2C3708781197%2C3338692552&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
1d314009ccfd83d39b6a4a7bf3c1df95ff5da301282a88c8c50e1e2c06681246
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:35 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,71397,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30655
x-xss-protection
0
google-lineitem-id
6322821734,-1,6461670218
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138436152095,-1,138460252872
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://canoe.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0F2A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://canoe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 16:42:34 GMT
expires
Wed, 22 Jan 2025 16:42:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
khaos.json
token.rubiconproject.com/ Frame A5DA 		7 B
766 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
c52bde874ac36e8646ae455e9e84952e
Expires
0
ecm3
s.amazon-adsystem.com/ Frame 45F2 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=f67c6579-6ade-4e34-a1cf-b095b9b1e153
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 16:42:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WZCZC5S12SN06JSN3MGK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 45F2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=0e0d8cbc-0294-4a4b-abc3-1e542e539358&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=0e0d8cbc-0294-4a4b-abc3-1e542e539358&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
52.0.185.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-185-94.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:35 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=0e0d8cbc-0294-4a4b-abc3-1e542e539358&gdpr=0&gdpr_consent=
date
Tue, 23 Jan 2024 16:42:35 GMT
server
Kestrel
content-length
323
v1
match.sharethrough.com/sync/ Frame 45F2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=ZjY3YzY1NzktNmFkZS00ZTM0LWExY2YtYjA5NWI5YjFlMTUz
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
52.0.185.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-185-94.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:34 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 45F2
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=15&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-8e9d9974-9227-563f-5a86-3ec248d76214$ip$86.48.15.240&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-8e9d9974-9227-563f-5a86-3ec248d76214$ip$86.48.15.240&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
52.0.185.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-185-94.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:46 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Location
https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-8e9d9974-9227-563f-5a86-3ec248d76214$ip$86.48.15.240&gdpr=0&gdpr_consent=
Date
Tue, 23 Jan 2024 16:42:46 GMT
Connection
keep-alive
Content-Length
199
Content-Type
text/html; charset=utf-8
v1
match.sharethrough.com/sync/ Frame 45F2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sharethrough&user_id=f67c6579-6ade-4e34-a1cf-b095b9b1e153&gdpr=0&gdpr_consent=&gdpr_pd=1&us_privacy=&expires=365
  • https://x.bidswitch.net/ul_cb/sync?ssp=sharethrough&user_id=f67c6579-6ade-4e34-a1cf-b095b9b1e153&gdpr=0&gdpr_consent=&gdpr_pd=1&us_privacy=&expires=365
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=sharethrough&bsw_user_id=a3bee66b-d742-4693-b5cb-a6a9f2d75f7b&gdpr=0&gdpr_consent=&us_privacy=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=sharethrough&bsw_user_id=a3bee66b-d742-4693-b5cb-a6a9f2d75f7b&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=77cf63a8-29b1-4d76-bcd2-2b3b45ae629b&ssp=sharethrough&gdpr=0
  • https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=a3bee66b-d742-4693-b5cb-a6a9f2d75f7b&seat_user_id=&seat_key=&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=a3bee66b-d742-4693-b5cb-a6a9f2d75f7b&seat_user_id=&seat_key=&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
52.0.185.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-185-94.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:37 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Location
//match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=a3bee66b-d742-4693-b5cb-a6a9f2d75f7b&seat_user_id=&seat_key=&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Date
Tue, 23 Jan 2024 16:42:37 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
status
www.facebook.com/x/oauth/ Frame D8B4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2Fentertainment.service.amuniversal.com%2Chttps%3A%2F%2Fcanoe.com&client_id=128296273850064&input_token&origin=1&redirect_uri=https%3A%2F%2Fsecuregames.iwin.com%2Fm%2Fconsole%2Fv_313%2F%23%2Fm%2Fiwin%2Fmahjong-quest%2Fv_60%2F%23!uclick&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=71239b7fc1481d434a3e4e919c26d3ec
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securegames.iwin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=()
strict-transport-security
max-age=15552000; preload
date
Tue, 23 Jan 2024 16:42:37 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
wnm5v8Z1eq7MJGac/rRSEwJAbHhRUI21Eg7GfypebJ6ePXvCdz8ykJQLXcSjsHTf72NKU7hhLFZmLdYwyca75g==
fb-s
unknown
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://securegames.iwin.com
origin-agent-cluster
?0
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self)
expires
Sat, 01 Jan 2000 00:00:00 GMT
login
postmedia.hub.loginradius.com/ssologin/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.214.92.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-92-171.compute-1.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://canoe.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin
https://canoe.com
Connection
keep-alive
Date
Tue, 23 Jan 2024 16:42:36 GMT
LoginRadius-Location
US1
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-LoginRadius-Server
Primary - IDX - AWS
X-Server
ms_idx_primary
login
postmedia.hub.loginradius.com/ssologin/ 		38 B
565 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v94.0/fem.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.214.92.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-92-171.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

Date
Tue, 23 Jan 2024 16:42:36 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
LoginRadius-Location
US1
Server
nginx
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://canoe.com
X-LoginRadius-Server
Primary - IDX - AWS
Access-Control-Allow-Credentials
true
X-Server
ms_idx_primary
Connection
keep-alive
Content-Length
38
eventjson
events.iwin.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.iwin.com/eventjson
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.185.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-185-93.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://securegames.iwin.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
content-type
text/plain
date
Tue, 23 Jan 2024 16:42:35 GMT
eventjson
events.iwin.com/ Frame D8B4 		0
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.iwin.com/eventjson
Requested by
Host: securegames.iwin.com
URL: https://securegames.iwin.com/m/console/v_313/site-console/js/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.185.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-185-93.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://securegames.iwin.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 23 Jan 2024 16:42:35 GMT
access-control-allow-credentials
false
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
publishertag.prebid.139.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 24 Jan 2024 16:42:34 GMT
ecm3
s.amazon-adsystem.com/ Frame A5DA
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LRQL43MN-1U-7G9H
  • https://s.amazon-adsystem.com/ecm3?id=LRQL43MN-1U-7G9H&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LRQL43MN-1U-7G9H&ex=d-rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 16:42:35 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2WFHEE3GWJ5XCBV5PF7H
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LRQL43MN-1U-7G9H&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f72efbd84733ea5ba734e4e8fe0395a3
Expires
0
pixel
cm.g.doubleclick.net/ Frame A5DA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWYyNzFhM2IyMjQ0M2QyMmM5NmE5NzAyYTRhNDVhMGI4MTgzZTg1Ng
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWYyNzFhM2IyMjQ0M2QyMmM5NmE5NzAyYTRhNDVhMGI4MTgzZTg1Ng
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWYyNzFhM2IyMjQ0M2QyMmM5NmE5NzAyYTRhNDVhMGI4MTgzZTg1Ng
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c52bde874ac36e8646ae455e9e84952e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame A5DA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBRrzjc8k58xt52qYM0sm_U&google_cver=1
0
0
sync.php
pixel.rubiconproject.com/exchange/ Frame A5DA 		0
0
tap.php
pixel.rubiconproject.com/ Frame A5DA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/gEik4Z4phepny8CiRITD-Mn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-maw4jDxE2oLSXHEA2h29AkrphIP8Ewi2eTFlJQ--~A
0
0
token
pixel.rubiconproject.com/ Frame A5DA
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=YvDqeRlFT4yn9bsOi0MEMg&rk=usync-na
0
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame A5DA 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 16:42:36 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FSVPC5698X4V51CFM8HN
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame A5DA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://match.adsrvr.org/track/cmb/rubicon?
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0e0d8cbc-0294-4a4b-abc3-1e542e539358&gdpr=0&gdpr_consent=&expires=30
0
0
setuid
px.ads.linkedin.com/ Frame A5DA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRQL43MN-1U-7G9H
0
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRQL43MN-1U-7G9H
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:41 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 80A95A837AB94AC6BF8D10AAB5ED25B2 Ref B: YTO01EDGE0813 Ref C: 2024-01-23T16:42:42Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYPn6KYUxRG++hbG+JGvg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRQL43MN-1U-7G9H
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c57992b917a1c5de787b922c662fdf18
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync.php
pixel.rubiconproject.com/exchange/ Frame A5DA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFJRTDQzTU4tMVUtN0c5SA==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIiIcFMAhEHwHDvrc9HXN7k&google_cver=1
0
0
rp
match.prod.bidr.io/cookie-sync/ Frame A5DA 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.252.120 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-252-120.compute-1.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 23 Jan 2024 16:42:36 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame A5DA 		0
0
sync.php
pixel.rubiconproject.com/exchange/ Frame A5DA 		0
0
sync.php
pixel.rubiconproject.com/exchange/ Frame A5DA 		0
0
sync.php
pixel.rubiconproject.com/exchange/ Frame A5DA 		0
0
cksync
hb.yahoo.net/ Frame A5DA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LRQL43MN-1U-7G9H&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LRQL43MN-1U-7G9H&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1BazR3emExRTJ1RlY1SWE1VnBONl9FRzdoaU5VU1B3Rn5B&ovsid=LRQL43MN-1U-7G9H&dpid=58160
57 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1BazR3emExRTJ1RlY1SWE1VnBONl9FRzdoaU5VU1B3Rn5B&ovsid=LRQL43MN-1U-7G9H&dpid=58160
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
23.62.230.165 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-62-230-165.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Tue, 23 Jan 2024 16:42:43 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Tue, 23 Jan 2024 16:42:43 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1BazR3emExRTJ1RlY1SWE1VnBONl9FRzdoaU5VU1B3Rn5B&ovsid=LRQL43MN-1U-7G9H&dpid=58160
date
Tue, 23 Jan 2024 16:42:42 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync.php
pixel.rubiconproject.com/exchange/ Frame A5DA 		0
0
jload
pixel.adsafeprotected.com/ Frame BE5F 		61 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=928934&campId=728x90&pubId=4811995650&chanId=21690693772&placementId=6322821734&pubCreative=138436152095&pubOrder=3215561405&cb=1432650536&custom=index&custom2=1&adsafe_par&impId=67867ef1-ba0e-11ee-a53d-0af29215ae01
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.141.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-141-205.compute-1.amazonaws.com
Software
/
Resource Hash
5c363338ca83fcfc1ebf74e6905218db3a63eeeaf388129da82ccaeb3db86698

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:35 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A308 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuNhqg6Gj_BLFwsqjA4QHY2BVAG38CV8s0yAcp-d536qAK3ioZp-cjOSTyHVNfWjp2PvHplVvl7Ccq1zYrxlhhL45JmBIcsy0UrHGjEZKAjoahLHIBnkvbY6YV8VcpVHdQpngOMZ-91dMzpugmRdn4qfsSrPfvM35NG94ysVNRsLNhbwJBQ4o2i5FhY4g4WyQfIMjBl3hgAsgHOch0GV0BRCkGBTUYeCF7d_qMRmjb-lSrI58a3lBjANJKbQqfxF5KzA2gwPCITVatjKWi-w13dvvPnKyMQyJ-NB-x0_4KwpJN_iOlgtesMTIauOceGOuUlIZf1dyVG5nWgAWt9nhGwGGd2rYnT7B3Fyz_r61A4hlHNr30d0haF_pgaUQ7qEcQVJVtwmypu2zzyHk7Ss3Sv&sai=AMfl-YQD276SqdolwBxP9P6C_cQVM4f1Zg1mTvT7a5Z6o7k0mEvBRqzzVw_BPjcIbmmqaL-kEJbBkZ6bJqpJmFA11Unkcb4GAdvbkNAlwC4jzGscQdVrpubx8ww6xNY7rvq4MQmd9jY82aLyKdPzdnBEDG0&sig=Cg0ArKJSzLc9AaKift4pEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame A308 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:28:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
47630
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 03:28:46 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame A308 		206 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Jan 2024 16:42:35 GMT
6714482313214266072
tpc.googlesyndication.com/simgad/ Frame A308 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6714482313214266072
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
774f5d9fc93c2aeffffd9fcc4fded4baeb36b2ea6c9bb09b86e06b38f8bae844
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 18 Jan 2025 14:53:50 GMT
date
Fri, 19 Jan 2024 14:53:50 GMT
x-content-type-options
nosniff
age
352126
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86636
x-xss-protection
0
last-modified
Tue, 13 Jun 2023 17:54:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
container.html
eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 239A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://canoe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 16:42:35 GMT
expires
Wed, 22 Jan 2025 16:42:35 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame A308 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
47585e997f9bb48e819d8a2f76b31ed2c28ffd937fad77af25af8a114e08124d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2B8B 		663 B
578 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLHZsgIQw5rPAhjGgI77ATAB&v=APEucNWnW_og2VRVah1gxczgaxYzAHj6n3nAJwwjPxRHeQg2FINMbT5SRISLKnWUTRAUwedGFf6NiqJ9y-9dMNTF24jzQ9bwtA
Requested by
Host: eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com
URL: https://eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
962d6dea088b031cd44d33f937adb5ba241a9435aa32a8be667d57482b8bbe1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
234
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 16:42:35 GMT
expires
Tue, 23 Jan 2024 16:42:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 239A 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com
URL: https://eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 23 Jan 2024 16:42:35 GMT
77cb687b-943b-4eac-9903-7a1957ffdab3
a960.casalemedia.com/impression/v2/190936/85/cmnuouj7t1dam9slo280/ Frame 239A 		43 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a960.casalemedia.com/impression/v2/190936/85/cmnuouj7t1dam9slo280/77cb687b-943b-4eac-9903-7a1957ffdab3?verifieD=1&userID=&cmpro=0&deviceType=2&expiryTime=1706028754&profileIDs=&creativeID=15ddd75&pubID=184713&format=banner&channel=site&ap=Za_segALLgAH48smAApT_6DKmbTUdOFuQhzs5w
Requested by
Host: eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com
URL: https://eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.204.227.132 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 16:42:36 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 239A 		42 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CEogPbb1RsHuPJLgNS7TY7pv7lv2xWZRpnIpLC8OiiuRlYOEQam_SlIXEyIfpGaWOQIq9dBAHjMncAfPXUxlzpCAe8aEQ2F6QgVfPwmoOEBLGwr9s
Requested by
Host: eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com
URL: https://eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 239A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com
URL: https://eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:28:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
47630
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 03:28:46 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 239A 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com
URL: https://eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:28:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
80023
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 18:28:53 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 239A 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com
URL: https://eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 02:48:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
222829
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 20 Jan 2025 02:48:47 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 239A 		206 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com
URL: https://eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Jan 2024 16:42:35 GMT
main.19.8.473.js
static.adsafeprotected.com/ Frame BE5F 		214 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.473.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=928934&campId=728x90&pubId=4811995650&chanId=21690693772&placementId=6322821734&pubCreative=138436152095&pubOrder=3215561405&cb=1432650536&custom=index&custom2=1&adsafe_par&impId=67867ef1-ba0e-11ee-a53d-0af29215ae01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-29.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f68687158d2c493d42ae6dee2f15fc2c761da3abf8d92c4474e1dbc527b6930d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:48:31 GMT
x-amz-version-id
TozINgEWWkvQmqDfTCTq3yrdeWW.56xS
content-encoding
gzip
via
1.1 5da360f23ca6a5d9a9a5e95b0b553be0.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
1018445
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 11 Jan 2024 21:47:36 GMT
server
AmazonS3
etag
W/"38edfb290172e1aef8532f19eb4cbbe4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
MwxkUMQtHM0G9ciMtBNzfiU1Opa3n8eZ9zRnUDrZPPU13hrbnyWLEA==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 239A 		0
58 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2190713768428&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 239A 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2190713768428&version=m202309260101&ct=76&x=13&cor=6016225412002137000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 239A 		84 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AbgWOwrMy1qnctzymFYx-Di6a6JzNKBUhLq1BXy22iRHLClYtlBkEKGQup3npFCU4RASeb6wnmRv7IOZw0jFwkgNqappie1lVkAILahNcS0zt9iwf1L0BWmU2RtTwZOp4jfY6l9u3Yhoz4G6yrJq-tgRt3O_g3vlErMc3xabn1TRFKOKATVVyzGU51LBXeUcMwZHPR9i6biLOe7lJu6mGwFYFPxQBfCu2MfAQ2vP8b2PQ4TKE&dbm_d=AKAmf-A0TtBbI1tU0ASRhPwl3KQXpxM3iCy9ZlkrpNjSIZV4R6NtB8PfGwfJh1c4zjWrh4vP1OehmiwZLvLmhF-YP_G6RbY9kfod3j5HDSS8OFDNMX22NDXE1K75-ExPyXl7Fi2qBpFP28xiXvrdbCXacF88K26RxzSuGDDaIhIltz5n2TQWyupMNp6mU59OkWELw8e4ejboqgkxxWyX2O5CoBliUlvneyKpfN3nxSDazsL48rSYOqa8glYecjKrAswqTSxKpbR6XMQ68Oz4Xpz-aKup4_D88ZwbQ5VQ-jE9bexv9vRwEVoKaYxkHnmPH-B2s7YNdzBvgK2t0HBJhVoOyRlxWgs-z5Ij1adF4FODcUD5RtBVlMC65_lUbGxxMPd0Twn6jG-8ioLL9ymjCJ0ejOR1vwLN6ycFbZsIevS97m9qZ7a7f10hovB8xh56b6spxmGRaSLkEJ0NH1_K-MB_5bV_hTfXEYUpOb8p4cXl4Jik6o6lwKhhuQV7mWMkfDGPevU6RF_0DQXevR_sJKON6MSIJCT4oJ6fnCxOPB0KbGpv6oT-fwuFRA5rUmmy3r0SOcy4UlU37fUTCMXzKlmt8EWHCvrFOlCqviK0H6dPcH06cVWDT5JjKFrYNR_Du3G4EOJZIcC847vUyO8zN-6Rfh_dPJktoZl-KpRU6raqkOJ_Qv1G_OJeOi4gzlV4B7CXeX0VDG8jTDrYJZJqUW_PKScrrrO7QkMNTX0YAciW3yjYuXFy1YSQ90JnZa9gTz3Vz8wVJr-cnCdsmNDV8D-SqsaxhiAvQ5ZzRR864hbMr0zW-bvfh52VV8Eic_K-11S6XFx5NayCEHuoUqrRy2xEXLTeD0OEeh1iTecjztXy-kR1Hsy_qtXXF1-0tsM1l5P3X9ppKN_vdVLPRA5Mf5CRBT9DFPWdTrEltkVJRhOMuadY7QrE5-NGOIBx8R0FkW7dSJHIH26KtKGKq7BM5qUwkIBewigC-5x-SNklYam_NzKVm9qKaWEXGix7pzt-6sUqAytJcOhHcY9KXCmlKijEQBBNXxOf1JYvVLEkumUOPXMr0ee-6NOxrAWasXPkBYiLDpAnvo5h11S80O9rVoV9UCksaqIArDt0VnsTzCHaeaoiquKONMH4Q4BaYKFJVhhKltvcVAYNGiasCBZzt8RKUeYzGySB7eFCnnIWgGsU7XBI-3Ix_PAHi0jnxkwLjZfZXSYqiLRTNIhWcp6lV9AO6Ug-j3r8EsrU1ErpScZqlEGjdYlwwUEsY_4Hb-1zFDu5z74b_grgLED62930PFIJzPB3wMjwjWmxk1PVV38IZ_UPPvZ6qOmVmVzW-tLa2iLysYPWWJbSuHoGTkadCg9xr7x_sXw6Ysh-BaGx1JRap2B7ulYB5SNNGRgN0aMoxxYSR39TdjBs2ckjrNhwXtilbMJtHnzfkamsinDPM1Zrx-VtDgh91NaKHFZQAKuQrXB3EMU7oaJU23tzbInww3BtnCMe85W_cOdeucVaSmt2q2nrzd5sLy-8X_2H0JHIT-ddkcIhwgDeeDVyTY4Pc7mtZZBr6pCLqcRnikwmZJWRq_fuVc8WDe5UaTp3Rx-ODXw8wgKFiWSprzcC4aqwsq54MT4wGSn8dnI6H3wwdCTKKvCdY7RvUA_HjYtEmaCjH6QaQd3DuRp3lm2fdkCN_RRXrFf-i2RpE0JPWIT7tRhkDz5V9VJKhy7tOn2yhO4ZRSjVqUcjHv-S3GGM6LXV2aa8g5p3pgGcMZ5VkY3KsZ-CGRCqDWM3Nvtj5yOh0zMfq_f83guz28HboW-3rnDiZQGNSALhoiPrXP3sZ4RUOvKnLsvGVcy0qe0tMOvsA_qN7L-KcmWan1kQZ0db6PGT5uR54yRHnAwzTOiGzEoIBy_uAgBf28W8oqyhQAZ_VQ17lSxS0DM2C_dxeTyKjmHrC9LwKY-bMLykD84CMdC6-2JAYHSboMtFCnnlobhUF5rsSKI0cErxYOwVASnsyUYXoHUSI6F5R5a1yQb7bnp-sSdEJS5Vy8ejBdshOuiAUza9EEToZ22tu6tN-VNgV8-txY6ArTyRrOZu0CGiETr8kNxCrGg3IODE5fxPaJQbWpvhwKeD_Got2g9aaWwnRceLXZeuTn847nz8Zghep1mkbG8xrt3NVk0oSdzoJOXS_i7nUqMDPLuXUsRV0u8cyWByGnvGQefK1aAdUpxjeTVF_3VCIBkQXe3IVbHU_9_Av2Y6FtA8OP-AOAi5BdC2UmkiPAQfcE9U9yeG7FqhxjQhEx8cI2o6F6X13igLXfjKJXXhF4Yaz1XFCfun9uOToUDYAhHwTRIMtrtN6CckHGm2HfIXpaYgdHEhMzq3kEBij9C9PRbEw80wuq7uEo8cPoZNmQ8J2VEYT9BbUiy8oGDilhMxj41Hk7WZ0n1gH6AzVR3Q7zDIBIlEVbmdAfoCEEZgdLwzzYaxEr1tjSo9TLVBTsx7bQtw3DgONIOqdn9BV0r_lFv4cC0QYoD6lPzzi-KBIHg6r8aWw8uYUykR3jM-rohG8pzDPXGA6iGYBiiamo6AP31R2k9CypWYfjt8BSTXPU6bybYxbP91vake5YxIBacPeXrUgcLoyro5rjX4BhX8zMs7CF-QxZ-g2bN3tMhN-TRd_0gYDU7x3ESnCqYDOqRZ6e_zOtbj8Hf7z30F1zsLuBisNeBhRVAFT1esacbLf7JNhRzJ_oLMqqXLRNpyKTSEW3Y0uiym7l5yIojr9azlIL3RrK0HO93nu1vEWWeiJb2T9gstVJ-rJ8KAKh-4ghZoQNDB2cbkj38jUsVXS9ba38AbX81K3SxmKgHeMV2kBl1FdUmEiEUxev364PC_qtYH_TaWsUcdqqUoduE_RPPdA-emLWjCzmRY-pfoNm67-EZvTLWN5doufFVKrg4dyKHN5_SD-hVSbnFaUwUI1dMiUatAyhYjjX2gkRxPR_xmdfw0G6a7WNnOJtpLqUchwqpfpCNOL5IYn4sf_J-e-jygg2s9en8f1njU6MqjtHIn65yd2eZm-qxjWa9wcD1KAJrqhEr8LWefiPNr3uO5b5T17O4RX6a7_dIUg7mArtjnxUaqsVgC_5u3jzCHPPvxzYMQ1JKKNyDBO3lMV9PnmHPkEL_blraXNNPIAf1zjOjWgqfM2g88AH9AIzQqhN5PDgUfHbwTBYgx-po06DjxjmrwqSOWEh_02EZeW-0g7peukyoTSXzBQq3VuymiRxcF1M0Go5IN7tVjQDUT8andGE5kZEAhNDqoJNahCQ3wsnOy5hlXvREDC-qnjh2VRAy4Rto8wgg-B0nbKnYIN06O8zkR_WqcWJx6U9WOnigWwP80kP7wWKZfwmf8AL4mkUTjH1fHxD2BIqqdBKHAeuUDvLsj5GTSyAVM6gTW3buQDq1RCy1oYfvM2xr5-_gd6Rh52YRcIVC7yvh_pKvtbZZbRNLhwiY8NM48PF2aY4dEtRLzgo3HUTCdSpFnWomxsEwSZXPjuGtOIoo9IxAP6Kf_yNeDPpZwFAw31qZvyl_Pn0jgyeLx3ICbbF-xNApot6fgqNlRmfixQZ1NoyGVW6EM1kxbEzr0eG3UhNkCs8NY16HNSIshbOfzrr3VgHmXEB1PvkboTzer2jkepO7zNap87qY0u1udUISHQxa7&pr=13%3AZa_segAAAABLxLzprwbdH4TXxCIk3_2qKoqoSg&cid=CAQSMgAvHhf_5EXDWjxyieR06lglmTVINoi-v5vvj7XXcXdBfd9dkjdm5NAZBw9AiUFy0e0uGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcanoe.com%2F&ds=l&xdt=1&iif=1&cor=6016225412002137000&adk=4209541047&idt=176&cac=0&dtd=14
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
9580206e8c51384aad56a81bdd78ea442e5a0f720b366b28688f33b4c7bdcf63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39118
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs
cs.lkqd.net/ Frame 2B8B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESELDihI4AtPhmLUtYN7G3PkQ&google_cver=1
43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESELDihI4AtPhmLUtYN7G3PkQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLHZsgIQw5rPAhjGgI77ATAB&v=APEucNWnW_og2VRVah1gxczgaxYzAHj6n3nAJwwjPxRHeQg2FINMbT5SRISLKnWUTRAUwedGFf6NiqJ9y-9dMNTF24jzQ9bwtA
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:35 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESELDihI4AtPhmLUtYN7G3PkQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs
cs.lkqd.net/ Frame 2B8B 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLHZsgIQw5rPAhjGgI77ATAB&v=APEucNWnW_og2VRVah1gxczgaxYzAHj6n3nAJwwjPxRHeQg2FINMbT5SRISLKnWUTRAUwedGFf6NiqJ9y-9dMNTF24jzQ9bwtA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:35 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
rum
dsum-sec.casalemedia.com/ Frame 2B8B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENuYqYVaiESZrzowUxQV9uE&google_cver=1
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENuYqYVaiESZrzowUxQV9uE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLHZsgIQw5rPAhjGgI77ATAB&v=APEucNWnW_og2VRVah1gxczgaxYzAHj6n3nAJwwjPxRHeQg2FINMbT5SRISLKnWUTRAUwedGFf6NiqJ9y-9dMNTF24jzQ9bwtA
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yhXwsVLhJwH5OxNESEl6jvwW65WKK6d7yW%2BCRMYfJ9AZ69TryaAsY7ReabQ2wW0VxTMjq6A3Zea9gnZ2QMlrHt%2FVMqBtuk1c5rCX1cid0qE2PfZSb3Cm0OymWgvnrcTW0S13ETnNxUh%2BiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84a17da55e7636fe-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENuYqYVaiESZrzowUxQV9uE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 2B8B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Za-semtaVxDTT-gsvb43vwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENuYqYVaiESZrzowUxQV9uE&google_cver=1
43 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENuYqYVaiESZrzowUxQV9uE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLHZsgIQw5rPAhjGgI77ATAB&v=APEucNWnW_og2VRVah1gxczgaxYzAHj6n3nAJwwjPxRHeQg2FINMbT5SRISLKnWUTRAUwedGFf6NiqJ9y-9dMNTF24jzQ9bwtA
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JhBbtxwrraz7MCjsybVFEkbnUgVYM28vu6YzumupXmxl1gziXRWaS1KtCcqCLSMY5aQsQp7sHmD1AfZAUarEaYqjERYGZnv6LTt9XXJI0Llm5RwHBqvJhPbgGEF9biKUmoSpihk%2BoSAj4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84a17da5df8036fe-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENuYqYVaiESZrzowUxQV9uE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 239A 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AbgWOwrMy1qnctzymFYx-Di6a6JzNKBUhLq1BXy22iRHLClYtlBkEKGQup3npFCU4RASeb6wnmRv7IOZw0jFwkgNqappie1lVkAILahNcS0zt9iwf1L0BWmU2RtTwZOp4jfY6l9u3Yhoz4G6yrJq-tgRt3O_g3vlErMc3xabn1TRFKOKATVVyzGU51LBXeUcMwZHPR9i6biLOe7lJu6mGwFYFPxQBfCu2MfAQ2vP8b2PQ4TKE&dbm_d=AKAmf-A0TtBbI1tU0ASRhPwl3KQXpxM3iCy9ZlkrpNjSIZV4R6NtB8PfGwfJh1c4zjWrh4vP1OehmiwZLvLmhF-YP_G6RbY9kfod3j5HDSS8OFDNMX22NDXE1K75-ExPyXl7Fi2qBpFP28xiXvrdbCXacF88K26RxzSuGDDaIhIltz5n2TQWyupMNp6mU59OkWELw8e4ejboqgkxxWyX2O5CoBliUlvneyKpfN3nxSDazsL48rSYOqa8glYecjKrAswqTSxKpbR6XMQ68Oz4Xpz-aKup4_D88ZwbQ5VQ-jE9bexv9vRwEVoKaYxkHnmPH-B2s7YNdzBvgK2t0HBJhVoOyRlxWgs-z5Ij1adF4FODcUD5RtBVlMC65_lUbGxxMPd0Twn6jG-8ioLL9ymjCJ0ejOR1vwLN6ycFbZsIevS97m9qZ7a7f10hovB8xh56b6spxmGRaSLkEJ0NH1_K-MB_5bV_hTfXEYUpOb8p4cXl4Jik6o6lwKhhuQV7mWMkfDGPevU6RF_0DQXevR_sJKON6MSIJCT4oJ6fnCxOPB0KbGpv6oT-fwuFRA5rUmmy3r0SOcy4UlU37fUTCMXzKlmt8EWHCvrFOlCqviK0H6dPcH06cVWDT5JjKFrYNR_Du3G4EOJZIcC847vUyO8zN-6Rfh_dPJktoZl-KpRU6raqkOJ_Qv1G_OJeOi4gzlV4B7CXeX0VDG8jTDrYJZJqUW_PKScrrrO7QkMNTX0YAciW3yjYuXFy1YSQ90JnZa9gTz3Vz8wVJr-cnCdsmNDV8D-SqsaxhiAvQ5ZzRR864hbMr0zW-bvfh52VV8Eic_K-11S6XFx5NayCEHuoUqrRy2xEXLTeD0OEeh1iTecjztXy-kR1Hsy_qtXXF1-0tsM1l5P3X9ppKN_vdVLPRA5Mf5CRBT9DFPWdTrEltkVJRhOMuadY7QrE5-NGOIBx8R0FkW7dSJHIH26KtKGKq7BM5qUwkIBewigC-5x-SNklYam_NzKVm9qKaWEXGix7pzt-6sUqAytJcOhHcY9KXCmlKijEQBBNXxOf1JYvVLEkumUOPXMr0ee-6NOxrAWasXPkBYiLDpAnvo5h11S80O9rVoV9UCksaqIArDt0VnsTzCHaeaoiquKONMH4Q4BaYKFJVhhKltvcVAYNGiasCBZzt8RKUeYzGySB7eFCnnIWgGsU7XBI-3Ix_PAHi0jnxkwLjZfZXSYqiLRTNIhWcp6lV9AO6Ug-j3r8EsrU1ErpScZqlEGjdYlwwUEsY_4Hb-1zFDu5z74b_grgLED62930PFIJzPB3wMjwjWmxk1PVV38IZ_UPPvZ6qOmVmVzW-tLa2iLysYPWWJbSuHoGTkadCg9xr7x_sXw6Ysh-BaGx1JRap2B7ulYB5SNNGRgN0aMoxxYSR39TdjBs2ckjrNhwXtilbMJtHnzfkamsinDPM1Zrx-VtDgh91NaKHFZQAKuQrXB3EMU7oaJU23tzbInww3BtnCMe85W_cOdeucVaSmt2q2nrzd5sLy-8X_2H0JHIT-ddkcIhwgDeeDVyTY4Pc7mtZZBr6pCLqcRnikwmZJWRq_fuVc8WDe5UaTp3Rx-ODXw8wgKFiWSprzcC4aqwsq54MT4wGSn8dnI6H3wwdCTKKvCdY7RvUA_HjYtEmaCjH6QaQd3DuRp3lm2fdkCN_RRXrFf-i2RpE0JPWIT7tRhkDz5V9VJKhy7tOn2yhO4ZRSjVqUcjHv-S3GGM6LXV2aa8g5p3pgGcMZ5VkY3KsZ-CGRCqDWM3Nvtj5yOh0zMfq_f83guz28HboW-3rnDiZQGNSALhoiPrXP3sZ4RUOvKnLsvGVcy0qe0tMOvsA_qN7L-KcmWan1kQZ0db6PGT5uR54yRHnAwzTOiGzEoIBy_uAgBf28W8oqyhQAZ_VQ17lSxS0DM2C_dxeTyKjmHrC9LwKY-bMLykD84CMdC6-2JAYHSboMtFCnnlobhUF5rsSKI0cErxYOwVASnsyUYXoHUSI6F5R5a1yQb7bnp-sSdEJS5Vy8ejBdshOuiAUza9EEToZ22tu6tN-VNgV8-txY6ArTyRrOZu0CGiETr8kNxCrGg3IODE5fxPaJQbWpvhwKeD_Got2g9aaWwnRceLXZeuTn847nz8Zghep1mkbG8xrt3NVk0oSdzoJOXS_i7nUqMDPLuXUsRV0u8cyWByGnvGQefK1aAdUpxjeTVF_3VCIBkQXe3IVbHU_9_Av2Y6FtA8OP-AOAi5BdC2UmkiPAQfcE9U9yeG7FqhxjQhEx8cI2o6F6X13igLXfjKJXXhF4Yaz1XFCfun9uOToUDYAhHwTRIMtrtN6CckHGm2HfIXpaYgdHEhMzq3kEBij9C9PRbEw80wuq7uEo8cPoZNmQ8J2VEYT9BbUiy8oGDilhMxj41Hk7WZ0n1gH6AzVR3Q7zDIBIlEVbmdAfoCEEZgdLwzzYaxEr1tjSo9TLVBTsx7bQtw3DgONIOqdn9BV0r_lFv4cC0QYoD6lPzzi-KBIHg6r8aWw8uYUykR3jM-rohG8pzDPXGA6iGYBiiamo6AP31R2k9CypWYfjt8BSTXPU6bybYxbP91vake5YxIBacPeXrUgcLoyro5rjX4BhX8zMs7CF-QxZ-g2bN3tMhN-TRd_0gYDU7x3ESnCqYDOqRZ6e_zOtbj8Hf7z30F1zsLuBisNeBhRVAFT1esacbLf7JNhRzJ_oLMqqXLRNpyKTSEW3Y0uiym7l5yIojr9azlIL3RrK0HO93nu1vEWWeiJb2T9gstVJ-rJ8KAKh-4ghZoQNDB2cbkj38jUsVXS9ba38AbX81K3SxmKgHeMV2kBl1FdUmEiEUxev364PC_qtYH_TaWsUcdqqUoduE_RPPdA-emLWjCzmRY-pfoNm67-EZvTLWN5doufFVKrg4dyKHN5_SD-hVSbnFaUwUI1dMiUatAyhYjjX2gkRxPR_xmdfw0G6a7WNnOJtpLqUchwqpfpCNOL5IYn4sf_J-e-jygg2s9en8f1njU6MqjtHIn65yd2eZm-qxjWa9wcD1KAJrqhEr8LWefiPNr3uO5b5T17O4RX6a7_dIUg7mArtjnxUaqsVgC_5u3jzCHPPvxzYMQ1JKKNyDBO3lMV9PnmHPkEL_blraXNNPIAf1zjOjWgqfM2g88AH9AIzQqhN5PDgUfHbwTBYgx-po06DjxjmrwqSOWEh_02EZeW-0g7peukyoTSXzBQq3VuymiRxcF1M0Go5IN7tVjQDUT8andGE5kZEAhNDqoJNahCQ3wsnOy5hlXvREDC-qnjh2VRAy4Rto8wgg-B0nbKnYIN06O8zkR_WqcWJx6U9WOnigWwP80kP7wWKZfwmf8AL4mkUTjH1fHxD2BIqqdBKHAeuUDvLsj5GTSyAVM6gTW3buQDq1RCy1oYfvM2xr5-_gd6Rh52YRcIVC7yvh_pKvtbZZbRNLhwiY8NM48PF2aY4dEtRLzgo3HUTCdSpFnWomxsEwSZXPjuGtOIoo9IxAP6Kf_yNeDPpZwFAw31qZvyl_Pn0jgyeLx3ICbbF-xNApot6fgqNlRmfixQZ1NoyGVW6EM1kxbEzr0eG3UhNkCs8NY16HNSIshbOfzrr3VgHmXEB1PvkboTzer2jkepO7zNap87qY0u1udUISHQxa7&pr=13%3AZa_segAAAABLxLzprwbdH4TXxCIk3_2qKoqoSg&cid=CAQSMgAvHhf_5EXDWjxyieR06lglmTVINoi-v5vvj7XXcXdBfd9dkjdm5NAZBw9AiUFy0e0uGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcanoe.com%2F&ds=l&xdt=1&iif=1&cor=6016225412002137000&adk=4209541047&idt=176&cac=0&dtd=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
cafe /
Resource Hash
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 08:32:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
29410
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11885
x-xss-protection
0
server
cafe
etag
16863283086342074828
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 08:32:25 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame 239A 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AbgWOwrMy1qnctzymFYx-Di6a6JzNKBUhLq1BXy22iRHLClYtlBkEKGQup3npFCU4RASeb6wnmRv7IOZw0jFwkgNqappie1lVkAILahNcS0zt9iwf1L0BWmU2RtTwZOp4jfY6l9u3Yhoz4G6yrJq-tgRt3O_g3vlErMc3xabn1TRFKOKATVVyzGU51LBXeUcMwZHPR9i6biLOe7lJu6mGwFYFPxQBfCu2MfAQ2vP8b2PQ4TKE&dbm_d=AKAmf-A0TtBbI1tU0ASRhPwl3KQXpxM3iCy9ZlkrpNjSIZV4R6NtB8PfGwfJh1c4zjWrh4vP1OehmiwZLvLmhF-YP_G6RbY9kfod3j5HDSS8OFDNMX22NDXE1K75-ExPyXl7Fi2qBpFP28xiXvrdbCXacF88K26RxzSuGDDaIhIltz5n2TQWyupMNp6mU59OkWELw8e4ejboqgkxxWyX2O5CoBliUlvneyKpfN3nxSDazsL48rSYOqa8glYecjKrAswqTSxKpbR6XMQ68Oz4Xpz-aKup4_D88ZwbQ5VQ-jE9bexv9vRwEVoKaYxkHnmPH-B2s7YNdzBvgK2t0HBJhVoOyRlxWgs-z5Ij1adF4FODcUD5RtBVlMC65_lUbGxxMPd0Twn6jG-8ioLL9ymjCJ0ejOR1vwLN6ycFbZsIevS97m9qZ7a7f10hovB8xh56b6spxmGRaSLkEJ0NH1_K-MB_5bV_hTfXEYUpOb8p4cXl4Jik6o6lwKhhuQV7mWMkfDGPevU6RF_0DQXevR_sJKON6MSIJCT4oJ6fnCxOPB0KbGpv6oT-fwuFRA5rUmmy3r0SOcy4UlU37fUTCMXzKlmt8EWHCvrFOlCqviK0H6dPcH06cVWDT5JjKFrYNR_Du3G4EOJZIcC847vUyO8zN-6Rfh_dPJktoZl-KpRU6raqkOJ_Qv1G_OJeOi4gzlV4B7CXeX0VDG8jTDrYJZJqUW_PKScrrrO7QkMNTX0YAciW3yjYuXFy1YSQ90JnZa9gTz3Vz8wVJr-cnCdsmNDV8D-SqsaxhiAvQ5ZzRR864hbMr0zW-bvfh52VV8Eic_K-11S6XFx5NayCEHuoUqrRy2xEXLTeD0OEeh1iTecjztXy-kR1Hsy_qtXXF1-0tsM1l5P3X9ppKN_vdVLPRA5Mf5CRBT9DFPWdTrEltkVJRhOMuadY7QrE5-NGOIBx8R0FkW7dSJHIH26KtKGKq7BM5qUwkIBewigC-5x-SNklYam_NzKVm9qKaWEXGix7pzt-6sUqAytJcOhHcY9KXCmlKijEQBBNXxOf1JYvVLEkumUOPXMr0ee-6NOxrAWasXPkBYiLDpAnvo5h11S80O9rVoV9UCksaqIArDt0VnsTzCHaeaoiquKONMH4Q4BaYKFJVhhKltvcVAYNGiasCBZzt8RKUeYzGySB7eFCnnIWgGsU7XBI-3Ix_PAHi0jnxkwLjZfZXSYqiLRTNIhWcp6lV9AO6Ug-j3r8EsrU1ErpScZqlEGjdYlwwUEsY_4Hb-1zFDu5z74b_grgLED62930PFIJzPB3wMjwjWmxk1PVV38IZ_UPPvZ6qOmVmVzW-tLa2iLysYPWWJbSuHoGTkadCg9xr7x_sXw6Ysh-BaGx1JRap2B7ulYB5SNNGRgN0aMoxxYSR39TdjBs2ckjrNhwXtilbMJtHnzfkamsinDPM1Zrx-VtDgh91NaKHFZQAKuQrXB3EMU7oaJU23tzbInww3BtnCMe85W_cOdeucVaSmt2q2nrzd5sLy-8X_2H0JHIT-ddkcIhwgDeeDVyTY4Pc7mtZZBr6pCLqcRnikwmZJWRq_fuVc8WDe5UaTp3Rx-ODXw8wgKFiWSprzcC4aqwsq54MT4wGSn8dnI6H3wwdCTKKvCdY7RvUA_HjYtEmaCjH6QaQd3DuRp3lm2fdkCN_RRXrFf-i2RpE0JPWIT7tRhkDz5V9VJKhy7tOn2yhO4ZRSjVqUcjHv-S3GGM6LXV2aa8g5p3pgGcMZ5VkY3KsZ-CGRCqDWM3Nvtj5yOh0zMfq_f83guz28HboW-3rnDiZQGNSALhoiPrXP3sZ4RUOvKnLsvGVcy0qe0tMOvsA_qN7L-KcmWan1kQZ0db6PGT5uR54yRHnAwzTOiGzEoIBy_uAgBf28W8oqyhQAZ_VQ17lSxS0DM2C_dxeTyKjmHrC9LwKY-bMLykD84CMdC6-2JAYHSboMtFCnnlobhUF5rsSKI0cErxYOwVASnsyUYXoHUSI6F5R5a1yQb7bnp-sSdEJS5Vy8ejBdshOuiAUza9EEToZ22tu6tN-VNgV8-txY6ArTyRrOZu0CGiETr8kNxCrGg3IODE5fxPaJQbWpvhwKeD_Got2g9aaWwnRceLXZeuTn847nz8Zghep1mkbG8xrt3NVk0oSdzoJOXS_i7nUqMDPLuXUsRV0u8cyWByGnvGQefK1aAdUpxjeTVF_3VCIBkQXe3IVbHU_9_Av2Y6FtA8OP-AOAi5BdC2UmkiPAQfcE9U9yeG7FqhxjQhEx8cI2o6F6X13igLXfjKJXXhF4Yaz1XFCfun9uOToUDYAhHwTRIMtrtN6CckHGm2HfIXpaYgdHEhMzq3kEBij9C9PRbEw80wuq7uEo8cPoZNmQ8J2VEYT9BbUiy8oGDilhMxj41Hk7WZ0n1gH6AzVR3Q7zDIBIlEVbmdAfoCEEZgdLwzzYaxEr1tjSo9TLVBTsx7bQtw3DgONIOqdn9BV0r_lFv4cC0QYoD6lPzzi-KBIHg6r8aWw8uYUykR3jM-rohG8pzDPXGA6iGYBiiamo6AP31R2k9CypWYfjt8BSTXPU6bybYxbP91vake5YxIBacPeXrUgcLoyro5rjX4BhX8zMs7CF-QxZ-g2bN3tMhN-TRd_0gYDU7x3ESnCqYDOqRZ6e_zOtbj8Hf7z30F1zsLuBisNeBhRVAFT1esacbLf7JNhRzJ_oLMqqXLRNpyKTSEW3Y0uiym7l5yIojr9azlIL3RrK0HO93nu1vEWWeiJb2T9gstVJ-rJ8KAKh-4ghZoQNDB2cbkj38jUsVXS9ba38AbX81K3SxmKgHeMV2kBl1FdUmEiEUxev364PC_qtYH_TaWsUcdqqUoduE_RPPdA-emLWjCzmRY-pfoNm67-EZvTLWN5doufFVKrg4dyKHN5_SD-hVSbnFaUwUI1dMiUatAyhYjjX2gkRxPR_xmdfw0G6a7WNnOJtpLqUchwqpfpCNOL5IYn4sf_J-e-jygg2s9en8f1njU6MqjtHIn65yd2eZm-qxjWa9wcD1KAJrqhEr8LWefiPNr3uO5b5T17O4RX6a7_dIUg7mArtjnxUaqsVgC_5u3jzCHPPvxzYMQ1JKKNyDBO3lMV9PnmHPkEL_blraXNNPIAf1zjOjWgqfM2g88AH9AIzQqhN5PDgUfHbwTBYgx-po06DjxjmrwqSOWEh_02EZeW-0g7peukyoTSXzBQq3VuymiRxcF1M0Go5IN7tVjQDUT8andGE5kZEAhNDqoJNahCQ3wsnOy5hlXvREDC-qnjh2VRAy4Rto8wgg-B0nbKnYIN06O8zkR_WqcWJx6U9WOnigWwP80kP7wWKZfwmf8AL4mkUTjH1fHxD2BIqqdBKHAeuUDvLsj5GTSyAVM6gTW3buQDq1RCy1oYfvM2xr5-_gd6Rh52YRcIVC7yvh_pKvtbZZbRNLhwiY8NM48PF2aY4dEtRLzgo3HUTCdSpFnWomxsEwSZXPjuGtOIoo9IxAP6Kf_yNeDPpZwFAw31qZvyl_Pn0jgyeLx3ICbbF-xNApot6fgqNlRmfixQZ1NoyGVW6EM1kxbEzr0eG3UhNkCs8NY16HNSIshbOfzrr3VgHmXEB1PvkboTzer2jkepO7zNap87qY0u1udUISHQxa7&pr=13%3AZa_segAAAABLxLzprwbdH4TXxCIk3_2qKoqoSg&cid=CAQSMgAvHhf_5EXDWjxyieR06lglmTVINoi-v5vvj7XXcXdBfd9dkjdm5NAZBw9AiUFy0e0uGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcanoe.com%2F&ds=l&xdt=1&iif=1&cor=6016225412002137000&adk=4209541047&idt=176&cac=0&dtd=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
cafe /
Resource Hash
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 14:20:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
8507
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4383
x-xss-protection
0
server
cafe
etag
1583492410672046836
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 14:20:48 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 239A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsty_6zNmc0ul0NqvI8UBeYXTLpr9yXZRonB5IaGN0RW23ty6YA4JAQj6fwv-IuAbhoiKTp0gBM3S0LSGdB32BE2EXr_PxN6ldVzv4kbMuWSSEugbscjhjZdGWBx6qz3Ob4P1Xad9oDQCt3QDhaNE1RQf46V2RZcHseTtHEZVKLkXmtspdzHxzmlK3k4ZVrC4GpudrkWTxjWg5FFfwHvj3k6BOTcktjizrZlR4ERQvnCV5OnXBBq7GRXMRJDn7RtBDtHeSc7ukrGTM6bGv-EbAZsxfBYHU0d5Ze493w0rMAyFB--mKPO65WbQxFQKk6bIOUrvS3AVAJ97x4JIgZiFyCcIAu6YKclAGQ2aOdoeHcQ_Fe91Tl3Rx2sSioZZFHewLsqNJSVLs8sqqk4L_nGgkwwhhFcflQtkyLf9SGIyneICq_kM0tr7pNayb0DX7hhhzx8r3YiefVQe_Nj326fBMhgsIGvCdOqLuTrDGONTQoX7LqwwQmgdasOXoO8ONHhnE9L8RbqtUj04rSFGbVWZqokPSOz1r47u2P-K32fFCbTri8IpoI_uI1u8uO-2DwiRxRz5xCFaNZeKq1jXE65YsMVbb35J_lKfwoJ_9gW6AjsV6FnCyUOhUpOtwcdOJ--mJ2v84ktshZRvQHTIjAGA96uM_WpGQ8ILvB_Q6nsfcYwibsB-DM9Q-Iw4FKVEb2Ybr3v--2YSF3IPwrykkeYn3kdy4oNTjwD8sdJ2dCmHXJYDr03C5Zc-Z_AUhFqesxKV870ykXIIwjvi2p4Us-iVpXwwUMZSufqJB01sufYqMdsX35Vesuy55-lV4N45Zar1pFfs7dcHtFy0OFv28lm-FQH5ijASKoB3fV_imc2HgWw0zZGf7UEd_COHlsr1OpKMpqPnc-Rk-BLtQrJiS2xdNMfeq14xNLsKhW8gEk6-A2eFPH-oT9-Vku5-BsljEZq-HqlVWekfrp9ixkSJV4_1DtNLDXtTJKa2XsnWVhm8j8Q0W1rGhkZt9APloSkthMlxodA9R4_65H2LUxzpZPwpkvIf_g8Vnl-jUPI4oapULafm0e3UEtxjMMoGt4fBvVGvGi5PcQEfsh8u_HBhwoyPfxXF91H9ZVGIT8L1QDqpN110G7y2K0xK7dz12T53wRZ3nHYHcCJ3uqanWxTNPAiucBz33MkTDihqMBMzt9x36CK8IeasWIogF0cnBNFRBmCJ-MEYqrDwRCgC2dmB4wJyWCfSKhKe1zdiXaonKqLClw8V07YWPZoBifohZL_6j0FsECTgDYv4L88l5s8YgRLiDnYVEcerhug15EVrY7SbrJsjhBH4E3WGCJrWsaKuue46GeK_DVaxw&sai=AMfl-YSSDmb0gREggMmQGt_ayJoyz6QDCW1ICuT0cf0fiE983nfSY8Q2L5sJ5mB0afkdiD8Bk27kxLhh67jDBB-Bd6cRMp8h4TfA4cyav60F_hzmSDEUdOqXZEPulmXBFr8WJ86NM3lDFdbsEbAGspc6Ux57FzZZ_s81C7oCweFnBGZrJeLeh-S_lkpEo9Lx8M65JKuRIVQCFutrjSjsz4Jxc7OVXEVoZSob1nOM-cjn2_iEZCe-J_c3bv-N_wE&sig=Cg0ArKJSzBvSUjp--UuWEAE&uach_m=%5BUACH%5D&pr=13:Za_segAAAABLxLzprwbdH4TXxCIk3_2qKoqoSg&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20240118.61222&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AbgWOwrMy1qnctzymFYx-Di6a6JzNKBUhLq1BXy22iRHLClYtlBkEKGQup3npFCU4RASeb6wnmRv7IOZw0jFwkgNqappie1lVkAILahNcS0zt9iwf1L0BWmU2RtTwZOp4jfY6l9u3Yhoz4G6yrJq-tgRt3O_g3vlErMc3xabn1TRFKOKATVVyzGU51LBXeUcMwZHPR9i6biLOe7lJu6mGwFYFPxQBfCu2MfAQ2vP8b2PQ4TKE&dbm_d=AKAmf-A0TtBbI1tU0ASRhPwl3KQXpxM3iCy9ZlkrpNjSIZV4R6NtB8PfGwfJh1c4zjWrh4vP1OehmiwZLvLmhF-YP_G6RbY9kfod3j5HDSS8OFDNMX22NDXE1K75-ExPyXl7Fi2qBpFP28xiXvrdbCXacF88K26RxzSuGDDaIhIltz5n2TQWyupMNp6mU59OkWELw8e4ejboqgkxxWyX2O5CoBliUlvneyKpfN3nxSDazsL48rSYOqa8glYecjKrAswqTSxKpbR6XMQ68Oz4Xpz-aKup4_D88ZwbQ5VQ-jE9bexv9vRwEVoKaYxkHnmPH-B2s7YNdzBvgK2t0HBJhVoOyRlxWgs-z5Ij1adF4FODcUD5RtBVlMC65_lUbGxxMPd0Twn6jG-8ioLL9ymjCJ0ejOR1vwLN6ycFbZsIevS97m9qZ7a7f10hovB8xh56b6spxmGRaSLkEJ0NH1_K-MB_5bV_hTfXEYUpOb8p4cXl4Jik6o6lwKhhuQV7mWMkfDGPevU6RF_0DQXevR_sJKON6MSIJCT4oJ6fnCxOPB0KbGpv6oT-fwuFRA5rUmmy3r0SOcy4UlU37fUTCMXzKlmt8EWHCvrFOlCqviK0H6dPcH06cVWDT5JjKFrYNR_Du3G4EOJZIcC847vUyO8zN-6Rfh_dPJktoZl-KpRU6raqkOJ_Qv1G_OJeOi4gzlV4B7CXeX0VDG8jTDrYJZJqUW_PKScrrrO7QkMNTX0YAciW3yjYuXFy1YSQ90JnZa9gTz3Vz8wVJr-cnCdsmNDV8D-SqsaxhiAvQ5ZzRR864hbMr0zW-bvfh52VV8Eic_K-11S6XFx5NayCEHuoUqrRy2xEXLTeD0OEeh1iTecjztXy-kR1Hsy_qtXXF1-0tsM1l5P3X9ppKN_vdVLPRA5Mf5CRBT9DFPWdTrEltkVJRhOMuadY7QrE5-NGOIBx8R0FkW7dSJHIH26KtKGKq7BM5qUwkIBewigC-5x-SNklYam_NzKVm9qKaWEXGix7pzt-6sUqAytJcOhHcY9KXCmlKijEQBBNXxOf1JYvVLEkumUOPXMr0ee-6NOxrAWasXPkBYiLDpAnvo5h11S80O9rVoV9UCksaqIArDt0VnsTzCHaeaoiquKONMH4Q4BaYKFJVhhKltvcVAYNGiasCBZzt8RKUeYzGySB7eFCnnIWgGsU7XBI-3Ix_PAHi0jnxkwLjZfZXSYqiLRTNIhWcp6lV9AO6Ug-j3r8EsrU1ErpScZqlEGjdYlwwUEsY_4Hb-1zFDu5z74b_grgLED62930PFIJzPB3wMjwjWmxk1PVV38IZ_UPPvZ6qOmVmVzW-tLa2iLysYPWWJbSuHoGTkadCg9xr7x_sXw6Ysh-BaGx1JRap2B7ulYB5SNNGRgN0aMoxxYSR39TdjBs2ckjrNhwXtilbMJtHnzfkamsinDPM1Zrx-VtDgh91NaKHFZQAKuQrXB3EMU7oaJU23tzbInww3BtnCMe85W_cOdeucVaSmt2q2nrzd5sLy-8X_2H0JHIT-ddkcIhwgDeeDVyTY4Pc7mtZZBr6pCLqcRnikwmZJWRq_fuVc8WDe5UaTp3Rx-ODXw8wgKFiWSprzcC4aqwsq54MT4wGSn8dnI6H3wwdCTKKvCdY7RvUA_HjYtEmaCjH6QaQd3DuRp3lm2fdkCN_RRXrFf-i2RpE0JPWIT7tRhkDz5V9VJKhy7tOn2yhO4ZRSjVqUcjHv-S3GGM6LXV2aa8g5p3pgGcMZ5VkY3KsZ-CGRCqDWM3Nvtj5yOh0zMfq_f83guz28HboW-3rnDiZQGNSALhoiPrXP3sZ4RUOvKnLsvGVcy0qe0tMOvsA_qN7L-KcmWan1kQZ0db6PGT5uR54yRHnAwzTOiGzEoIBy_uAgBf28W8oqyhQAZ_VQ17lSxS0DM2C_dxeTyKjmHrC9LwKY-bMLykD84CMdC6-2JAYHSboMtFCnnlobhUF5rsSKI0cErxYOwVASnsyUYXoHUSI6F5R5a1yQb7bnp-sSdEJS5Vy8ejBdshOuiAUza9EEToZ22tu6tN-VNgV8-txY6ArTyRrOZu0CGiETr8kNxCrGg3IODE5fxPaJQbWpvhwKeD_Got2g9aaWwnRceLXZeuTn847nz8Zghep1mkbG8xrt3NVk0oSdzoJOXS_i7nUqMDPLuXUsRV0u8cyWByGnvGQefK1aAdUpxjeTVF_3VCIBkQXe3IVbHU_9_Av2Y6FtA8OP-AOAi5BdC2UmkiPAQfcE9U9yeG7FqhxjQhEx8cI2o6F6X13igLXfjKJXXhF4Yaz1XFCfun9uOToUDYAhHwTRIMtrtN6CckHGm2HfIXpaYgdHEhMzq3kEBij9C9PRbEw80wuq7uEo8cPoZNmQ8J2VEYT9BbUiy8oGDilhMxj41Hk7WZ0n1gH6AzVR3Q7zDIBIlEVbmdAfoCEEZgdLwzzYaxEr1tjSo9TLVBTsx7bQtw3DgONIOqdn9BV0r_lFv4cC0QYoD6lPzzi-KBIHg6r8aWw8uYUykR3jM-rohG8pzDPXGA6iGYBiiamo6AP31R2k9CypWYfjt8BSTXPU6bybYxbP91vake5YxIBacPeXrUgcLoyro5rjX4BhX8zMs7CF-QxZ-g2bN3tMhN-TRd_0gYDU7x3ESnCqYDOqRZ6e_zOtbj8Hf7z30F1zsLuBisNeBhRVAFT1esacbLf7JNhRzJ_oLMqqXLRNpyKTSEW3Y0uiym7l5yIojr9azlIL3RrK0HO93nu1vEWWeiJb2T9gstVJ-rJ8KAKh-4ghZoQNDB2cbkj38jUsVXS9ba38AbX81K3SxmKgHeMV2kBl1FdUmEiEUxev364PC_qtYH_TaWsUcdqqUoduE_RPPdA-emLWjCzmRY-pfoNm67-EZvTLWN5doufFVKrg4dyKHN5_SD-hVSbnFaUwUI1dMiUatAyhYjjX2gkRxPR_xmdfw0G6a7WNnOJtpLqUchwqpfpCNOL5IYn4sf_J-e-jygg2s9en8f1njU6MqjtHIn65yd2eZm-qxjWa9wcD1KAJrqhEr8LWefiPNr3uO5b5T17O4RX6a7_dIUg7mArtjnxUaqsVgC_5u3jzCHPPvxzYMQ1JKKNyDBO3lMV9PnmHPkEL_blraXNNPIAf1zjOjWgqfM2g88AH9AIzQqhN5PDgUfHbwTBYgx-po06DjxjmrwqSOWEh_02EZeW-0g7peukyoTSXzBQq3VuymiRxcF1M0Go5IN7tVjQDUT8andGE5kZEAhNDqoJNahCQ3wsnOy5hlXvREDC-qnjh2VRAy4Rto8wgg-B0nbKnYIN06O8zkR_WqcWJx6U9WOnigWwP80kP7wWKZfwmf8AL4mkUTjH1fHxD2BIqqdBKHAeuUDvLsj5GTSyAVM6gTW3buQDq1RCy1oYfvM2xr5-_gd6Rh52YRcIVC7yvh_pKvtbZZbRNLhwiY8NM48PF2aY4dEtRLzgo3HUTCdSpFnWomxsEwSZXPjuGtOIoo9IxAP6Kf_yNeDPpZwFAw31qZvyl_Pn0jgyeLx3ICbbF-xNApot6fgqNlRmfixQZ1NoyGVW6EM1kxbEzr0eG3UhNkCs8NY16HNSIshbOfzrr3VgHmXEB1PvkboTzer2jkepO7zNap87qY0u1udUISHQxa7&pr=13%3AZa_segAAAABLxLzprwbdH4TXxCIk3_2qKoqoSg&cid=CAQSMgAvHhf_5EXDWjxyieR06lglmTVINoi-v5vvj7XXcXdBfd9dkjdm5NAZBw9AiUFy0e0uGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcanoe.com%2F&ds=l&xdt=1&iif=1&cor=6016225412002137000&adk=4209541047&idt=176&cac=0&dtd=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 23 Jan 2024 16:42:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 239A 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AbgWOwrMy1qnctzymFYx-Di6a6JzNKBUhLq1BXy22iRHLClYtlBkEKGQup3npFCU4RASeb6wnmRv7IOZw0jFwkgNqappie1lVkAILahNcS0zt9iwf1L0BWmU2RtTwZOp4jfY6l9u3Yhoz4G6yrJq-tgRt3O_g3vlErMc3xabn1TRFKOKATVVyzGU51LBXeUcMwZHPR9i6biLOe7lJu6mGwFYFPxQBfCu2MfAQ2vP8b2PQ4TKE&dbm_d=AKAmf-A0TtBbI1tU0ASRhPwl3KQXpxM3iCy9ZlkrpNjSIZV4R6NtB8PfGwfJh1c4zjWrh4vP1OehmiwZLvLmhF-YP_G6RbY9kfod3j5HDSS8OFDNMX22NDXE1K75-ExPyXl7Fi2qBpFP28xiXvrdbCXacF88K26RxzSuGDDaIhIltz5n2TQWyupMNp6mU59OkWELw8e4ejboqgkxxWyX2O5CoBliUlvneyKpfN3nxSDazsL48rSYOqa8glYecjKrAswqTSxKpbR6XMQ68Oz4Xpz-aKup4_D88ZwbQ5VQ-jE9bexv9vRwEVoKaYxkHnmPH-B2s7YNdzBvgK2t0HBJhVoOyRlxWgs-z5Ij1adF4FODcUD5RtBVlMC65_lUbGxxMPd0Twn6jG-8ioLL9ymjCJ0ejOR1vwLN6ycFbZsIevS97m9qZ7a7f10hovB8xh56b6spxmGRaSLkEJ0NH1_K-MB_5bV_hTfXEYUpOb8p4cXl4Jik6o6lwKhhuQV7mWMkfDGPevU6RF_0DQXevR_sJKON6MSIJCT4oJ6fnCxOPB0KbGpv6oT-fwuFRA5rUmmy3r0SOcy4UlU37fUTCMXzKlmt8EWHCvrFOlCqviK0H6dPcH06cVWDT5JjKFrYNR_Du3G4EOJZIcC847vUyO8zN-6Rfh_dPJktoZl-KpRU6raqkOJ_Qv1G_OJeOi4gzlV4B7CXeX0VDG8jTDrYJZJqUW_PKScrrrO7QkMNTX0YAciW3yjYuXFy1YSQ90JnZa9gTz3Vz8wVJr-cnCdsmNDV8D-SqsaxhiAvQ5ZzRR864hbMr0zW-bvfh52VV8Eic_K-11S6XFx5NayCEHuoUqrRy2xEXLTeD0OEeh1iTecjztXy-kR1Hsy_qtXXF1-0tsM1l5P3X9ppKN_vdVLPRA5Mf5CRBT9DFPWdTrEltkVJRhOMuadY7QrE5-NGOIBx8R0FkW7dSJHIH26KtKGKq7BM5qUwkIBewigC-5x-SNklYam_NzKVm9qKaWEXGix7pzt-6sUqAytJcOhHcY9KXCmlKijEQBBNXxOf1JYvVLEkumUOPXMr0ee-6NOxrAWasXPkBYiLDpAnvo5h11S80O9rVoV9UCksaqIArDt0VnsTzCHaeaoiquKONMH4Q4BaYKFJVhhKltvcVAYNGiasCBZzt8RKUeYzGySB7eFCnnIWgGsU7XBI-3Ix_PAHi0jnxkwLjZfZXSYqiLRTNIhWcp6lV9AO6Ug-j3r8EsrU1ErpScZqlEGjdYlwwUEsY_4Hb-1zFDu5z74b_grgLED62930PFIJzPB3wMjwjWmxk1PVV38IZ_UPPvZ6qOmVmVzW-tLa2iLysYPWWJbSuHoGTkadCg9xr7x_sXw6Ysh-BaGx1JRap2B7ulYB5SNNGRgN0aMoxxYSR39TdjBs2ckjrNhwXtilbMJtHnzfkamsinDPM1Zrx-VtDgh91NaKHFZQAKuQrXB3EMU7oaJU23tzbInww3BtnCMe85W_cOdeucVaSmt2q2nrzd5sLy-8X_2H0JHIT-ddkcIhwgDeeDVyTY4Pc7mtZZBr6pCLqcRnikwmZJWRq_fuVc8WDe5UaTp3Rx-ODXw8wgKFiWSprzcC4aqwsq54MT4wGSn8dnI6H3wwdCTKKvCdY7RvUA_HjYtEmaCjH6QaQd3DuRp3lm2fdkCN_RRXrFf-i2RpE0JPWIT7tRhkDz5V9VJKhy7tOn2yhO4ZRSjVqUcjHv-S3GGM6LXV2aa8g5p3pgGcMZ5VkY3KsZ-CGRCqDWM3Nvtj5yOh0zMfq_f83guz28HboW-3rnDiZQGNSALhoiPrXP3sZ4RUOvKnLsvGVcy0qe0tMOvsA_qN7L-KcmWan1kQZ0db6PGT5uR54yRHnAwzTOiGzEoIBy_uAgBf28W8oqyhQAZ_VQ17lSxS0DM2C_dxeTyKjmHrC9LwKY-bMLykD84CMdC6-2JAYHSboMtFCnnlobhUF5rsSKI0cErxYOwVASnsyUYXoHUSI6F5R5a1yQb7bnp-sSdEJS5Vy8ejBdshOuiAUza9EEToZ22tu6tN-VNgV8-txY6ArTyRrOZu0CGiETr8kNxCrGg3IODE5fxPaJQbWpvhwKeD_Got2g9aaWwnRceLXZeuTn847nz8Zghep1mkbG8xrt3NVk0oSdzoJOXS_i7nUqMDPLuXUsRV0u8cyWByGnvGQefK1aAdUpxjeTVF_3VCIBkQXe3IVbHU_9_Av2Y6FtA8OP-AOAi5BdC2UmkiPAQfcE9U9yeG7FqhxjQhEx8cI2o6F6X13igLXfjKJXXhF4Yaz1XFCfun9uOToUDYAhHwTRIMtrtN6CckHGm2HfIXpaYgdHEhMzq3kEBij9C9PRbEw80wuq7uEo8cPoZNmQ8J2VEYT9BbUiy8oGDilhMxj41Hk7WZ0n1gH6AzVR3Q7zDIBIlEVbmdAfoCEEZgdLwzzYaxEr1tjSo9TLVBTsx7bQtw3DgONIOqdn9BV0r_lFv4cC0QYoD6lPzzi-KBIHg6r8aWw8uYUykR3jM-rohG8pzDPXGA6iGYBiiamo6AP31R2k9CypWYfjt8BSTXPU6bybYxbP91vake5YxIBacPeXrUgcLoyro5rjX4BhX8zMs7CF-QxZ-g2bN3tMhN-TRd_0gYDU7x3ESnCqYDOqRZ6e_zOtbj8Hf7z30F1zsLuBisNeBhRVAFT1esacbLf7JNhRzJ_oLMqqXLRNpyKTSEW3Y0uiym7l5yIojr9azlIL3RrK0HO93nu1vEWWeiJb2T9gstVJ-rJ8KAKh-4ghZoQNDB2cbkj38jUsVXS9ba38AbX81K3SxmKgHeMV2kBl1FdUmEiEUxev364PC_qtYH_TaWsUcdqqUoduE_RPPdA-emLWjCzmRY-pfoNm67-EZvTLWN5doufFVKrg4dyKHN5_SD-hVSbnFaUwUI1dMiUatAyhYjjX2gkRxPR_xmdfw0G6a7WNnOJtpLqUchwqpfpCNOL5IYn4sf_J-e-jygg2s9en8f1njU6MqjtHIn65yd2eZm-qxjWa9wcD1KAJrqhEr8LWefiPNr3uO5b5T17O4RX6a7_dIUg7mArtjnxUaqsVgC_5u3jzCHPPvxzYMQ1JKKNyDBO3lMV9PnmHPkEL_blraXNNPIAf1zjOjWgqfM2g88AH9AIzQqhN5PDgUfHbwTBYgx-po06DjxjmrwqSOWEh_02EZeW-0g7peukyoTSXzBQq3VuymiRxcF1M0Go5IN7tVjQDUT8andGE5kZEAhNDqoJNahCQ3wsnOy5hlXvREDC-qnjh2VRAy4Rto8wgg-B0nbKnYIN06O8zkR_WqcWJx6U9WOnigWwP80kP7wWKZfwmf8AL4mkUTjH1fHxD2BIqqdBKHAeuUDvLsj5GTSyAVM6gTW3buQDq1RCy1oYfvM2xr5-_gd6Rh52YRcIVC7yvh_pKvtbZZbRNLhwiY8NM48PF2aY4dEtRLzgo3HUTCdSpFnWomxsEwSZXPjuGtOIoo9IxAP6Kf_yNeDPpZwFAw31qZvyl_Pn0jgyeLx3ICbbF-xNApot6fgqNlRmfixQZ1NoyGVW6EM1kxbEzr0eG3UhNkCs8NY16HNSIshbOfzrr3VgHmXEB1PvkboTzer2jkepO7zNap87qY0u1udUISHQxa7&pr=13%3AZa_segAAAABLxLzprwbdH4TXxCIk3_2qKoqoSg&cid=CAQSMgAvHhf_5EXDWjxyieR06lglmTVINoi-v5vvj7XXcXdBfd9dkjdm5NAZBw9AiUFy0e0uGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcanoe.com%2F&ds=l&xdt=1&iif=1&cor=6016225412002137000&adk=4209541047&idt=176&cac=0&dtd=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
356048
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Jan 2025 13:48:28 GMT
2736906296908469990
s0.2mdn.net/simgad/ Frame 239A 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/2736906296908469990
Requested by
Host: eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com
URL: https://eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f149.1e100.net
Software
sffe /
Resource Hash
a28e14ad1120a897c162943fd027b01a3ea3495671d0495b541072e8490558d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 22 Jan 2025 15:08:08 GMT
date
Tue, 23 Jan 2024 15:08:08 GMT
x-content-type-options
nosniff
age
5670
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2942078
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 18:48:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
usermatch
ssum-sec.casalemedia.com/ Frame ADB8 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184713&gdpr=0
Requested by
Host: eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com
URL: https://eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6216ed13d342efc5ba5d2fe8150f7f30e8604d27c24164ca19aaba24d1cfc71f

Request headers

Referer
https://eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
84a17da4fdc536fe-YYZ
content-encoding
br
content-type
text/html
date
Tue, 23 Jan 2024 16:42:35 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pfj4dapinb%2FbBjY52RDJY15Prgr3ipNcOp80McXK%2BpT1EbeIgiWukeyfiKeCnU%2BpVe7DxqABnOmIuE5HAvW47Hzy3eCL4P80ZRmblq5gxtcw0XR62zm7sepPnDf7PSBMccsevGt%2Bwa827w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
dcm
s.amazon-adsystem.com/ Frame ADB8 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Za_semtaVxDTT_gsvb43vwAAA9oAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184713&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 16:42:35 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ND29JBZCR4N5B8WC3TZB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame ADB8
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1288365238792369274
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1288365238792369274
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184713&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kLJ1xjQU3vjZAwHdDv5Hym2%2BqNoGCNavNIU2uP4UVpRwHxm06zkZcZM1z%2FaDf48P9gB86tGX1Xtq22FJV71F%2FBGgkyf3b16wH5GcZFSDCNJwo4FVX7kgpq9mnjuR48x6V1TrC38mqBnUxw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84a17da5df7e36fe-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:35 GMT
an-x-request-uuid
424d7534-c905-4eb0-915f-dafbf64a510f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1288365238792369274
x-proxy-origin
86.48.15.240; 86.48.15.240; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
Za_semtaVxDTT_gsvb43vwAAA9oAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame ADB8 		43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Za_semtaVxDTT_gsvb43vwAAA9oAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184713&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.152.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-152-105.compute-1.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:35 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
ie
match.prod.bidr.io/cookie-sync/ Frame ADB8 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184713&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.252.120 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-252-120.compute-1.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 23 Jan 2024 16:42:36 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame ADB8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Za_semtaVxDTT_gsvb43vwAAA9oAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFtyeaTeBmXIOuh2cR5Ours&google_cver=1
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFtyeaTeBmXIOuh2cR5Ours&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184713&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iKlYRsnmc9rb%2B1dyWFa29jVq0vcll6WqrrzOOCYm%2FK3mQE%2FOu7UTLrkcFWhueGDhJtLpbDtFWv9SA9%2FBehRnPZd83qkEhRcFTyp2%2FUavF9Uym1U52P%2BnilMi%2Fa8zWYDBnBFPFEnlozUSWA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84a17da5df8436fe-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFtyeaTeBmXIOuh2cR5Ours&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tp_out
d.adroll.com/cm/index/ Frame ADB8 		0
0
crum
dsum-sec.casalemedia.com/ Frame ADB8
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=969470222452115177
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=969470222452115177
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184713&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JzXL3KwWbRmRNGs5p4DOA7V9QZbdnDj7x7c22t%2FtlA0BbmDCkom0f6MBgvAxqPiOtC%2Bs3ReUNRYGMv17f0VaTiYw5Q2n%2FEveKouCbzSCQktVF%2FYJYv1VQyDSdP3OBnvj60aKV60G7A9bXA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84a17dd51b7a36fe-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=969470222452115177
Date
Tue, 23 Jan 2024 16:42:43 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum-sec.casalemedia.com/ Frame ADB8
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1721752963&external_user_id=8ff3b37e-4a8d-4449-b73e-6bf9141fdf3e
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1721752963&external_user_id=8ff3b37e-4a8d-4449-b73e-6bf9141fdf3e
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184713&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6zlUtglpOqzQvL90VAyf%2FBplOerzQFGRbhLyhCIdMv15gyc9IFoes0KvJPBYPyi9EX7FBwDX%2BnRtbqTkHLjaxQlahGE65UEkclC4ihVmdKnWp0LyqGl3RMn%2B2%2Fo%2B8wgUFgPC2BE4E4vnEw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84a17dd55be036fe-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Tue, 23 Jan 2024 16:42:43 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1721752963&external_user_id=8ff3b37e-4a8d-4449-b73e-6bf9141fdf3e
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
htw-pixel.gif
js-sec.indexww.com/ht/ Frame ADB8 		43 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?Za_semtaVxDTT_gsvb43vwAAA9oAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184713&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:39 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
678
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
84a17dbd89455491-YYZ
content-length
43
expires
Tue, 23 Jan 2024 20:42:39 GMT
sca.17.6.2.js
static.adsafeprotected.com/ Frame 81EF 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-29.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 03:25:40 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 5da360f23ca6a5d9a9a5e95b0b553be0.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
15254216
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
6965RMQrwauick0vX70H0mMuK0ikDtD95Te1ZTrHXJxXpVi45ZJRrA==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=928934&campId=728x90&pubId=4811995650&chanId=21690693772&placementId=6322821734&pubCreative=138436152095&pubOrder=3215561405&cb=1432650536&custom=index&custom2=1&adsafe_par&impId=67867ef1-ba0e-11ee-a53d-0af29215ae01&adsafe_url=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F%3Famu%3D%2Fmah-jong-quest&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fcanoe.com%2F&adsafe_type=f&adsafe_jsinfo=,id:98943528-d020-a9e1-ae76-bd03b0f8993d,c:26L7Z3,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-6f4b57f9c-7jtn6,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:436.109.728.90,am:i,cc:436.109.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:464,mot:0,app:0,maw:0,fm:u2cMhfY+1111%7C1112%7C1113%7C12%7C13%7C14111%7C1412%7C1413%7C1414%7C1415%7C1416%7C1417%7C15%7C16%7C17*.928934%7C171%7C181%7C182,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.qs.bi,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:492,oid:693789e0-ba0e-11ee-a712-96ce666c472e,v:19.8.473,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.141.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-141-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:35 GMT
server
nginx
x-server-name
app71.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=98943528-d020-a9e1-ae76-bd03b0f8993d&tv=%7Bc:26L7ZD,pingTime:-2,time:527,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:136,beZ:137,mfA:600,cmA:602,inA:602,inZ:608,prA:608,prZ:620,si:627,poA:628,poZ:644,cmZ:644,mfZ:644,loA:656,loZ:659,ltA:662,ltZ:662,mdA:138,mdZ:517%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:491%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:528,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:491,wc:0.0.1600.1200,ac:436.109.728.90,am:i,cc:436.109.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B59~0%5D,as:%5B59~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:u2cMhfY+1111%7C1112%7C1113%7C12%7C13%7C14111%7C1412%7C1413%7C1414%7C1415%7C1416%7C1417%7C15%7C16%7C17*.928934%7C171%7C181%7C182,idMap:17*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.qs.bi,siq:492,slid:%5Bgoogle_ads_iframe_/3081/SMCO_CPTL_CAN_EN_WEB/life/diversions/puzzles/index_0,google_ads_iframe_/3081/SMCO_CPTL_CAN_EN_WEB/life/diversions/puzzles/index_0__container__,ad-1,ad__inner-1,main-content%5D,sinceFw:34,readyFired:true%7D&br=c
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.108.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-108-81.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:35 GMT
server
nginx
x-server-name
dt19.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=98943528-d020-a9e1-ae76-bd03b0f8993d&tv=%7Bc:26L80G,time:592,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:592,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:491,wc:0.0.1600.1200,ac:436.109.728.90,am:i,cc:436.109.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B123~0%5D,as:%5B123~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:u2cMhfY+1111%7C1112%7C1113%7C12%7C13%7C14111%7C1412%7C1413%7C1414%7C1415%7C1416%7C1417%7C15%7C16%7C17*.928934%7C171%7C181%7C182,idMap:17*,rmeas:1,rend:0,renddet:IMG.qs.bi,siq:492,sis:566%7D&br=c
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.108.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-108-81.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:35 GMT
server
nginx
x-server-name
dt01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=98943528-d020-a9e1-ae76-bd03b0f8993d&tv=%7Bc:26L850,pingTime:-10,time:860,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHw0ODB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjIyNCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1706028156157%7C%7C7c0dfbc66a295dfb4f84536cbbf34be2%7C%7C09dd4f7e094d0daae996260c074cbdea%7C%7C45c428eb0b6e9b3acf9590690acedfd8%7C%7Cd4bee236314bd969340b073330164bc5%7C%7Cccc3a846c8b0bb81bc1f84e0e2c39cbf%7C%7Ced79c623ce25e41f64eb9c8b2cdf8061%7C%7C9c2617f3d04ae00492ada09b32a556a2%7C%7C1663701684%7D
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.108.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-108-81.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:36 GMT
server
nginx
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
signinprompt
edge-auth.microsoft.com/v0.5/ Frame 6DCE 		482 B
860 B 		Document
General
Check archive.org
Download Go to
Full URL
https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=0295efc4-8406-42f9-af7c-adaa753d5255&send_session_started=true&client_id=a2f5b229-db73-4076-8a05-f85b0fd8a6e8&locale=en-US&context=signin
Requested by
Host: edge-auth.microsoft.com
URL: https://edge-auth.microsoft.com/js/ms_auth_client.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
bingforbusiness.com
Software
/
Resource Hash
b30521722b0cdb562256c949334b8ff17cb5e3bc22f3b46e2ce1bf469b8bf06f
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'nonce-pIpsIR3Dw1+2yW5m1HSjZd+5Vi3wLZkxt3Zi6Zu1nXUxpIH/J+0QeVzEtCMOCfSN6hsOlryxbCldTLyABYnU82sSxIcQ0eSgQa765wqfirsIbxEJiBSpMotIn4Zhvtx0+sf0EsnfTZqOj6bXzcjQ/P6avgZFYB4J0MH5zHnlerE=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

Referer
https://canoe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-security-policy
script-src 'strict-dynamic' 'nonce-pIpsIR3Dw1+2yW5m1HSjZd+5Vi3wLZkxt3Zi6Zu1nXUxpIH/J+0QeVzEtCMOCfSN6hsOlryxbCldTLyABYnU82sSxIcQ0eSgQa765wqfirsIbxEJiBSpMotIn4Zhvtx0+sf0EsnfTZqOj6bXzcjQ/P6avgZFYB4J0MH5zHnlerE=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 16:42:36 GMT
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: E2563BB0CFF74F1687BC9D90278F9542 Ref B: CH1AA2020605035 Ref C: 2024-01-23T16:42:36Z
vf-v2.js
cdn.viafoura.net/ 		860 KB
200 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/vf-v2.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v94.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-52.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d30a45dc7fd324487980906858368d0083b721de5ffd78108f92e4091cde3211

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
.3EXqidYLx7AcRWbdUU.j_tM0qldLfaM
content-encoding
br
via
1.1 0588a12f9163167120c7c5e825e9110a.cloudfront.net (CloudFront)
date
Tue, 23 Jan 2024 16:42:15 GMT
x-amz-cf-pop
YUL62-C2
age
24
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 16 Jan 2024 20:53:25 GMT
server
AmazonS3
etag
W/"a964d1e2f10f0c188197324f5d080f8b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
x-amz-cf-id
GfV74JbsjFbr6oRYHnh1up8QjKt6mmY3KZSi77XPx__3KRAh9hfltw==
gtm.js
www.googletagmanager.com/ 		449 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v94.0/fem.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
d43b933171c4d15396ef0b1efbd6ff8e3fec42e8de52c6513ff769feee7a3167
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127625
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 23 Jan 2024 16:42:36 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v94.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-3.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:19:58 GMT
content-encoding
gzip
via
1.1 ddaa088f1b6b5a9bcdc791a053431534.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:13:41 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
age
51758
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
k9Hx4NTRCgShJm49rx2fpzLegYafkwYytpAs5J97gQDZlIKglUNvfA==
mparticle.js
jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/ 		327 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v94.0/fem.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
6e7901af7fd96fd8775661bed4403e288477c8a9be15f16c23c5b0c33ea17d27

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by
cache-iad-kcgs7200117-IAD, cache-yyz4552-YYZ
date
Tue, 23 Jan 2024 16:42:37 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
server
Kestrel
age
142
x-timer
S1706028158.634236,VS0,VE0
x-origin-name
fastlyshield--shield_ssl_cache_iad_kcgs7200117_IAD
x-cache
MISS, HIT
content-type
application/javascript
vary
Accept, Accept-Encoding
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
117226
x-cache-hits
0, 24
gtm.js
www.googletagmanager.com/ 		154 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v94.0/fem.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
be4272e477aa3381ca6e1997b4efa98fe43eb28d2e9400172b7d515e72592638
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50531
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 23 Jan 2024 16:42:36 GMT
truncated
/ Frame 239A 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5bcf5b60971b99d9275498ab1f9d84a04b30021a6052ba68b9959957377d7f0b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
ms_auth_server_button.min.js
edge-auth.microsoft.com/v0.5/js/ Frame 6DCE 		26 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge-auth.microsoft.com/v0.5/js/ms_auth_server_button.min.js
Requested by
Host: edge-auth.microsoft.com
URL: https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=0295efc4-8406-42f9-af7c-adaa753d5255&send_session_started=true&client_id=a2f5b229-db73-4076-8a05-f85b0fd8a6e8&locale=en-US&context=signin
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
bingforbusiness.com
Software
/
Resource Hash
7c8f24757683d5fece3f8af5853e19b1432c3d9110c3f6307b1ea434807eb4c7
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'nonce-UEx3jDCmi6mhg0H0BTOfqB/3WKicVdAjCWK7VkGmCYh8yOC0ril7b0Zap2thZeb6AD+g8ss4byHnekAY6wFUeIHT592cf5T6kE9Pf2wG5neOi8ZaUwF93Hzov48olovTYSjG6gQ/fDHBHL+AU9gVTjT2uUG13RDIP24Rws30AJs=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=0295efc4-8406-42f9-af7c-adaa753d5255&send_session_started=true&client_id=a2f5b229-db73-4076-8a05-f85b0fd8a6e8&locale=en-US&context=signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'strict-dynamic' 'nonce-UEx3jDCmi6mhg0H0BTOfqB/3WKicVdAjCWK7VkGmCYh8yOC0ril7b0Zap2thZeb6AD+g8ss4byHnekAY6wFUeIHT592cf5T6kE9Pf2wG5neOi8ZaUwF93Hzov48olovTYSjG6gQ/fDHBHL+AU9gVTjT2uUG13RDIP24Rws30AJs=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
date
Tue, 23 Jan 2024 16:42:36 GMT
last-modified
Mon, 01 Jan 1601 16:13:01 GMT
x-msedge-ref
Ref A: CB899F2490D943B0ACF456F87A93396E Ref B: CH1AA2020605035 Ref C: 2024-01-23T16:42:36Z
etag
"87edc9cc1d"
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
26781
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 65E5 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
356401
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 19 Jan 2024 13:42:35 GMT
expires
Sat, 18 Jan 2025 13:42:35 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame A308 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstakEJGmems7lRoEVIwnU91JRxn2HMAnoEFJeqgkDyFtI6GnDUQC6DjSH2zHIjlOf6hZdX4ecZJhFs7E5SJHwJThbWuYW_nOn85tUURNMaPSKENrMGn8RR4FANOADQ0lTh7op03nOHlpJlb10h5CmbmAoAsedRX27tV617APTv7bKknIan8TwJomrIcjfRc-YJjn8zC6BFKI_wiro-XEYlUkNQuEDJzp0smNfvtGjae7NGCL1ZHV4OEGvydLWT6uPu_3WVz2YoiElyAb-3PXXek6YZFB5ZjD8PbeJXyaB-6e_b3sb8wBKi4SCR4eKqMdGw-E-u2Ta89Jld2rGTFCQXqw2Mg9RLptjGIXZd91bBsAD2a47fHhuEfyc91UyZpa_fytC78HPv9tXHVkFj26viflxo&sai=AMfl-YSi-fnNo0eo-z42u2f5qxee6O7yZCBtCszX09eY7LW72cCddhKP8eTiSDzOTxLpPmuxRvbzhD6qAcynQfjB1hrIcAjwWJZ2sd12Mi9VQ3-NUtPTnmd0BDvHB9rx1I3vZr6N-8hfdw2aVeOKNzFih_Q&sig=Cg0ArKJSzMBR9HWvgPTKEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 23 Jan 2024 16:42:36 GMT
gtm.js
www.googletagmanager.com/ 		114 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KB476Q6&l=gtm_data_layer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8ba787e82ba4d49d5b96e4bd66919550588ec1ca80abb150e32d23cf642024dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44660
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 23 Jan 2024 16:42:36 GMT
gtm.js
www.googletagmanager.com/ 		309 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
462182f419395deeaf17f3b5849a0f6ff44596a43c59bc43a9e1606a4b794fc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94008
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 23 Jan 2024 16:42:36 GMT
metric
edge-auth.microsoft.com/ Frame 6DCE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge-auth.microsoft.com/metric
Requested by
Host: edge-auth.microsoft.com
URL: https://edge-auth.microsoft.com/v0.5/js/ms_auth_server_button.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
bingforbusiness.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'nonce-9/GqtIxmOk18dNxgRV5/bBwxJcR0DrMzfFcaIQPHMvVIfpCBUVe/LX2jI/fx1V3EA64m90hBTWv6K8T8/2G1FsSNXH2PU8ux5Af3UTPAUglFYK/Q6+IJMEyR+YjIsbUPiLxrxEpOP8mumrzbXKp2i0IcxnGTm1v20V5DPX8oxDU=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

Referer
https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=0295efc4-8406-42f9-af7c-adaa753d5255&send_session_started=true&client_id=a2f5b229-db73-4076-8a05-f85b0fd8a6e8&locale=en-US&context=signin
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
script-src 'strict-dynamic' 'nonce-9/GqtIxmOk18dNxgRV5/bBwxJcR0DrMzfFcaIQPHMvVIfpCBUVe/LX2jI/fx1V3EA64m90hBTWv6K8T8/2G1FsSNXH2PU8ux5Af3UTPAUglFYK/Q6+IJMEyR+YjIsbUPiLxrxEpOP8mumrzbXKp2i0IcxnGTm1v20V5DPX8oxDU=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Tue, 23 Jan 2024 16:42:36 GMT
x-msedge-ref
Ref A: 8086F48840FD40B4A16DF60878326651 Ref B: CH1AA2020605035 Ref C: 2024-01-23T16:42:36Z
content-length
0
x-cache
CONFIG_NOCACHE
metric
edge-auth.microsoft.com/ Frame 6DCE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge-auth.microsoft.com/metric
Requested by
Host: edge-auth.microsoft.com
URL: https://edge-auth.microsoft.com/v0.5/js/ms_auth_server_button.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
bingforbusiness.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'nonce-+C64cdswZibzvcCfGvY35m5Iy/+YWZuJpS1jTYa9dxrR30c+Telkc0emcll9zLINIRqT1bphja+B+U5Z9ZCrH16UZFxgTp7YkFZaXFK3ZUqV6cZaItKj8WtgLCxHZvDwNpBe/PMC8ntahWDVC+UR0Bjm/l9PwCiE75GAAQuktXw=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

Referer
https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=0295efc4-8406-42f9-af7c-adaa753d5255&send_session_started=true&client_id=a2f5b229-db73-4076-8a05-f85b0fd8a6e8&locale=en-US&context=signin
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
script-src 'strict-dynamic' 'nonce-+C64cdswZibzvcCfGvY35m5Iy/+YWZuJpS1jTYa9dxrR30c+Telkc0emcll9zLINIRqT1bphja+B+U5Z9ZCrH16UZFxgTp7YkFZaXFK3ZUqV6cZaItKj8WtgLCxHZvDwNpBe/PMC8ntahWDVC+UR0Bjm/l9PwCiE75GAAQuktXw=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Tue, 23 Jan 2024 16:42:36 GMT
x-msedge-ref
Ref A: 9068D73DFBAD4FB8A4567C23F5FFF489 Ref B: CH1AA2020605035 Ref C: 2024-01-23T16:42:36Z
content-length
0
x-cache
CONFIG_NOCACHE
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 65E5 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 09:19:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
26568
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Jan 2025 09:19:48 GMT
v2
api.viafoura.co/v2/canoe.com/bootstrap/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/canoe.com/bootstrap/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.151.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-151-154.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://canoe.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
access-control-allow-origin
https://canoe.com
access-control-max-age
1728000
cache-control
max-age=0
date
Tue, 23 Jan 2024 16:42:36 GMT
expires
Tue, 23 Jan 2024 16:42:36 GMT
server
nginx/1.18.0 (Ubuntu)
v2
api.viafoura.co/v2/canoe.com/bootstrap/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/canoe.com/bootstrap/v2
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.151.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-151-154.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0d3637a9fa6ecf9015a1506c0c5aa7302fd9cf1f2c4818c9850940b336bbb310

Request headers

Accept
application/json, text/plain, */*
Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

x-instance-id
i-02dfe0389cb88025f
pragma
no-cache
date
Tue, 23 Jan 2024 16:42:36 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://canoe.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Tue, 23 Jan 2024 16:42:36 GMT
js
www.googletagmanager.com/gtag/ 		264 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
58dd4686691a927cc7614cf62f320edd6e8b40f8c3f053bf124663954a8023f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90955
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 23 Jan 2024 16:42:36 GMT
js
www.googletagmanager.com/gtag/ 		264 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JPRDS7DYTE&l=gtm_data_layer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
506beb8a25655bee7c79356dd11896961b882d247568cb2520663fc67456e8a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90822
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 23 Jan 2024 16:42:36 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 23 Jan 2024 15:47:50 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3287
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 23 Jan 2024 17:47:50 GMT
marfeel-sdk.js
sdk.mrf.io/statics/ 		160 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.159.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1663536a0460d18689e8e0d827236fbb61fe5763e4ab68896554d5184053c460

Request headers

Referer
https://canoe.com/
Origin
https://canoe.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:44 GMT
content-encoding
gzip
cf-cache-status
HIT
age
186
x-envoy-upstream-service-time
8
alt-svc
h3=":443"; ma=86400
content-length
46567
x-response-time
2ms
last-modified
Tue, 23 Jan 2024 16:39:38 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
84a17dd9bea336c1-YYZ
fbevents.js
connect.facebook.net/en_US/ 		213 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
d7800992c70337710a800628bad888bebad0a275102de46a3370179e373c034b
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 23 Jan 2024 16:42:36 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57022
x-xss-protection
0
pragma
public
x-fb-debug
COkmlnu+FbMQlaxewfzwHFJsJ7F6uXA2zzcfiOvcrx/HopTDM59k9j8fShlMWU0gXCA5HqCF4kZBU6pRizgixw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
tag.min.js
get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-51.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7fdeb1c6fd18e0f486055ae90b9c37c166cd1b455157daa7de08f4271ac696ce

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 09:01:01 GMT
x-amz-version-id
XfYprRTzfIx5sUT1DKibUZklTDJ88StC
content-encoding
gzip
last-modified
Thu, 24 Aug 2023 11:20:32 GMT
server
AmazonS3
via
1.1 dfbe3a6f5b354f9a5f95a5a6814ce14e.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-P2
etag
W/"10ba0dba424c8954df3533bfd881e874"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
age
27700
x-amz-cf-id
A8YWl-CwXvmpHWZ57GlSG8zomH2JZKUZ65ZoC4dFgb4dOkucPQ1o3Q==
p.js
cdn.parsely.com/keys/canoe.com/ 		58 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/canoe.com/p.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.162.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-162-56.bos50.r.cloudfront.net
Software
nginx /
Resource Hash
de8a06fb4a67185897bb2f003cfd6e8171816a7d35796addfb530ddace7e93ff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Tue, 23 Jan 2024 08:52:29 GMT
content-encoding
gzip
via
1.1 321547721678892346072e819a81610a.cloudfront.net (CloudFront)
last-modified
Tue, 03 Oct 2023 13:34:56 GMT
server
nginx
x-amz-cf-pop
BOS50-P3
age
28725
etag
W/"651c1880-e639"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
wwrLlTr1UHf8GMrUPezacrK6Nk9BpWv8RfrTQ2tYVBd45Olh4OG3_Q==
expires
Wed, 24 Jan 2024 08:43:51 GMT
events
api.permutive.com/v2.0/batch/ 		101 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
00ef1955212ebb71c190b03d316162d8ca6e5a772f827b434b3ce90438d06d88

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 16:42:36 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://canoe.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
collect
analytics.google.com/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-72QH41ZTMR&gtm=45je41h0v880952817z879194588&_p=1706028156293&_gaz=1&gcd=11l1l1l1l1&dma=0&tag_exp=71847096&cid=1384250816.1706028155&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1706028156&sct=1&seg=0&dl=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F%3Famu%3D%2Fmah-jong-quest&dt=Puzzles%20and%20Games%20%7C%20Canoe.Com&en=page_view&_fv=1&_ss=1&tfd=6831
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://canoe.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-72QH41ZTMR&cid=1384250816.1706028155&gtm=45je41h0v880952817z879194588&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://canoe.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-72QH41ZTMR&gtm=45je41h0v880952817&_p=1706028156293&gcd=11l1l1l1l1&dma=0&tag_exp=71847096&cid=1384250816.1706028155&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEI&_s=2&sid=1706028156&sct=1&seg=0&dl=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F%3Famu%3D%2Fmah-jong-quest&dt=Puzzles%20and%20Games%20%7C%20Canoe.Com&en=ad_impression&_c=1&ep.query_id=CIKPjJH684MDFSbL4wcd_1MKvQ&_et=3&tfd=6837
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://canoe.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-72QH41ZTMR&gtm=45je41h0v880952817&_p=1706028156293&gcd=11l1l1l1l1&dma=0&tag_exp=71847096&cid=1384250816.1706028155&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEI&_s=3&sid=1706028156&sct=1&seg=0&dl=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F%3Famu%3D%2Fmah-jong-quest&dt=Puzzles%20and%20Games%20%7C%20Canoe.Com&en=ad_impression&_c=1&ep.query_id=CICBj5H684MDFSbL4wcd_1MKvQ&_et=1&tfd=6841
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://canoe.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-72QH41ZTMR&cid=1384250816.1706028155&gtm=45je41h0v880952817z879194588&aip=1&dma=0&gcd=11l1l1l1l1&z=545075369
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
thirdpartycookie
api.viafoura.co/v2/canoe.com/ 		45 B
643 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/canoe.com/thirdpartycookie?section=
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.151.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-151-154.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356

Request headers

Accept
application/json, text/plain, */*
Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-instance-id
i-02ce26f4de12990de
pragma
no-cache
date
Tue, 23 Jan 2024 16:42:36 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://canoe.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Tue, 23 Jan 2024 16:42:36 GMT
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-JPRDS7DYTE&gtm=45je41h0v880952826&_p=1706028156298&_gaz=1&gcd=11l1l1l1l1&dma=0&tag_exp=71847096&cid=1384250816.1706028155&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEI&_s=1&dl=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F%3Famu%3D%2Fmah-jong-quest&sid=1706028156&sct=1&seg=0&dt=Puzzles%20and%20Games%20%7C%20Canoe.Com&en=ad_impression&_fv=1&_ss=1&_c=1&ep.debug_mode=false&ep.gtm_version=55&ep.gtm_container_id=GTM-P3Q4QHW&ep.query_string=amu%3D%2Fmah-jong-quest&ep.ad_blocker_enabled=false&ep.user_status=anonymous&ep.page_type=puzzles&ep.platform=Cheetah&ep.platform_version=15.2.1&ep.fem_version=v94.0&ep.brand=Canoe&ep.timestamp=2024-01-23T08%3A42%3A36.658-08%3A00&ep.query_id=CIKPjJH684MDFSbL4wcd_1MKvQ&tfd=6902
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JPRDS7DYTE&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://canoe.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JPRDS7DYTE&cid=1384250816.1706028155&gtm=45je41h0v880952826&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JPRDS7DYTE&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://canoe.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-JPRDS7DYTE&gtm=45je41h0v880952826&_p=1706028156298&gcd=11l1l1l1l1&dma=0&tag_exp=71847096&cid=1384250816.1706028155&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEI&_s=2&dl=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F%3Famu%3D%2Fmah-jong-quest&sid=1706028156&sct=1&seg=0&dt=Puzzles%20and%20Games%20%7C%20Canoe.Com&en=ad_impression&_c=1&ep.debug_mode=false&ep.gtm_version=55&ep.gtm_container_id=GTM-P3Q4QHW&ep.query_string=amu%3D%2Fmah-jong-quest&ep.ad_blocker_enabled=false&ep.user_status=anonymous&ep.page_type=puzzles&ep.platform=Cheetah&ep.platform_version=15.2.1&ep.fem_version=v94.0&ep.brand=Canoe&ep.timestamp=2024-01-23T08%3A42%3A36.658-08%3A00&ep.query_id=CICBj5H684MDFSbL4wcd_1MKvQ&_et=4&tfd=6907
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JPRDS7DYTE&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://canoe.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JPRDS7DYTE&cid=1384250816.1706028155&gtm=45je41h0v880952826&aip=1&dma=0&gcd=11l1l1l1l1&z=1173208973
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
intl-messageformat.1ffa056616fa00afbfc0.js
cdn.viafoura.net/chunks/defaultVendors~languages/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/defaultVendors~languages/intl-messageformat.1ffa056616fa00afbfc0.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-52.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42716b1e53a7779105575276cedc2e75677bc64e77b0a712bc0d48e2479abd98

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 20:53:36 GMT
x-amz-version-id
K6YX2DhTPOywEHMsosDhkEIcXxdZ3QdO
content-encoding
br
via
1.1 0588a12f9163167120c7c5e825e9110a.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
589740
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 16 Jan 2024 20:52:48 GMT
server
AmazonS3
etag
W/"1c693504509bdbb60c6776720954c7c1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
FZaZgz1AXf2m-MV8-u5hr0k4RZW3r0Oc2FIH-YXa8pbHtyGIMsrgVA==
intl-messageformat.bba378369051b3ea02d6.js
cdn.viafoura.net/chunks/languages/ 		135 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/intl-messageformat.bba378369051b3ea02d6.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-52.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
af979786c73f4c25357e6528bb264f3dffae203ec6ff1adced8b57c3532f6d4b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 20:53:43 GMT
x-amz-version-id
hWlG.vOM9z6j6QBopta2P7z2EI70_7rG
via
1.1 0588a12f9163167120c7c5e825e9110a.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
589734
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
135
last-modified
Tue, 16 Jan 2024 20:52:58 GMT
server
AmazonS3
etag
"41f960d448b03a594d459a897779ddf6"
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
ooK9BMG3SijkLBKWqTOAU4XEZOtN5sL3n0hyZUsgJDqJ4Y8P1N3h9A==
en-us-base-json.22dd055f6ebc67a95f1d.js
cdn.viafoura.net/chunks/languages/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-base-json.22dd055f6ebc67a95f1d.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-52.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b2d2f5d052658ef5589fe450a8654dbeb88d97511ce36f21f1c3bb3b38fa3c24

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 20:53:36 GMT
x-amz-version-id
jLiRAZHs9uvGXsyGLDy3Kq7eIAwF31Qi
content-encoding
br
via
1.1 0588a12f9163167120c7c5e825e9110a.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
589740
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 16 Jan 2024 20:53:02 GMT
server
AmazonS3
etag
W/"dfb5516fd649a383d34843bb4b99126e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
2DnCRNHVXx0nDfD7vGql04Gjt6pfi_n14fo9HmELS-ZbZTKh6AapDA==
1685973801652415
connect.facebook.net/signals/config/ 		146 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1685973801652415?v=2.9.142&r=stable&domain=canoe.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
725c7f25639cdf8e983f31c18286ae22339b07fb98bec314035189ab045af5c7
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 23 Jan 2024 16:42:36 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
vBwuUImuAtXGRJgxhmZe6i2wsmaX7vOeMS7vLxHI6/5wJIBOfnw/uSddMyvtLPU7Yx1Jnimmg7w8mS42TJyYYA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
p1.parsely.com/plogger/ 		43 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1706028156934&plid=51a90c9f-9c2d-4495-9d69-1d6a1a35abab&idsite=canoe.com&url=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F%3Famu%3D%2Fmah-jong-quest&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22login_status%22%3A%22anonymous%22%7D&sid=1&surl=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F%3Famu%3D%2Fmah-jong-quest&sref=&sts=1706028156928&slts=0&title=Puzzles+and+Games+%7C+Canoe.Com&date=Tue+Jan+23+2024+08%3A42%3A36+GMT-0800+(Pacific+Standard+Time)&action=pageview&pvid=50647c8a-c72f-44b6-862f-9fdfd71b5a1a&u=pid%3Df5a9e5d5-a382-45d9-aff1-c0f85a444223
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.144.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-144-142.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:42:37 GMT
Cache-Control
no-cache
Last-Modified
Tuesday, 23-Jan-2024 16:42:37 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=98943528-d020-a9e1-ae76-bd03b0f8993d&tv=%7Bc:26L8hG,pingTime:0,time:1646,type:pf,im:%7Bpci:%7Btdr:1066%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:491%7D,%7Bpiv:100,vs:i,r:,t:1645%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1,o:1645,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:491,wc:0.0.1600.1200,ac:436.109.728.90,am:i,cc:436.109.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1177~0,0~100%5D,as:%5B1177~728.90%5D%7D%7D,%7Bsl:i,t:1645,wc:0.0.1600.1200,ac:436.109.728.90,am:i,cc:436.109.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1177~0,0~100%5D,as:%5B1177~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:43,fm:u2cMhfY+1111%7C1112%7C1113%7C12%7C13%7C14111%7C1412%7C1413%7C1414%7C1415%7C1416%7C1417%7C15%7C16%7C17*.928934%7C171%7C181%7C182,idMap:17*,rmeas:1,rend:1,renddet:IMG.qs,siq:492,sis:566%7D&br=c
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.108.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-108-81.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:36 GMT
server
nginx
x-server-name
dt16.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
LoginRadiusV2.js
auth.lrcontent.com/v2/ 		211 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.lrcontent.com/v2/LoginRadiusV2.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.5.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdd5eb5886d055428379d1938f01e5a186f7f8dbf3efc851ad9e04914302eb59
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:36 GMT
strict-transport-security
max-age= 63072000; includeSubdomains; preload
via
1.1 dc2de227a66d49eadfba1450eb6faa90.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
gzip
age
4248
x-amz-cf-pop
YUL62-P1
cf-polished
origSize=1336927
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cf-bgj
minify
last-modified
Mon, 04 Dec 2023 07:20:21 GMT
server
cloudflare
etag
W/"34dedade3a8f1aa4aa0db4d3bf475de7"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
84a17dad285736a8-YYZ
x-amz-cf-id
C7PwdKWP_xZQfZoGEqej4zLF889lazMxXayxt0zv5AuH9zWmHPisFw==
expires
Tue, 23 Jan 2024 20:42:36 GMT
ingest
i.viafoura.co/v3/canoe.com/ 		67 B
387 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://i.viafoura.co/v3/canoe.com/ingest
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.234.200.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-200-2.compute-1.amazonaws.com
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://canoe.com
date
Tue, 23 Jan 2024 16:42:40 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/png
content-length
67
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1685973801652415&ev=PageView&dl=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F%3Famu%3D%2Fmah-jong-quest&rl=&if=false&ts=1706028157031&sw=1600&sh=1200&v=2.9.142&r=stable&ec=0&o=4126&fbp=fb.1.1706028157025.1816221995&cs_est=true&ler=empty&it=1706028156894&coo=false&rqm=GET
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 23 Jan 2024 16:42:37 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 65E5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BMkQEe-yvZf3cIc-1oPMPz5mxyAQAAAAAOAHgBAI&bg=!ODulO3TNAAa8BdJLnAU7ADQBe5WfODOxjv-34xzH0Gizc_ezXEeNVeP9T3LZ_x8h6QbMpx_KSZVqjUiVKWzDdOY7sUcJAgAAAh9SAAAABGgBB5kC-7kNSNIyzQtpJwUc_iKzDEOZn5DI3jDGhX4o7Wzto2-g7iPXOJiDqDhi6LO5CVBwIN3J3CN50yBeTCRTt-3wlPZPPzrykNlDiUBOoHcDOesyUNQKTV7-OK5wBd2mm1vS-N9AK_GXDzJHwHLDnAEykxwmzDk_30s9Vedh3Skquz5oz-2EMrrBy8VV0KSwfhLaz9ADFd8ftDGzw-GuEtbsZYMeDMEvtnUq49byuyRvjgxBiCHikOQeO9mNiImC4OYK_dDYH-M_yWhr6IhgZRIOFaCdgTfwLojimeQPRIvQw680Ze5jM1ZUypSGLZOcJ_aNFPugztqK2LHuvc4FVLgODS5BS1tGDQ8LY0iBRQmLCYPxkG2obPlCRxawSXj3NyNZy0SmWXUXOfvm8VsbD0bak58OfrGVem003d-KUBWRCfd39qcjeDVOukMeiCOXPjUZWuDi6EmhmMjSeVXkf6_xR6rskdncKg-yy81zJ-h6Dhq3TmtCTAtkn3kau9j2kiWp6HuSUJUsUPXChOZaOvVtNA5JCjfmQXWguWq7S1WDBvzGLtSYIVjYqIaygcgiHFm8N4gsyPoknDcjDNr1OXUnnNUvpVuXk2QZLxKGlxW7zKIT_7Unr8laOm3RjcjcQ7wrZXhZtciuHJB0OYRP6Nm73aPxsrEcTAK0MIx4vf6eTd_6hUB8SELjiQjBozdTrxSPDMlYinKY0rxuyNhhfzi_pFF6XRzjmJM5TVWPzGciNh_m7WUVyAn7WErI06iMObgycm0oGAP2f9Lgnb8i2Tov1QStS51qpdiWF1zvF9sSOSTf2z-o19qR22dr7FdkaUJZwesC84vkqm0XbIRbTLx99n9ZmBOXj_ksjsmaXyV4ypCghERW6CbqOsJrDYXfqUyEFHWEVbNAtsOjphDbHO9aGydO76PTlPkRJubuMnui1V_UZjlyKFTesPWmBboA0YcnGL8AAzdAo-i5hdUg_pee_pDK-vcDeQFWid1qAOXalaz--608EwBVc2CYYJY
Requested by
Host: eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com
URL: https://eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
svod-module-js.af0a0ec7f140c97a1728.js
cdn.viafoura.net/chunks/vuex_store/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/svod-module-js.af0a0ec7f140c97a1728.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
54.192.51.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-52.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0a633cd18a8ef38d694ec323dfd22731854e161f2ebee27b2eb9870a7df78980

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 20:53:37 GMT
x-amz-version-id
t.zI8gKmhAoEWoAYFybiCX12Rnu4S7U6
content-encoding
br
via
1.1 c83536c4e12f4a229fa27266fc5fdd56.cloudfront.net (CloudFront)
age
589741
x-amz-cf-pop
YUL62-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 16 Jan 2024 20:53:04 GMT
server
AmazonS3
etag
W/"29fcd3e8ac2266d59e9874ce666e077c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
3yG74zlL9-Nze6fUrOpk7DPjOCiEz3ShyICsEb8QdJO1vWJaN32Fig==
appInfo
config.lrcontent.com/ciam/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.5.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://canoe.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
x-requested-with
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://canoe.com
allow
GET, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
84a17daf9c0d39ed-YYZ
date
Tue, 23 Jan 2024 16:42:37 GMT
server
cloudflare
vary
Origin
appInfo
config.lrcontent.com/ciam/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Requested by
Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.5.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2036014153a51610b89b576a9f14c2c5c6b03225248e3faad56ca9725214416

Request headers

Referer
https://canoe.com/
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:37 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
access-control-allow-origin
https://canoe.com
cache-control
max-age=86400
cf-ray
84a17dafdc8639ed-YYZ
collect
www.google-analytics.com/j/ 		4 B
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=367411620&t=pageview&_s=1&dl=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F%3Famu%3D%2Fmah-jong-quest&ul=en-us&de=UTF-8&dt=Puzzles%20and%20Games%20%7C%20Canoe.Com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACAABBAAAACAEK~&jid=1807376902&gjid=1521586282&cid=1384250816.1706028155&tid=UA-213173459-13&_gid=68649564.1706028157&_r=1&_slc=1&gtm=45He41h0n81P3Q4QHWv854753396&cd2=2024-01-23T08%3A42%3A36.671-08%3A00&cd7=anonymous&cd17=0&cd23=Canoe&cd24=Cheetah&cd25=15.2.1&cd26=v94.0&cd27=0&cd28=GTM-P3Q4QHW&cd29=55&cd31=puzzles&cd38=amu%3D%2Fmah-jong-quest&cd52=puzzles&cd65=false&gcd=11l1l1l1l1&dma=0&tag_exp=71847096&cd1=1384250816.1706028155&z=203946675
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://canoe.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		15 B
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=367411620&t=pageview&_s=1&dl=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F%3Famu%3D%2Fmah-jong-quest&ul=en-us&de=UTF-8&dt=Puzzles%20and%20Games%20%7C%20Canoe.Com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACAABBAAAACAEK~&jid=1186455950&gjid=1965697020&cid=1384250816.1706028155&tid=UA-138335866-20&_gid=68649564.1706028157&_r=1&_slc=1&gtm=45He41h0n81P3Q4QHWv854753396&gcd=11l1l1l1l1&dma=0&tag_exp=71847096&z=1949097892
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
6daae9ae29d4a659b51bb3741f1845dba56278221573c60313556ab426dfe2ef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://canoe.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-213173459-13&cid=1384250816.1706028155&jid=1807376902&gjid=1521586282&_gid=68649564.1706028157&_u=YCDACAAABAAAACAEK~&z=1291496955
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 23 Jan 2024 16:42:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://canoe.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		230 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GLBG5PB1H0&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
764461b473f10797abf3a1f2d1bfd5deb953e8b3cd8ccd74f84d8c07abf9fc1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83248
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 23 Jan 2024 16:42:37 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-213173459-13&cid=1384250816.1706028155&jid=1807376902&_u=YCDACAAABAAAACAEK~&z=1293204406
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f106.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-213173459-13&cid=1384250816.1706028155&jid=1807376902&_u=YCDACAAABAAAACAEK~&z=1293204406
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping.gif
placement-prd.jwpltx.com/v1/placement/ 		0
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://placement-prd.jwpltx.com/v1/placement/ping.gif?h=-1947886875&e=pll&n=0619486500415225&aid=EP4j6LNJEeu2Q2J%2B7u8ONQ&plv=0.13.0&sa=1706028152201
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.77.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-77-95.bos50.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:37 GMT
via
1.1 077c6e8a1ed045a3d7858ad11d48a172.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
BOS50-C1
x-amz-cf-id
Mo4e-Lx9UBNSRiRn83OlOw5DJXn8YxALZV--o9sa1ApNeIvkiWyo5w==
x-cache
Miss from cloudfront
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-GLBG5PB1H0&gtm=45je41h0v9123934051&_p=1706028156293&gcd=11l1l1l1l2&dma=0&tag_exp=71847096&ul=en-us&sr=1600x1200&cid=1384250816.1706028155&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F%3Famu%3D%2Fmah-jong-quest&dt=Puzzles%20and%20Games%20%7C%20Canoe.Com&sid=1706028157&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=7308
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GLBG5PB1H0&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://canoe.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A308 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst8HHdZx0maOC8N5VQW_DT9sQ2UbLKt4oV6OU8BzVAD92q48Eh61y2dhymxLfnLAoNgqB7IPr5sMwnfTdfiQMHrSD8QFL1Hu_zvKeSEsYnROAdeRArcy2q2zl69t-0YKJybdBUwTlIlDlUModWAzfAMefLm&sig=Cg0ArKJSzKzgk-Ms-w6VEAE&id=lidar2&mcvt=1003&p=109,436,199,1164&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20240117&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1740580364&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1706028155148&rpt=1194&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
login
postmedia.hub.loginradius.com/ssologin/ 		38 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Requested by
Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.214.92.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-92-171.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://canoe.com/
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:42:37 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
LoginRadius-Location
US1
Server
nginx
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://canoe.com
X-LoginRadius-Server
Primary - IDX - AWS
Access-Control-Allow-Credentials
true
X-Server
ms_idx_primary
Connection
keep-alive
Content-Length
38
login
postmedia.hub.loginradius.com/ssologin/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.214.92.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-92-171.compute-1.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://canoe.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
x-requested-with
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin
https://canoe.com
Connection
keep-alive
Date
Tue, 23 Jan 2024 16:42:37 GMT
LoginRadius-Location
US1
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-LoginRadius-Server
Primary - IDX - AWS
X-Server
ms_idx_primary
identify
identity.mparticle.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-mp-key
Access-Control-Request-Method
POST
Origin
https://canoe.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
age
886
date
Tue, 23 Jan 2024 16:42:37 GMT
server
Kestrel
strict-transport-security
max-age=900
via
1.1 varnish
x-cache
HIT
x-cache-hits
653
x-fastly-trace-id
1415369558
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-yyz4524-YYZ
x-timer
S1706028158.755288,VS0,VE0
gtm.js
www.googletagmanager.com/ 		234 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5KMC8ND&l=dl_mparticle
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
0cc3ae4bbb2ea29770f2e82f18ac3049f77d6a886fa811da3f5e6f2acdf98ea0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69178
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 23 Jan 2024 16:42:37 GMT
identify
identity.mparticle.com/v1/ 		175 B
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e1515ccea1ec386aaefc15721361c9a53c3d83b9e4bf59bf5ce32821db73df56
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-99b65fde89a1a145894d2d51d283cc83
Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 23 Jan 2024 16:42:37 GMT
content-encoding
gzip
via
1.1 varnish
x-mp-max-age
86400
strict-transport-security
max-age=900
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache
MISS
x-served-by
cache-yyz4524-YYZ
server
Kestrel
x-timer
S1706028158.773455,VS0,VE39
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-fastly-trace-id
1415369656
accept-ranges
bytes
x-cache-hits
0
gtm.js
www.googletagmanager.com/ 		230 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NFGNKKG&l=mpartical
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e7d3de85ce63f6223f0af56e89676aaf2b4ed9cc933c1b01ba0d8a9c6d752ca9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74476
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 23 Jan 2024 16:42:37 GMT
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-yyz4549-YYZ
date
Tue, 23 Jan 2024 16:42:38 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1706028158.139095,VS0,VE120
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 38E8 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=95780926&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
d1007465a06534d5791799302640f485cb118b4157b5b299c1915d2e7d1ebf62

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 23 Jan 2024 16:42:38 GMT
content-length
1736
content-type
text/html; charset=UTF-8
identify
identity.mparticle.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-mp-key
Access-Control-Request-Method
POST
Origin
https://canoe.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
age
886
date
Tue, 23 Jan 2024 16:42:37 GMT
server
Kestrel
strict-transport-security
max-age=900
via
1.1 varnish
x-cache
HIT
x-cache-hits
654
x-fastly-trace-id
1415370168
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-yyz4524-YYZ
x-timer
S1706028158.867649,VS0,VE0
identify
identity.mparticle.com/v1/ 		175 B
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4a8e6d4ff3a5e6a911b5b72fc651587a5c8dda0243c9521e6d26c16b9a362e2b
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-99b65fde89a1a145894d2d51d283cc83
Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 23 Jan 2024 16:42:37 GMT
content-encoding
gzip
via
1.1 varnish
x-mp-max-age
86400
strict-transport-security
max-age=900
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache
MISS
x-served-by
cache-yyz4524-YYZ
server
Kestrel
x-timer
S1706028158.885697,VS0,VE41
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-fastly-trace-id
1415370274
accept-ranges
bytes
x-cache-hits
0
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		0
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-yyz4549-YYZ
date
Tue, 23 Jan 2024 16:42:38 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1706028158.139051,VS0,VE30
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
identify
api.permutive.com/v2.0/ 		50 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
49342ffccaa0e1636d0f3085d7121872a987d9ea333c41426d393335eb7a7815

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 16:42:37 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://canoe.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
client
accounts.google.com/gsi/ Frame D8B4 		207 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: securegames.iwin.com
URL: https://securegames.iwin.com/m/console/v_313/site-console/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f84.1e100.net
Software
ESF /
Resource Hash
e77b0f154ac2aff8d44ea6201fc78e6b71d565ca7a61f9335f289fbe4690d294
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rdy4rRssKd8k71HRQ8cElw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securegames.iwin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:38 GMT
content-security-policy
script-src 'report-sample' 'nonce-rdy4rRssKd8k71HRQ8cElw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Tue, 23 Jan 2024 16:42:38 GMT
events
jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		41 B
157 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/events
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
3f65e46d74bf28b1ad929885f5cae1edea4e64dc30c9f8379f196e3cccb5046f

Request headers

Accept
text/plain;charset=UTF-8
Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-yyz4549-YYZ
date
Tue, 23 Jan 2024 16:42:38 GMT
content-encoding
gzip
via
1.1 varnish
server
Kestrel
x-timer
S1706028158.139028,VS0,VE31
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=98943528-d020-a9e1-ae76-bd03b0f8993d&tv=%7Bc:26L8xV,pingTime:1,time:2653,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:491%7D,%7Bpiv:100,vs:i,r:,t:1645%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1008,o:1645,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:491,wc:0.0.1600.1200,ac:436.109.728.90,am:i,cc:436.109.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1177~0,1~100%5D,as:%5B1178~728.90%5D%7D%7D,%7Bsl:i,t:1645,wc:0.0.1600.1200,ac:436.109.728.90,am:i,cc:436.109.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1006~100%5D,as:%5B1006~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:56,fm:u2cMhfY+1111%7C1112%7C1113%7C12%7C13%7C14111%7C1412%7C1413%7C1414%7C1415%7C1416%7C1417%7C15%7C16%7C17*.928934%7C171%7C181%7C182,idMap:17*,rmeas:1,rend:1,renddet:IMG.qs,siq:492,sis:566%7D&br=c
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.108.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-108-81.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:37 GMT
server
nginx
x-server-name
dt19.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=98943528-d020-a9e1-ae76-bd03b0f8993d&tv=%7Bc:26L8xW,pingTime:1,time:2654,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:491%7D,%7Bpiv:100,vs:i,r:,t:1645%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1009,o:1645,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:491,wc:0.0.1600.1200,ac:436.109.728.90,am:i,cc:436.109.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1177~0,1~100%5D,as:%5B1178~728.90%5D%7D%7D,%7Bsl:i,t:1645,wc:0.0.1600.1200,ac:436.109.728.90,am:i,cc:436.109.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1007~100%5D,as:%5B1007~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:56,fm:u2cMhfY+1111%7C1112%7C1113%7C12%7C13%7C14111%7C1412%7C1413%7C1414%7C1415%7C1416%7C1417%7C15%7C16%7C17*.928934%7C171%7C181%7C182,idMap:17*,rmeas:1,rend:1,renddet:IMG.qs,siq:492,sis:566,metricId:publ1,cmr:t%7D&br=c
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.108.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-108-81.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:37 GMT
server
nginx
x-server-name
dt01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=98943528-d020-a9e1-ae76-bd03b0f8993d&tv=%7Bc:26L8xW,pingTime:1,time:2654,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:491%7D,%7Bpiv:100,vs:i,r:,t:1645%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1009,o:1645,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:491,wc:0.0.1600.1200,ac:436.109.728.90,am:i,cc:436.109.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1177~0,1~100%5D,as:%5B1178~728.90%5D%7D%7D,%7Bsl:i,t:1645,wc:0.0.1600.1200,ac:436.109.728.90,am:i,cc:436.109.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1007~100%5D,as:%5B1007~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:56,fm:u2cMhfY+1111%7C1112%7C1113%7C12%7C13%7C14111%7C1412%7C1413%7C1414%7C1415%7C1416%7C1417%7C15%7C16%7C17*.928934%7C171%7C181%7C182,idMap:17*,rmeas:1,rend:1,renddet:IMG.qs,siq:492,sis:566,metricId:grpm1,cmr:t%7D&br=c
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.108.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-108-81.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:37 GMT
server
nginx
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
audiences
api.permutive.com/audience-matching/v1/id/f80bfe7c-8bf1-4b66-8572-7ca4eb194b36/ 		12 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/audience-matching/v1/id/f80bfe7c-8bf1-4b66-8572-7ca4eb194b36/audiences?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 23 Jan 2024 16:42:38 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
content-type
application/json
style
accounts.google.com/gsi/ Frame D8B4 		533 B
586 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f84.1e100.net
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-dikuWXF_guvWOZ8TRWMv9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securegames.iwin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:38 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-dikuWXF_guvWOZ8TRWMv9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Tue, 23 Jan 2024 16:42:38 GMT
button
accounts.google.com/gsi/ Frame 49A0 		115 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/button?type=icon&shape=square&theme=outline&text=signin_with&size=small&client_id=238531725567-d93kvm0isfq740t15a0btdc3m4gq8lif.apps.googleusercontent.com&iframe_id=gsi_158353_685630&as=MpiuZPfQnTaHQWZO31dtjQ
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f84.1e100.net
Software
ESF /
Resource Hash
6a10bc2b23ac5215694bbb4a6b5b083fa17d06cc031a2e5c05aca7f7228f78fe
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-J9sg-3ilAhHuMYsuhQO2Lw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securegames.iwin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-J9sg-3ilAhHuMYsuhQO2Lw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
cross-origin-resource-policy
same-site
date
Tue, 23 Jan 2024 16:42:38 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-xss-protection
0
button
accounts.google.com/gsi/ Frame 6341 		115 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/button?type=standard&shape=rectangular&theme=outline&text=signin_with&size=small&logo_alignment=left&client_id=238531725567-d93kvm0isfq740t15a0btdc3m4gq8lif.apps.googleusercontent.com&iframe_id=gsi_158371_257981&as=MpiuZPfQnTaHQWZO31dtjQ
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f84.1e100.net
Software
ESF /
Resource Hash
6ffb386fbfb669d801c56e6a62ae5949c6fbd262b43cda5668c8168fb76a4e3a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http script-src 'report-sample' 'nonce-mne95WWosrHvAmrhpfZYNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securegames.iwin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http script-src 'report-sample' 'nonce-mne95WWosrHvAmrhpfZYNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
cross-origin-resource-policy
same-site
date
Tue, 23 Jan 2024 16:42:38 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-xss-protection
0
button
accounts.google.com/gsi/ Frame 7E36 		115 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/button?type=icon&shape=square&theme=outline&text=signin_with&size=small&client_id=238531725567-d93kvm0isfq740t15a0btdc3m4gq8lif.apps.googleusercontent.com&iframe_id=gsi_158373_917573&as=MpiuZPfQnTaHQWZO31dtjQ
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f84.1e100.net
Software
ESF /
Resource Hash
633e3b52550dd8d6362e6184480efe0c56ff65091a6eb595825c96fcd52fa50d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WARn2VFXT_ORuKGDCjfajw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securegames.iwin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-WARn2VFXT_ORuKGDCjfajw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
cross-origin-resource-policy
same-site
date
Tue, 23 Jan 2024 16:42:38 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-xss-protection
0
button
accounts.google.com/gsi/ Frame 5C45 		115 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/button?type=icon&shape=square&theme=outline&text=signin_with&size=small&client_id=238531725567-d93kvm0isfq740t15a0btdc3m4gq8lif.apps.googleusercontent.com&iframe_id=gsi_158375_158463&as=MpiuZPfQnTaHQWZO31dtjQ
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f84.1e100.net
Software
ESF /
Resource Hash
43447eb29f6fd4dbf663b12c12625c2378ac0c7c6085685861bdb548002bf689
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wB3T53xdAsmXinbpkN6HNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securegames.iwin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-wB3T53xdAsmXinbpkN6HNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
cross-origin-resource-policy
same-site
date
Tue, 23 Jan 2024 16:42:38 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-xss-protection
0
identity-sign-in-google-http
csp.withgoogle.com/csp/ Frame 5C45 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/identity-sign-in-google-http
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.141 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f141.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers
identity-sign-in-google-http
csp.withgoogle.com/csp/ Frame 49A0 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/identity-sign-in-google-http
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.141 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f141.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers
identity-sign-in-google-http
csp.withgoogle.com/csp/ Frame 6341 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/identity-sign-in-google-http
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.141 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f141.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers
identity-sign-in-google-http
csp.withgoogle.com/csp/ Frame 7E36 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/identity-sign-in-google-http
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.141 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f141.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers
view
googleads4.g.doubleclick.net/pcs/ Frame 239A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsty_6zNmc0ul0NqvI8UBeYXTLpr9yXZRonB5IaGN0RW23ty6YA4JAQj6fwv-IuAbhoiKTp0gBM3S0LSGdB32BE2EXr_PxN6ldVzv4kbMuWSSEugbscjhjZdGWBx6qz3Ob4P1Xad9oDQCt3QDhaNE1RQf46V2RZcHseTtHEZVKLkXmtspdzHxzmlK3k4ZVrC4GpudrkWTxjWg5FFfwHvj3k6BOTcktjizrZlR4ERQvnCV5OnXBBq7GRXMRJDn7RtBDtHeSc7ukrGTM6bGv-EbAZsxfBYHU0d5Ze493w0rMAyFB--mKPO65WbQxFQKk6bIOUrvS3AVAJ97x4JIgZiFyCcIAu6YKclAGQ2aOdoeHcQ_Fe91Tl3Rx2sSioZZFHewLsqNJSVLs8sqqk4L_nGgkwwhhFcflQtkyLf9SGIyneICq_kM0tr7pNayb0DX7hhhzx8r3YiefVQe_Nj326fBMhgsIGvCdOqLuTrDGONTQoX7LqwwQmgdasOXoO8ONHhnE9L8RbqtUj04rSFGbVWZqokPSOz1r47u2P-K32fFCbTri8IpoI_uI1u8uO-2DwiRxRz5xCFaNZeKq1jXE65YsMVbb35J_lKfwoJ_9gW6AjsV6FnCyUOhUpOtwcdOJ--mJ2v84ktshZRvQHTIjAGA96uM_WpGQ8ILvB_Q6nsfcYwibsB-DM9Q-Iw4FKVEb2Ybr3v--2YSF3IPwrykkeYn3kdy4oNTjwD8sdJ2dCmHXJYDr03C5Zc-Z_AUhFqesxKV870ykXIIwjvi2p4Us-iVpXwwUMZSufqJB01sufYqMdsX35Vesuy55-lV4N45Zar1pFfs7dcHtFy0OFv28lm-FQH5ijASKoB3fV_imc2HgWw0zZGf7UEd_COHlsr1OpKMpqPnc-Rk-BLtQrJiS2xdNMfeq14xNLsKhW8gEk6-A2eFPH-oT9-Vku5-BsljEZq-HqlVWekfrp9ixkSJV4_1DtNLDXtTJKa2XsnWVhm8j8Q0W1rGhkZt9APloSkthMlxodA9R4_65H2LUxzpZPwpkvIf_g8Vnl-jUPI4oapULafm0e3UEtxjMMoGt4fBvVGvGi5PcQEfsh8u_HBhwoyPfxXF91H9ZVGIT8L1QDqpN110G7y2K0xK7dz12T53wRZ3nHYHcCJ3uqanWxTNPAiucBz33MkTDihqMBMzt9x36CK8IeasWIogF0cnBNFRBmCJ-MEYqrDwRCgC2dmB4wJyWCfSKhKe1zdiXaonKqLClw8V07YWPZoBifohZL_6j0FsECTgDYv4L88l5s8YgRLiDnYVEcerhug15EVrY7SbrJsjhBH4E3WGCJrWsaKuue46GeK_DVaxw&sai=AMfl-YSSDmb0gREggMmQGt_ayJoyz6QDCW1ICuT0cf0fiE983nfSY8Q2L5sJ5mB0afkdiD8Bk27kxLhh67jDBB-Bd6cRMp8h4TfA4cyav60F_hzmSDEUdOqXZEPulmXBFr8WJ86NM3lDFdbsEbAGspc6Ux57FzZZ_s81C7oCweFnBGZrJeLeh-S_lkpEo9Lx8M65JKuRIVQCFutrjSjsz4Jxc7OVXEVoZSob1nOM-cjn2_iEZCe-J_c3bv-N_wE&sig=Cg0ArKJSzBvSUjp--UuWEAE&uach_m=%5BUACH%5D&pr=13:Za_segAAAABLxLzprwbdH4TXxCIk3_2qKoqoSg&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=3315&vt=11&dtpt=3313&dett=2&cstd=0&cisv=r20240118.61222&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AbgWOwrMy1qnctzymFYx-Di6a6JzNKBUhLq1BXy22iRHLClYtlBkEKGQup3npFCU4RASeb6wnmRv7IOZw0jFwkgNqappie1lVkAILahNcS0zt9iwf1L0BWmU2RtTwZOp4jfY6l9u3Yhoz4G6yrJq-tgRt3O_g3vlErMc3xabn1TRFKOKATVVyzGU51LBXeUcMwZHPR9i6biLOe7lJu6mGwFYFPxQBfCu2MfAQ2vP8b2PQ4TKE&dbm_d=AKAmf-A0TtBbI1tU0ASRhPwl3KQXpxM3iCy9ZlkrpNjSIZV4R6NtB8PfGwfJh1c4zjWrh4vP1OehmiwZLvLmhF-YP_G6RbY9kfod3j5HDSS8OFDNMX22NDXE1K75-ExPyXl7Fi2qBpFP28xiXvrdbCXacF88K26RxzSuGDDaIhIltz5n2TQWyupMNp6mU59OkWELw8e4ejboqgkxxWyX2O5CoBliUlvneyKpfN3nxSDazsL48rSYOqa8glYecjKrAswqTSxKpbR6XMQ68Oz4Xpz-aKup4_D88ZwbQ5VQ-jE9bexv9vRwEVoKaYxkHnmPH-B2s7YNdzBvgK2t0HBJhVoOyRlxWgs-z5Ij1adF4FODcUD5RtBVlMC65_lUbGxxMPd0Twn6jG-8ioLL9ymjCJ0ejOR1vwLN6ycFbZsIevS97m9qZ7a7f10hovB8xh56b6spxmGRaSLkEJ0NH1_K-MB_5bV_hTfXEYUpOb8p4cXl4Jik6o6lwKhhuQV7mWMkfDGPevU6RF_0DQXevR_sJKON6MSIJCT4oJ6fnCxOPB0KbGpv6oT-fwuFRA5rUmmy3r0SOcy4UlU37fUTCMXzKlmt8EWHCvrFOlCqviK0H6dPcH06cVWDT5JjKFrYNR_Du3G4EOJZIcC847vUyO8zN-6Rfh_dPJktoZl-KpRU6raqkOJ_Qv1G_OJeOi4gzlV4B7CXeX0VDG8jTDrYJZJqUW_PKScrrrO7QkMNTX0YAciW3yjYuXFy1YSQ90JnZa9gTz3Vz8wVJr-cnCdsmNDV8D-SqsaxhiAvQ5ZzRR864hbMr0zW-bvfh52VV8Eic_K-11S6XFx5NayCEHuoUqrRy2xEXLTeD0OEeh1iTecjztXy-kR1Hsy_qtXXF1-0tsM1l5P3X9ppKN_vdVLPRA5Mf5CRBT9DFPWdTrEltkVJRhOMuadY7QrE5-NGOIBx8R0FkW7dSJHIH26KtKGKq7BM5qUwkIBewigC-5x-SNklYam_NzKVm9qKaWEXGix7pzt-6sUqAytJcOhHcY9KXCmlKijEQBBNXxOf1JYvVLEkumUOPXMr0ee-6NOxrAWasXPkBYiLDpAnvo5h11S80O9rVoV9UCksaqIArDt0VnsTzCHaeaoiquKONMH4Q4BaYKFJVhhKltvcVAYNGiasCBZzt8RKUeYzGySB7eFCnnIWgGsU7XBI-3Ix_PAHi0jnxkwLjZfZXSYqiLRTNIhWcp6lV9AO6Ug-j3r8EsrU1ErpScZqlEGjdYlwwUEsY_4Hb-1zFDu5z74b_grgLED62930PFIJzPB3wMjwjWmxk1PVV38IZ_UPPvZ6qOmVmVzW-tLa2iLysYPWWJbSuHoGTkadCg9xr7x_sXw6Ysh-BaGx1JRap2B7ulYB5SNNGRgN0aMoxxYSR39TdjBs2ckjrNhwXtilbMJtHnzfkamsinDPM1Zrx-VtDgh91NaKHFZQAKuQrXB3EMU7oaJU23tzbInww3BtnCMe85W_cOdeucVaSmt2q2nrzd5sLy-8X_2H0JHIT-ddkcIhwgDeeDVyTY4Pc7mtZZBr6pCLqcRnikwmZJWRq_fuVc8WDe5UaTp3Rx-ODXw8wgKFiWSprzcC4aqwsq54MT4wGSn8dnI6H3wwdCTKKvCdY7RvUA_HjYtEmaCjH6QaQd3DuRp3lm2fdkCN_RRXrFf-i2RpE0JPWIT7tRhkDz5V9VJKhy7tOn2yhO4ZRSjVqUcjHv-S3GGM6LXV2aa8g5p3pgGcMZ5VkY3KsZ-CGRCqDWM3Nvtj5yOh0zMfq_f83guz28HboW-3rnDiZQGNSALhoiPrXP3sZ4RUOvKnLsvGVcy0qe0tMOvsA_qN7L-KcmWan1kQZ0db6PGT5uR54yRHnAwzTOiGzEoIBy_uAgBf28W8oqyhQAZ_VQ17lSxS0DM2C_dxeTyKjmHrC9LwKY-bMLykD84CMdC6-2JAYHSboMtFCnnlobhUF5rsSKI0cErxYOwVASnsyUYXoHUSI6F5R5a1yQb7bnp-sSdEJS5Vy8ejBdshOuiAUza9EEToZ22tu6tN-VNgV8-txY6ArTyRrOZu0CGiETr8kNxCrGg3IODE5fxPaJQbWpvhwKeD_Got2g9aaWwnRceLXZeuTn847nz8Zghep1mkbG8xrt3NVk0oSdzoJOXS_i7nUqMDPLuXUsRV0u8cyWByGnvGQefK1aAdUpxjeTVF_3VCIBkQXe3IVbHU_9_Av2Y6FtA8OP-AOAi5BdC2UmkiPAQfcE9U9yeG7FqhxjQhEx8cI2o6F6X13igLXfjKJXXhF4Yaz1XFCfun9uOToUDYAhHwTRIMtrtN6CckHGm2HfIXpaYgdHEhMzq3kEBij9C9PRbEw80wuq7uEo8cPoZNmQ8J2VEYT9BbUiy8oGDilhMxj41Hk7WZ0n1gH6AzVR3Q7zDIBIlEVbmdAfoCEEZgdLwzzYaxEr1tjSo9TLVBTsx7bQtw3DgONIOqdn9BV0r_lFv4cC0QYoD6lPzzi-KBIHg6r8aWw8uYUykR3jM-rohG8pzDPXGA6iGYBiiamo6AP31R2k9CypWYfjt8BSTXPU6bybYxbP91vake5YxIBacPeXrUgcLoyro5rjX4BhX8zMs7CF-QxZ-g2bN3tMhN-TRd_0gYDU7x3ESnCqYDOqRZ6e_zOtbj8Hf7z30F1zsLuBisNeBhRVAFT1esacbLf7JNhRzJ_oLMqqXLRNpyKTSEW3Y0uiym7l5yIojr9azlIL3RrK0HO93nu1vEWWeiJb2T9gstVJ-rJ8KAKh-4ghZoQNDB2cbkj38jUsVXS9ba38AbX81K3SxmKgHeMV2kBl1FdUmEiEUxev364PC_qtYH_TaWsUcdqqUoduE_RPPdA-emLWjCzmRY-pfoNm67-EZvTLWN5doufFVKrg4dyKHN5_SD-hVSbnFaUwUI1dMiUatAyhYjjX2gkRxPR_xmdfw0G6a7WNnOJtpLqUchwqpfpCNOL5IYn4sf_J-e-jygg2s9en8f1njU6MqjtHIn65yd2eZm-qxjWa9wcD1KAJrqhEr8LWefiPNr3uO5b5T17O4RX6a7_dIUg7mArtjnxUaqsVgC_5u3jzCHPPvxzYMQ1JKKNyDBO3lMV9PnmHPkEL_blraXNNPIAf1zjOjWgqfM2g88AH9AIzQqhN5PDgUfHbwTBYgx-po06DjxjmrwqSOWEh_02EZeW-0g7peukyoTSXzBQq3VuymiRxcF1M0Go5IN7tVjQDUT8andGE5kZEAhNDqoJNahCQ3wsnOy5hlXvREDC-qnjh2VRAy4Rto8wgg-B0nbKnYIN06O8zkR_WqcWJx6U9WOnigWwP80kP7wWKZfwmf8AL4mkUTjH1fHxD2BIqqdBKHAeuUDvLsj5GTSyAVM6gTW3buQDq1RCy1oYfvM2xr5-_gd6Rh52YRcIVC7yvh_pKvtbZZbRNLhwiY8NM48PF2aY4dEtRLzgo3HUTCdSpFnWomxsEwSZXPjuGtOIoo9IxAP6Kf_yNeDPpZwFAw31qZvyl_Pn0jgyeLx3ICbbF-xNApot6fgqNlRmfixQZ1NoyGVW6EM1kxbEzr0eG3UhNkCs8NY16HNSIshbOfzrr3VgHmXEB1PvkboTzer2jkepO7zNap87qY0u1udUISHQxa7&pr=13%3AZa_segAAAABLxLzprwbdH4TXxCIk3_2qKoqoSg&cid=CAQSMgAvHhf_5EXDWjxyieR06lglmTVINoi-v5vvj7XXcXdBfd9dkjdm5NAZBw9AiUFy0e0uGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcanoe.com%2F&ds=l&xdt=1&iif=1&cor=6016225412002137000&adk=4209541047&idt=176&cac=0&dtd=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
dcm
s.amazon-adsystem.com/ Frame D7E9 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=ED8F601A-59AF-4F56-BE0B-66862A6798BD&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 23 Jan 2024 16:42:39 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
XVXPN8CHXXYD71YFKR8F
ecm3
s.amazon-adsystem.com/ Frame F9BB 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDED8F601A-59AF-4F56-BE0B-66862A6798BD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 23 Jan 2024 16:42:39 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
B30KRSFT9Z7C3G9X83Z3
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 38E8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7Y9gGlmvT1a-C2aGKmeYvQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
23.204.76.201 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-76-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:39 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=43491
accept-ranges
bytes
content-length
5622
expires
Wed, 24 Jan 2024 04:47:30 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 38E8
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=ED8F601A-59AF-4F56-BE0B-66862A6798BD
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=ED8F601A-59AF-4F56-BE0B-66862A6798BD
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=7a6ae2f0-2655-493e-8615-e345dceafb1c%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0e0d8cbc-0294-4a4b-abc3-1e542e539358&ttd_puid=7a6ae2f0-2655-493e-8615-e345dceafb1c%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0e0d8cbc-0294-4a4b-abc3-1e542e539358&ttd_puid=7a6ae2f0-2655-493e-8615-e345dceafb1c%2C%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:39 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0e0d8cbc-0294-4a4b-abc3-1e542e539358&ttd_puid=7a6ae2f0-2655-493e-8615-e345dceafb1c%2C%2C
date
Tue, 23 Jan 2024 16:42:39 GMT
server
Kestrel
content-length
359
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame 38E8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20ED8F601A-59AF-4F56-BE0B-66862A6798BD&rnd=RND
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame 38E8
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7976&xuid=ED8F601A-59AF-4F56-BE0B-66862A6798BD&dongle=u6nf&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=ED8F601A-59AF-4F56-BE0B-66862A6798BD&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=ED8F601A-59AF-4F56-BE0B-66862A6798BD&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 23 Jan 2024 16:42:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7976&xuid=ED8F601A-59AF-4F56-BE0B-66862A6798BD&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
date
Tue, 23 Jan 2024 16:42:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Pug
image2.pubmatic.com/AdServer/ Frame 38E8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RUQ4RjYwMUEtNTlBRi00RjU2LUJFMEItNjY4NjJBNjc5OEJE&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 16:42:38 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 38E8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIxcm7xe7_RQf2kqWWHryEM&google_cver=1
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIxcm7xe7_RQf2kqWWHryEM&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 16:42:39 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIxcm7xe7_RQf2kqWWHryEM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 38E8
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:379EDC97AC90427FAF93A23828F07680
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:379EDC97AC90427FAF93A23828F07680
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 16:42:39 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Tue, 23 Jan 2024 16:42:39 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:379EDC97AC90427FAF93A23828F07680
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 22 Jan 2024 16:42:39 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 38E8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0e0d8cbc-0294-4a4b-abc3-1e542e539358&gdpr=0&gdpr_consent=
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0e0d8cbc-0294-4a4b-abc3-1e542e539358&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 16:42:39 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0e0d8cbc-0294-4a4b-abc3-1e542e539358&gdpr=0&gdpr_consent=
date
Tue, 23 Jan 2024 16:42:39 GMT
server
Kestrel
content-length
355
ED8F601A-59AF-4F56-BE0B-66862A6798BD
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 38E8 		43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/ED8F601A-59AF-4F56-BE0B-66862A6798BD?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.152.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-152-105.compute-1.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:39 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
envelope
lexicon.33across.com/v1/ 		42 B
58 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a0000344KfnAAE&gdpr=0&src=pbjs&ver=8.23.0&coppa=0
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 16:42:39 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://canoe.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
pd
u.openx.net/w/1.0/ Frame 79D9 		199 B
202 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer
https://canoe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
151
content-type
text/html
date
Tue, 23 Jan 2024 16:42:39 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame 2F28 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.202.153.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-153-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://canoe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 23 Jan 2024 16:42:39 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FF72 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.204.76.201 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-76-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://canoe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=43491
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 23 Jan 2024 16:42:39 GMT
expires
Wed, 24 Jan 2024 04:47:30 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 9FD0 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://canoe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
419
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
84a17dbd89415491-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 23 Jan 2024 16:42:39 GMT
expires
Tue, 23 Jan 2024 20:42:39 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame F8D7 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://canoe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
40555
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 23 Jan 2024 16:42:39 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 18 Jan 2024 05:26:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
471, 61136
X-Served-By
cache-lga13626-LGA, cache-yyz4546-YYZ
X-Timer
S1706028160.608272,VS0,VE0
usync.js
eus.rubiconproject.com/ Frame 2F28 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.202.153.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-153-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
04877ee93fc507bf82ffde243cca15bbefed395eb1d1385558b46d5c27b27997

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:42:39 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Jan 2024 12:28:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=71143
Connection
keep-alive
Content-Length
10965
Expires
Wed, 24 Jan 2024 12:28:22 GMT
async_usersync
ib.adnxs.com/ Frame F8D7 		0
918 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:39 GMT
an-x-request-uuid
1f27a0e9-44ee-4127-b52d-6b3fa2f8547d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
86.48.15.240; 86.48.15.240; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 82FD 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcanoe.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38cebd79beb6c0c1cbb91dd71c79cb01f3c5d8e80128374f5bb2d54df3d5848f

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
84a17dbdf85736fe-YYZ
content-encoding
br
content-type
text/html
date
Tue, 23 Jan 2024 16:42:39 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VxpUCNicut0QgZqgOQm12i6UaaaT8ndlIz2FLobRpdgXqEjXO66LqylQtNfXQYv9DCoyw50hr49Tk1emM%2BNQ0K5BcajEamQ7wdhlRkzRYO48bTF96oCHUVZr9t%2FmiaAHYLZht%2BUWU4WYQA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
rum
dsum-sec.casalemedia.com/ Frame 82FD
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=QUu1oBId7PZaHbKlFEv58RFK7PJaTeX-FEw17RHb
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=QUu1oBId7PZaHbKlFEv58RFK7PJaTeX-FEw17RHb
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcanoe.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kVq2KIRNSs6AOwxL22zxlrrNBvZKLCYiJvgqLuoUWRHXEeDKZJs9w8VDxl1abbApYy%2FE0HR1eW7JscDUbmyhbM%2BpSj9ceqnVgh825KgrzxCJ5GkdUDjwfzOPQPMWfyXgCiA6zoqnmYYWkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84a17dc57ed936fe-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:40 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=QUu1oBId7PZaHbKlFEv58RFK7PJaTeX-FEw17RHb
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
user-registering
ads.stickyadstv.com/ Frame 82FD 		43 B
654 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=Za_semtaVxDTT_gsvb43vwAAA9oAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcanoe.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.133 Secaucus, United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 16:42:42 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1706028162855010-140
Za_semtaVxDTT_gsvb43vwAAA9oAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 82FD
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Za_semtaVxDTT_gsvb43vwAAA9oAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Za_semtaVxDTT_gsvb43vwAAA9oAAAIB
43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Za_semtaVxDTT_gsvb43vwAAA9oAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcanoe.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
34.203.152.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-152-105.compute-1.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Za_semtaVxDTT_gsvb43vwAAA9oAAAIB
date
Tue, 23 Jan 2024 16:42:40 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum.casalemedia.com/ Frame 82FD
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=6e890aecd37f1310&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAHdqz9RA7mpAM1LB10AAAAAAA&expiration=1706114560&is_secure=true
43 B
724 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAHdqz9RA7mpAM1LB10AAAAAAA&expiration=1706114560&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcanoe.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bfgxRfwlifDs6MJEqUAbMlU%2FgpM7aC2TLGgocp%2FHS%2BVmShMjfixTCjwvJ%2Fw7jjhgEEg2cecM0DHQ%2F9HajyJmsgZrrI6cD73y0y43LohBIDYP7LrTmTKpbjf9NmGAXCNOse2DGsp8"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84a17dc5efb036fe-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:40 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAHdqz9RA7mpAM1LB10AAAAAAA&expiration=1706114560&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
rum
dsum.casalemedia.com/ Frame 82FD
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=a3bee66b-d742-4693-b5cb-a6a9f2d75f7b&gdpr=&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=a3bee66b-d742-4693-b5cb-a6a9f2d75f7b&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=070c53d6-38c1-44b5-afe9-e64964f7c566&ssp=index&expires=30&user_group=5&bsw_param=a3bee66b-d742-4693-b5cb-a6a9f2d75f7b
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=a3bee66b-d742-4693-b5cb-a6a9f2d75f7b&gdpr=&gdpr_consent=&us_privacy=
43 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=a3bee66b-d742-4693-b5cb-a6a9f2d75f7b&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcanoe.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F4t8s%2F6a3tLGuDp%2FOrJrKQKnLZ%2BbsRd2NI5Yllvl9bwE70S6ppVLaZkWcrOfV1vIeOiv4Zsgxm72xbvVNsFVr2TYA4hGng0G%2FDo87HKCGA7%2Br32LdU%2BE0a6XKmHpd13CPw0mYESF"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84a17dc1c8fb3703-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=a3bee66b-d742-4693-b5cb-a6a9f2d75f7b&gdpr=&gdpr_consent=&us_privacy=
Date
Tue, 23 Jan 2024 16:42:40 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame 82FD
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4060097250248549399
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4060097250248549399
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcanoe.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nSiB00OACb5Kmz0NKHG0yLxttJvFiHnT2SAk18oxu6ZmkTfCI1Jf4BKL3LxKJnhQSm%2B0W8ehjzXdG0vBqE1z0PUZexM5z1Y8lSyq%2FkOEdBs0%2BAFoGdiwLRAcQPvbv22mswtMHC4yuafWTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84a17dc5bf3e36fe-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4060097250248549399
pragma
no-cache
date
Tue, 23 Jan 2024 16:42:40 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Za_semtaVxDTT_gsvb43vwAAA9oAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 82FD 		43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Za_semtaVxDTT_gsvb43vwAAA9oAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcanoe.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.152.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-152-105.compute-1.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:39 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 82FD
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://b1sync.zemanta.com/usersync/index/?gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=2&us_privacy=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=atqV7FJne8x1b99eMKEe&puid=
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=atqV7FJne8x1b99eMKEe&puid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcanoe.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UAlRr54eWAhsCZwaNLQ1%2B11YKWN9K6JDzHaHyL%2BaD4%2F7jOq3Fq28PX5YgyfQhQEhVsKkqgdTig9T2b1BL3HAHY5nGtISET87xkZ94klDnyTwkQ7UHSgOJi7LhyTzNEHJ8Y8eORwsXXI3aA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84a17dc88c8836fe-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 16:42:41 GMT
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=atqV7FJne8x1b99eMKEe&puid=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
125
Expires
Thu, 01 Dec 1994 16:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 82FD 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Za-semtaVxDTT-gsvb43vwAA%26986
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcanoe.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:39 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
26761
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
84a17dbe6a8e5491-YYZ
content-length
43
expires
Wed, 24 Jan 2024 16:42:39 GMT
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.95.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-95-35.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://canoe.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Tue, 23 Jan 2024 16:42:39 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ 		0
125 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.95.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-95-35.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 23 Jan 2024 16:42:39 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 239A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst88PvKBzTylBaU1yIJh413JeLR2-AKNH2CWTp6xSwDvgCWB7tUneq8bAr3g17q0zb2AuS56m4D_X0Ild1FVpxvU0p51VYR8nf8Icw7sVPH8LRKVLaCY6EFCzZZW5A&sig=Cg0ArKJSzKqp9w4rUSizEAE&id=lidar2&mcvt=1003&p=0,0,600,300&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1706028155190&rpt=3791&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 239A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsunTHhlocIkBWcmS679lKudphcAjAq353z9P6-DFGaHLKBmaGK3vQAGRt0WaWtSivs0LSYSeDWaRVvW1SjLlRIH9mq4sNr4lOJ_-KQVCwbGnXsXhVnCiCmH&sig=Cg0ArKJSzJ70C9jjzxxuEAE&id=lidar2&mcvt=1008&p=322,1238,922,1538&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3708781197&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1706028155190&rpt=3786&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame F4B9 		199 B
202 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer
https://canoe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
151
content-type
text/html
date
Tue, 23 Jan 2024 16:42:40 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
onetag-geo.s-onetag.com/ 		535 B
941 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-124.yul62.r.cloudfront.net
Software
/
Resource Hash
338dacde17883d60c2dfd00e56dd18d04bcebe147e818315978f530e19397009

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 12:03:36 GMT
via
1.1 bf92485080aafccc84ee48a4ab037a64.cloudfront.net (CloudFront), 1.1 5fdbf75fe42f57cdc3d155f7290c5a9e.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P4, YUL62-C2
age
16745
x-amzn-requestid
ef149510-2d6b-4c55-b0cc-c8dbd332593e
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
R_er3GzYCYcEtDQ=
content-length
535
x-amz-cf-id
CfW8y7pnG_KeIYplDgCXlzK0ntV7KcDI9qpp4HzWfzou6ut-knOJYQ==
beacon.min.js
signal-beacon.s-onetag.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-46.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0a16378462c7afcb27d8e14cf50e2cd3a8980af2895d20622640b096920719e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
bto3eb0o1YxjKQVMPWidTjdqvOBrBN1F
content-encoding
gzip
via
1.1 480d73d26133a5d3268f9cfc7c99d59c.cloudfront.net (CloudFront)
date
Tue, 23 Jan 2024 10:48:01 GMT
last-modified
Tue, 13 Jun 2023 14:58:24 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
age
21281
x-amz-server-side-encryption
AES256
etag
W/"565eb88b90415391668a5cb7cfb4557a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
06gdtGCJasDgzgHfufGdg002u77HS2DgAdl1B899fQZYQgEJS1o5OA==
async_usersync
ib.adnxs.com/ Frame F8D7 		0
918 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:40 GMT
an-x-request-uuid
57f19b8a-41e4-45f5-a00f-d45a2632d79a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
86.48.15.240; 86.48.15.240; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 38E8 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=96112168&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b7631c288d0b7eebf507a496c4087056321954673179c17e7a79e265b58c786c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 23 Jan 2024 16:42:41 GMT
content-length
1624
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame D95D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1288365238792369274&gdpr=0&gdpr_consent=
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1288365238792369274&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 16:42:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
32571034-cd69-4237-8ea2-affd6ed08e40
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 16:42:41 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1288365238792369274&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
86.48.15.240; 86.48.15.240; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
bridge
cm.adgrx.com/ Frame 84CF 		0
196 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.51.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-51-221.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
date
Tue, 23 Jan 2024 16:42:44 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
Pug
image2.pubmatic.com/AdServer/ Frame E2FC
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDQzZFN0xYOWtBQUJOZmVpdm5oUQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AACC6E7LX9kAABNfeivnhQ&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csyn%252C...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csyn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=8825338180922886739&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?ev=AACC6E7LX9kAABNfeivnhQ&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D8825338180922886739%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=8825338180922886739&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=A...
  • https://sync.technoratimedia.com/services?uid=AACC6E7LX9kAABNfeivnhQ&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D8825338180922886739%26gdpr%3D0%26gdpr%3D0%...
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26nuid%3D4123C853331A49F4A5FF345CA2AD21E1%26att%3D1%26pid%3D82%26cb%3Dhttps%...
  • https://sync.technoratimedia.com/services?srv=cs&nuid=4123C853331A49F4A5FF345CA2AD21E1&att=1&pid=82&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D8825338180922886739%26gdp...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=8825338180922886739&gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACC6E7LX9kAABNfeivnhQ&gdpr=0
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACC6E7LX9kAABNfeivnhQ&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 16:42:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Tue, 23 Jan 2024 16:42:43 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACC6E7LX9kAABNfeivnhQ&gdpr=0
strict-transport-security
max-age=2592000; includeSubDomains
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 852C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=Za-shAAQq7UOEQBH
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Tue, 23 Jan 2024 16:42:44 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yyz4573-YYZ
x-timer
S1706028164.153735,VS0,VE20

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Tue, 23 Jan 2024 16:42:44 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=Za-shAAQq7UOEQBH
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yyz4573-YYZ
x-timer
S1706028164.113887,VS0,VE21
ecm3
s.amazon-adsystem.com/ Frame 8DFE 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDED8F601A-59AF-4F56-BE0B-66862A6798BD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 23 Jan 2024 16:42:41 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
NYR9PWDN07Z9DNG72JRB
insync
thrtle.com/ Frame 38E8
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=ED8F601A-59AF-4F56-BE0B-66862A6798BD&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=ED8F601A-59AF-4F56-BE0B-66862A6798BD&vxii_pid=12&vxii_pid1=10067&vxii_rcid=bd7b90d5-3f0e-427f-ac7c-0c98a7dee95c
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=ED8F601A-59AF-4F56-BE0B-66862A6798BD&vxii_pid=12&vxii_pid1=10067&vxii_rcid=bd7b90d5-3f0e-427f-ac7c-0c98a7dee95c
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
35.170.24.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-24-131.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Tue, 23 Jan 2024 16:42:44 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=ED8F601A-59AF-4F56-BE0B-66862A6798BD&vxii_pid=12&vxii_pid1=10067&vxii_rcid=bd7b90d5-3f0e-427f-ac7c-0c98a7dee95c
date
Tue, 23 Jan 2024 16:42:44 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
sd
us-u.openx.net/w/1.0/ Frame 38E8 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=ED8F601A-59AF-4F56-BE0B-66862A6798BD&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:41 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame 38E8 		43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=ED8F601A-59AF-4F56-BE0B-66862A6798BD&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.163.110.6 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-163-110-6.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:41 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame 38E8 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=ED8F601A-59AF-4F56-BE0B-66862A6798BD&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.66.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-66-193.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 23 Jan 2024 16:42:41 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 38E8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=ED8F601A-59AF-4F56-BE0B-66862A6798BD&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-cS7rW8BE2uXGW8c.OOwTsKZeRreKJZM-~A&gdpr=0
0
47 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-cS7rW8BE2uXGW8c.OOwTsKZeRreKJZM-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:17:30 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-cS7rW8BE2uXGW8c.OOwTsKZeRreKJZM-~A&gdpr=0
date
Tue, 23 Jan 2024 16:42:41 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 38E8
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=98266aef-761d-4de3-92dc-68db6608aabe&gdpr=0&gdpr_consent=
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=98266aef-761d-4de3-92dc-68db6608aabe&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 05:17:16 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=98266aef-761d-4de3-92dc-68db6608aabe&gdpr=0&gdpr_consent=
Date
Tue, 23 Jan 2024 16:42:42 GMT
Connection
keep-alive
X-CI-RTID
5c59ff08-ac1b-42f2-a9d5-49ee52693746
Content-Length
205
Content-Type
text/html; charset=utf-8
SPug
simage4.pubmatic.com/AdServer/ Frame 38E8 		0
179 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:43 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
v2
ap.lijit.com/readerinfo/ 		129 B
541 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/readerinfo/v2
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
0875cdec5bc391e626533c35783f0c8ecee48e48a48c9d50873ea80990575850

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:42:41 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://canoe.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
144
mjq_win.mp3
securegames.iwin.com/m/iwin/mahjong-quest/v_60/audio/ Frame A605 		266 KB
266 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/audio/mjq_win.mp3
Requested by
Host: securegames.iwin.com
URL: https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/howler.min.js?v=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-124.jfk52.r.cloudfront.net
Software
/
Resource Hash
519789bdb2c9deb6ea599c04c00dee37b1808c6f3f06bc024a59994838600ea9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 09 Jan 2024 07:27:50 GMT
Via
1.1 e328ac0201f987aaffe67063ed27028c.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Mar 2016 19:30:10 GMT
X-Amz-Cf-Pop
JFK52-P1
Age
1242891
ETag
"683806972"
X-Cache
Hit from cloudfront
Content-Type
audio/mpeg
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
272091
X-Amz-Cf-Id
yga853hfG-VZnihhIpG1GQqPfQw08Tkr2jVfMLpp00ZczHakWo7z3w==
Expires
Wed, 08 Jan 2025 07:27:50 GMT
mjq_lose.mp3
securegames.iwin.com/m/iwin/mahjong-quest/v_60/audio/ Frame A605 		376 KB
376 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/audio/mjq_lose.mp3
Requested by
Host: securegames.iwin.com
URL: https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/howler.min.js?v=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-124.jfk52.r.cloudfront.net
Software
/
Resource Hash
97b5c8de24af5655814834c26733516b9c5aa982a9205574bd4a2e10487d8776

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 09 Jan 2024 07:27:50 GMT
Via
1.1 86f58a7ba760944d1efd0f2fe2242e1e.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Mar 2016 19:30:10 GMT
X-Amz-Cf-Pop
JFK52-P1
Age
1242891
ETag
"2565677455"
X-Cache
Hit from cloudfront
Content-Type
audio/mpeg
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
384522
X-Amz-Cf-Id
tj8VOTpyYBVbmlhg84d6ntH3zyvajxGt6fw--VSAUlW0T69YYZqyBw==
Expires
Wed, 08 Jan 2025 07:27:50 GMT
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-JPRDS7DYTE&gtm=45je41h0v880952826z8854753396&_p=1706028156298&gcd=11l1l1l1l1&dma=0&tag_exp=71847096&cid=1384250816.1706028155&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=3&dl=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F%3Famu%3D%2Fmah-jong-quest&sid=1706028156&sct=1&seg=1&dt=Puzzles%20and%20Games%20%7C%20Canoe.Com&en=page_view&ep.debug_mode=false&ep.gtm_version=55&ep.gtm_container_id=GTM-P3Q4QHW&ep.query_string=amu%3D%2Fmah-jong-quest&ep.ad_blocker_enabled=false&ep.user_status=anonymous&ep.page_type=puzzles&ep.platform=Cheetah&ep.platform_version=15.2.1&ep.fem_version=v94.0&ep.brand=Canoe&ep.timestamp=2024-01-23T08%3A42%3A36.863-08%3A00&ep.ga_client_id=1384250816.1706028155&ep.main_category=puzzles&ep.metered_content=false&_et=28&up.client_id=1384250816.1706028155&tfd=11971
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JPRDS7DYTE&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:41 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://canoe.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=98943528-d020-a9e1-ae76-bd03b0f8993d&tv=%7Bc:26L9AB,pingTime:5,time:6663,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:491%7D,%7Bpiv:100,vs:i,r:,t:1645%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5018,o:1645,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:491,wc:0.0.1600.1200,ac:436.109.728.90,am:i,cc:436.109.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1177~0,1~100%5D,as:%5B1178~728.90%5D%7D%7D,%7Bsl:i,t:1645,wc:0.0.1600.1200,ac:436.109.728.90,am:i,cc:436.109.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5016~100%5D,as:%5B5016~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:39,fm:u2cMhfY+1111%7C1112%7C1113%7C12%7C13%7C14111%7C1412%7C1413%7C1414%7C1415%7C1416%7C1417%7C15%7C16%7C17*.928934%7C171%7C181%7C182,idMap:17*,rmeas:1,rend:1,renddet:IMG.qs,siq:492,sis:566%7D&br=c
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.108.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-108-81.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:41 GMT
server
nginx
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
PugMaster
image6.pubmatic.com/AdServer/ Frame FF72 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=59353068&p=160305&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
2ff1b11ebb81cb67df5f7d7b4d48389e600886419ee4fe8f09b2f2fe4d9157bb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 23 Jan 2024 16:42:41 GMT
content-length
1996
content-type
text/html; charset=UTF-8
141
match.deepintent.com/usersync/ Frame AF6D 		0
339 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 Ashburn, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
0
content-type
image/gif
date
Tue, 23 Jan 2024 16:42:42 GMT
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
c
Pug
simage2.pubmatic.com/AdServer/ Frame E9B1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.aralego.com/bsw_sync?ucf_nid=par-E2B44D84BBBDED8A0B297323E4B4A68&dsp_id=445&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=a3bee66b-d742-4693-b5cb-a6a9f2d75f7b&gdpr=0&gdpr_consent=&gdp...
  • https://x.bidswitch.net/sync?dsp_id=445&user_id=&ssp=pubmatic&bsw_param=a3bee66b-d742-4693-b5cb-a6a9f2d75f7b
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a3bee66b-d742-4693-b5cb-a6a9f2d75f7b&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a3bee66b-d742-4693-b5cb-a6a9f2d75f7b&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 16:42:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Tue, 23 Jan 2024 16:42:45 GMT
Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a3bee66b-d742-4693-b5cb-a6a9f2d75f7b&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame 159B
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=5vPjCrWlulz9peQPs_OvW7byulj99bNUs_SvrEz1
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=5vPjCrWlulz9peQPs_OvW7byulj99bNUs_SvrEz1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 16:42:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Tue, 23 Jan 2024 16:42:42 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=5vPjCrWlulz9peQPs_OvW7byulj99bNUs_SvrEz1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 98F7
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:KxMFboV61RsjRi5&gdpr=0&gdpr_consent=
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:KxMFboV61RsjRi5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 16:42:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Tue, 23 Jan 2024 16:42:44 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:KxMFboV61RsjRi5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-799-g9c6cd74#rel-ec2-master i-0fbfe8405e2dd17ba@us-east-1d@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 6702
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=98fce637-555e-4db6-a6ed-945258c53f7e&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=98fce637-555e-4db6-a6ed-945258c53f7e&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 05:03:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Tue, 23 Jan 2024 16:42:45 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=98fce637-555e-4db6-a6ed-945258c53f7e&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID}
Server
Kestrel
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame FF72 		0
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=ED8F601A-59AF-4F56-BE0B-66862A6798BD&gdpr=0&gdpr_consent=
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-111.iad12.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:44 GMT
via
1.1 c13d71f8919c23db6bbd1c08a4dfb350.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD12-P3
content-length
0
x-amz-cf-id
TtFLb6yqLgVhPV0WP7L0xlFLHU0RBFJaLtkrE7Sassmrh8CWExrwKg==
x-cache
Error from cloudfront
458249.gif
idsync.rlcdn.com/ Frame FF72
Redirect Chain
  • https://idsync.rlcdn.com/712188.gif?partner_uid=ED8F601A-59AF-4F56-BE0B-66862A6798BD&gdpr=0&gdpr_consent=
  • https://idsync.rlcdn.com/1000.gif?memo=CPy7KxIwCiwIARCFpQoaJEVEOEY2MDFBLTU5QUYtNEY1Ni1CRTBCLTY2ODYyQTY3OThCRBAAGg0Igtm_rQYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=7b0aa423d84dd78cdd000f834711a667e3ee8a02688386ab1998e33b4119b735791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA3YjBhYTQyM2Q4NGRkNzhjZGQwMDBmODM0NzExYTY2N2UzZWU4YTAyNjg4Mzg2YWIxOTk4ZTMzYjQxMTliNzM1NzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA3YjBhYTQyM2Q4NGRkNzhjZGQwMDBmODM0NzExYTY2N2UzZWU4YTAyNjg4Mzg2YWIxOTk4ZTMzYjQxMTliNzM1NzkxNDI2YjU0MTdkY2UyMRAAGgwIhNm_rQYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=e139cdb6-3253-440e-981e-99eced25c82c
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=e139cdb6-3253-440e-981e-99eced25c82c
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:44 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Tue, 23 Jan 2024 16:42:44 GMT
via
1.1 google
strict-transport-security
max-age=31536000
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/458249.gif?partner_uid=e139cdb6-3253-440e-981e-99eced25c82c
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
gdpr_consent=
bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=ED8F601A-59AF-4F56-BE0B-66862A6798BD/gdpr=0/ Frame FF72 		49 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=ED8F601A-59AF-4F56-BE0B-66862A6798BD/gdpr=0/gdpr_consent=
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.104.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-104-25.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:42 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.2.84
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame FF72 		95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=ED8F601A-59AF-4F56-BE0B-66862A6798BD&gdpr=0&gdpr_consent=
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:42 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
Pug
simage2.pubmatic.com/AdServer/ Frame FF72
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=ED8F601A-59AF-4F56-BE0B-66862A6798BD&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=3b9ba61f47bb109a&is_secure=true&networkId=17100&version=1&nuid=ED8F601A-59AF-4F56-BE0B-66862A6798BD&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHmBI9TC6sxgMi2GCmAAAAAAA&expiration=1706114562&nuid=ED8F601A-59AF-4F56-BE0B-66862A6798BD&...
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHmBI9TC6sxgMi2GCmAAAAAAA&expiration=1706114562&nuid=ED8F601A-59AF-4F56-BE0B-66862A6798BD&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 16:42:42 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:42 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHmBI9TC6sxgMi2GCmAAAAAAA&expiration=1706114562&nuid=ED8F601A-59AF-4F56-BE0B-66862A6798BD&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame FF72 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.198.113.89 Herndon, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Tue, 23 Jan 2024 16:42:42 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame FF72
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4060097250248549399&gdpr=0&gdpr_consent=&us_privacy=
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4060097250248549399&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 05:19:14 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4060097250248549399&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 23 Jan 2024 16:42:41 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame FF72
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CA5_10FBF828B_4770A69A&r=https://pmp.mxptint.net/sn.ashx?ak=1
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CA5_10FBF828B_4770A69A&r=https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 16:42:45 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CA5_10FBF828B_4770A69A&r=https://pmp.mxptint.net/sn.ashx?ak=1
Date
Tue, 23 Jan 2024 16:42:44 GMT
Cache-Control
private
Strict-Transport-Security
max-age=-389032965; includeSubDomains
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
302
Content-Type
text/html; charset=utf-8
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame FF72 		0
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.213.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-213-92.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:43 GMT
ingest.php
events.newsroom.bi/ 		50 B
845 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.19.96.13 , France, ASN16276 (OVH, FR),
Reverse DNS
haproxy04.cl13.ovh.mrf.io
Software
istio-envoy /
Resource Hash
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 23 Jan 2024 16:42:44 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://canoe.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
66
e0a4db8779dc244a772e.js
sdk.mrf.io/statics/ 		50 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/e0a4db8779dc244a772e.js
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.159.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c615104d3516e49abe78a9102737c6aa04056c6a8090e5746a38921d3b3811ab

Request headers

Referer
https://canoe.com/
Origin
https://canoe.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:44 GMT
content-encoding
gzip
via
1.1 c50e6c45c49371a5ebc690255500593c.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
LHR61-C1
age
2030
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
16
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 12 Dec 2023 09:09:46 GMT
server
cloudflare
etag
W/"44ac276b251e58c5c7f65bad76e76963"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
timing-allow-origin
*
cf-ray
84a17dda681b36c1-YYZ
x-amz-cf-id
dlwccy8743CUogxBQMzwXnnbLBElt_r5awCQJT3Ub3juuiCoHt5z1Q==
background1536mainhub.jpg
securegames.iwin.com/m/iwin/mahjong-quest/v_60/images/ Frame A605 		528 KB
529 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/images/background1536mainhub.jpg
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/content/mah-jong-quest?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BIskZvTaoc44BYsaqYAFseu06yEkzUnsY7cObOpAez%2BUfuw4IVdMbT%0Au6fng9IZIDQFkYPAK6AYeg%3D%3D&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-124.jfk52.r.cloudfront.net
Software
/
Resource Hash
60d1d35e6cb1e20643d3d3edd1b99d3c7c136dc03fd77cf26940b53cc1a86900

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 19 Jan 2024 20:12:40 GMT
Via
1.1 86f58a7ba760944d1efd0f2fe2242e1e.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Mar 2016 19:30:11 GMT
X-Amz-Cf-Pop
JFK52-P1
Age
333004
ETag
"3138018540"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
540888
X-Amz-Cf-Id
E9rfyTO3dArglMiCBWOiU2sRLJzGeDisiKalrtb9XvfW5gbrjQmJ4w==
Expires
Sat, 18 Jan 2025 20:12:40 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame FF72 		0
47 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160305&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:44 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame FF72 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=74322771&p=160305&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
84704c698d15691e9762d56b9527db2d362436aa616cacf5f556965707b46e16

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 23 Jan 2024 16:42:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame DE05
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=jp2ZdJInVj9ahj7CSNdiFFYwD_A&gdpr=0&gdpr_consent=
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=jp2ZdJInVj9ahj7CSNdiFFYwD_A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 16:42:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Tue, 23 Jan 2024 16:42:45 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=jp2ZdJInVj9ahj7CSNdiFFYwD_A&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 25C6
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 16:42:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 16:42:45 GMT
expires
Tue, 23 Jan 2024 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
975238
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame E5BB
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=969470222452115177
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=969470222452115177
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 16:42:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Tue, 23 Jan 2024 16:42:45 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=969470222452115177
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
i.match
s.tribalfusion.com/z/ Frame 4881
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
461 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.173 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
84a17de86b6c39d8-YYZ
content-length
43
content-type
image/gif; charset=utf-8
date
Tue, 23 Jan 2024 16:42:46 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
84a17de4eba339d8-YYZ
content-type
text/html
date
Tue, 23 Jan 2024 16:42:45 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
896
Pug
image2.pubmatic.com/AdServer/ Frame 7EF7
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUca0ac3cd26f24472bde223ad3f2d489b
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUca0ac3cd26f24472bde223ad3f2d489b
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 16:42:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 16:42:46 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUca0ac3cd26f24472bde223ad3f2d489b
pragma
no-cache
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 2BF2
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 05:19:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Tue, 23 Jan 2024 16:42:46 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
pubmatic
ad.mrtnsvr.com/sync/ Frame 7FD9 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 5C65
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=880340822475
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=880340822475
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 16:28:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=880340822475
Pug
simage2.pubmatic.com/AdServer/ Frame 53C9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7ca465af-ec87-4d00-b27c-82e56c2d0515&gdpr=0&gdpr_consent=
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7ca465af-ec87-4d00-b27c-82e56c2d0515&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 05:16:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 23 Jan 2024 16:42:47 GMT
Expires
Tue, 23 Jan 2024 16:42:46 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1353 054fd0e master iad iad-pixel-x32 config_version:"3754"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7ca465af-ec87-4d00-b27c-82e56c2d0515&gdpr=0&gdpr_consent=
/
bpi.rtactivate.com/tag/ Frame FF72 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=20909&user_id=ED8F601A-59AF-4F56-BE0B-66862A6798BD&gdpr=0&gdpr_consent=
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.115.129 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:45 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
75145
i6.liadm.com/s/ Frame FF72
Redirect Chain
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=ED8F601A-59AF-4F56-BE0B-66862A6798BD
  • https://i6.liadm.com/s/75145?bidder_id=195755&bidder_uuid=ED8F601A-59AF-4F56-BE0B-66862A6798BD
43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/75145?bidder_id=195755&bidder_uuid=ED8F601A-59AF-4F56-BE0B-66862A6798BD
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
HTTP/1.1
Server
52.44.42.21 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:42:47 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/75145?bidder_id=195755&bidder_uuid=ED8F601A-59AF-4F56-BE0B-66862A6798BD
Date
Tue, 23 Jan 2024 16:42:45 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
qmap
sync.crwdcntrl.net/ Frame FF72 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=ED8F601A-59AF-4F56-BE0B-66862A6798BD&gdpr=0&gdpr_consent=
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.104.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-104-25.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:42:45 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.50.138
content-length
49
expires
0
/
io.narrative.io/ Frame FF72
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:ED8F601A-59AF-4F56-BE0B-66862A6798BD
  • https://io.narrative.io/?io.narrative.guid.v2=6f9cce80-ba0e-11ee-b5dd-063bb86db637&companyId=673&id=pubmatic_id:ED8F601A-59AF-4F56-BE0B-66862A6798BD
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=6f9cce80-ba0e-11ee-b5dd-063bb86db637&companyId=673&id=pubmatic_id:ED8F601A-59AF-4F56-BE0B-66862A6798BD
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
HTTP/1.1
Server
50.17.222.114 -, , ASN (),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:42:46 GMT
Cache-Control
no-cache
Server
nginx/1.22.1
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=6f9cce80-ba0e-11ee-b5dd-063bb86db637&companyId=673&id=pubmatic_id:ED8F601A-59AF-4F56-BE0B-66862A6798BD
Date
Tue, 23 Jan 2024 16:42:45 GMT
Server
nginx/1.22.1
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame FF72
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=RXFw8qmrqYBh-xK4NyTnJGcatYzvq4ECLfv3jdXuSmc&pi=pubmatic&gdpr=0&gdpr_consent=
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=RXFw8qmrqYBh-xK4NyTnJGcatYzvq4ECLfv3jdXuSmc&pi=pubmatic&gdpr=0&gdpr_consent=
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/?amu=/mah-jong-quest
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 04:44:03 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=RXFw8qmrqYBh-xK4NyTnJGcatYzvq4ECLfv3jdXuSmc&pi=pubmatic&gdpr=0&gdpr_consent=
pragma
no-cache
date
Tue, 23 Jan 2024 16:42:45 GMT, Tue, 23 Jan 2024 16:42:45 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame FF72 		0
47 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160305&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:42:47 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
rtb.openx.net
URL
https://rtb.openx.net/openrtbb/prebidjs
Domain
prebid.media.net
URL
https://prebid.media.net/rtb/prebid?cid=8CUKB9454
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
bidder.criteo.com
URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.23.0&cb=92060501804&lsavail=1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
ap.lijit.com
URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.23.0
Domain
cm.ctnsnet.com
URL
https://cm.ctnsnet.com/int/cm?exc=19
Domain
d.adroll.com
URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBRrzjc8k58xt52qYM0sm_U&google_cver=1
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-maw4jDxE2oLSXHEA2h29AkrphIP8Ewi2eTFlJQ--~A
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=YvDqeRlFT4yn9bsOi0MEMg&rk=usync-na
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0e0d8cbc-0294-4a4b-abc3-1e542e539358&gdpr=0&gdpr_consent=&expires=30
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIiIcFMAhEHwHDvrc9HXN7k&google_cver=1
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/exchange/sync.php?p=19564
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/exchange/sync.php?p=primis
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/exchange/sync.php?p=18694
Domain
d.adroll.com
URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

252 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 function| setNptTechAdblockerCookie object| script object| modern_script_elem object| legacy_script_elem object| ytAdTargetingLoadEvent function| script_onload string| locSrc object| ytVideoAdTargetingConfig object| jwpServices object| jwplacements object| _comscore string| amuCustomerId number| amuSubId string| amuKey string| amuEmbedType string| amuTemplateType object| webpackJsonpFrontEndModules object| tp object| __iasPET object| FrontEndModules object| googletag object| permutive object| apstag object| pbjs object| diagPixSentCodes object| __iasAdRefreshConfig object| _aps boolean| apstagLOADED object| apscustom object| pbjsChunk object| _pbjsGlobals object| mnet object| ggeac object| google_tag_data object| google_js_reporting_queue object| GibberishAES object| UU number| totalChunks string| enc string| e_enc object| j function| iFrameResize object| LRNameSpace object| LoginRadiusDefaults function| LoginRadiusUtility function| LoginRadiusApiFramework function| setLoginRadiusDefaultSchema function| setLoginRadiusModuleFunctions function| LoginRadiusHooksModel function| SetLoginRadiusCommonFunctions function| LoginRadiusControllers function| LoginRadiusV2 function| FormValidator object| hash function| handleLiveTapResponse function| __spreadArray function| CXBootstrapLoader function| identifyRootURL function| generateDebugLog object| BlockAdBlock object| blockAdBlock object| COMSCORE object| ns_p object| ms object| webpackChunkdjango_content_services object| htmx undefined| google_measure_js_timing function| CXBootstrapper object| __permutive function| _33AcrossIdMappingsProvider string| iasScores object| Criteo object| PublisherCommonId object| regeneratorRuntime object| ox_esp object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_149 object| Criteo_identitytag_149 object| _33across object| signal_decrypted function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 number| google_unique_id object| gaGlobal object| criteo_pubtag_prebid_139 object| Criteo_prebid_139 object| __IntegralASExec object| vf object| vfQ boolean| femCePnIdReadyTriggered object| dataLayer object| mParticle object| gtm_data_layer object| google_tag_manager function| postscribe object| google_tag_manager_external object| _vfP boolean| vfLoaded function| setImmediate function| clearImmediate object| viafoura function| onYouTubeIframeAPIReady string| GoogleAnalyticsObject function| ga function| e function| t object| marfeel function| fbq function| _fbq object| PARSELY function| autotrack function| gtag function| _typeof object| gaplugins object| gaData function| _ga_originalSendHitTask number| pa object| mpOneTrustKit object| GoogleTagManagerKit function| OptanonWrapper object| dl_mparticle object| mpartical object| __connect object| webpackChunk_marfeel_marfeel_sdk object| __mrfCompass

152 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: CggKBgjdARCFFw
.canoe.com/ Name: pbjs_sharedId
Value: 094886c2-8ec8-4e18-86fa-f6b86ad75961
.canoe.com/ Name: pbjs_sharedId_cst
Value: zix7LPQsHA%3D%3D
.scorecardresearch.com/ Name: UID
Value: 1662455863bea50968362b71706028152
.canoe.com/ Name: permutive-id
Value: f80bfe7c-8bf1-4b66-8572-7ca4eb194b36
canoe.com/ Name: __adblocker
Value: false
canoe.com/ Name: political-ad-opt-out
Value: {"data":false,"exp":604800000,"ts":1706028152638,"mac":-1162168288}
.33across.com/ Name: check
Value: true
.rubiconproject.com/ Name: khaos
Value: LRQL43MN-1U-7G9H
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/ Name: pxid
Value: 6ffcd368-b781-4abe-aa92-2c57e42e130c
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: e42a7d9365b67e39259143c8e8ae154f
.canoe.com/ Name: _cc_id
Value: e42a7d9365b67e39259143c8e8ae154f
.canoe.com/ Name: panoramaId_expiry
Value: 1706114553599
.adnxs.com/ Name: XANDR_PANID
Value: VdJ7jdOGUtqZScDlC5eRvYqkSKvaY7lshhE9gCPmkzQM8JIytMn5dTB_nVXlsCTigV8rJ8fBw_5LDZrXXedb0NPLJPeuCbv5rLrPO9VYXbc.
.adnxs.com/ Name: icu
Value: ChgI-8pGEAoYASABKAEw-di_rQY4AUABSAEQ-di_rQYYAA..
.adnxs.com/ Name: uuid2
Value: 1288365238792369274
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: c7130b6a-0f90-4918-85f2-7d978c2fdcc4
.canoe.com/ Name: cto_bundle
Value: V6eGpl9Fdk82SkNJeHFFdWZ2ZDg3NyUyQllJUWYwZUVYOUczMDdteUVFQWc5ME9pbDgxbHNiS0hYN0xlS0Z5SUNtQ05rdXhLRmpoNm5HcDFQTnROUTZNJTJCVEpyZ0dYRXh6ZE9uSHJQZ2hUdVFDZjclMkJuOEMyMlBmazBWWTBvJTJCclE3Y0FJNXY0dzZBdGRNenNRdDNiS0FKR1YxTTFCdyUzRCUzRA
.amazon-adsystem.com/ Name: ad-id
Value: A3e_nOE5dUqSsCFvA3BTa48
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.casalemedia.com/ Name: CMID
Value: Za-semtaVxDTT-gsvb43vwAA
.casalemedia.com/ Name: CMPS
Value: 986
.casalemedia.com/ Name: CMPRO
Value: 986
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
.lijit.com/ Name: ljt_reader
Value: IClKbPZHDBYZiiS8QPeXqF_A
.lijit.com/ Name: ljtrtbexp
Value: eJyrVjJSsjI0NzA3MjY3NzXRUbIwQ%2BUbGqArMEflG0H4ZmbGRpamJrUAmrcQYQ%3D%3D
.sharethrough.com/ Name: stx_user_id
Value: f67c6579-6ade-4e34-a1cf-b095b9b1e153
.liadm.com/ Name: lidid
Value: 3330af61-0ea1-4ec5-b9ae-c4a730a531e5
.doubleclick.net/ Name: IDE
Value: AHWqTUnxwj8a6jMdPV_3GZnSDX-RVqAc4aM2FLSj5FgsLhdfRz3EMBbaPGlcfg4uhB0
.krushmedia.com/ Name: krm_usr
Value: f236f38a-9415-5ce9-a32a-705f78c0d14d
.krushmedia.com/ Name: krm_r
Value: 572
.canoe.com/ Name: __gads
Value: ID=4ffebc81c395fed0:T=1706028154:RT=1706028154:S=ALNI_MaqpF0zZD6ze4yZ6AcCwiU9hvVilg
.canoe.com/ Name: __gpi
Value: UID=00000db96ea65e64:T=1706028154:RT=1706028154:S=ALNI_MYgYwaqp2THk2cIDrwJ7CKd8YCD_A
pixel-us-east.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBHvsr2UCEIc13kjnxhvysuxPV8Xpa9IFEgEBAQE9sWW5ZQAAAAAA_eMAAA&S=AQAAAqUoEiErPo590AmL2KUal1g
.yieldmo.com/ Name: yieldmo_id
Value: VE3LdppjjLpHHdQ2vhDb%7C1705968000000%7C0
.ads.yieldmo.com/ Name: ptrkm
Value: f236f38a-9415-5ce9-a32a-705f78c0d14d
.doubleclick.net/ Name: APC
Value: AfxxVi5isFFaihOkq862TlTmmzm2m0_l3KXL9-YjyJWN30MQrm0k0w
.bidswitch.net/ Name: tuuid
Value: a3bee66b-d742-4693-b5cb-a6a9f2d75f7b
.bidswitch.net/ Name: c
Value: 1706028155
.bidswitch.net/ Name: tuuid_lu
Value: 1706028155
canoe.com/ Name: x-id
Value: {"data":{"adLight":false,"adLightDisabled":true,"id":"1774hq154sq3o022dn9ncyjubuh45m2wh","updated":1706028156292},"exp":604800000,"ts":1706028156292,"mac":13779175}
fem.gprod.postmedia.digital/ Name: x-id
Value: {"data":{"adLight":false,"adLightDisabled":true,"id":"1774hq154sq3o022dn9ncyjubuh45m2wh","updated":1706028156292},"exp":604800000,"ts":1706028156301,"mac":13800286}
.canoe.com/ Name: _ga_72QH41ZTMR
Value: GS1.1.1706028156.1.0.1706028156.60.0.0
.viafoura.co/ Name: VfSess
Value: lji0sl8l0uh5rit1pthj9hkjpm
.viafoura.co/ Name: vfThirdpartyCookiesEnabled
Value: true
.canoe.com/ Name: _ga_JPRDS7DYTE
Value: GS1.1.1706028156.1.1.1706028156.60.0.0
.canoe.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://canoe.com/puzzles/?amu=/mah-jong-quest%22%2C%22sref%22:%22%22%2C%22sts%22:1706028156928%2C%22slts%22:0}
.canoe.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=f5a9e5d5-a382-45d9-aff1-c0f85a444223%22%2C%22session_count%22:1%2C%22last_session_ts%22:1706028156928}
canoe.com/ Name: _vfz
Value: canoe%2Ecom.00000000-0000-4000-8000-fbf6c20ee327.1706028157.1.medium=direct|source=|sharer_uuid=|terms=
.canoe.com/ Name: _vfa
Value: canoe%2Ecom.00000000-0000-4000-8000-fbf6c20ee327.f05e9bab-bed4-4d11-800f-13aed17636c0.1706028157.1706028157.1706028157.1
.canoe.com/ Name: _vfb
Value: canoe%2Ecom.00000000-0000-4000-8000-fbf6c20ee327.2..1706028157....
.canoe.com/ Name: _fbp
Value: fb.1.1706028157025.1816221995
.canoe.com/ Name: _ga
Value: GA1.2.1384250816.1706028155
.canoe.com/ Name: _gid
Value: GA1.2.68649564.1706028157
.canoe.com/ Name: _gat_UA-213173459-13
Value: 1
.canoe.com/ Name: _gat_UA-138335866-20
Value: 1
.mfadsrvr.com/ Name: c
Value: 1706028157
.mfadsrvr.com/ Name: tuuid_lu
Value: 1706028157
.mfadsrvr.com/ Name: tuuid
Value: 77cf63a8-29b1-4d76-bcd2-2b3b45ae629b
.mfadsrvr.com/ Name: ssh
Value: !bidswitch,1706028157
.lijit.com/ Name: _ljtrtb_87
Value: 77cf63a8-29b1-4d76-bcd2-2b3b45ae629b
.canoe.com/ Name: _ga_GLBG5PB1H0
Value: GS1.2.1706028157.1.0.1706028157.0.0.0
.canoe.com/ Name: _gcl_au
Value: 1.1.285025998.1706028158
.canoe.com/ Name: mprtcl-v4_4662F03F
Value: {'gs':{'ie':1|'dt':'us1-99b65fde89a1a145894d2d51d283cc83'|'av':'1.0.0'|'cgid':'cf8a2b15-92de-440f-4c72-880737b6353c'|'das':'ad8a63ee-a458-4543-1dd9-f0f35fd61511'|'csm':'WyI1MTQ4MTEwNzI5MzQ2ODEzNjU2Il0='|'sid':'D6E8D742-33D3-4733-A0F1-210F5FCA7108'|'les':1706028157944|'ssd':1706028157706}|'l':1|'5148110729346813656':{'fst':1706028157825|'ui':'eyIwIjoiMTc3NGhxMTU0c3EzbzAyMmRuOW5jeWp1YnVoNDVtMndoIn0='}|'cu':'5148110729346813656'}
.pubmatic.com/ Name: KADUSERCOOKIE
Value: ED8F601A-59AF-4F56-BE0B-66862A6798BD
.simpli.fi/ Name: suid
Value: 379EDC97AC90427FAF93A23828F07680
.lijit.com/ Name: _ljtrtb_2
Value: 937D271B510D4F7F831380187136CD0A
.tapad.com/ Name: TapAd_TS
Value: 1706028159355
.tapad.com/ Name: TapAd_DID
Value: 7a6ae2f0-2655-493e-8615-e345dceafb1c
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!568
.openx.net/ Name: i
Value: 9b7f8296-d2e2-4288-8ad1-7e8c8e4249e4|1706028160
.creative-serving.com/ Name: tuuid
Value: 070c53d6-38c1-44b5-afe9-e64964f7c566
.creative-serving.com/ Name: c
Value: 1706028160
.creative-serving.com/ Name: tuuid_lu
Value: 1706028160
.viafoura.co/ Name: vfDeviceId
Value: e6fedf6a-1b64-4e0c-80b8-13138c2584aa
.3lift.com/ Name: tluid
Value: 951597048701998202198
.quantserve.com/ Name: mc
Value: 65afec80-cfcc5-7f484-318c2
.turn.com/ Name: uid
Value: 4060097250248549399
.bidr.io/ Name: bito
Value: AACC6E7LX9kAABNfeivnhQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.kargo.com/ Name: ktcid
Value: cbc667af-8e52-0ca9-570f-f4482f6a0cc7
.zemanta.com/ Name: zuid
Value: atqV7FJne8x1b99eMKEe
.eqads.com/ Name: EQUser
Value: UID=513d6b27-860c-4d07-89da-b3dc4cb5d10c
.creativecdn.com/ Name: u
Value: 6X0p4X0u46hSQZx7JYHD
.creativecdn.com/ Name: g
Value: 6X0p4X0u46hSQZx7JYHD_1706028162035
.creativecdn.com/ Name: ts
Value: 1706028162
.ipredictive.com/ Name: cu
Value: 98266aef-761d-4de3-92dc-68db6608aabe|1706028162163
.bfmio.com/ Name: __187_cid
Value: ED8F601A-59AF-4F56-BE0B-66862A6798BD
.bfmio.com/ Name: __io_cid
Value: 0975ee7fc7cba08271f5f26509db693d4b505991
.lijit.com/ Name: _ljtrtb_86
Value: RXFw8qmrqYBh-xK4NyTnJGcatYzvq4ECLfv3jdXuSmc
.adsrvr.org/ Name: TDID
Value: 19dcc08a-2999-4450-b559-752a3027538a
.linkedin.com/ Name: bcookie
Value: "v=2&4e7167bd-3138-4fbc-8c0f-19741747dc78"
.linkedin.com/ Name: lidc
Value: "b=TGST08:s=T:r=T:a=T:p=T:g=2685:u=1:x=1:i=1706028162:t=1706114562:v=2:sig=AQEy33ZTLzPaPQ5172lKXdVwcfyLfvvV"
.rubiconproject.com/ Name: audit
Value: 1|mFVHqHkj5bEt2Jan8fbw9kA0SEvqOaOylqjpaGyhhoEl6+8/Qq9nrpzQ6wVyzhJlaNgdOVL2Yy+r60Q0SmvShnoebD9XI3Kh
.smartadserver.com/ Name: pid
Value: 8825338180922886739
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AACC6E7LX9kAABNfeivnhQ
.analytics.yahoo.com/ Name: IDSYNC
Value: "175w~2gcg:18z8~2gcg:18vk~2gcg:19e0~2gcg"
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwjI1JLMoY_OPBAFOAE.
.lijit.com/ Name: ljtrtb
Value: eJwVy8sKwjAQQNF%2FydpAkkkzU3e2sYKKC3XRLvNoEaFCROsL%2F924vdzzYYrNWQloFcqqkMLqBhsCCSQkoQRTW7FgM0Ymf%2Fu2eVAar6mrTvy50bvX8bJeBXfr3lPSy3o7THCO7f0whj%2FBTBDDYMARV6WXXEc03IeouPLgdeF6kzv7%2FgBXzySx
.lijit.com/ Name: _ljtrtb_27
Value: 19dcc08a-2999-4450-b559-752a3027538a
.pubmatic.com/ Name: pi
Value: 160305:4
.dotomi.com/ Name: DotomiTest
Value: 3b9ba61f47bb109a
.quantserve.com/ Name: d
Value: EKQBEgH8KvijC_vLEA
.deepintent.com/ Name: CDIUSER
Value: di_8a7d1cabcf224dd2b3806
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%221%22%3A%2220240123%22%7D
.rlcdn.com/ Name: pxrc
Value: CILZv60GEgUI6AcQABIFCOhHEAA=
.ads.stickyadstv.com/ Name: UID
Value: 428884ea74c280cf574c3420379fd56
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: Za_semtaVxDTT_gsvb43vwAAA9oAAAIB
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjSzNDE3MDIyMjE1MjQ0NTQ3F-Iz1K0q8jLzizKLyjEwjAcAhz_xOCQAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA__vFyGtobmBmYGRhaGZsbGoEABwvDF8QAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjSzNDE3MDIyMjE1MjQ0NTQ3F-Iz1K0q8jLzizKLyjEwjAcAhz_xOCQAAAA
.company-target.com/ Name: tuuid
Value: 8ff3b37e-4a8d-4449-b73e-6bf9141fdf3e
.company-target.com/ Name: tuuid_lu
Value: 1706028163|ix:0
.contextweb.com/ Name: V
Value: H6JDNrEvLzH6
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1pab|7dN.0.AACC6E7LX9kAABNfeivnhQ
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 21703b6a3dc4e95a
.hb.yahoo.net/ Name: visitor-id
Value: 3490297639038497000V10
.hb.yahoo.net/ Name: data-mag
Value: LRQL43MN-1U-7G9H~~63
.technoratimedia.com/ Name: tads_uidp_73
Value: AACC6E7LX9kAABNfeivnhQ
.technoratimedia.com/ Name: tads_uid
Value: 4123C853331A49F4A5FF345CA2AD21E1
.technoratimedia.com/ Name: tads_uid_cd
Value: 20240123164243+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.adentifi.com/ Name: adtheorent[cuid]
Value: cuid_6e4c59b0-ba0e-11ee-8be4-12fa6b58ae11
.technoratimedia.com/ Name: tads_uidp_82
Value: Za-semtaVxDTT-gsvb43vwAA&986
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Za-shAAQq7UOEQBH
.pippio.com/ Name: did
Value: TdhR7DDgITT05D-w
.pippio.com/ Name: didts
Value: 1706028164
.pippio.com/ Name: nnls
Value:
.canoe.com/ Name: ___nrbic
Value: %7B%22previousVisit%22%3A1706028164%2C%22currentVisitStarted%22%3A1706028164%2C%22sessionId%22%3A%2247e5acfc-cea9-4ad3-bcc6-ee0c0d383725%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//canoe.com/puzzles/%3Famu%3D/mah-jong-quest%22%2C%22referrer%22%3A%22%22%7D
.canoe.com/ Name: ___nrbi
Value: %7B%22firstVisit%22%3A1706028164%2C%22userId%22%3A%2218015ec9-6367-4715-8489-51479decbe34%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1706028164%2C%22timesVisited%22%3A1%7D
.canoe.com/ Name: compass_uid
Value: 18015ec9-6367-4715-8489-51479decbe34
.thrtle.com/ Name: mc
Value: eyJpZCI6ImJkN2I5MGQ1LTNmMGUtNDI3Zi1hYzdjLTBjOThhN2RlZTk1YyIsImwiOjE3MDYwMjgxNjQyMDMsInQiOjF9
.pippio.com/ Name: pxrc
Value: CITZv60GEgQIAhAAEgYI7OsBEAA=
.linksynergy.com/ Name: rmuid
Value: e139cdb6-3253-440e-981e-99eced25c82c
.linksynergy.com/ Name: icts
Value: 2024-01-23T16:42:44Z
.rlcdn.com/ Name: rlas3
Value: z3fmujCFIlosWr5Vs7KATiVRL7U3VGgQi+nkr9NLwLA=
events.newsroom.bi/ Name: 1528_u
Value: 18015ec9-6367-4715-8489-51479decbe34
events.newsroom.bi/ Name: 1528_s
Value: 47e5acfc-cea9-4ad3-bcc6-ee0c0d383725
events.newsroom.bi/ Name: 1528_lv
Value: null
events.newsroom.bi/ Name: 1528_ut
Value: 0
.w55c.net/ Name: wfivefivec
Value: KxMFboV61RsjRi5
.w55c.net/ Name: matchpubmatic
Value: 5
.mxptint.net/ Name: mxpim
Value: R35CA5_10FBF828B_4770A69A.1.000000000000000065AFEC85
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.pubmatic.com/ Name: DPSync3
Value: 1707177600%3A201_259_258_263_256_262_245_236_261_260%7C1706572800%3A265_253_252%7C1706054400%3A255_248%7C1707004800%3A257
.pubmatic.com/ Name: SyncRTB3
Value: 1707177600%3A166_7_165_250_220_104_48_5_234_8_178_71_176_54_3_231_264_233_46_240_55_13_266_249_21_22%7C1706572800%3A2_15_223%7C1706832000%3A63%7C1707264000%3A35%7C1708560000%3A224

10 Console Messages

Source Level URL
Text
other warning URL: https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/howler.min.js?v=1(Line 95)
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20ED8F601A-59AF-4F56-BE0B-66862A6798BD&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/howler.min.js?v=1(Line 27)
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other warning URL: https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/howler.min.js?v=1(Line 27)
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other warning URL: https://securegames.iwin.com/m/iwin/mahjong-quest/v_60/howler.min.js?v=1(Line 27)
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co
a.tribalfusion.com
a960.casalemedia.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
accounts.google.com
acdn.adnxs.com
ad.mrtnsvr.com
ad.turn.com
ads.creative-serving.com
ads.pubmatic.com
ads.rubiconproject.com
ads.stickyadstv.com
ak.sail-horizon.com
analytics.google.com
ap.lijit.com
api.fouanalytics.com
api.permutive.com
api.viafoura.co
auth.lrcontent.com
avatar.amuniversal.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
bpi.rtactivate.com
btlr.sharethrough.com
c.amazon-adsystem.com
c2shb.pubgw.yahoo.com
canoe.com
casale-match.dotomi.com
cdn-ima.33across.com
cdn.adsafeprotected.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.jwplayer.com
cdn.parsely.com
cdn.permutive.com
cdn.viafoura.net
ce.lijit.com
cm.adgrx.com
cm.ctnsnet.com
cm.g.doubleclick.net
cms.quantserve.com
config.aps.amazon-adsystem.com
config.lrcontent.com
connect.facebook.net
crb.kargo.com
creativecdn.com
cs.krushmedia.com
cs.lkqd.net
csp.withgoogle.com
csync.loopme.me
d.adroll.com
data.adsrvr.org
dcs-static.gprod.postmedia.digital
dis.criteo.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
edge-auth.microsoft.com
eeb078a0719f68d39f1c118ef9efc1da.safeframe.googlesyndication.com
entertainment.service.amuniversal.com
esp.rtbhouse.com
eus.rubiconproject.com
events.iwin.com
events.newsroom.bi
events.qortex.ai
fastlane.rubiconproject.com
fem.gprod.postmedia.digital
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.yahoo.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
i.viafoura.co
i6.liadm.com
ib.adnxs.com
identity.mparticle.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
invstatic101.creativecdn.com
io.narrative.io
js-sec.indexww.com
jssdkcdns.mparticle.com
jssdks.mparticle.com
lexicon.33across.com
lh3.googleusercontent.com
m.iwin.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
micro.rubiconproject.com
oa.openxcdn.net
oajs.openx.net
onetag-geo.s-onetag.com
p.rfihub.com
p1.parsely.com
pagead2.googlesyndication.com
pippio.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
pixel.tapad.com
placement-prd.jwpltx.com
pm.w55c.net
pmp.mxptint.net
postmedia.hub.loginradius.com
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid.media.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
qsearch-a.akamaihd.net
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.mfadsrvr.com
rtb.openx.net
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
sdk.mrf.io
secure.adnxs.com
secure.cdn.fastclick.net
securegames.iwin.com
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
simage2.pubmatic.com
simage4.pubmatic.com
ssl.p.jwpcdn.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync-km.ads.yieldmo.com
sync-tm.everesttech.net
sync.aralego.com
sync.bfmio.com
sync.crwdcntrl.net
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.technoratimedia.com
synchroscript.deliveryengine.adswizz.com
t.adx.opera.com
tags.crwdcntrl.net
tags.qortex.ai
tags.rd.linksynergy.com
thrtle.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
um4.eqads.com
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
us01.z.antigena.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.npttech.com
x.bidswitch.net
ad.mrtnsvr.com
ap.lijit.com
bidder.criteo.com
btlr.sharethrough.com
c2shb.pubgw.yahoo.com
cm.ctnsnet.com
d.adroll.com
pixel.rubiconproject.com
prebid.media.net
rtb.openx.net
104.17.118.17
104.18.25.173
104.18.35.167
104.18.5.235
104.26.0.62
104.26.1.62
104.36.113.107
104.36.115.113
107.178.254.65
13.107.42.14
13.107.6.158
13.225.195.59
13.225.199.75
13.35.77.95
142.251.111.155
142.251.16.94
142.251.163.149
142.251.163.154
142.251.167.132
142.251.167.139
150.136.25.38
151.101.129.108
151.101.130.114
151.101.130.49
151.101.193.229
151.101.194.133
151.101.2.133
157.185.177.205
159.127.42.41
162.19.96.13
162.210.196.208
172.253.115.141
172.253.115.155
172.253.122.156
172.253.122.95
172.253.62.106
172.253.62.132
172.253.62.154
172.253.62.94
172.253.63.155
172.253.63.84
172.253.63.97
172.64.143.6
172.64.146.86
172.64.149.180
172.64.151.101
172.64.97.32
172.67.159.162
18.160.10.111
18.160.46.85
18.173.219.124
18.239.162.56
18.239.183.15
18.67.76.51
185.184.8.90
185.64.190.77
192.184.68.166
198.148.27.131
199.38.167.130
207.198.113.89
209.204.227.132
216.239.34.181
23.202.153.103
23.204.76.201
23.205.2.235
23.4.232.54
23.62.230.139
23.62.230.165
23.83.76.73
23.92.190.69
3.161.213.3
3.161.213.46
3.162.114.192
3.208.43.177
3.212.108.81
3.214.92.171
3.217.51.221
3.221.185.93
3.225.218.10
3.233.146.200
31.13.66.19
31.13.66.35
34.102.146.192
34.107.254.252
34.111.113.62
34.117.147.204
34.117.54.29
34.120.107.143
34.192.6.95
34.196.213.92
34.203.152.105
34.96.70.87
34.96.71.22
34.98.64.218
34.98.67.3
35.170.24.131
35.190.39.111
35.207.24.140
35.211.178.172
35.214.131.35
35.236.220.17
35.241.9.51
35.244.154.8
35.244.193.51
35.71.131.137
35.71.139.29
38.68.201.140
38.91.45.7
40.76.134.238
44.197.141.205
50.116.194.21
50.17.222.114
52.0.185.94
52.0.95.35
52.201.104.25
52.206.97.127
52.223.40.198
52.23.66.193
52.3.115.129
52.3.151.154
52.3.195.166
52.44.173.38
52.44.42.21
52.46.128.147
52.54.137.154
54.144.144.142
54.145.242.45
54.163.110.6
54.164.228.18
54.165.252.120
54.192.51.124
54.192.51.24
54.192.51.29
54.192.51.46
54.192.51.52
54.234.200.2
63.251.28.133
63.251.86.50
64.202.112.127
66.6.101.151
67.220.228.200
68.67.160.24
69.173.151.100
69.20.43.192
69.90.254.78
74.119.119.131
74.119.119.139
74.119.119.150
74.121.140.211
8.2.110.134
8.28.7.83
8.28.7.84
8.43.72.32
8.43.72.97
82.145.213.8
00ef1955212ebb71c190b03d316162d8ca6e5a772f827b434b3ce90438d06d88
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
01de44c97128f6036bf902691ec397d3ef5224fe17a76b983af1f8a2383e288b
04877ee93fc507bf82ffde243cca15bbefed395eb1d1385558b46d5c27b27997
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0875cdec5bc391e626533c35783f0c8ecee48e48a48c9d50873ea80990575850
087c15b6b573a98343ff97ee72ae181918bca936b43799b68fec800cee315dc5
08a6364cc8a5ea74bba1d5286957fc821d303eacb1608e08537f0306f354bafa
091fa867686554a13fe1d783d79e005350166698d9908dab893e958b88995426
0a633cd18a8ef38d694ec323dfd22731854e161f2ebee27b2eb9870a7df78980
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7f778a8b165d1bb3074bd3087cf791476c042823c29d8817c8279602b85495
0cc3ae4bbb2ea29770f2e82f18ac3049f77d6a886fa811da3f5e6f2acdf98ea0
0d3637a9fa6ecf9015a1506c0c5aa7302fd9cf1f2c4818c9850940b336bbb310
0eb82b5bfb09b6802b3fcc15cf5a9d11687ae0e1348867e68f22965900bb0282
10fd19987fe77295a94dc1705bba56980c2c4ba3859e76b3f7248a476ad4b6a5
12a1cfd83c0a6f8dd0cc13fedcae3db3b7097f9a1756ac1653b58d157475fc47
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
14e55a3e22f2b9efee792491d7dc1842f8a9692f2a6fe79dcadba2d367009ecd
161aa41ca904d0f038db859fb6f947e17b73007b8208bbb1692a2e6dd991d18b
1663536a0460d18689e8e0d827236fbb61fe5763e4ab68896554d5184053c460
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
1a06331303fbdeef626f62596de3e3daa5725b95a0c8f67f2199f812780762fe
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1d314009ccfd83d39b6a4a7bf3c1df95ff5da301282a88c8c50e1e2c06681246
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
2134742a119db4aaaa1b97530e584110627c9024c1c8e8301375238ea92b687d
2446287ed8c4f295e960e60bf540772c5a15993fd284ef9d2ddda02c19f80dd0
27dcd8942a1eac1fc63353434d4dadbc3308cd9719dcaa13444104db0f8e04b0
29f1bc9eb6cbe5424450fcdbc1a8e67f6ededb34efc7ff957138efcac658551d
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63
2a9e00610b3b643de02bceeafb874e3ebcbea859605a8aa3a1f165790f97d239
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
2d91504858b1adf23a9a4605b6a1ba64a5c8358d22bd070b521d6d3624e4ddd7
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e30db2c675882741e60a0845ba1beef26f2a45690cbd870f4d7a7dec6411634
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2ff1b11ebb81cb67df5f7d7b4d48389e600886419ee4fe8f09b2f2fe4d9157bb
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
31bb647caffd6b5e814011355c22ad1cc15ca16e82a9bc64c887a3b1a3aa70b8
338dacde17883d60c2dfd00e56dd18d04bcebe147e818315978f530e19397009
345a15554e6c204f0e93d9ff074448a8e96a4dc09032551f84ce21f95de0fdb4
38cebd79beb6c0c1cbb91dd71c79cb01f3c5d8e80128374f5bb2d54df3d5848f
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3d62b75e61765eb12487f03345114edeb6c535d027156e0ca768ec7afa7ad6a1
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d7d05ba095e1a1e98b220584ceb1e6a7beb3e885e7bbbb3f005e505ef671b5c
3e80addd74a44579cc08ffc12989b8ab8dc136713c977c6da3aed5369b752409
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f52e3d7ea27d46d7295964ff0fa222267950377162591262a8cbfe7c8d7c5ab
3f65e46d74bf28b1ad929885f5cae1edea4e64dc30c9f8379f196e3cccb5046f
3f7c2b147316b3286f816d1d85c0d2c539ce8be5b6b851443f5bc0c6274a03f1
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40e562e806ce113ae7879d0dd76db82797b5c274794751c260381f2c8b283641
41fa01c782917e3f2c7ec4c60602f471ee628280908b71da13d4b127626ac85b
42716b1e53a7779105575276cedc2e75677bc64e77b0a712bc0d48e2479abd98
42f9d39ebf19efc7f8a0fbe6ad8ffabb47c5fd4ed9e603febac3962e99f68c88
430090125ef811071a57dbeea484ed986fba1a94791a73911c552f8ad322ff45
43447eb29f6fd4dbf663b12c12625c2378ac0c7c6085685861bdb548002bf689
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43a42702c59bc37d11cb776ffd904de25fe945c6028ef290dabfd0e977a88366
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
4455585c34abd7708a9d5a4414fae412aa5994e884231a27671e167faa2e592d
45625dc77e8007c7571b026e246e8b7d8b4c51eaf2f57e4b2783a945cab4e885
462182f419395deeaf17f3b5849a0f6ff44596a43c59bc43a9e1606a4b794fc8
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47585e997f9bb48e819d8a2f76b31ed2c28ffd937fad77af25af8a114e08124d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49342ffccaa0e1636d0f3085d7121872a987d9ea333c41426d393335eb7a7815
497d93c13f61bf8214719cab3a9d1b3b58d84009d36b640f12e257b733fb249a
4a8e6d4ff3a5e6a911b5b72fc651587a5c8dda0243c9521e6d26c16b9a362e2b
4b495ee1b92aeee83f8683b011462f4cff516c65b450b7d46884b5009b452fe6
4c6b6c8da20edd569432113f173f867bfaa101f8740a40c256b7eb4ed74e87ce
4d4ad3f7b58a637e740dc2e6d4c8811b84e14927b1ad0cff41520be1d7e29d1d
4debb89822c86cee7033fdca866e5144980c9deaff2cd25afe9bedd413c8c9bb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
506beb8a25655bee7c79356dd11896961b882d247568cb2520663fc67456e8a3
519789bdb2c9deb6ea599c04c00dee37b1808c6f3f06bc024a59994838600ea9
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55e2dcc70dcb2cd2dd134dcbfc9ea460d3dce79a667191d9618bb708f9619c63
56270e9e004db8efacc195a58790c8d397f757832b0f40a48e825d8f0fe7712f
58dd4686691a927cc7614cf62f320edd6e8b40f8c3f053bf124663954a8023f3
5af8716da375c22814f1f4b9b13e9e8239a54be1f95c6e2af7bb983a2410ba5c
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5bcf5b60971b99d9275498ab1f9d84a04b30021a6052ba68b9959957377d7f0b
5c363338ca83fcfc1ebf74e6905218db3a63eeeaf388129da82ccaeb3db86698
5dd0b5724f4bbac4bd58de274236fce36135ce302364b3b8ff5c4c3631e81139
5ea5a00a65192a1f5a33d030006e9ac955ea8c883114c67a9c8c4297fb55d7ee
600a7f178e74cf227051f057b1b54c0277341f6a71914c09b766126ef0d5f90c
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60d1d35e6cb1e20643d3d3edd1b99d3c7c136dc03fd77cf26940b53cc1a86900
619b8f6ccc3cb780c3100915b8d48eccc94a1d90322fb3501a9b2f7a8bce9d78
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356
6216ed13d342efc5ba5d2fe8150f7f30e8604d27c24164ca19aaba24d1cfc71f
633e3b52550dd8d6362e6184480efe0c56ff65091a6eb595825c96fcd52fa50d
64ad8774812be6d5ba993fc09a10b2d4daf6bbf2c4290447e0835dc3c31069ae
64bd62679fbefcfd46fb16c93bccda65b4716fdb1714a7d0912f14601dc082e2
66db01e9328733a5f6a6bad62ab921f53837d6eb11d81a3a4995c3e747821a50
686278006237fa351c954c930a81b385e9267fe8ed2854504193bc6d46e5152e
68d58fedffba037ce6ccb99e29a9944b1a60f44630b95f0bcc41ea41eb2e7322
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
69e93f912858a6aeefa2fc1f2b137dc63a734c5dfe05faa356e96e997f6c6396
6a10bc2b23ac5215694bbb4a6b5b083fa17d06cc031a2e5c05aca7f7228f78fe
6daae9ae29d4a659b51bb3741f1845dba56278221573c60313556ab426dfe2ef
6e7901af7fd96fd8775661bed4403e288477c8a9be15f16c23c5b0c33ea17d27
6e923c9175b2e878e38be0452882107ab1b41cadffbcc3bfe7a7019caaacbb93
6f733263ba0d482063be46904102884233d3e14ebc2818968db52579a7bdaf83
6f8154c7996ed749afc631f3f11b702a002eb99b5ede80cbd63c567379ac14c4
6fdaba437a6dd87377ad7a23aa9c991a396d9e8f22a2553af551dd1a2413a4fe
6ffb386fbfb669d801c56e6a62ae5949c6fbd262b43cda5668c8168fb76a4e3a
725c7f25639cdf8e983f31c18286ae22339b07fb98bec314035189ab045af5c7
72cb3bda94611a2e8e2be0d79afad124b074286afa29d04d04e8cfffbbeb33b4
764461b473f10797abf3a1f2d1bfd5deb953e8b3cd8ccd74f84d8c07abf9fc1d
774f5d9fc93c2aeffffd9fcc4fded4baeb36b2ea6c9bb09b86e06b38f8bae844
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7bef437be0c5802131ee139b165bb3cba663c8caf738532d47a8a00f28c6a726
7c8f24757683d5fece3f8af5853e19b1432c3d9110c3f6307b1ea434807eb4c7
7fdeb1c6fd18e0f486055ae90b9c37c166cd1b455157daa7de08f4271ac696ce
81b2404aa38c79fe36d258e34f049b0882b90586d653886a8e44d53da3084124
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
84704c698d15691e9762d56b9527db2d362436aa616cacf5f556965707b46e16
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
859a68d1c7b4ff51622aae539e55da3c453f6d2f26b279ee5eaa2a6850724ade
864291837e175e466ebdcea6ccd2bc3f2425b0165cef96adced833c93c04e993
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
8688fdf6e3efd80df384cc29676c43037fd0f408473d3ffc39784e409478f66b
87f0bb06c796e1a728baf66418b6a6d6863a3dc7464c6a87e979f5c2c7d12a95
885cb38c43b35c7ff9befe60f6c96f653d15befa0770f5f2ea0ea5cbc5d03a68
89ff09e3f01130048679d910a3e402117f9c6f12cbd41c219ade525946d1dad4
8ba787e82ba4d49d5b96e4bd66919550588ec1ca80abb150e32d23cf642024dc
8d3d191d44b6a042adb3ac86d403f8eaa0f7d28056ce74fb3ec3bc65aff5178f
8d797b58dbbb90837bff92450e25c5a0fc90040116e51311437d9f2c4f03c94b
8deb4dcd9ce02afc82cd8ee1938a02d0c40bd438fa8da4f22a255676fbe543e9
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8ed1c626af66981552aac1e9cd693fb3bbf73411f1af5ad340723545258fab7e
9085790bc286fc03e43b1a9ad10128e7b8202fe0332d4c93ff67338f84089056
912cc294d0de9f7e737ecbd968834e11027f59047a3073c060c0112513d773f2
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
934841c8e3bb5b30f34087dd83c00da20e9e670be9c85bb70ea1ec0221077ef9
9580206e8c51384aad56a81bdd78ea442e5a0f720b366b28688f33b4c7bdcf63
962d6dea088b031cd44d33f937adb5ba241a9435aa32a8be667d57482b8bbe1a
97b5c8de24af5655814834c26733516b9c5aa982a9205574bd4a2e10487d8776
9aecc6987f61132fbfe6f042c3694726a4e9854d00d43f87b57887eab85bd4fc
9c4ce7d1d6f0b160a0fe211bc4eb29ffc2e67d3ec2de4f381ef177f24fac4d49
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
9e163e69a01d2ce1e0c682f1a658dfcda7ea0ce2fd370d697a4a9285c86ef6eb
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a075f92744836d04b6d6baea13c646a1376afa236c13827f37e52420050b3a64
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a28e14ad1120a897c162943fd027b01a3ea3495671d0495b541072e8490558d8
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6f717ba80fa2a7521384f8ff800bfdbf538dd1e058e457872332f8e77563572
a8277b69a2582f48ef7806fff1bffd21c0189ff23106b6a459ab3125aad73996
aa7234c2da9742d8cdbf14d16f9770869a795427fd9e1cfa85f43ca6276cb38c
ac7ca55b33370eb23e1ab6bb953ded98cb80ace0ff35807ea41730f847634f6b
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ace4596c62ac94dbffa02034cfa8e947f82e5803f154f06b54e5e22b3b9d86aa
ad32d3c936d1030661f1c8f55b25db870167fc7c02134fd7e9dbe1d31029fb41
ad809631be9cab6220c50f787919f41ce84dc84ef031fb58d005a4eb6c03db5c
ae5ccbceae29e19160f4695ad5312d643fb41e4f6cb871ab65cc9d5540c62e9e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af7af603d012ddfd269d068e68a3e88dc56305a1ae53593d790d05eddebd0f69
af979786c73f4c25357e6528bb264f3dffae203ec6ff1adced8b57c3532f6d4b
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b0a16378462c7afcb27d8e14cf50e2cd3a8980af2895d20622640b096920719e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1631a16b9a272828ad99cdb2ff9beb5ca3f1bcfe33741fc51fb9fb1e764e227
b260521dc91bb9be40d0cb9e8ae37b39c94703b68d7d29cbcd5aad0922665a83
b2d2f5d052658ef5589fe450a8654dbeb88d97511ce36f21f1c3bb3b38fa3c24
b30521722b0cdb562256c949334b8ff17cb5e3bc22f3b46e2ce1bf469b8bf06f
b4b7653989f51a7b24e4f8e4df6bb9076ab800556b5d718eb642fdb368fdec4c
b52af4f6849257bb609f2078d51dc45ad49c0f9b5ff217cf6f9c1c8afcb9a8df
b7631c288d0b7eebf507a496c4087056321954673179c17e7a79e265b58c786c
b899c756652f1f1e560eab76cbabefb4dc276d9bfd6a715b7b4c5324ae848b3d
b9c72de22833d8df48e490f9aa14feadbd033e4ad766307b58d0a4e38db39108
b9df090a780c244b84fa12207ec5a14280b6a14393729f2a0561ac183fe05b43
ba7e0e72735ea304bac8a43e87c2da1b7ee2d6705e8548a2fde134beb08d7b48
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb4a1e40af6cab12f939d11069833e7226e997662cad38248f13ca14952efd88
bd25794bfae9dff93514644e3b8361c2c3642752e5ee84ae5c083c7aeea4e398
be4272e477aa3381ca6e1997b4efa98fe43eb28d2e9400172b7d515e72592638
c0ae202bdbb35b4c08d044b9a3f5e799dd17ef00ac057c8a46764cd731246779
c13fd7db791aba2295b1470bd143d00c7637d7aa7383877d792ddcd1611e1324
c2036014153a51610b89b576a9f14c2c5c6b03225248e3faad56ca9725214416
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c615104d3516e49abe78a9102737c6aa04056c6a8090e5746a38921d3b3811ab
c62298477bd42f1c46d68b84e392835c73934351c1575fc42e913a5ea0500e42
c704422aafb675b9272447d343329391f479d4aab004700782886ffee2a244f9
c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255
c7469f7e2251a5311ea3e0b5cd90de930c66a42d140bda43748ebfa3827d898c
c954edb6430c4b312e6f09ec5cfb2b31c167aaff1550014809a79417d027221c
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1007465a06534d5791799302640f485cb118b4157b5b299c1915d2e7d1ebf62
d2e3a98f7195f6f7814b2f676869d8b4b23c1b7301833a96b8d3ec304c7734f0
d30a45dc7fd324487980906858368d0083b721de5ffd78108f92e4091cde3211
d3de6c621f23961dd8953316a384939c6f40a46aa89f7e566d506a49c5544490
d43b933171c4d15396ef0b1efbd6ff8e3fec42e8de52c6513ff769feee7a3167
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d651ad7eae445421bd7bcc1b311239cfe95f65f9816703fc534c5f83435aa25f
d743899b78431bf5a679df7a9fdba7017229b49a8951a9c118f3556d8a6e632d
d7800992c70337710a800628bad888bebad0a275102de46a3370179e373c034b
db40be46a368ab3e7548e09d8d28380e59409377cfd4489905455b3505f62444
dbca2740bb00affd001d40381dfce11695a3e7918462dd18a0ed20cfd7bc54f5
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de8a06fb4a67185897bb2f003cfd6e8171816a7d35796addfb530ddace7e93ff
e13822da2ca587d1d53b050cb267bbfea098e785e496dfb833bf4ae38555a087
e1515ccea1ec386aaefc15721361c9a53c3d83b9e4bf59bf5ce32821db73df56
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bd10a829da926755ca1dc072448b40119c9830c308fbc9b365e7ed72d01e95
e4a65c0f597590122673ee0b23d6bb6d4f4368941c8f1ec2fc5dce1f1c262407
e6214b2559f67192d41d07d928357497936f068d2953d63646bbfe104b1d68c5
e6f3afe265986e684ce3c5a19901e43753328ced4ff16dc360d3768be03cff2c
e77b0f154ac2aff8d44ea6201fc78e6b71d565ca7a61f9335f289fbe4690d294
e7d3de85ce63f6223f0af56e89676aaf2b4ed9cc933c1b01ba0d8a9c6d752ca9
e80025d59b966e390e81818a115bcf1c8147512973c698731adfee1dbd942572
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
ea6e3a3460f4dad3f9b94d461d6b177d8b0b4b7720b80ba583b076d2e3df46cb
eaa1fe6daa6d6efa271e07a942dd6cd521cf367b0f2a1470512f43dc315ad50c
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb79fe4c0d5acf64766230f6bab29b40f0c37ed56710dbae8d6689aa6f1ccc8e
ebc902ac73d375ad33971bc8f92fd948cc0fd6bba1d1881b8c5437e9a0a8950b
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ee798d6580dbc795274caa6a773f304c8a6f3ac395d83e2d4bb8233155447779
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f065c87ccbdaf40a969620650e1e3f479ebb00369c87e714a454c6ea66b9a46d
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68687158d2c493d42ae6dee2f15fc2c761da3abf8d92c4474e1dbc527b6930d
f6bad4ed775047b9dedbb460056e923d1a013f6f023f2ca8428edc749f1a648f
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
fa7d5a0d00d6589d5b9047aa2339163fa3629a9ad6a98dac0ca8b939b8089866
fdd5eb5886d055428379d1938f01e5a186f7f8dbf3efc851ad9e04914302eb59
fea622897ff5ed212a80d8a559c08cd8c82b26c15f0fb2e69295f632d62366c9
feb2160dccd8b0345096a272f9753c529fa2f32b843400805851dc714372d9d5