o.canada.com Open in urlscan Pro
34.107.199.243 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://o.canada.com/privacy-statement/en/
Submission: On April 21 via api (April 21st 2022, 8:25:33 pm UTC) from CA — Scanned from CA

Summary HTTP 119 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 46 IPs in 2 countries across 47 domains to perform 119 HTTP transactions. The main IP is 34.107.199.243, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is o.canada.com. The Cisco Umbrella rank of the primary domain is 407124.
TLS certificate: Issued by GTS CA 1D4 on March 2nd 2022. Valid for: 3 months.

This is the only time o.canada.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	34.107.199.243 34.107.199.243	15169 (GOOGLE) (GOOGLE)
3	142.250.80.34 142.250.80.34	15169 (GOOGLE) (GOOGLE)
1	23.52.162.21 23.52.162.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
3	143.204.137.197 143.204.137.197	16509 (AMAZON-02) (AMAZON-02)
11	104.16.190.66 104.16.190.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.84.118.110 99.84.118.110	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:81d::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:49e8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.85.61.56 52.85.61.56	16509 (AMAZON-02) (AMAZON-02)
1	13.33.46.5 13.33.46.5	16509 (AMAZON-02) (AMAZON-02)
15	2607:f8b0:400... 2607:f8b0:4006:80a::2010	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3030::6815:5476	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:81c::2003	15169 (GOOGLE) (GOOGLE)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	50.17.92.33 50.17.92.33	14618 (AMAZON-AES) (AMAZON-AES)
3	2600:9000:214... 2600:9000:2140:a00:8:f216:eb80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::6816:48e8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.169.125.112 35.169.125.112	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
2 2	54.237.255.89 54.237.255.89	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.45.33.138 52.45.33.138	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.3.54.123 52.3.54.123	14618 (AMAZON-AES) (AMAZON-AES)
2 2	207.198.113.179 207.198.113.179	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	52.200.181.105 52.200.181.105	14618 (AMAZON-AES) (AMAZON-AES)
3 3	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1	34.75.117.5 34.75.117.5	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	2607:f8b0:400... 2607:f8b0:4006:80d::2008	15169 (GOOGLE) (GOOGLE)
1 3	13.33.46.48 13.33.46.48	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:400... 2a04:4e42:400::645	54113 (FASTLY) (FASTLY)
9	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6812:451	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
4	2a04:4e42:600... 2a04:4e42:600::645	54113 (FASTLY) (FASTLY)
13	34.192.116.66 34.192.116.66	14618 (AMAZON-AES) (AMAZON-AES)
1	35.241.9.51 35.241.9.51	15169 (GOOGLE) (GOOGLE)
1	68.67.179.121 68.67.179.121	29990 (ASN-APPNEX) (ASN-APPNEX)
5	34.107.254.252 34.107.254.252	15169 (GOOGLE) (GOOGLE)
1	104.16.68.69 104.16.68.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
4	2607:f8b0:400... 2607:f8b0:4006:822::200e	15169 (GOOGLE) (GOOGLE)
1	99.84.112.62 99.84.112.62	16509 (AMAZON-02) (AMAZON-02)
5 5	34.231.116.207 34.231.116.207	14618 (AMAZON-AES) (AMAZON-AES)
3 3	142.250.72.98 142.250.72.98	15169 (GOOGLE) (GOOGLE)
1	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1 1	173.223.56.123 173.223.56.123	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.156.26.12 54.156.26.12	14618 (AMAZON-AES) (AMAZON-AES)
2 2	34.201.230.190 34.201.230.190	14618 (AMAZON-AES) (AMAZON-AES)
1 1	216.200.232.253 216.200.232.253	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 3	34.111.234.236 34.111.234.236	15169 (GOOGLE) (GOOGLE)
1	143.204.146.35 143.204.146.35	16509 (AMAZON-02) (AMAZON-02)
2 2	23.217.155.246 23.217.155.246	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	52.223.22.214 52.223.22.214	16509 (AMAZON-02) (AMAZON-02)
1	34.194.161.83 34.194.161.83	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2607:f8b0:400... 2607:f8b0:4004:c06::9a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81c::2004	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:824::2003	15169 (GOOGLE) (GOOGLE)
119	46

1 34.107.199.243 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 243.199.107.34.bc.googleusercontent.com

o.canada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.80.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.52.162.21 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-162-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.137.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-137-197.ewr52.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.16.190.66 (None, )

ASN13335 (CLOUDFLARENET, US)

hb.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.118.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-118-110.ewr52.r.cloudfront.net

cdn.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:49e8 (United States)

ASN13335 (CLOUDFLARENET, US)

auth.lrcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.61.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-56.ewr53.r.cloudfront.net

ak.sail-horizon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.46.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-46-5.ewr52.r.cloudfront.net

fem.prod.postmedia.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2607:f8b0:4006:80a::2010 (United States)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:5476 (United States)

ASN13335 (CLOUDFLARENET, US)

www.npttech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81c::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.17.92.33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-92-33.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2140:a00:8:f216:eb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

d395dw5zk780j2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:48e8 (United States)

ASN13335 (CLOUDFLARENET, US)

config.lrcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.169.125.112 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-125-112.compute-1.amazonaws.com

postmedia.hub.loginradius.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::c (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.237.255.89 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-255-89.compute-1.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.33.138 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.3.54.123 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-54-123.compute-1.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.198.113.179 (Herndon, United States) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.200.181.105 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-181-105.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.2.49 (United States) 3 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.75.117.5 (North Charleston, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 5.117.75.34.bc.googleusercontent.com

dmx.us-east-31.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:80d::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.33.46.48 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-33-46-48.ewr52.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::645 (United States)

ASN54113 (FASTLY, US)

jssdkcdns.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:451 (United States)

ASN13335 (CLOUDFLARENET, US)

23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42:600::645 (United States)

ASN54113 (FASTLY, US)

identity.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 34.192.116.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-116-66.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com

23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.67.179.121 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 578.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.107.254.252 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 252.254.107.34.bc.googleusercontent.com

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.68.69 (None, )

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:822::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.112.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-112-62.ewr52.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.231.116.207 (Ashburn, United States) 5 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-116-207.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.72.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.223.56.123 (Secaucus, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-56-123.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.156.26.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-26-12.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.201.230.190 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-201-230-190.compute-1.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.200.232.253 (Monrovia, United States) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.234.236 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.146.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-146-35.ewr52.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.217.155.246 (New York, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-217-155-246.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.22.214 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.194.161.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-161-83.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::9a (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::2003 (United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	krxd.net 5 redirects cdn.krxd.net — Cisco Umbrella Rank: 1448 beacon.krxd.net — Cisco Umbrella Rank: 440 consumer.krxd.net — Cisco Umbrella Rank: 1852 usermatch.krxd.net — Cisco Umbrella Rank: 1217	187 KB
16	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46 storage.googleapis.com — Cisco Umbrella Rank: 492	307 KB
13	districtm.io hb.districtm.io — Cisco Umbrella Rank: 118600 cdn.districtm.io — Cisco Umbrella Rank: 1572 dmx.districtm.io — Cisco Umbrella Rank: 1674 dmx.us-east-31.districtm.io — Cisco Umbrella Rank: 21004	17 KB
7	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193 cm.g.doubleclick.net — Cisco Umbrella Rank: 211 stats.g.doubleclick.net — Cisco Umbrella Rank: 95	153 KB
5	permutive.com api.permutive.com — Cisco Umbrella Rank: 1834	648 B
5	mparticle.com jssdkcdns.mparticle.com — Cisco Umbrella Rank: 5669 identity.mparticle.com — Cisco Umbrella Rank: 2606	48 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	234 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
3	ml314.com 1 redirects ml314.com — Cisco Umbrella Rank: 1582	32 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 137	2 KB
3	everesttech.net 3 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 576	717 B
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 383 mug.criteo.com — Cisco Umbrella Rank: 2668	7 KB
3	cloudfront.net d395dw5zk780j2.cloudfront.net	14 KB
3	gstatic.com fonts.gstatic.com	47 KB
3	lrcontent.com auth.lrcontent.com — Cisco Umbrella Rank: 49661 config.lrcontent.com — Cisco Umbrella Rank: 19807	48 KB
3	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 302	40 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	428 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 400	797 B
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 556	2 KB
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 503	1 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2749 p1.parsely.com — Cisco Umbrella Rank: 2214	21 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 138	115 KB
2	stackadapt.com 2 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 835	796 B
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 602	808 B
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 300	687 B
2	advertising.com 2 redirects pixel.advertising.com — Cisco Umbrella Rank: 371	674 B
2	loginradius.com postmedia.hub.loginradius.com — Cisco Umbrella Rank: 169385	546 B
1	google.ca www.google.ca — Cisco Umbrella Rank: 8069	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 4	501 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 431	657 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 445	662 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 960	83 B
1	bluekai.com 1 redirects stags.bluekai.com — Cisco Umbrella Rank: 481	716 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 327	448 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 248	700 B
1	prmutv.co 23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co — Cisco Umbrella Rank: 179423	390 B
1	permutive.app 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app — Cisco Umbrella Rank: 138853	68 KB
1	sharethrough.com 1 redirects match.sharethrough.com — Cisco Umbrella Rank: 582	220 B
1	liadm.com idx.liadm.com — Cisco Umbrella Rank: 5390	584 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 355	540 B
1	npttech.com www.npttech.com — Cisco Umbrella Rank: 4128	3 KB
1	postmedia.digital fem.prod.postmedia.digital — Cisco Umbrella Rank: 134619	81 KB
1	sail-horizon.com ak.sail-horizon.com — Cisco Umbrella Rank: 2830	43 KB
1	adsafeprotected.com cdn.adsafeprotected.com — Cisco Umbrella Rank: 3314	22 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 632	42 KB
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 723	42 KB
1	canada.com o.canada.com — Cisco Umbrella Rank: 407124	45 KB
119	47

	Domain	Requested by
15	storage.googleapis.com	o.canada.com storage.googleapis.com
13	beacon.krxd.net	cdn.krxd.net
9	dmx.districtm.io	hb.districtm.io cdn.districtm.io
6	cdn.krxd.net	fem.prod.postmedia.digital cdn.krxd.net
5	usermatch.krxd.net	5 redirects
5	api.permutive.com	23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
5	www.googletagmanager.com	fem.prod.postmedia.digital www.googletagmanager.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	identity.mparticle.com	jssdkcdns.mparticle.com
3	ml314.com	1 redirects o.canada.com ml314.com
3	cm.g.doubleclick.net	3 redirects
3	consumer.krxd.net	cdn.krxd.net
3	sb.scorecardresearch.com	1 redirects fem.prod.postmedia.digital
3	sync-tm.everesttech.net	3 redirects
3	d395dw5zk780j2.cloudfront.net	fem.prod.postmedia.digital d395dw5zk780j2.cloudfront.net
3	fonts.gstatic.com	fonts.googleapis.com
3	c.amazon-adsystem.com	o.canada.com c.amazon-adsystem.com
3	securepubads.g.doubleclick.net	o.canada.com securepubads.g.doubleclick.net
2	www.facebook.com
2	eb2.3lift.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	match.prod.bidr.io	2 redirects
2	connect.facebook.net	o.canada.com connect.facebook.net
2	sync.srv.stackadapt.com	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	pixel.advertising.com	2 redirects
2	gum.criteo.com	1 redirects static.criteo.net
2	postmedia.hub.loginradius.com	fem.prod.postmedia.digital
2	cdn.districtm.io	hb.districtm.io cdn.districtm.io
2	config.lrcontent.com	auth.lrcontent.com
1	www.google.ca
1	www.google.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	p1.parsely.com
1	aa.agkn.com
1	sync.mathtag.com	1 redirects
1	ps.eyeota.net
1	stags.bluekai.com	1 redirects
1	idsync.rlcdn.com
1	cdn.parsely.com	www.googletagmanager.com
1	ib.adnxs.com	23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1	23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co	23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1	mug.criteo.com
1	23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app	fem.prod.postmedia.digital
1	jssdkcdns.mparticle.com	fem.prod.postmedia.digital
1	dmx.us-east-31.districtm.io
1	match.sharethrough.com	1 redirects
1	idx.liadm.com	js-sec.indexww.com
1	match.adsrvr.org	js-sec.indexww.com
1	www.npttech.com	o.canada.com
1	fem.prod.postmedia.digital	o.canada.com
1	ak.sail-horizon.com	o.canada.com
1	auth.lrcontent.com	o.canada.com
1	fonts.googleapis.com	o.canada.com
1	cdn.adsafeprotected.com	o.canada.com
1	hb.districtm.io	o.canada.com
1	static.criteo.net	o.canada.com
1	js-sec.indexww.com	o.canada.com
1	o.canada.com
119	60

This site contains links to these domains. Also see Links.

Domain
nationalpost.com
www.working.com
www.remembering.ca
www.postmedia.com
pages.postmedia.com
www.google.com
adssettings.google.com
privacy.google.com
care.pressreader.com
adregistry.postmedia.com
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
www.postmediasolutions.com

Subject Issuer	Validity	Valid
canada.com GTS CA 1D4	`2022-03-02` - `2022-05-31`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2021-06-02` - `2022-06-01`	a year	crt.sh
*.adsafeprotected.com Amazon	`2021-07-21` - `2022-08-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-29` - `2022-06-28`	a year	crt.sh
ak.sail-horizon.com Amazon	`2022-01-06` - `2023-02-02`	a year	crt.sh
fem.prod.postmedia.digital Amazon	`2021-11-08` - `2022-12-06`	a year	crt.sh
*.storage.googleapis.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.liadm.com Amazon	`2021-10-31` - `2022-11-28`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.loginradius.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-13` - `2022-12-13`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
jssdkcdns.mparticle.com R3	`2022-02-25` - `2022-05-26`	3 months	crt.sh
cdn.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-12-30` - `2022-12-29`	a year	crt.sh
permutive.app Cloudflare Inc ECC CA-3	`2022-03-17` - `2022-06-15`	3 months	crt.sh
identity.mparticle.com Go Daddy Secure Certificate Authority - G2	`2021-07-07` - `2022-08-08`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.prmutv.co R3	`2022-04-12` - `2022-07-11`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
api.permutive.com R3	`2022-02-18` - `2022-05-19`	3 months	crt.sh
consumer.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2022-07-12`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-29` - `2022-04-29`	3 months	crt.sh
*.parsely.com Amazon	`2021-07-05` - `2022-08-03`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.eyeota.net R3	`2022-03-08` - `2022-06-06`	3 months	crt.sh
*.ml314.com GoGetSSL RSA DV CA	`2022-03-29` - `2023-03-29`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://o.canada.com/privacy-statement/en/
Frame ID: A57F375DF58903F945326E6F60DD08A4
Requests: 80 HTTP requests in this frame

Frame: https://d395dw5zk780j2.cloudfront.net/v56.0/xd.html
Frame ID: 766B8921D7855E3D0FCA59FB94F7CE13
Requests: 2 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 0FE6F64168C8D98516CF7ED379B4FB9B
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=o.canada.com
Frame ID: 62C6A379C74DA3F1F581005152E27262
Requests: 2 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: F55D510F392B124A934E0CB5BFFB39CD
Requests: 20 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: CC1337C27454C8071136260F15C4323B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Privacy Statement | Canada.ComCanada.comUser

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

119
Requests

83 %
HTTPS

33 %
IPv6

47
Domains

60
Subdomains

46
IPs

2
Countries

1641 kB
Transfer

4478 kB
Size

46
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://nationalpost.com/nyt-puzzle/
Title: New York Times Crossword

Search URL Search Domain Scan URL

URL: https://nationalpost.com/puzzles/
Title: Puzzles

Search URL Search Domain Scan URL

URL: https://nationalpost.com/comics/
Title: Comics

Search URL Search Domain Scan URL

URL: https://nationalpost.com/advice/
Title: Advice

Search URL Search Domain Scan URL

URL: https://www.working.com/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://www.remembering.ca/
Title: Obituaries

Search URL Search Domain Scan URL

URL: https://www.remembering.ca/select-notice-type/
Title: Place a Notice

Search URL Search Domain Scan URL

URL: https://www.postmedia.com/brands/
Title: Postmedia Sites

Search URL Search Domain Scan URL

URL: https://www.postmedia.com/wp-content/uploads/2014/09/Postmedia-Privacy-Policy-Final.pdf
Title: available here

Search URL Search Domain Scan URL

URL: http://www.postmedia.com/brands/
Title: websites

Search URL Search Domain Scan URL

URL: https://pages.postmedia.com/settings/
Title: opt-out of our use of cookies

Search URL Search Domain Scan URL

URL: http://www.google.com/policies/privacy
Title: http://www.google.com/policies/privacy

Search URL Search Domain Scan URL

URL: https://adssettings.google.com/authenticated?hl=en
Title: Google Ad and Content Network Privacy Policy

Search URL Search Domain Scan URL

URL: https://privacy.google.com/intl/en/how-ads-work.html?utm_source=google&utm_medium=ad-settings&utm_campaign=inbound-site-link
Title: How Google Ads Work

Search URL Search Domain Scan URL

URL: https://care.pressreader.com/hc/en-us/articles/205818089-Privacy-Policy
Title: PressReader’s Privacy Policy

Search URL Search Domain Scan URL

URL: http://adregistry.postmedia.com/
Title: adregistry.postmedia.com

Search URL Search Domain Scan URL

URL: https://pages.postmedia.com/vendors/
Title: here

Search URL Search Domain Scan URL

URL: https://www.facebook.com/canada.com/

Search URL Search Domain Scan URL

URL: https://twitter.com/CanadaDotCom

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/canadacomvideo

Search URL Search Domain Scan URL

URL: https://www.instagram.com/canadadotcom/

Search URL Search Domain Scan URL

URL: https://www.postmediasolutions.com/contact-us/
Title: Advertise With Us

Search URL Search Domain Scan URL

URL: https://adregistry.postmedia.com/
Title: Digital Ad Registry

Search URL Search Domain Scan URL

URL: https://www.postmedia.com/brands

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://pixel.advertising.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP2f0e6f6a-c1b1-11ec-b25e-0e93f75ac9a9 HTTP 302
https://ups.analytics.yahoo.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP2f0e6f6a-c1b1-11ec-b25e-0e93f75ac9a9&verify=true HTTP 302
https://dmx.districtm.io/s/10051/y-G2oyqFxE2uFQymCEWOVzpMFR6eJ06M_q~A~UP2f0e6f6a-c1b1-11ec-b25e-0e93f75ac9a9

Request Chain 49

https://match.sharethrough.com/1PQ8qgv7/v1/ HTTP 302
https://dmx.districtm.io/s/10059/d59e25b0-918c-48e1-bd3d-61491c16348c

Request Chain 50

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=96 HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=96 HTTP 302
https://dmx.districtm.io/s/10001/6b316a50-6954-4a5a-91b0-05ccbfd2b3b5-6261bdb8-4341

Request Chain 51

https://sync.srv.stackadapt.com/sync?nid=132 HTTP 302
https://dmx.districtm.io/s/10026/2qkB75CISztdRRhlcnY4VJU4mbQ

Request Chain 52

https://sync-tm.everesttech.net/upi/pid/1477?redir=https%3A//dmx.us-east-31.districtm.io/s/10016/$%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/1477?redir=https%3A//dmx.us-east-31.districtm.io/s/10016/$%7BTM_USER_ID%7D&_test=YmG9uAADr_y4ygAZ HTTP 302
https://dmx.us-east-31.districtm.io/s/10016/YmG9uAADr_y4ygAZ&_test=YmG9uAADr_y4ygAZ

Request Chain 59

https://gum.criteo.com/sid/json?origin=publishertag&domain=canada.com&sn=ChromeSyncframe&so=0&topUrl=o.canada.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=at3pQHw0WDRyZG0zOVErWmJNaEdIS2VoQ1ZoRk5pOVN3RnNQZE9KdE1vbWJiNUVRdUljTURxUlRjL1FPYXZCWDdRbS9oS1drZ2F2clNaekphTjM3QzNJZGtJVTBvc290dldNc2s4UnlzWXVVc1QyNXRPY0s0WWhhWHoyaVBoR3orbXFWNmlWbUZzSjF5WkdQMFZkbFhmRUZaZzY4SzJkbHNCaGQwU2paemZrZjUwbHhKVHZ5YmxtS2hyKzI0QlU1akM3a2R1cVZ3d1daNnJpKzRvYkFmYkMxN1VMMllPRmZZa09iby9VVlNTNy92U3BDVjB6TThmcDJEK2w4RnJXenY2ZEt2Y3daK2U2UUVKSkJpZGpBeU9teDFzUT09fA&cppv=2

Request Chain 88

https://usermatch.krxd.net/um/v2?partner=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T3l0VG84Mlc HTTP 302
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEHBLyGGAeGwxcZO8QkZzwiI&google_cver=1

Request Chain 89

https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T3l0VG84Mlc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm=&google_hm=T3l0VG84Mlc&google_tc= HTTP 302
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEHeqW7Y_R_u3D3-cNiEbN14&google_cver=1

Request Chain 91

https://stags.bluekai.com/site/26357?id=OytTo82W&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOytTo82W%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID HTTP 302
https://beacon.krxd.net/usermatch.gif?_kuid=OytTo82W&partner=bluekai&bk_uuid=$_BK_UUID

Request Chain 92

https://sb.scorecardresearch.com/p?c1=9&c2=8188709&cs_xi=OytTo82W&rn=1650572729 HTTP 302
https://sb.scorecardresearch.com/p2?c1=9&c2=8188709&cs_xi=OytTo82W&rn=1650572729

Request Chain 93

https://sync-tm.everesttech.net/upi/pid/NC4WTmcy?redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner_id%3Dcb276571-e0d9-4438-9fd4-80a1ff034b01%26puid%3D%24%7BTM_USER_ID%7D HTTP 302
https://beacon.krxd.net/usermatch.gif?partner_id=cb276571-e0d9-4438-9fd4-80a1ff034b01&puid=YmG9uAADr_y4ygAZ

Request Chain 95

https://usermatch.krxd.net/um/v2?partner=beeswax HTTP 302
https://match.prod.bidr.io/cookie-sync/krux?partner_user_id=OytTo82W HTTP 303
https://match.prod.bidr.io/cookie-sync/krux?partner_user_id=OytTo82W&_bee_ppp=1 HTTP 303
https://beacon.krxd.net/usermatch.gif?partner=beeswax&partner_uid=AACnx07Ew3sAACJTPRdVhA

Request Chain 96

https://usermatch.krxd.net/um/v2?partner=mediamath HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=10031&mt_exuid=OytTo82W&redirect=https://beacon.krxd.net/usermatch.gif?partner%3Dmediamath%26partner_id%3D%5BMM_UUID%5D HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=mediamath&partner_id=afaf6261-bdb9-4f00-a3f0-f0213a8c80bf

Request Chain 98

https://usermatch.krxd.net/um/v2?partner=neustar HTTP 302
https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=OytTo82W

Request Chain 99

https://ssum-sec.casalemedia.com/usermatchredir?s=183716&cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__&s=183716&C=1 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=YmG9uKiY23hoYfLDrT2c3gAA%26551

Request Chain 100

https://sync.srv.stackadapt.com/sync?nid=salesforce HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=stackadapt&partner_uid=2qkB75CISztdRRhlcnY4VJU4mbQ

Request Chain 101

https://usermatch.krxd.net/um/v2?partner=triplelift&gdpr=0&cmp_cs=&us_privacy=undefined HTTP 302
https://eb2.3lift.com/xuid?mid=3587&xuid=OytTo82W&dongle=13b2&rdir=https://beacon.krxd.net/usermatch.gif?partner%3Dtriplelift%26partner_uid%3D$UID&gdpr=0&cmp_cs=&us_privacy=undefined HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=3587&xuid=OytTo82W&dongle=13b2&gdpr=0&cmp_cs=&us_privacy=undefined&rdir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dtriplelift%26partner_uid%3D%24UID HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=triplelift&partner_uid=3855882092513799018482

Request Chain 110

https://ml314.com/csync.ashx?fp=OytTo82W&person_id=3626672083406159969&eid=748&return=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dmadisonlogic%26partner_uid%3D3626672083406159969 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=madisonlogic&partner_uid=3626672083406159969

119 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
o.canada.com/privacy-statement/en/ 191 KB
45 KB 60ms
17ms Document
text/html 34.107.199.243
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o.canada.com/privacy-statement/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.199.243 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

243.199.107.34.bc.googleusercontent.com

Software

nginx/1.14.2 /

Resource Hash

4d658adc4a27e1ac8a999a35377672d6d2e744629ffe42de8d35fbd1e592f5a2

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-dynamic' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: max-age=300
content-encoding: gzip
content-security-policy: default-src * 'unsafe-eval' 'unsafe-dynamic' 'unsafe-inline' data: blob:
content-type: text/html; charset=utf-8
date: Thu, 21 Apr 2022 20:25:27 GMT
expires: Thu, 21 Apr 2022 19:52:07 GMT
permissions-policy: autoplay=(*), camera=(*), display-capture=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), microphone=(*), payment=(*)
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.14.2
strict-transport-security: max-age=31536000
vary: Accept-Encoding Accept-Encoding
via: 1.1 google
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-pmd-backend: cheetah-nginx pmd-nginx-proxy-798b45f799-55gwq
x-pmd-cache: STALE

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 84 KB
29 KB 104ms
58ms Script
text/javascript 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: o.canada.com
URL: https://o.canada.com/privacy-statement/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

sffe /

Resource Hash

0e31e684fe563f2521b0e68e7f711527dd492adda820ec1e2582288fb0ac8af6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:25:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28697
x-xss-protection: 0
server: sffe
etag: "1193 / 527 of 1000 / last-modified: 1650569464"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 21 Apr 2022 20:25:27 GMT

GET
H/1.1 200
OK 184635-232448041313322.js Show response
js-sec.indexww.com/ht/p/ 153 KB
42 KB 99ms
21ms Script
text/javascript 23.52.162.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Requested by: Host: o.canada.com
URL: https://o.canada.com/privacy-statement/en/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d86f3e9cc289a8baeafedc4d0b0f1f1f82c8a5a60320891f8163f2cb8aca7d58

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 21 Apr 2022 20:25:27 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Apr 2022 20:20:22 GMT
Server: Apache
ETag: "903b46-263fa-5dd2fd6e68135"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3582
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 42120
Expires: Thu, 21 Apr 2022 21:25:09 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 128 KB
42 KB 98ms
44ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: o.canada.com
URL: https://o.canada.com/privacy-statement/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

3da55e568e702d556e38da13bc5c2d1454743bf4e41e7e9a83ff033d9b027472

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:25:27 GMT
content-encoding: gzip
last-modified: Tue, 05 Apr 2022 12:58:06 GMT
server: nginx
etag: W/"624c3cde-1feac"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 22 Apr 2022 20:25:27 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 135 KB
37 KB 61ms
20ms Script
application/javascript 143.204.137.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: o.canada.com
URL: https://o.canada.com/privacy-statement/en/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.137.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-137-197.ewr52.r.cloudfront.net
Software: Server /
Resource Hash: 06dac66f8ccb6659374711acb6acf073511421ff522d519cc1766746330679ad

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: 7yz_RBbUaUL.c9AHi_yCDNj.QPtoJsmz
content-encoding: gzip
etag: ae8d955adf98458335c127f4461070c2
age: 84820
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 0VNCYY8F1699JYXJTFAA
date: Wed, 20 Apr 2022 20:51:48 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 81834769243dfd27a095a32cf5b86722.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: EWR52-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: P3wekBUFtsvQY2VpnWSkmQP9-0DNY-ZalHf5SGHlOPCVFMUf3m0WnQ==

GET
H2 200 all.postmedia.js Show response
hb.districtm.io/prod/100549/ 36 KB
13 KB 83ms
38ms Script
application/javascript 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.districtm.io/prod/100549/all.postmedia.js
Requested by: Host: o.canada.com
URL: https://o.canada.com/privacy-statement/en/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5f7c1c0cbec2c27d4165db4cd06b7780f477fc9161008bde67c7a9d62b223aa

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:25:27 GMT
via: 1.1 703b08cef218787c0412d1e05c5a7766.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 6403
x-cache: Miss from cloudfront
cf-bgj: minify
content-encoding: br
last-modified: Thu, 10 Dec 2020 10:37:54 GMT
server: cloudflare
etag: W/"5f2e83162e71fb84bb30df8f49e91eee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=43200
x-amz-cf-pop: YTO50-C1
cf-ray: 6ff8d95dac8d547f-YYZ
x-amz-cf-id: kFYawvvhspjtDdbOZ3WZuLSy-EQq5TW47Wyo7jEp9T9axsSic-ZoDQ==
expires: Fri, 22 Apr 2022 08:25:27 GMT

GET
H/1.1 200
OK iasPET.1.js Show response
cdn.adsafeprotected.com/ 22 KB
22 KB 67ms
25ms Script
application/javascript 99.84.118.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adsafeprotected.com/iasPET.1.js
Requested by: Host: o.canada.com
URL: https://o.canada.com/privacy-statement/en/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.118.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-118-110.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 20 Apr 2022 09:43:39 GMT
Via: 1.1 b9bb8c8d0c6ea9da42e05e460c141e76.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 02 Jun 2021 17:38:57 GMT
Server: AmazonS3
Age: 124909
ETag: "51636de3ce868a2172f9e6996c2934e0"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Cache-Control: max-age=604800
X-Amz-Cf-Pop: EWR52-C3
Accept-Ranges: bytes
Content-Length: 22521
X-Amz-Cf-Id: T3U0pBZssFUZ_bqiviNEuPrxa7v9lTxfmv7UXm-jnpPAbYit7bXadw==

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 88ms
35ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap

Requested by

Host: o.canada.com
URL: https://o.canada.com/privacy-statement/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1cf9d1e0389ed5f4599437e64d4a8ca04c0de09517f407b07907a1a818c3e9c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 20:01:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 21 Apr 2022 20:25:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Apr 2022 20:25:27 GMT

GET
H2 200 LoginRadiusV2.js Show response
auth.lrcontent.com/v2/js/ 199 KB
47 KB 46ms
20ms Script
application/javascript 2606:4700:10::6816:49e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.lrcontent.com/v2/js/LoginRadiusV2.js

Requested by

Host: o.canada.com
URL: https://o.canada.com/privacy-statement/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:49e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68a335c0d87dce935fee1811892070e78c514828d50bfe2ae21fde739ec1002c

Security Headers

Name	Value
Strict-Transport-Security	max-age= 63072000; includeSubdomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:25:27 GMT
via: 1.1 c1c976b1b60b605adb44f62da9e0bb8a.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 6551
cf-polished: origSize=1238069
x-cache: Miss from cloudfront
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 05:19:58 GMT
server: cloudflare
etag: W/"ae3463c4a59ae100b160ed4dd5dbf4b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age= 63072000; includeSubdomains; preload
content-type: application/javascript
cache-control: max-age=14400
x-amz-cf-pop: EWR52-C3
cf-ray: 6ff8d95d7e317157-YUL
x-amz-cf-id: UKx_SLTr25mJR9OxZ3Jl1iZpjZMyCaPjbVBPFMpyn7yVrNt_E6CAIg==
cf-bgj: minify

GET
H2 200 spm.v1.min.js Show response
ak.sail-horizon.com/spm/ 121 KB
43 KB 61ms
20ms Script
application/javascript 52.85.61.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by: Host: o.canada.com
URL: https://o.canada.com/privacy-statement/en/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-56.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d06ae5e97e495832fc4526c3e93d7e9440f1faf5f77669b41678c9d564a25faf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:21:56 GMT
content-encoding: gzip
last-modified: Tue, 08 Jun 2021 04:22:34 GMT
server: AmazonS3
age: 212
etag: W/"b22b4f4738e8722be1636447be239da2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 960b27f23df49cd65e51133bf80b9878.cloudfront.net (CloudFront)
cache-control: max-age=600; must-revalidate
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: 1rarjejiiD3123OgMi-H3gbO13eaHmJi9FkJVk2rmhefGPNbEnlG-Q==

GET
H2 200 fem.js Show response
fem.prod.postmedia.digital/v56.0/ 273 KB
81 KB 60ms
20ms Script
application/javascript 13.33.46.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fem.prod.postmedia.digital/v56.0/fem.js
Requested by: Host: o.canada.com
URL: https://o.canada.com/privacy-statement/en/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.46.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-46-5.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 86e237ed9b364112595b37d570824f5ef46d4617c47bb5471c269893e51d56d6

Request headers

Referer: https://o.canada.com/
Origin: https://o.canada.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 15:44:18 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 189670
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 11 Apr 2022 19:12:15 GMT
server: AmazonS3
etag: W/"69a4b05a79afd607adcba34702035d9d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 5a7cb2ecf8796fdcba2be8ec618e67a8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: EWR52-C1
x-amz-cf-id: bXwqWVqDH18-K6160beC2KkcTrdT1E3gPMYsgGoOEh9rGi2Cn3txww==

GET
H2 200 icon-soc-fb.svg
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/images/share-icons/ 775 B
1 KB 75ms
21ms Image
image/svg+xml 2607:f8b0:4006:80a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/images/share-icons/icon-soc-fb.svg
Requested by: Host: o.canada.com
URL: https://o.canada.com/privacy-statement/en/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80a::2010 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 40e562e806ce113ae7879d0dd76db82797b5c274794751c260381f2c8b283641

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 19:25:55 GMT
age: 3573
x-guploader-uploadid: ADPycdvVYObPzlCDXlVG07YTLXyDmiqdSDe3G0PSgYYlq7GhshKmMfgAHF2ioFajvzMIhzjHVRanOYVbE2egQY6gRjs_qqYTiV1d
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 775
last-modified: Tue, 19 Apr 2022 15:48:17 GMT
server: UploadServer
etag: "993353c51244defcc16154eac23ff88d"
x-goog-hash: crc32c=Z/aKUg==, md5=mTNTxRJE3vzBYVTqwj/4jQ==
x-goog-generation: 1649968646270878
access-control-allow-origin: *
cache-control: max-age=31536000
x-goog-stored-content-length: 775
accept-ranges: bytes
content-type: image/svg+xml
expires: Fri, 21 Apr 2023 19:25:55 GMT

GET
H2 200 icon-soc-tw.svg
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/images/share-icons/ 2 KB
2 KB 74ms
20ms Image
image/svg+xml 2607:f8b0:4006:80a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/images/share-icons/icon-soc-tw.svg
Requested by: Host: o.canada.com
URL: https://o.canada.com/privacy-statement/en/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80a::2010 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 975a64dc9bbc5e1884ba8ca2e76d9b2791d16d5c9f3619bf30477cd21a8636d2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 19:25:55 GMT
age: 3573
x-guploader-uploadid: ADPycdsvo0uTY_r4hEYo-gE4061JFoKN834_yZj6C6dCW7eCrV3bxyw4pS-3H9YoMnzkKAT123AlSLFKi1kfkAsM8_pbyt_jB7Dl
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1698
last-modified: Tue, 19 Apr 2022 15:48:16 GMT
server: UploadServer
etag: "df82c342c1176b84253c53e6e10eed05"
x-goog-hash: crc32c=cbPk0w==, md5=34LDQsEXa4QlPFPm4Q7tBQ==
x-goog-generation: 1649968645435080
access-control-allow-origin: *
cache-control: max-age=31536000
x-goog-stored-content-length: 1698
accept-ranges: bytes
content-type: image/svg+xml
expires: Fri, 21 Apr 2023 19:25:55 GMT

GET
H2 200 icon-soc-yt.svg
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/images/share-icons/ 744 B
999 B 76ms
23ms Image
image/svg+xml 2607:f8b0:4006:80a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/images/share-icons/icon-soc-yt.svg
Requested by: Host: o.canada.com
URL: https://o.canada.com/privacy-statement/en/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80a::2010 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 99394b0f6e9f0aefd71dd6a9ad59129ff7852e7734905bead2f2cec5789e3436

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 19:27:59 GMT
age: 3449
x-guploader-uploadid: ADPycdtgKrKHnfxx8L9SdnLZhj8RojpWxzF9_gGNB0dCc9Guyo-O9neUtQRDeFhf2bfyXx8Phg5RVuJ-Nismo730SYkjYT20pfSK
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 744
last-modified: Tue, 19 Apr 2022 15:48:18 GMT
server: UploadServer
etag: "c7b3b346ada043e6e241bca3e7f698d0"
x-goog-hash: crc32c=8iXYKg==, md5=x7OzRq2gQ+biQbyj5/aY0A==
x-goog-generation: 1649968650517688
access-control-allow-origin: *
cache-control: max-age=31536000
x-goog-stored-content-length: 744
accept-ranges: bytes
content-type: image/svg+xml
expires: Fri, 21 Apr 2023 19:27:59 GMT

GET
H2 200 icon-soc-ig.svg
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/images/share-icons/ 2 KB
2 KB 75ms
22ms Image
image/svg+xml 2607:f8b0:4006:80a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/images/share-icons/icon-soc-ig.svg
Requested by: Host: o.canada.com
URL: https://o.canada.com/privacy-statement/en/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80a::2010 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 179f43e8abd5e7bd49d05571dc29d22c9f5044eb17ca8253a49e3e28e716af61

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 19:27:59 GMT
age: 3449
x-guploader-uploadid: ADPycdtY9XkpqwkDBgcOruIiEMcmisqnVJ8DosX9RSD_msh0bRfmiN1Fx1D3HCDsJtX3Z-XJUQvsr5zyqzPi0mfqT-F0nfaO-BbY
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1898
last-modified: Tue, 19 Apr 2022 15:48:15 GMT
server: UploadServer
etag: "cf38c08bd0b7e49f4550f048b7c4e2cf"
x-goog-hash: crc32c=bCiZ9w==, md5=zzjAi9C35J9FUPBIt8Tizw==
x-goog-generation: 1649968649782028
access-control-allow-origin: *
cache-control: max-age=31536000
x-goog-stored-content-length: 1898
accept-ranges: bytes
content-type: image/svg+xml
expires: Fri, 21 Apr 2023 19:27:59 GMT

GET
H2 200 shared.bfc093052de2.js Show response
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/CACHE/js/ 24 KB
24 KB 77ms
23ms Script
application/javascript 2607:f8b0:4006:80a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/CACHE/js/shared.bfc093052de2.js
Requested by: Host: o.canada.com
URL: https://o.canada.com/privacy-statement/en/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80a::2010 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: bfc093052de2b2dbe672ee2c69ff6199d8a31888dc4a6137a2a742f8aa79e963

Request headers

Referer: https://o.canada.com/
Origin: https://o.canada.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 19:26:11 GMT
age: 3557
x-guploader-uploadid: ADPycduIrYXWQrU_oxNqB0HLTGS0dmoWWP-FpGuFcgTS-RkVHiQMY2PWqfCZm8TsnFfoh16KHn__O50ykD3lbfQZY23jfNyJqdsk
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24310
last-modified: Tue, 19 Apr 2022 15:58:10 GMT
server: UploadServer
etag: "7f0871dff900cfe03d63f3ffc25470a7"
x-goog-hash: crc32c=fPqPNA==, md5=fwhx3/kAz+A9Y/P/wlRwpw==
x-goog-generation: 1649969572084118
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: max-age=31536000
x-goog-stored-content-length: 24310
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 21 Apr 2023 19:26:11 GMT

GET
H2 200 main.a7af1e284075.js Show response
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/CACHE/js/ 99 KB
99 KB 91ms
38ms Script
application/javascript 2607:f8b0:4006:80a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/CACHE/js/main.a7af1e284075.js
Requested by: Host: o.canada.com
URL: https://o.canada.com/privacy-statement/en/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80a::2010 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a7af1e284075e490e052157637cad3710458e67cb7ac48d53f712e68b3d76a22

Request headers

Referer: https://o.canada.com/
Origin: https://o.canada.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 19:25:55 GMT
age: 3573
x-guploader-uploadid: ADPycds9_bmytTN99H1vTJpH56zUczL0jLPeDRGckAwPnoc7Ht5VR_ep6KFvNKa-JrKs5wcrevLGq2k1TWdIy9RZXckZag
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101397
last-modified: Tue, 19 Apr 2022 15:58:11 GMT
server: UploadServer
etag: "b97fb4797c04f089cf85e787cefd3c5b"
x-goog-hash: crc32c=x19e3g==, md5=uX+0eXwE8InPheeHzv08Ww==
x-goog-generation: 1649969572650378
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: max-age=31536000
x-goog-stored-content-length: 101397
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 21 Apr 2023 19:25:55 GMT

GET
H2 200 advertising.js Show response
www.npttech.com/ 7 KB
3 KB 51ms
20ms Script
application/javascript 2606:4700:3030::6815:5476
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: o.canada.com
URL: https://o.canada.com/privacy-statement/en/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5476 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:25:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1144
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: JNMEQGQ9NJ9E6X1S
x-amz-id-2: fxImh/8M8kos4PfArLZQ66EMsMP9XUBIudAFPFkNaHH9tQrUf3+tzsmbOphXS4daZ7ig6eUbrKc=
last-modified: Wed, 19 Jun 2019 08:25:01 GMT
server: cloudflare
etag: W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NbjN6CyCTlVz5Y00dSaydnPEpf%2BvYgdfhWWA%2BU%2FfUy1ofTZWDqwPKq3SVnYDsyKL9R%2FO%2F5knRiplKE0Klz95FhrUiN74gNcTIcAa4t8a5DanePiYM50Cf1dkoplvJV9sl9bkuGEKJacx%2BSHeviM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=28800
x-amz-version-id: hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cf-ray: 6ff8d95e2bc3ca5f-YUL

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 69ms
19ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://o.canada.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 01:28:42 GMT
x-content-type-options: nosniff
age: 586606
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 15 Apr 2023 01:28:42 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 62ms
24ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://o.canada.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 16:23:56 GMT
x-content-type-options: nosniff
age: 187292
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 19 Apr 2023 16:23:56 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 27ms
27ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://o.canada.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 22:19:25 GMT
x-content-type-options: nosniff
age: 165963
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15660
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Apr 2023 22:19:25 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
309 B 20ms
19ms XHR
text/plain 143.204.137.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3528&u=https%3A%2F%2Fo.canada.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.137.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-137-197.ewr52.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 15:31:47 GMT
via: 1.1 81834769243dfd27a095a32cf5b86722.cloudfront.net (CloudFront)
server: Server
age: 17620
x-cache: Hit from cloudfront
access-control-allow-origin: https://o.canada.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: EWR52-C2
x-amz-cf-id: hrffHzJMGM5lVPhUkNv7BJ2XBYBvLtRr1z9l1jC1W8PDXaECaxojAw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 54ms
18ms XHR
application/javascript 143.204.137.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.137.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-137-197.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 00:15:28 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 72601
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 17 Mar 2022 02:21:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: khsXo6Z3HSo5bHNWbmb1eMp88IHhxPc.
via: 1.1 ac664c0310f2b9554aba4708107d094c.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: EWR52-C2
content-type: application/javascript
x-amz-cf-id: vqe4Q-dmGVxinVQAglnq9ErajMgtsSuk6y96P3Oz3yQBit-xuQGKGA==

GET
H2 200 pubads_impl_2022041801.js Show response
securepubads.g.doubleclick.net/gpt/ 362 KB
123 KB 19ms
18ms Script
text/javascript 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

sffe /

Resource Hash

e79ff5fb403dfd221e1b8a531424bb7579536c61b54839ab8e77ba322a9b212a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 10:32:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 294784
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125970
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 08:34:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 18 Apr 2023 10:32:24 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 215 B
152 B 61ms
34ms XHR
application/json 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=o.canada.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

a9e3dba2aa1a96b4df0f27bca97f817ba4783a895cee58607f9b9eda65d7d039

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Apr 2022 20:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127
x-xss-protection: 0
expires: Thu, 21 Apr 2022 20:25:28 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
540 B 76ms
25ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=184635
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 14086078b136458df89ffa9f3b78534695455cde9112124bb78a61c91d28abb4

Request headers

Referer: https://o.canada.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 21 Apr 2022 20:25:28 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://o.canada.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Sat, 21 May 2022 20:25:28 GMT

GET
H/1.1 200
OK any Show response
idx.liadm.com/idex/ie/ 54 B
584 B 99ms
27ms XHR
application/json 50.17.92.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/ie/any

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.17.92.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-17-92-33.compute-1.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

36c7ec620aa2bdab2185c44a2b8c8bf3ea3d6639510d81f83a5c885bb1219658

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://o.canada.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Thu, 21 Apr 2022 20:25:28 GMT
Vary: Origin
Server: nginx/1.18.0
Request-Time: 3
Content-Type: application/json
Access-Control-Allow-Origin: https://o.canada.com
Connection: keep-alive
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=31536000; includeSubDomains
trace-id: ce9e9c5e87a9222e
Content-Length: 54

GET
H2 200 xd.html Show response
d395dw5zk780j2.cloudfront.net/v56.0/ Frame 766B 167 B
510 B 56ms
18ms Document
text/html 2600:9000:2140:a00:8:f216:eb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d395dw5zk780j2.cloudfront.net/v56.0/xd.html
Requested by: Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v56.0/fem.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2140:a00:8:f216:eb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5fdf5e0a79dca280250218280d513e55e5b585f612b126923756aaf7bea74b79

Request headers

Referer: https://o.canada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 827999
cache-control: max-age=31536000
content-length: 167
content-type: text/html
date: Tue, 12 Apr 2022 06:25:30 GMT
etag: "827f397695d8963bde0d548258df30e5"
last-modified: Mon, 11 Apr 2022 19:12:15 GMT
server: AmazonS3
via: 1.1 30aeb6ef25a393db74fabfc78bbd79e2.cloudfront.net (CloudFront)
x-amz-cf-id: jGhnKqSzpawutj5Y3QkLVJA28Aw0d9KkMiu2DT9kZkuGITqyChgqjQ==
x-amz-cf-pop: EWR52-C1
x-cache: Hit from cloudfront

OPTIONS
H2 204 appInfo
config.lrcontent.com/ciam/ Frame 0
0 55ms
29ms Preflight 2606:4700:10::6816:48e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:48e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://o.canada.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-headers: x-requested-with
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://o.canada.com
allow: GET, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 6ff8d95f2b6f714a-YUL
date: Thu, 21 Apr 2022 20:25:28 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Origin

GET
H2 200 appInfo Show response
config.lrcontent.com/ciam/ 4 KB
1 KB 32ms
31ms XHR
application/json 2606:4700:10::6816:48e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Requested by: Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/js/LoginRadiusV2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:48e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbe74c62945bca0d7d29f9784c7462326fb4f8100313f320468c67a947a267ad

Request headers

Referer: https://o.canada.com/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:25:28 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json
access-control-allow-origin: https://o.canada.com
cache-control: max-age=86400
cf-ray: 6ff8d95f5bc7714a-YUL

GET
H2 200 8d5c0be52bb44eac633b.js Show response
d395dw5zk780j2.cloudfront.net/v56.0/chunks/ 3 KB
2 KB 49ms
18ms Script
application/javascript 2600:9000:2140:a00:8:f216:eb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d395dw5zk780j2.cloudfront.net/v56.0/chunks/8d5c0be52bb44eac633b.js
Requested by: Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v56.0/fem.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2140:a00:8:f216:eb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f8b5b98fb22088795f8a5cc17ac968134ae8eb27cf86f9aefb829d41e1fc01be

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 06:25:30 GMT
content-encoding: gzip
last-modified: Mon, 11 Apr 2022 19:12:15 GMT
server: AmazonS3
age: 827999
etag: W/"f10cc5d5e3e2223a845e258218134283"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 30aeb6ef25a393db74fabfc78bbd79e2.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: EWR52-C1
x-amz-cf-id: bR3ZTXrq6s0-p5x5bhR9VSkcqQ9kIgg_RqfH2dXHh5acQ2vT-3MCbg==

GET
H2 200 index.html Show response
cdn.districtm.io/ids/ Frame 0FE6 116 B
340 B 35ms
33ms Document
text/html 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: hb.districtm.io
URL: https://hb.districtm.io/prod/100549/all.postmedia.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Referer: https://o.canada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 41245
cf-cache-status: DYNAMIC
cf-ray: 6ff8d95f2e2f547f-YYZ
content-encoding: br
content-type: text/html
date: Thu, 21 Apr 2022 20:25:28 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Thu, 20 May 2021 02:18:27 GMT
server: cloudflare
vary: Accept-Encoding
via: 1.1 9d83f5c0139eac2377fa16d8cf3879dc.cloudfront.net (CloudFront)
x-amz-cf-id: Ir5W88kodNM9K6-RStavUkoY6aVzzjmfVbDJYR4Rg2_ZyTiKP5NzDw==
x-amz-cf-pop: YTO50-C3
x-cache: Hit from cloudfront

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
39 B 74ms
73ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/b/v1

Requested by

Host: hb.districtm.io
URL: https://hb.districtm.io/prod/100549/all.postmedia.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://o.canada.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 21 Apr 2022 20:25:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://o.canada.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6ff8d95f2e30547f-YYZ
access-control-allow-headers: origin, content-type

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
203 B 64ms
63ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/b/v1

Requested by

Host: hb.districtm.io
URL: https://hb.districtm.io/prod/100549/all.postmedia.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://o.canada.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 21 Apr 2022 20:25:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://o.canada.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6ff8d95f2e33547f-YYZ
access-control-allow-headers: origin, content-type

GET
H3 200 bb441d432069977701460.js Show response
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/ 7 KB
7 KB 52ms
25ms Script
application/javascript 2607:f8b0:4006:80a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/bb441d432069977701460.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/CACHE/js/shared.bfc093052de2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80a::2010 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: abcb7b0fd4d08ef06c1ce93f88750ba5cad340ae2f7254af8711b75d7567c429

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 19:26:15 GMT
age: 3553
x-guploader-uploadid: ADPycduo_hGLO0cvt53SgtLv3rWTrJmaM9q78OCpNi44qXNjzpg392lP0fLsNivpKJ62bYZ6UmDDiowVDCEKNpyrUELPbJGCc6OJ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6786
last-modified: Tue, 19 Apr 2022 15:54:32 GMT
server: UploadServer
etag: "6598d9092123769c0f06147cc367e79d"
x-goog-hash: crc32c=rPZatw==, md5=ZZjZCSEjdpwPBhR8w2fnnQ==
x-goog-generation: 1649969396484449
access-control-allow-origin: *
cache-control: max-age=31536000
x-goog-stored-content-length: 6786
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 21 Apr 2023 19:26:15 GMT

GET
H3 200 d36ca6ec7863d36a800c21.js Show response
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/ 10 KB
10 KB 77ms
49ms Script
application/javascript 2607:f8b0:4006:80a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/d36ca6ec7863d36a800c21.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/CACHE/js/shared.bfc093052de2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80a::2010 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 34e9e99f036b499a93627f9d49594646260545f6ebaa660cd7b81d49982b48bd

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 19:26:15 GMT
age: 3553
x-guploader-uploadid: ADPycduZzGLpGI7ruQTnvW1x6Sf_qddDYuPkiF7manzkgYS_gG42TYue5Lvticj3GKgyrFlBHco-Q9Xwkfn78kRUp38DWeJcNKfs
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10035
last-modified: Tue, 19 Apr 2022 15:56:27 GMT
server: UploadServer
etag: "b90908ed75aa9d3f251241cc852728f5"
x-goog-hash: crc32c=dFX3Aw==, md5=uQkI7XWqnT8lEkHMhSco9Q==
x-goog-generation: 1649969459052798
access-control-allow-origin: *
cache-control: max-age=31536000
x-goog-stored-content-length: 10035
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 21 Apr 2023 19:26:15 GMT

GET
H3 200 bdd029405c81b7549b531.js Show response
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/ 15 KB
16 KB 86ms
58ms Script
application/javascript 2607:f8b0:4006:80a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/bdd029405c81b7549b531.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/CACHE/js/shared.bfc093052de2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80a::2010 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b907a4645c6ff50b8e4bac06d98d03c2e2fb11282c8758a90fb32642082255c6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 19:29:21 GMT
age: 3367
x-guploader-uploadid: ADPycdvoilSwrS9lWI8pzvNdyhnydTZ2RGEHqTPvab3SDav2pZoullF-IcjIc5RktBeNexknGcO6CLQiYgLa8_wxxuOc_YBc7nzj
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15859
last-modified: Tue, 19 Apr 2022 15:52:57 GMT
server: UploadServer
etag: "1688f341b4de86a6075f59034c5abc25"
x-goog-hash: crc32c=bzY7wQ==, md5=FojzQbTehqYHX1kDTFq8JQ==
x-goog-generation: 1650383577341258
access-control-allow-origin: *
cache-control: max-age=31536000
x-goog-stored-content-length: 15859
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 21 Apr 2023 19:29:21 GMT

GET
H3 200 7d0672b4b17ef21d640a2.js Show response
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/ 50 KB
50 KB 89ms
62ms Script
application/javascript 2607:f8b0:4006:80a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/7d0672b4b17ef21d640a2.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/CACHE/js/shared.bfc093052de2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80a::2010 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 9b9d16e4eb38f3b62a5a66b6b7652da069c41e608df26477b1dcee4152f820d8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 19:26:15 GMT
age: 3553
x-guploader-uploadid: ADPycdtS0wFjfg24G6MJxdERuA1DbTeuxoYob4a1ALsWkb8DlA8tsxE9DiA2TwtQrjZT7ABlL66dnPaCmgusYm0BDqhHww
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50945
last-modified: Tue, 19 Apr 2022 15:54:35 GMT
server: UploadServer
etag: "577cf34d04d7a0d596aca7011e69f555"
x-goog-hash: crc32c=b4Kmpw==, md5=V3zzTQTXoNWWrKcBHmn1VQ==
x-goog-generation: 1649969217931272
access-control-allow-origin: *
cache-control: max-age=31536000
x-goog-stored-content-length: 50945
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 21 Apr 2023 19:26:15 GMT

GET
H3 200 33d0e5b570a9541270f410.js Show response
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/ 10 KB
10 KB 81ms
54ms Script
application/javascript 2607:f8b0:4006:80a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/33d0e5b570a9541270f410.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/CACHE/js/shared.bfc093052de2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80a::2010 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c7b050f6c3726aea7b16cf1d3ec6dd6fe31382d20bb8c4e1f5178d8513a4e0cc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 19:26:15 GMT
age: 3553
x-guploader-uploadid: ADPycducDYf5kozfQMPaDg-F8JT1NbbBF4_5_5LJ9kNbb5HgWHEys6X_dMOHqg8-UZydBkB5qwesbjZ-DNwq-oVdRy93ZA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10642
last-modified: Tue, 19 Apr 2022 15:56:55 GMT
server: UploadServer
etag: "fe9745792209a5ac0d186c407d514090"
x-goog-hash: crc32c=wzD3QQ==, md5=/pdFeSIJpawNGGxAfVFAkA==
x-goog-generation: 1649969465849208
access-control-allow-origin: *
cache-control: max-age=31536000
x-goog-stored-content-length: 10642
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 21 Apr 2023 19:26:15 GMT

GET
H3 200 98e96f7ceec5a9ee49f320.js Show response
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/ 4 KB
4 KB 73ms
46ms Script
application/javascript 2607:f8b0:4006:80a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/98e96f7ceec5a9ee49f320.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/CACHE/js/shared.bfc093052de2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80a::2010 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e94e6d0a088b0a061d180d095d10defaded5999df172e3a7494a313a448f5513

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 19:26:15 GMT
age: 3553
x-guploader-uploadid: ADPycds52M-KXau9XcBcbG8zNzve6DDiwKFfPClTVtRHK-3T4dD6KW4BCddIJHv3FrG46DTXt_4I8yAWWv4uqxe6RTlO3A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4527
last-modified: Tue, 19 Apr 2022 15:54:17 GMT
server: UploadServer
etag: "bfd5e2d5502802db1e7d67a0205dd6e6"
x-goog-hash: crc32c=Ol03wA==, md5=v9Xi1VAoAtsefWegIF3W5g==
x-goog-generation: 1649969456958859
access-control-allow-origin: *
cache-control: max-age=31536000
x-goog-stored-content-length: 4527
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 21 Apr 2023 19:26:15 GMT

GET
H3 200 049fe9cf0ad83f36446e7.js Show response
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/ 8 KB
8 KB 70ms
44ms Script
application/javascript 2607:f8b0:4006:80a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/049fe9cf0ad83f36446e7.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/CACHE/js/shared.bfc093052de2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80a::2010 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 06db09952ea7c3b22578f98d78f7e459a6fc8a929dfd35107d98549f9b38eb11

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 19:25:55 GMT
age: 3573
x-guploader-uploadid: ADPycdsjxUfRX33pJWSY2gzvoENckfCv_ac6jEa7a9_RXHQsT7XBX2mhojIS3joBjnUEP7M5X5LaJixVIwuvspsHXLhlQbWvwKZJ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7850
last-modified: Tue, 19 Apr 2022 15:54:58 GMT
server: UploadServer
etag: "1dff48b4f84301780f1ebf3bf15b8020"
x-goog-hash: crc32c=jux7JA==, md5=Hf9ItPhDAXgPHr878VuAIA==
x-goog-generation: 1649969420536387
access-control-allow-origin: *
cache-control: max-age=31536000
x-goog-stored-content-length: 7850
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 21 Apr 2023 19:25:55 GMT

GET
H3 200 545637e9e6ae55ee162c9.js Show response
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/ 20 KB
20 KB 53ms
27ms Script
application/javascript 2607:f8b0:4006:80a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/545637e9e6ae55ee162c9.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/CACHE/js/shared.bfc093052de2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80a::2010 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: edcc72e58692cb93f0dad13f3776596f36f1e7d6d7a98f0994302b232da0e66a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 19:25:55 GMT
age: 3573
x-guploader-uploadid: ADPycdvlJOX9lzo4UUghFS1_l84AmbbighU-yPJz8_-xH57wcbDeSL6uVhiyzhvImFwU6Chhkx9C1h0ubDnJhhVCVUwB
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20411
last-modified: Tue, 19 Apr 2022 15:53:16 GMT
server: UploadServer
etag: "f3ee24e5b882ba802058580c9fe75429"
x-goog-hash: crc32c=hQt4bg==, md5=8+4k5biCuoAgWFgMn+dUKQ==
x-goog-generation: 1649969243791048
access-control-allow-origin: *
cache-control: max-age=31536000
x-goog-stored-content-length: 20411
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 21 Apr 2023 19:25:55 GMT

GET
H3 200 19902571f52cab897a3215.js Show response
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/ 52 KB
52 KB 61ms
36ms Script
application/javascript 2607:f8b0:4006:80a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/websites/js/19902571f52cab897a3215.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/10.3.1/CACHE/js/shared.bfc093052de2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80a::2010 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 24feb80c51aed43a0c5c52126fb1feea57f3f695e7bfa2e234a94bcb10463696

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 19:25:55 GMT
age: 3573
x-guploader-uploadid: ADPycdsGuxvg7zn_t30qe-C1twXYgiLo6VnmhqhKuxLQ1l3VePR1bVJsGNn0I6BwJ05aEweMr9Iepc32nXSYtR7IYi3a1Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52829
last-modified: Tue, 19 Apr 2022 15:52:48 GMT
server: UploadServer
etag: "c5967b9463190e2aad66fc948c2f45b6"
x-goog-hash: crc32c=7mCLeA==, md5=xZZ7lGMZDiqtZvyUjC9Ftg==
x-goog-generation: 1649969387142713
access-control-allow-origin: *
cache-control: max-age=31536000
x-goog-stored-content-length: 52829
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 21 Apr 2023 19:25:55 GMT

GET
H2 200 idsync.d5cb6b96.js Show response
cdn.districtm.io/ids/ Frame 0FE6 3 KB
2 KB 34ms
34ms Script
application/javascript 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by: Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn.districtm.io/ids/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:25:28 GMT
via: 1.1 7b64a70fe0edcfd6cd8e281be975ea8a.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 36100
cf-polished: origSize=3302
x-cache: Hit from cloudfront
cf-bgj: minify
content-encoding: br
last-modified: Thu, 20 May 2021 02:18:27 GMT
server: cloudflare
etag: W/"74ede07ef946dc2316f86b2661cf2dd3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=172800
x-amz-cf-pop: ORD56-P1
cf-ray: 6ff8d95fcefb547f-YYZ
x-amz-cf-id: BFnmGI-Uo6rYAPcg7P05nhLOLCmnap1ef68X4iBRZQTYvoYT2YcY1Q==
expires: Sat, 23 Apr 2022 20:25:28 GMT

GET
H/1.1 200
OK login Show response
postmedia.hub.loginradius.com/ssologin/ 38 B
546 B 80ms
32ms Fetch
application/json 35.169.125.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://postmedia.hub.loginradius.com/ssologin/login

Requested by

Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v56.0/fem.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.169.125.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-169-125-112.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://o.canada.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
content-type: application/json

Response headers

Date: Thu, 21 Apr 2022 20:25:28 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE
Content-Type: application/json
Access-Control-Allow-Origin: https://o.canada.com
X-LoginRadius-Server: Primary - IDX - AWS
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Server: ms_idx_primary
Content-Length: 38

OPTIONS
H/1.1 204
No Content login
postmedia.hub.loginradius.com/ssologin/ Frame 0
0 87ms
38ms Preflight 35.169.125.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://postmedia.hub.loginradius.com/ssologin/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.169.125.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-169-125-112.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://o.canada.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin: https://o.canada.com
Connection: keep-alive
Date: Thu, 21 Apr 2022 20:25:28 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-LoginRadius-Server: Primary - IDX - AWS
X-Server: ms_idx_primary

GET
H2 200 xd.js Show response
d395dw5zk780j2.cloudfront.net/v56.0/ Frame 766B 36 KB
12 KB 20ms
19ms Script
application/javascript 2600:9000:2140:a00:8:f216:eb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d395dw5zk780j2.cloudfront.net/v56.0/xd.js
Requested by: Host: d395dw5zk780j2.cloudfront.net
URL: https://d395dw5zk780j2.cloudfront.net/v56.0/xd.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2140:a00:8:f216:eb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf99d92a8013ff9e10a23176b5dccb8375bd02dbd4deb73e8482c22b5e22d744

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d395dw5zk780j2.cloudfront.net/v56.0/xd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 06:25:30 GMT
content-encoding: gzip
last-modified: Mon, 11 Apr 2022 19:12:15 GMT
server: AmazonS3
age: 827999
etag: W/"961a090e729bbf98305766f97e510224"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 30aeb6ef25a393db74fabfc78bbd79e2.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: EWR52-C1
x-amz-cf-id: UDkGh7kTCoBocj0FfuXPF9QhOOBuyAlMEold1CgNVwJrG41q_NNBZg==

GET
H2 200 buyers Show response
dmx.districtm.io/s/v1/ Frame 0FE6 491 B
740 B 74ms
74ms XHR
application/json 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/s/v1/buyers

Requested by

Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7d1989a05660e8a27a04057cd5123be265770311c499cc89b5a0cc3713106e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn.districtm.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:25:28 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: DELETE, GET, OPTIONS, POST
content-type: application/json
access-control-allow-origin: https://cdn.districtm.io
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6ff8d9600f46547f-YYZ
access-control-allow-headers: Origin, Content-Type

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 62C6 13 KB
5 KB 75ms
27ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=o.canada.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Resource Hash

ae22c6869c91312b5361930ac0e1cff89cb54b6a3eec5d7bc4a913e8831b1028

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://o.canada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 5134
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 21 Apr 2022 20:25:27 GMT
server-processing-duration-in-ticks: 2363
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

y-G2oyqFxE2uFQymCEWOVzpMFR6eJ06M_q~A~UP2f0e6f6a-c1b1-11ec-b25e-0e93f75ac9a9 Show response
dmx.districtm.io/s/10051/ Frame 0FE6
Redirect Chain

https://pixel.advertising.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP2f0e6f6a-c1b1-11ec-b25e-0e93f75ac9a9
https://ups.analytics.yahoo.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP2f0e6f6a-c1b1-11ec-b25e-0e93f75ac9a9&verify=true
https://dmx.districtm.io/s/10051/y-G2oyqFxE2uFQymCEWOVzpMFR6eJ06M_q~A~UP2f0e6f6a-c1b1-11ec-b25e-0e93f75ac9a9

131 B
188 B

76ms
76ms

Script
application/javascript

104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/s/10051/y-G2oyqFxE2uFQymCEWOVzpMFR6eJ06M_q~A~UP2f0e6f6a-c1b1-11ec-b25e-0e93f75ac9a9

Protocol

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

493717b5f1b3b9c6513dca0ee779229280742da0a9b3f7f90f7325b8c50da6a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn.districtm.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
date: Thu, 21 Apr 2022 20:25:28 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-ray: 6ff8d96229d7547f-YYZ

Redirect headers

location: https://dmx.districtm.io/s/10051/y-G2oyqFxE2uFQymCEWOVzpMFR6eJ06M_q~A~UP2f0e6f6a-c1b1-11ec-b25e-0e93f75ac9a9
date: Thu, 21 Apr 2022 20:25:28 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

d59e25b0-918c-48e1-bd3d-61491c16348c Show response
dmx.districtm.io/s/10059/ Frame 0FE6
Redirect Chain

https://match.sharethrough.com/1PQ8qgv7/v1/
https://dmx.districtm.io/s/10059/d59e25b0-918c-48e1-bd3d-61491c16348c

92 B
169 B

70ms
70ms

Script
application/javascript

104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/s/10059/d59e25b0-918c-48e1-bd3d-61491c16348c

Protocol

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5da910911e62cfe85db025c7b46c8fc8fe24ab98a57d8bdd7e0ae8b3cc0911b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn.districtm.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
date: Thu, 21 Apr 2022 20:25:28 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-ray: 6ff8d960f870547f-YYZ

Redirect headers

location: https://dmx.districtm.io/s/10059/d59e25b0-918c-48e1-bd3d-61491c16348c
date: Thu, 21 Apr 2022 20:25:28 GMT
content-length: 0

GET
H2

200

6b316a50-6954-4a5a-91b0-05ccbfd2b3b5-6261bdb8-4341 Show response
dmx.districtm.io/s/10001/ Frame 0FE6
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=96
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=96
https://dmx.districtm.io/s/10001/6b316a50-6954-4a5a-91b0-05ccbfd2b3b5-6261bdb8-4341

106 B
163 B

75ms
75ms

Script
application/javascript

104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/s/10001/6b316a50-6954-4a5a-91b0-05ccbfd2b3b5-6261bdb8-4341

Protocol

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b76cc5c679eef51e4d7298dc45effc3561508bf812dffeff02d74870372c71db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn.districtm.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
date: Thu, 21 Apr 2022 20:25:28 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-ray: 6ff8d96148cc547f-YYZ

Redirect headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:25:27 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://dmx.districtm.io/s/10001/6b316a50-6954-4a5a-91b0-05ccbfd2b3b5-6261bdb8-4341
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

2qkB75CISztdRRhlcnY4VJU4mbQ Show response
dmx.districtm.io/s/10026/ Frame 0FE6
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=132
https://dmx.districtm.io/s/10026/2qkB75CISztdRRhlcnY4VJU4mbQ

83 B
140 B

74ms
73ms

Script
application/javascript

104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/s/10026/2qkB75CISztdRRhlcnY4VJU4mbQ

Protocol

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d54b9572271c17bf84a4ca26486257daabf9356799d34e14d07a6d8db29c34f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn.districtm.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
date: Thu, 21 Apr 2022 20:25:28 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-ray: 6ff8d96158da547f-YYZ

Redirect headers

Location: https://dmx.districtm.io/s/10026/2qkB75CISztdRRhlcnY4VJU4mbQ
Date: Thu, 21 Apr 2022 20:25:28 GMT
Connection: keep-alive
Content-Length: 83
Content-Type: text/html; charset=utf-8

GET
H2

200

YmG9uAADr_y4ygAZ&_test=YmG9uAADr_y4ygAZ Show response
dmx.us-east-31.districtm.io/s/10016/ Frame 0FE6
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/1477?redir=https%3A//dmx.us-east-31.districtm.io/s/10016/$%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/1477?redir=https%3A//dmx.us-east-31.districtm.io/s/10016/$%7BTM_USER_ID%7D&_test=YmG9uAADr_y4ygAZ
https://dmx.us-east-31.districtm.io/s/10016/YmG9uAADr_y4ygAZ&_test=YmG9uAADr_y4ygAZ

95 B
232 B

147ms
43ms

Script
application/javascript

34.75.117.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.us-east-31.districtm.io/s/10016/YmG9uAADr_y4ygAZ&_test=YmG9uAADr_y4ygAZ

Protocol

Server

34.75.117.5 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

5.117.75.34.bc.googleusercontent.com

Software

Resource Hash

64056ae9b26fcb49f658fb93a008e60312f63350a09d3296543ee4383d7a421d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn.districtm.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:25:28 GMT
content-length: 95
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8

Redirect headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:25:28 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1650572728.444689,VS0,VE0
x-served-by: cache-yul12826-YUL
x-cache: HIT
location: https://dmx.us-east-31.districtm.io/s/10016/YmG9uAADr_y4ygAZ&_test=YmG9uAADr_y4ygAZ
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 113 KB
35 KB 105ms
56ms Script
application/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WC74WBX&l=dataLayer

Requested by

Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v56.0/fem.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

249faa90c86b76bb0b47544093fa55436c6315ce70df8a2516fc6125bc0e35bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:25:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36201
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 20:06:58 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Apr 2022 20:25:28 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 57ms
19ms Script
application/javascript 13.33.46.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v56.0/fem.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.46.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-46-48.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:32:43 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 42803
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d13d8a0a456d6aa0acf023a1e3acb2be.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C1
x-amz-cf-id: zp2YGrmmzowdTvHeOqolJGwPemXx2UqwNdjvym6WE8Dt3-3yfHnaVg==

GET
H2 200 mparticle.js Show response
jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/ 184 KB
48 KB 34ms
10ms Script
application/javascript 2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Requested by: Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v56.0/fem.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e5888d09417b9ed66594c53074ffd494c506d1f642c617f958777179ef06bf23

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:25:28 GMT
via: 1.1 varnish, 1.1 varnish
server: Kestrel
age: 6
x-origin-name: fastlyshield--shield_ssl_cache_iad_kiad7000115_IAD
x-served-by: cache-iad-kiad7000115-IAD, cache-yul12832-YUL
vary: Accept, Accept-Encoding
x-cache: HIT, HIT
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=3600
accept-ranges: bytes
x-timer: S1650572728.478559,VS0,VE0
content-length: 48607
x-cache-hits: 1, 4

GET
H2 200 uep04wp3s.js Show response
cdn.krxd.net/controltag/ 29 KB
7 KB 35ms
10ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/uep04wp3s.js
Requested by: Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v56.0/fem.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0abcd97f1c3ea08ef675d53a2756a5340e05e20a022c749edd9f76fbf478ebe8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Thu, 21 Apr 2022 20:25:28 GMT
via: 1.1 varnish, 1.1 varnish
age: 1081
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 6649
x-served-by: config-service-a004-ash-prod.krxd.net, cache-iad-kiad7000107-IAD, cache-yul12833-YUL
x-response-time: 1
x-do-esi: esi
x-timer: S1650572728.481108,VS0,VE0
etag: "0038f593d0df6695d1be7f074950b4eb9828e6ec"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 2, 1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 118 KB
36 KB 76ms
33ms Script
application/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer

Requested by

Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v56.0/fem.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

261e24e4b11ac71c64f38c0d8a0e20a7aa39029b10629bfd300626c634c078ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:25:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36734
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 20:06:58 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Apr 2022 20:25:28 GMT

GET
H2 200 23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js Show response
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/ 246 KB
68 KB 68ms
44ms Script
application/javascript 2606:4700::6812:451
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Requested by: Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v56.0/fem.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:451 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ad02e4a6cca7ca570c447fefe0d5c6c98cf28c7ff362ecd0bdcee4505084b8c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:25:28 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: 23dc09d6-b664-425a-a76e-0eed6a6cc102
age: 2401
x-guploader-uploadid: ADPycdt0w35uc84EcEGJvm_1B875vcS22C_WD0SpyYZkJffoLvgvONvIPa6nRZBbx1lum9WBMqCTdLC0ogmGa8MA7zOwxPEshxVM
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/javascript
last-modified: Thu, 21 Apr 2022 16:45:19 GMT
server: cloudflare
etag: W/"741cf44af5e65269225167697dbce59c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=ywvHVA==, md5=dBz0SvXmUmkiUWdpfbzlnA==
x-goog-generation: 1650559519338668
cache-control: public, max-age=900
x-goog-stored-content-length: 71150
cf-ray: 6ff8d9610a40ecf6-YUL
expires: Thu, 21 Apr 2022 20:40:28 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 62C6
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=canada.com&sn=ChromeSyncframe&so=0&topUrl=o.canada.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=at3pQHw0WDRyZG0zOVErWmJNaEdIS2VoQ1ZoRk5pOVN3RnNQZE9KdE1vbWJiNUVRdUljTURxUlRjL1FPYXZCWDdRbS9oS1drZ2F2clNaekphTjM3QzNJZGtJVTBvc290dldNc2s4UnlzWXVVc1QyNXRPY0s0WWhhWHoyaV...

422 B
630 B

77ms
26ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=at3pQHw0WDRyZG0zOVErWmJNaEdIS2VoQ1ZoRk5pOVN3RnNQZE9KdE1vbWJiNUVRdUljTURxUlRjL1FPYXZCWDdRbS9oS1drZ2F2clNaekphTjM3QzNJZGtJVTBvc290dldNc2s4UnlzWXVVc1QyNXRPY0s0WWhhWHoyaVBoR3orbXFWNmlWbUZzSjF5WkdQMFZkbFhmRUZaZzY4SzJkbHNCaGQwU2paemZrZjUwbHhKVHZ5YmxtS2hyKzI0QlU1akM3a2R1cVZ3d1daNnJpKzRvYkFmYkMxN1VMMllPRmZZa09iby9VVlNTNy92U3BDVjB6TThmcDJEK2w4RnJXenY2ZEt2Y3daK2U2UUVKSkJpZGpBeU9teDFzUT09fA&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Resource Hash

2c9c93406a36ba5f02e8ffc46ea08493928095424471cf5833da8a57b50f3816

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:25:28 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4812
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:25:28 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=at3pQHw0WDRyZG0zOVErWmJNaEdIS2VoQ1ZoRk5pOVN3RnNQZE9KdE1vbWJiNUVRdUljTURxUlRjL1FPYXZCWDdRbS9oS1drZ2F2clNaekphTjM3QzNJZGtJVTBvc290dldNc2s4UnlzWXVVc1QyNXRPY0s0WWhhWHoyaVBoR3orbXFWNmlWbUZzSjF5WkdQMFZkbFhmRUZaZzY4SzJkbHNCaGQwU2paemZrZjUwbHhKVHZ5YmxtS2hyKzI0QlU1akM3a2R1cVZ3d1daNnJpKzRvYkFmYkMxN1VMMllPRmZZa09iby9VVlNTNy92U3BDVjB6TThmcDJEK2w4RnJXenY2ZEt2Y3daK2U2UUVKSkJpZGpBeU9teDFzUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2143
content-length: 541
expires: 0

GET
H2 200 controltag.js.f5d7048d3841bccb4f5d92333c20b066 Show response
cdn.krxd.net/ctjs/ 259 KB
83 KB 10ms
10ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.f5d7048d3841bccb4f5d92333c20b066
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/uep04wp3s.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c22fbbe4bf63288095e3c83d2858a1f4b65b1acdc77ac28785824b184953f0d4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Thu, 21 Apr 2022 20:25:28 GMT
content-encoding: gzip
age: 1758146
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 1895785
content-length: 84741
x-served-by: cache-yul12833-YUL
last-modified: Fri, 01 Apr 2022 11:47:20 GMT
x-timer: S1650572728.495624,VS0,VE0
etag: "f5d7048d3841bccb4f5d92333c20b066"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Mon, 29 Mar 2032 11:47:19 GMT

OPTIONS
H2 204 identify
identity.mparticle.com/v1/ Frame 0
0 36ms
10ms Preflight 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.mparticle.com/v1/identify

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-mp-key
Access-Control-Request-Method: POST
Origin: https://o.canada.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type,x-mp-key
access-control-allow-methods: POST
access-control-allow-origin: *
age: 3290
date: Thu, 21 Apr 2022 20:25:28 GMT
server: Kestrel
strict-transport-security: max-age=900
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1824
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by: cache-yul12832-YUL
x-timer: S1650572729.540654,VS0,VE0

POST
H2 200 identify Show response
identity.mparticle.com/v1/ 175 B
270 B 36ms
35ms XHR
application/json 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.mparticle.com/v1/identify

Requested by

Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

40981811e2391ee6448943f8653020dda680717c25e4b4d476c55b8a8812730f

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

x-mp-key: us1-99b65fde89a1a145894d2d51d283cc83
Referer: https://o.canada.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 21 Apr 2022 20:25:28 GMT
content-encoding: gzip
server: Kestrel
x-timer: S1650572729.552695,VS0,VE25
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by: cache-yul12832-YUL
vary: Accept-Encoding
x-cache: MISS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
strict-transport-security: max-age=900
accept-ranges: bytes
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 proxy.3d2100fd7107262ecb55ce6847f01fa5.html Show response
cdn.krxd.net/partnerjs/xdi/ Frame F55D 805 B
827 B 10ms
10ms Document
text/html 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.f5d7048d3841bccb4f5d92333c20b066
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Referer: https://o.canada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 27423248
cache-control: public, max-age=315360000
content-encoding: gzip
content-length: 525
content-type: text/html
date: Thu, 21 Apr 2022 20:25:28 GMT
etag: "3d2100fd7107262ecb55ce6847f01fa5"
expires: Fri, 19 Feb 2027 17:50:50 GMT
last-modified: Tue, 21 Feb 2017 17:50:54 GMT
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 582874
x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
x-served-by: cache-yul12833-YUL
x-timer: S1650572729.573449,VS0,VE0

GET
H2 200 optout_check Show response
beacon.krxd.net/ 63 B
223 B 75ms
25ms Script
text/javascript 34.192.116.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.postmedia.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.f5d7048d3841bccb4f5d92333c20b066
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.116.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-116-66.compute-1.amazonaws.com
Software: /
Resource Hash: 68910a4e5f85bcaf85782e3e6779e311e94ebff60a39fc8df48c5b1b071e05ea

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:25:28 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=30 t=1650572728
x-served-by: beacon-n014-ash-prod.krxd.net
content-type: text/javascript

GET
H2 200 pxid Show response
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/ 46 B
390 B 121ms
97ms XHR
application/json 35.241.9.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/pxid?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by: Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.9.241.35.bc.googleusercontent.com
Software: Permutive /
Resource Hash: c1a5b9edecfa17a485a708c42c22014f760e09de3299b8f777b3b3ea8809eb7f

Request headers

Referer: https://o.canada.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 21 Apr 2022 20:25:28 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://o.canada.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66
via: 1.1 google

GET
H/1.1 200
OK getuidj Show response
ib.adnxs.com/ 11 B
700 B 82ms
45ms XHR
application/json 68.67.179.121
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.121 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

578.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://o.canada.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 21 Apr 2022 20:25:28 GMT
X-Proxy-Origin: 149.56.153.180; 149.56.153.180; 578.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: bbbe4fcf-f903-4dad-b02b-167dfa3bb0aa
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://o.canada.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 geoip Show response
api.permutive.com/v2.0/ 229 B
358 B 119ms
93ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by: Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 989d94d8baba214a6dcc1ba6795c35dc9ce9cf94863248b8970cd8e864674347

Request headers

Referer: https://o.canada.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 21 Apr 2022 20:25:28 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://o.canada.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166
via: 1.1 google

GET
H2 200 42fb57ac-2013-45a6-8dad-332d53e17c1b Show response
consumer.krxd.net/consent/get/ 239 B
431 B 36ms
10ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/42fb57ac-2013-45a6-8dad-332d53e17c1b?idt=device&dt=kxcookie&callback=Krux.ns.postmedia.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.f5d7048d3841bccb4f5d92333c20b066
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8ddf9e8fa96d1bbbeaf292ca94fc082dde61e4a6be90c87f8b2609fd88edbd4d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:25:28 GMT
via: 1.1 varnish
age: 32
x-served-by: consumer-a012-ash-prod.krxd.net, cache-yul12829-YUL
vary: Accept-Encoding
x-cache: MISS, HIT
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1650572729.668863,VS0,VE0
content-length: 193
x-cache-hits: 0, 1

GET
BLOB 200
OK e0a82bbc-eddc-4d92-8ba1-bbb3a854909a
https://o.canada.com/ 52 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://o.canada.com/e0a82bbc-eddc-4d92-8ba1-bbb3a854909a
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5eb247d50c79ece9c00d0c3206421e426500f567f8ec8465e66bb073ec5a7d42

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length: 53731

GET
BLOB 200
OK 3ec254ac-cf12-4d87-ae48-e13a87531a0c
https://o.canada.com/ 19 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://o.canada.com/3ec254ac-cf12-4d87-ae48-e13a87531a0c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87c55c63c2e41506556db72938b07312d1a8e3ccf4da4024fa4bea6b2147c31d

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length: 19782

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 78 KB
31 KB 80ms
41ms Script
application/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NHPWKCD&l=gtm_data_layer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ce36d9ab89ae6f9ce5d13e73bacbda077fad2836d506c1db70f270d74846a512

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:25:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31559
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 20:06:58 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Apr 2022 20:25:28 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 239 KB
70 KB 70ms
33ms Script
application/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8613493336c4799556e357bea5aa46cbc06af8b708d0578683a8c252d7b1e066

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:25:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71586
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 20:06:58 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Apr 2022 20:25:28 GMT

GET
H2 200 uep04wp3s.js Show response
cdn.krxd.net/controltag/ Frame F55D 29 KB
7 KB 10ms
10ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/uep04wp3s.js
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0abcd97f1c3ea08ef675d53a2756a5340e05e20a022c749edd9f76fbf478ebe8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Thu, 21 Apr 2022 20:25:28 GMT
via: 1.1 varnish, 1.1 varnish
age: 1081
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 6649
x-served-by: config-service-a004-ash-prod.krxd.net, cache-iad-kiad7000107-IAD, cache-yul12833-YUL
x-response-time: 1
x-do-esi: esi
x-timer: S1650572729.670547,VS0,VE0
etag: "0038f593d0df6695d1be7f074950b4eb9828e6ec"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 2, 2

OPTIONS
H2 204 identify
identity.mparticle.com/v1/ Frame 0
0 10ms
10ms Preflight 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.mparticle.com/v1/identify

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-mp-key
Access-Control-Request-Method: POST
Origin: https://o.canada.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type,x-mp-key
access-control-allow-methods: POST
access-control-allow-origin: *
age: 3290
date: Thu, 21 Apr 2022 20:25:28 GMT
server: Kestrel
strict-transport-security: max-age=900
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1825
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by: cache-yul12832-YUL
x-timer: S1650572729.677520,VS0,VE0

POST
H2 200 identify Show response
identity.mparticle.com/v1/ 175 B
230 B 44ms
44ms XHR
application/json 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.mparticle.com/v1/identify

Requested by

Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

1085fc6698feb5cbeb81075cb2139fdc8a5c40bcf2323e2c0b20dbe01559c003

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

x-mp-key: us1-99b65fde89a1a145894d2d51d283cc83
Referer: https://o.canada.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 21 Apr 2022 20:25:28 GMT
content-encoding: gzip
server: Kestrel
x-timer: S1650572729.688100,VS0,VE34
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by: cache-yul12832-YUL
vary: Accept-Encoding
x-cache: MISS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
strict-transport-security: max-age=900
accept-ranges: bytes
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 42fb57ac-2013-45a6-8dad-332d53e17c1b Show response
consumer.krxd.net/consent/get/ 239 B
301 B 11ms
11ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/42fb57ac-2013-45a6-8dad-332d53e17c1b?idt=device&dt=kxcookie&callback=Krux.ns.postmedia.kxjsonp_consent_get_1
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.f5d7048d3841bccb4f5d92333c20b066
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ad27e9e87b75a750b0bd9d26576b3d356ce2478183947309b853103631284c84

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:25:28 GMT
via: 1.1 varnish
age: 31
x-served-by: consumer-a001-ash-prod.krxd.net, cache-yul12829-YUL
vary: Accept-Encoding
x-cache: MISS, HIT
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1650572729.724908,VS0,VE0
content-length: 194
x-cache-hits: 0, 2

GET
H2 200 controltag.js.f5d7048d3841bccb4f5d92333c20b066 Show response
cdn.krxd.net/ctjs/ Frame F55D 259 KB
83 KB 12ms
12ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.f5d7048d3841bccb4f5d92333c20b066
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/uep04wp3s.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c22fbbe4bf63288095e3c83d2858a1f4b65b1acdc77ac28785824b184953f0d4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Thu, 21 Apr 2022 20:25:28 GMT
content-encoding: gzip
age: 1758146
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 1895788
content-length: 84741
x-served-by: cache-yul12833-YUL
last-modified: Fri, 01 Apr 2022 11:47:20 GMT
x-timer: S1650572729.730589,VS0,VE0
etag: "f5d7048d3841bccb4f5d92333c20b066"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Mon, 29 Mar 2032 11:47:19 GMT

GET
H2 200 get Show response
cdn.krxd.net/userdata/ 322 B
454 B 15ms
15ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/userdata/get?pub=42fb57ac-2013-45a6-8dad-332d53e17c1b&technographics=1&callback=Krux.ns.postmedia.kxjsonp_userdata
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.f5d7048d3841bccb4f5d92333c20b066
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 28cc80ac3045d5b4a7ffbbbfeea8b2f4cbe6ef69b751cdfb825b237013a55368

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date: Thu, 21 Apr 2022 20:25:28 GMT
content-encoding: gzip
age: 32
x-served-by: userdata-a010-ash-prod.krxd.net, cache-yul12833-YUL
vary: Accept-Encoding
x-cache: MISS, HIT
content-type: text/javascript
via: 1.1 varnish
cache-control: private, max-age=3600
x-age: 0
accept-ranges: bytes
x-timer: S1650572729.737051,VS0,VE0
content-length: 249
x-cache-hits: 0, 1

POST
H2 204 users Show response
dmx.districtm.io/s/v1/ Frame 0FE6 0
707 B 69ms
68ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/s/v1/users

Requested by

Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cdn.districtm.io/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 21 Apr 2022 20:25:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: DELETE, GET, OPTIONS, POST
access-control-allow-origin: https://cdn.districtm.io
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6ff8d9635b7d547f-YYZ
access-control-allow-headers: Origin, Content-Type

OPTIONS
H2 204 users
dmx.districtm.io/s/v1/ Frame 0
0 101ms
63ms Preflight 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/s/v1/users

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://cdn.districtm.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type
access-control-allow-methods: DELETE, GET, OPTIONS, POST
access-control-allow-origin: https://cdn.districtm.io
access-control-max-age: 14400
cf-cache-status: DYNAMIC
cf-ray: 6ff8d962ff848c65-EWR
date: Thu, 21 Apr 2022 20:25:28 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 60ms
18ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: o.canada.com
URL: https://o.canada.com/privacy-statement/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: Yaf7qeSowbJM/vGsRs9+Z6/cOaejrcxCCw34yE1M9KMA5kG44rYwqfTaNkpcEDm45FMV5mXbYmM/3OeXwa/QHA==
x-fb-trip-id: 1512268381
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 21 Apr 2022 20:25:28 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 42fb57ac-2013-45a6-8dad-332d53e17c1b Show response
consumer.krxd.net/consent/get/ Frame F55D 224 B
305 B 31ms
31ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/42fb57ac-2013-45a6-8dad-332d53e17c1b?idt=device&dt=kxcookie&callback=Krux.ns.postmedia.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.f5d7048d3841bccb4f5d92333c20b066
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7ddf73dc2654d76a2c2c685ccf1033a69df7ae1beb6d34290565a3411e6d6f59

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:25:28 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a003-ash-prod.krxd.net, cache-yul12829-YUL
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1650572729.775203,VS0,VE21
content-length: 187
x-cache-hits: 0, 0

POST
H3 200 identify Show response
api.permutive.com/v2.0/ 50 B
88 B 128ms
105ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by: Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: bf03f4b78954bbd313f0df9a5fed54681647ed51dbf9f1a0bd2a7e0acd74a2fe

Request headers

Referer: https://o.canada.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 21 Apr 2022 20:25:28 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://o.canada.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70
via: 1.1 google

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 167 KB
61 KB 43ms
43ms Script
application/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CBS6P3K53Q&l=gtm_data_layer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2e5965d26add20b8b67767233c5eb08ac51f00e4cd1956cac0f534cf477f0949

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:25:28 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62656
x-xss-protection: 0
expires: Thu, 21 Apr 2022 20:25:28 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 82ms
21ms Script
text/javascript 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5886
date: Thu, 21 Apr 2022 18:47:22 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 21 Apr 2022 20:47:22 GMT

GET
H2 200 p.js Show response
cdn.parsely.com/keys/o.canada.com/ 56 KB
21 KB 78ms
20ms Script
application/javascript 99.84.112.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/o.canada.com/p.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.112.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-112-62.ewr52.r.cloudfront.net
Software: nginx /
Resource Hash: b1999e376b9efaf872e3076f9a9f4d7e7f2af4d20238a553a99ce6f6c8a86cd1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: public
date: Thu, 21 Apr 2022 00:38:56 GMT
content-encoding: gzip
last-modified: Fri, 29 Oct 2021 18:49:12 GMT
server: nginx
age: 71192
etag: W/"617c4228-df40"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1f6489805a1a0c23aa23a8aa0cb28716.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: EWR52-C3
x-amz-cf-id: h7KI9qYVpB3QpRZZc5zpBUq0RNqjfSTzRHQlzfo6sIAuVhiXSaxyvw==
expires: Fri, 22 Apr 2022 00:38:56 GMT

GET
H3 200 1685973801652415 Show response
connect.facebook.net/signals/config/ 308 KB
88 KB 45ms
22ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1685973801652415?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5b6a197fb2868e493c28a9b59660289216fee9ecfcafcfa1660ec4189219cef3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 89833
x-xss-protection: 0
pragma: public
x-fb-debug: U9pPFP+9SxQmyjvGlqSe2aqPGGfO+FO/FCwRSqSzRgj2kO65ve0sbRBdhCjIv035csoYaxyXADY2MubJnm4lNw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 21 Apr 2022 20:25:28 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame F55D
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=google
https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T3l0VG84Mlc
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEHBLyGGAeGwxcZO8QkZzwiI&google_cver=1

0
336 B

25ms
25ms

Image
text/plain

34.192.116.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEHBLyGGAeGwxcZO8QkZzwiI&google_cver=1
Protocol: H2
Server: 34.192.116.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-116-66.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:25:29 GMT
cache-control: private, no-cache, no-store
x-request-time: D=19 t=1650572729
x-served-by: beacon-n032-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:25:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEHBLyGGAeGwxcZO8QkZzwiI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame F55D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T3l0VG84Mlc
https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm=&google_hm=T3l0VG84Mlc&google_tc=
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEHeqW7Y_R_u3D3-cNiEbN14&google_cver=1

0
336 B

25ms
25ms

Image
text/plain

34.192.116.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEHeqW7Y_R_u3D3-cNiEbN14&google_cver=1
Protocol: H2
Server: 34.192.116.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-116-66.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:25:29 GMT
cache-control: private, no-cache, no-store
x-request-time: D=24 t=1650572729
x-served-by: beacon-n027-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:25:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEHeqW7Y_R_u3D3-cNiEbN14&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 379708.gif
idsync.rlcdn.com/ Frame F55D 42 B
448 B 74ms
42ms Image
image/gif 35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/379708.gif?partner_uid=OytTo82W
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Apr 2022 20:25:28 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame F55D
Redirect Chain

https://stags.bluekai.com/site/26357?id=OytTo82W&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOytTo82W%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID
https://beacon.krxd.net/usermatch.gif?_kuid=OytTo82W&partner=bluekai&bk_uuid=$_BK_UUID

0
336 B

25ms
25ms

Image
text/plain

34.192.116.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?_kuid=OytTo82W&partner=bluekai&bk_uuid=$_BK_UUID
Protocol: H2
Server: 34.192.116.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-116-66.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:25:29 GMT
cache-control: private, no-cache, no-store
x-request-time: D=35 t=1650572729
x-served-by: beacon-n003-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: https://beacon.krxd.net/usermatch.gif?_kuid=OytTo82W&partner=bluekai&bk_uuid=$_BK_UUID
Date: Thu, 21 Apr 2022 20:25:28 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

200

p2
sb.scorecardresearch.com/ Frame F55D
Redirect Chain

https://sb.scorecardresearch.com/p?c1=9&c2=8188709&cs_xi=OytTo82W&rn=1650572729
https://sb.scorecardresearch.com/p2?c1=9&c2=8188709&cs_xi=OytTo82W&rn=1650572729

43 B
263 B

25ms
24ms

Image
image/gif

13.33.46.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=9&c2=8188709&cs_xi=OytTo82W&rn=1650572729
Protocol: H2
Server: 13.33.46.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-46-48.ewr52.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:25:28 GMT
via: 1.1 d13d8a0a456d6aa0acf023a1e3acb2be.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C1
content-length: 43
x-amz-cf-id: x_e7wL4-FHvjBf0EjSBsI0Pc53pPwGV-QbgjVq7jn-Bs5QsMWZCpBg==
x-cache: Miss from cloudfront
content-type: image/gif

Redirect headers

location: /p2?c1=9&c2=8188709&cs_xi=OytTo82W&rn=1650572729
date: Thu, 21 Apr 2022 20:25:28 GMT
via: 1.1 d13d8a0a456d6aa0acf023a1e3acb2be.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C1
content-length: 0
x-amz-cf-id: Idj9fs_MCdPdkiPezupVSyNVUZ0OJtauJxhd1yvCOK7J3vnx93xkQg==
x-cache: Miss from cloudfront

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame F55D
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/NC4WTmcy?redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner_id%3Dcb276571-e0d9-4438-9fd4-80a1ff034b01%26puid%3D%24%7BTM_USER_ID%7D
https://beacon.krxd.net/usermatch.gif?partner_id=cb276571-e0d9-4438-9fd4-80a1ff034b01&puid=YmG9uAADr_y4ygAZ

0
336 B

25ms
25ms

Image
text/plain

34.192.116.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=cb276571-e0d9-4438-9fd4-80a1ff034b01&puid=YmG9uAADr_y4ygAZ
Protocol: H2
Server: 34.192.116.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-116-66.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:25:28 GMT
cache-control: private, no-cache, no-store
x-request-time: D=495 t=1650572728
x-served-by: beacon-n012-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:25:28 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1650572729.859039,VS0,VE0
x-served-by: cache-yul12826-YUL
x-cache: HIT
location: https://beacon.krxd.net/usermatch.gif?partner_id=cb276571-e0d9-4438-9fd4-80a1ff034b01&puid=YmG9uAADr_y4ygAZ
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1 204
No Content match
ps.eyeota.net/ Frame F55D 0
83 B 98ms
23ms Image
text/plain 54.156.26.12
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=i0r4o4v&uid=OytTo82W
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.156.26.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-26-12.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 21 Apr 2022 20:25:28 GMT
Content-Length: 0

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame F55D
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=beeswax
https://match.prod.bidr.io/cookie-sync/krux?partner_user_id=OytTo82W
https://match.prod.bidr.io/cookie-sync/krux?partner_user_id=OytTo82W&_bee_ppp=1
https://beacon.krxd.net/usermatch.gif?partner=beeswax&partner_uid=AACnx07Ew3sAACJTPRdVhA

0
336 B

25ms
25ms

Image
text/plain

34.192.116.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=beeswax&partner_uid=AACnx07Ew3sAACJTPRdVhA
Protocol: H2
Server: 34.192.116.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-116-66.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:25:29 GMT
cache-control: private, no-cache, no-store
x-request-time: D=28 t=1650572729
x-served-by: beacon-n029-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=beeswax&partner_uid=AACnx07Ew3sAACJTPRdVhA
Date: Thu, 21 Apr 2022 20:25:29 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame F55D
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=mediamath
https://sync.mathtag.com/sync/img?mt_exid=10031&mt_exuid=OytTo82W&redirect=https://beacon.krxd.net/usermatch.gif?partner%3Dmediamath%26partner_id%3D%5BMM_UUID%5D
https://beacon.krxd.net/usermatch.gif?partner=mediamath&partner_id=afaf6261-bdb9-4f00-a3f0-f0213a8c80bf

0
335 B

24ms
24ms

Image
text/plain

34.192.116.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=mediamath&partner_id=afaf6261-bdb9-4f00-a3f0-f0213a8c80bf
Protocol: H2
Server: 34.192.116.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-116-66.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:25:29 GMT
cache-control: private, no-cache, no-store
x-request-time: D=20 t=1650572729
x-served-by: beacon-n019-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date: Thu, 21 Apr 2022 20:25:29 GMT
Server: MT3 4335 2c68c00 master ord-pixel-x55 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://beacon.krxd.net/usermatch.gif?partner=mediamath&partner_id=afaf6261-bdb9-4f00-a3f0-f0213a8c80bf
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 21 Apr 2022 20:25:28 GMT

GET
H2 200 tag.aspx Show response
ml314.com/ Frame F55D 31 KB
32 KB 37ms
13ms Script
application/javascript 34.111.234.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?2132022
Requested by: Host: o.canada.com
URL: https://o.canada.com/privacy-statement/en/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 75d893335a1d25db1bf02e25ab904d97a3af743128850d8566b93d197e56e9e9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:12:57 GMT
age: 751
x-guploader-uploadid: ADPycdugyifnk7XmokCUhKHnVHJysop0y9pns5uZHl3HTRWZqcg1ZrmW5jyUwQkHWTWcNAwvgajVXJRwv68ihblczoZ0
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32025
last-modified: Mon, 04 Apr 2022 15:43:44 GMT
server: UploadServer
cache-control: public,max-age=3600
etag: "25b1f355dd487bdf5381a749056080c4"
x-goog-hash: crc32c=dPpbog==, md5=JbHzVd1Ie99TgadJBWCAxA==
x-goog-generation: 1649087024620619
cache-id: YUL-62c5aa93
x-cache-hit: hit
x-goog-stored-content-length: 32025
accept-ranges: bytes
content-type: application/javascript

GET
H2

200

g.js
aa.agkn.com/adscores/ Frame F55D
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=neustar
https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=OytTo82W

43 B
657 B

65ms
26ms

Image
image/gif

143.204.146.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=OytTo82W
Protocol: H2
Server: 143.204.146.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-146-35.ewr52.r.cloudfront.net
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:25:29 GMT
via: 1.1 4b935afa75041435c91e2b3ed1ab1d26.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: EWR52-C2
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
content-type: image/gif
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
x-amz-cf-id: qbasjN-ekBmVYWGFqXnQk7owaRBdCNTF7ky8vgzi7NXx18dhYygN5A==
expires: 0

Redirect headers

location: https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=OytTo82W
date: Thu, 21 Apr 2022 20:25:28 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a011-ash-prod.krxd.net

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame F55D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=183716&cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__&s=183716&C=1
https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=YmG9uKiY23hoYfLDrT2c3gAA%26551

0
336 B

25ms
25ms

Image
text/plain

34.192.116.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=YmG9uKiY23hoYfLDrT2c3gAA%26551
Protocol: H2
Server: 34.192.116.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-116-66.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:25:29 GMT
cache-control: private, no-cache, no-store
x-request-time: D=33 t=1650572729
x-served-by: beacon-n030-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Thu, 21 Apr 2022 20:25:28 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=YmG9uKiY23hoYfLDrT2c3gAA%26551
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 283
Expires: Thu, 21 Apr 2022 20:25:28 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame F55D
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=salesforce
https://beacon.krxd.net/usermatch.gif?partner=stackadapt&partner_uid=2qkB75CISztdRRhlcnY4VJU4mbQ

0
336 B

25ms
25ms

Image
text/plain

34.192.116.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=stackadapt&partner_uid=2qkB75CISztdRRhlcnY4VJU4mbQ
Protocol: H2
Server: 34.192.116.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-116-66.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:25:28 GMT
cache-control: private, no-cache, no-store
x-request-time: D=33 t=1650572728
x-served-by: beacon-n013-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: https://beacon.krxd.net/usermatch.gif?partner=stackadapt&partner_uid=2qkB75CISztdRRhlcnY4VJU4mbQ
Date: Thu, 21 Apr 2022 20:25:28 GMT
Connection: keep-alive
Content-Length: 123
Content-Type: text/html; charset=utf-8

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame F55D
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=triplelift&gdpr=0&cmp_cs=&us_privacy=undefined
https://eb2.3lift.com/xuid?mid=3587&xuid=OytTo82W&dongle=13b2&rdir=https://beacon.krxd.net/usermatch.gif?partner%3Dtriplelift%26partner_uid%3D$UID&gdpr=0&cmp_cs=&us_privacy=undefined
https://eb2.3lift.com/xuid?ld=1&mid=3587&xuid=OytTo82W&dongle=13b2&gdpr=0&cmp_cs=&us_privacy=undefined&rdir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dtriplelift%26partner_uid%3D%24UID
https://beacon.krxd.net/usermatch.gif?partner=triplelift&partner_uid=3855882092513799018482

0
335 B

24ms
24ms

Image
text/plain

34.192.116.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=triplelift&partner_uid=3855882092513799018482
Protocol: H2
Server: 34.192.116.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-116-66.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:25:29 GMT
cache-control: private, no-cache, no-store
x-request-time: D=22 t=1650572729
x-served-by: beacon-n025-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=triplelift&partner_uid=3855882092513799018482
date: Thu, 21 Apr 2022 20:25:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 71ms
32ms Ping
text/plain 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-CBS6P3K53Q&gtm=2oe4i1&_p=1841453514&_z=ccd.NbB&cid=201839882.1650572729&ul=en-us&sr=1600x1200&ir=1&_s=1&dl=https%3A%2F%2Fo.canada.com%2Fprivacy-statement%2Fen%2F&sid=1650572728&sct=1&seg=0&dt=Privacy%20Statement%20%7C%20Canada.Com&en=page_view&_fv=1&_nsi=1&_ss=1&_eu=Q&ep.debug_mode=false&ep.gtm_version=26&ep.gtm_container_id=GTM-P3Q4QHW&ep.ad_blocker_enabled=false&ep.user_status=anonymous&ep.page_type=privacy-statement&ep.session_uuid=564CFE30-1A92-4178-B44D-AA17CE0450BE&ep.platform=Cheetah&ep.platform_version=10.3.1&ep.fem_version=v56.0&ep.mp_id=8232974555578997597&ep.brand=canada.com&ep.timestamp=2022-04-21T20%3A25%3A28.889%2B00%3A00&ep.ga_client_id=2021776275.1650572729&ep.metered_content=false&up.mp_id=8232974555578997597&up.client_id=2021776275.1650572729
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CBS6P3K53Q&l=gtm_data_layer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:25:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://o.canada.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
259 B 99ms
25ms Image
image/gif 34.194.161.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1650572728920&plid=88516055&idsite=o.canada.com&url=https%3A%2F%2Fo.canada.com%2Fprivacy-statement%2Fen%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fo.canada.com%2Fprivacy-statement%2Fen%2F&sref=&sts=1650572728914&slts=0&title=Privacy+Statement+%7C+Canada.Com&date=Thu+Apr+21+2022+20%3A25%3A28+GMT%2B0000+(GMT)&action=pageview&pvid=14162150&u=pid%3D04992bb10f63bf0e14a94acfc010847c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.161.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-161-83.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 21 Apr 2022 20:25:29 GMT
Cache-Control: no-cache
Last-Modified: Thursday, 21-Apr-2022 20:25:29 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 32ms
32ms XHR
text/plain 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1841453514&t=pageview&_s=1&dl=https%3A%2F%2Fo.canada.com%2Fprivacy-statement%2Fen%2F&ul=en-us&de=UTF-8&dt=Privacy%20Statement%20%7C%20Canada.Com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACAABBAAAAC~&jid=1503059908&gjid=1310071954&cid=201839882.1650572729&tid=UA-213173459-10&_gid=1342317240.1650572729&_r=1&gtm=2wg4i1P3Q4QHW&cd2=2022-04-21T20%3A25%3A28.800%2B00%3A00&cd7=anonymous&cd17=0&cd23=canada.com&cd24=Cheetah&cd25=10.3.1&cd26=v56.0&cd27=0&cd28=GTM-P3Q4QHW&cd29=26&cd31=privacy-statement&cd65=false&cd1=201839882.1650572729&z=171258011

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://o.canada.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:25:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://o.canada.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 32ms
31ms XHR
text/plain 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://o.canada.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:25:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://o.canada.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 tpd Show response
api.permutive.com/v2.0/ 2 B
39 B 116ms
94ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/tpd?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by: Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://o.canada.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 21 Apr 2022 20:25:29 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://o.canada.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22
via: 1.1 google

GET
H3 200 utsync.ashx Show response
ml314.com/ Frame F55D 270 B
292 B 44ms
31ms Script
application/javascript 34.111.234.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=748&ct=js&pi=&fp=&clid=&if=1&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fcdn.krxd.net%2Fpartnerjs%2Fxdi%2Fproxy.3d2100fd7107262ecb55ce6847f01fa5.html%23!kxcid%3Duep04wp3s%26kxt%3Dhttps%253A%252F%252Fo.canada.com%26kxcl%3Dcdn%26kxp%3D&pv=1650572728961_iqn1bhccf&bl=en-us&cb=3004540&return=https%3A%2F%2Fml314.com%2Fcsync.ashx%3Ffp%3DOytTo82W%26person_id%3D%5BPersonID%5D%26eid%3D748%26return%3Dhttps%253A%252F%252Fbeacon.krxd.net%252Fusermatch.gif%253Fpartner%253Dmadisonlogic%2526partner_uid%253D%5BPersonID%5D&ht=&d=&dc=&si=1650572728961_iqn1bhccf&cid=&s=1600x1200&rp=https%3A%2F%2Fo.canada.com%2F&v=2.5.1.2
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?2132022
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 10069a973f0e968ccaabd621371035f11249b82d7957129392681a7866b78af6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:25:28 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: private
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 270
expires: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
410 B 56ms
19ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1685973801652415&ev=PageView&dl=https%3A%2F%2Fo.canada.com%2Fprivacy-statement%2Fen%2F&rl=&if=false&ts=1650572728980&sw=1600&sh=1200&v=2.9.57&r=stable&a=tmsalesforce&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22514537319740368%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22503487844400487%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%221042784969583558%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%22858678751523779%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[4]=%7B%22extractorID%22%3A%221127243281129742%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[5]=%7B%22extractorID%22%3A%22497819211464386%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1650572728979.423589569&it=1650572728843&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:25:29 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 21 Apr 2022 20:25:29 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
439 B 84ms
33ms XHR
text/plain 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-213173459-10&cid=201839882.1650572729&jid=1503059908&gjid=1310071954&_gid=1342317240.1650572729&_u=YCDACAAABAAAAC~&z=908634947

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://o.canada.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 21 Apr 2022 20:25:29 GMT
content-type: text/plain
access-control-allow-origin: https://o.canada.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame F55D
Redirect Chain

https://ml314.com/csync.ashx?fp=OytTo82W&person_id=3626672083406159969&eid=748&return=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dmadisonlogic%26partner_uid%3D3626672083406159969
https://beacon.krxd.net/usermatch.gif?partner=madisonlogic&partner_uid=3626672083406159969

0
336 B

25ms
25ms

Image
text/plain

34.192.116.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=madisonlogic&partner_uid=3626672083406159969
Protocol: H2
Server: 34.192.116.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-116-66.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:25:29 GMT
cache-control: private, no-cache, no-store
x-request-time: D=18 t=1650572729
x-served-by: beacon-n014-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Thu, 21 Apr 2022 20:25:28 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html; charset=utf-8
location: https://beacon.krxd.net/usermatch.gif?partner=madisonlogic&partner_uid=3626672083406159969
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 211
expires: Fri, 22 Apr 2022 16:25:29 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 86ms
39ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-213173459-10&cid=201839882.1650572729&jid=1503059908&_u=YCDACAAABAAAAC~&z=1482732352

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:25:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
501 B 81ms
35ms Image
image/gif 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-213173459-10&cid=201839882.1650572729&jid=1503059908&_u=YCDACAAABAAAAC~&z=1482732352

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:25:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
beacon.krxd.net/ 0
336 B 24ms
24ms Image
text/plain 34.192.116.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/pixel.gif?source=smarttag&fired=user_data_timeout&confid=uep04wp3s&_kpid=42fb57ac-2013-45a6-8dad-332d53e17c1b&_kcp_s=canada.com_desktop&_kcp_d=o.canada.com&_knifr=4&_kua_kx_tz=0&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_mpid=8232974555578997597&_kua_ad_light_user=false&_kua_kx_whistle=0&_kpa_canada_com_desktop_url_path_1=privacy-statement&_kpa_canada_com_desktop_url_path_2=en&_kpa_domain=canada.com&_kpa_url_path_1=privacy-statement&_kpa_url_path_2=en&_kpa_page_type=privacy-statement&_kpa_canada_com_desktop_page_type=privacy-statement&_kpa_view_type=HTML&_kpa_env=prod&_kpa_paywall_whitelist=false&t_navigation_type=0&t_dns=0&t_tcp=41&t_http_request=-1&t_http_response=14&t_content_ready=339&t_window_load=562&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=false&sview=1&kplt0=41818&kplt1=42920&kplt2=42921&kplt3=42922&kplt4=44981&kplt5=45977&kplt6=46302&jsonp_requests=https%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C115%2Chttps%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F42fb57ac-2013-45a6-8dad-332d53e17c1b%2C64%2Chttps%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F42fb57ac-2013-45a6-8dad-332d53e17c1b%2C25%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C17
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.116.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-116-66.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:25:29 GMT
cache-control: private, no-cache, no-store
x-request-time: D=48 t=1650572729
x-served-by: beacon-n004-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

POST
H3 200 / Show response
www.facebook.com/tr/ Frame CC13 0
18 B 39ms
18ms Document
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://o.canada.com
Referer: https://o.canada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://o.canada.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 21 Apr 2022 20:25:29 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
129 B 98ms
98ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by: Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: fc2763025a022a9f9c6bd6756d3dcdda6afe604aa41ba359f7c4605319de954f

Request headers

Referer: https://o.canada.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 21 Apr 2022 20:25:29 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://o.canada.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
via: 1.1 google

GET
H2 200 optout_check Show response
beacon.krxd.net/ 82 B
240 B 25ms
24ms Script
text/javascript 34.192.116.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.postmedia.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.f5d7048d3841bccb4f5d92333c20b066
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.116.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-116-66.compute-1.amazonaws.com
Software: /
Resource Hash: 3016b250bcbd944985a07ea06a92377e3d1f7222c1d7d459e82affa98b6bdcae

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:25:29 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=20 t=1650572729
x-served-by: beacon-n010-ash-prod.krxd.net
content-type: text/javascript

POST
H3 200 state Show response
api.permutive.com/v1.0/ 0
34 B 103ms
103ms XHR
text/plain 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v1.0/state?fetch_unseen=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by: Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://o.canada.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 21 Apr 2022 20:25:30 GMT
content-encoding: gzip
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20
via: 1.1 google

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

46 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.adsrvr.org/	1970-01-20 11:15:08	Name: TDID Value: ff619347-8b90-4201-be65-0da7eac4befc
.liadm.com/	1970-01-20 20:00:44	Name: lidid Value: fe980c91-5dc9-4989-9fc4-bb6d1f763326
o.canada.com/	1970-01-20 02:39:37	Name: political-ad-opt-out Value: {"data":false,"exp":604800000,"ts":1650572728312,"mac":-378793808}
o.canada.com/	1970-01-20 02:29:33	Name: __adblocker Value: false
.everesttech.net/	1970-01-20 11:15:08	Name: everest_g_v2 Value: g_surferid~YmG9uAADr_y4ygAZ
o.canada.com/	1970-01-20 02:39:37	Name: x-id Value: {"data":{"adLight":false,"id":"9ekh33bnz5bxihtzwo5r6e7rlmme0v4vn","updated":1650572728446},"exp":604800000,"ts":1650572728446,"mac":-82984139}
.criteo.com/	1970-01-20 11:51:08	Name: uid Value: 6892c2b0-8e69-4f56-bf70-4f10f63d095b
d395dw5zk780j2.cloudfront.net/	1970-01-20 02:39:37	Name: x-id Value: {"data":{"adLight":false,"id":"9ekh33bnz5bxihtzwo5r6e7rlmme0v4vn","updated":1650572728446},"exp":604800000,"ts":1650572728457,"mac":-82983147}
.sharethrough.com/	1970-01-20 03:12:44	Name: stx_user_id Value: d59e25b0-918c-48e1-bd3d-61491c16348c
.advertising.com/	1970-01-20 11:16:35	Name: APID Value: UP2f0e6f6a-c1b1-11ec-b25e-0e93f75ac9a9
.sitescout.com/	1970-01-20 11:15:08	Name: ssi Value: 6b316a50-6954-4a5a-91b0-05ccbfd2b3b5#1650572728457
.sitescout.com/	1970-01-20 03:12:44	Name: _ssuma Value: e30
sync.srv.stackadapt.com/	1970-01-20 11:15:08	Name: sa-user-id Value: s%3A0-daa901ef-9088-4b3b-5d45-186572763854.LjPwpx6%2FyhoRsb2%2FeWSVt%2Fp8xwXHFZEtjpucugMD0Y8
.srv.stackadapt.com/	1970-01-20 11:15:08	Name: sa-user-id-v2 Value: s%3A2qkB75CISztdRRhlcnY4VJU4mbQ.3K03odkAcCUMxg7r0J1x2oDXqUeaccfHZEjll6B2XFY
.yahoo.com/	1970-01-20 11:15:30	Name: A3 Value: d=AQABBLi9YWICEFcF_I1MhcyIFonPoJs2Gb4FEgEBAQEPY2JrYgAAAAAA_eMAAA&S=AQAAAptSlkIjCE1JF5BMOYxV7b8
.analytics.yahoo.com/	1970-01-20 11:15:08	Name: IDSYNC Value: 18ym~24gk
.canada.com/	1970-01-20 06:53:03	Name: permutive-id Value: 2283e658-1191-4d97-b51a-3164c6b2f787
.canada.com/	1970-01-20 11:51:08	Name: cto_bundle Value: fRvaWF84YzhPbnF0cmRQak80WGdLUFA3NmttaE1oeFh0JTJGUGE3QXhwUk9EWEw0YVRmR3N4MmZCUWdOMTJoaGF0eG1xTEklMkJSVWV3T1hFb3Y3dlNvZmNHQks3UFprRXFNNVQ1M0JCTHpXTUR4VXBDTzc2Qk84dlk5WVg4RzlsUDUxSXRnejJkWmxYa0xJSGVicmxYR0RpTEptNlRBJTNEJTNE
.canada.com/	1970-01-20 11:15:08	Name: mprtcl-v4_4662F03F Value: {'gs':{'ie':1\|'dt':'us1-99b65fde89a1a145894d2d51d283cc83'\|'av':'1.0.0'\|'cgid':'fbebcd6c-3bfc-4407-91da-bf9d91a6c3ad'\|'das':'4b103712-251a-4d83-b335-90dde6d71cb4'\|'csm':'WyI4MjMyOTc0NTU1NTc4OTk3NTk3Il0='\|'sid':'564CFE30-1A92-4178-B44D-AA17CE0450BE'\|'les':1650572728674\|'ssd':1650572728509}\|'l':1\|'8232974555578997597':{'fst':1650572728597\|'ui':'eyIwIjoiOWVraDMzYm56NWJ4aWh0endvNXI2ZTdybG1tZTB2NHZuIn0='}\|'cu':'8232974555578997597'}
.23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/	1970-01-20 04:40:35	Name: pxid Value: b5107be1-49c7-4b43-b5f3-ae9f71312e20
.krxd.net/	1970-01-20 06:48:44	Name: _kuid_ Value: OytTo82W
.scorecardresearch.com/	1970-01-20 19:46:20	Name: UID Value: 1F72d79f096cd9d869e72df1650572728
.canada.com/	1970-01-20 20:00:44	Name: _ga_CBS6P3K53Q Value: GS1.1.1650572728.1.0.1650572728.0
.canada.com/	1970-01-20 02:29:34	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://o.canada.com/privacy-statement/en/%22%2C%22sref%22:%22%22%2C%22sts%22:1650572728914%2C%22slts%22:0}
.districtm.io/	1970-01-20 02:55:27	Name: _dm_uid Value: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAwLCJ1c3IiOiJxZ2J5QWJJR0d6STROMlp3WkVKRFQzVlNjVWxVT1VSMFJqbE9Na1kwTlVSVmRMb0dOd2lSVGhJeU5tSXpNVFpoTlRBdE5qazFOQzAwWVRWaExUa3hZakF0TURWalkySm1aREppTTJJMUxUWXlOakZpWkdJNExUUXpOREc2QmhVSW9FNFNFRmx0UnpsMVFVRkVjbDk1TkhsblFWcTZCaUFJcWs0U0d6SnhhMEkzTlVOSlUzcDBaRkpTYUd4amJsazBWa3BWTkcxaVVib0dBd2l1VHJvR0F3aXdUcm9HVUFqRFRoSkxlUzFITW05NWNVWjRSVEoxUmxGNWJVTkZWMDlXZW5CTlJsSTJaVW93TmsxZmNYNUJmbFZRTW1Zd1pUWm1ObUV0WXpGaU1TMHhNV1ZqTFdJeU5XVXRNR1U1TTJZM05XRmpPV0U1IiwiaWF0IjoxNjUwNTcyNzI4fQ.NZ_fxtl4K_7PNTaz_tcrleR8sFGFX9iPTSJOXm5m_k05N-vMdL2avo0BgHIcfKdPPf98bN9CskLM2OczL9xUMA
.canada.com/	1970-01-20 11:58:56	Name: _parsely_visitor Value: {%22id%22:%22pid=04992bb10f63bf0e14a94acfc010847c%22%2C%22session_count%22:1%2C%22last_session_ts%22:1650572728914}
.rlcdn.com/	1970-01-20 11:15:08	Name: rlas3 Value: B8eUMCfJAxul/3MSmYpTerNiPM/zg2C9As3hmIfWFLw=
.rlcdn.com/	1970-01-20 03:55:56	Name: pxrc Value: CAA=
.canada.com/	1970-01-20 20:00:44	Name: _ga Value: GA1.2.201839882.1650572729
.canada.com/	1970-01-20 02:30:59	Name: _gid Value: GA1.2.1342317240.1650572729
.canada.com/	1970-01-20 02:29:32	Name: _gat_UA-213173459-10 Value: 1
.casalemedia.com/	1970-01-20 11:15:08	Name: CMID Value: YmG9uKiY23hoYfLDrT2c3gAA
.casalemedia.com/	1970-01-20 04:39:08	Name: CMPS Value: 462
.canada.com/	1970-01-20 02:29:32	Name: _gat_UA-138335866-21 Value: 1
.canada.com/	1970-01-20 04:39:08	Name: _fbp Value: fb.1.1650572728979.423589569
.casalemedia.com/	1970-01-20 04:39:08	Name: CMPRO Value: 551
.casalemedia.com/	1970-01-20 02:30:59	Name: CMST Value: YmG9uGJhvbgA
.ml314.com/	1970-01-20 02:29:32	Name: u Value: aHR0cHM6Ly9jZG4ua3J4ZC5uZXQvcGFydG5lcmpzL3hkaS9wcm94eS4zZDIxMDBmZDcxMDcyNjJlY2I1NWNlNjg0N2YwMWZhNS5odG1sIyFreGNpZD11ZXAwNHdwM3Mma3h0PWh0dHBzJTNBJTJGJTJGby5jYW5hZGEuY29tJmt4Y2w9Y2RuJmt4cD0=
.ml314.com/	1970-01-20 11:15:08	Name: pi Value: 3626672083406159969
.agkn.com/	1970-01-20 11:15:08	Name: ab Value: 0001%3AkkHDaXLvt%2FhydLF4vmP8qB2xNQXg1GO7
.3lift.com/	1970-01-20 04:39:08	Name: tluid Value: 3855882092513799018482
.doubleclick.net/	1970-01-20 20:00:44	Name: IDE Value: AHWqTUk-SNSGUrTazbZ634ORLEG9CrIZmIAvPESOrrjZYrmcMowBUL-KZLJRXmV370s
.facebook.com/	1970-01-20 04:39:08	Name: fr Value: 0JMGV0AF6amRSZXik..BiYb25...1.0.BiYb25.
.mathtag.com/	1970-01-20 11:55:27	Name: uuid Value: afaf6261-bdb9-4f00-a3f0-f0213a8c80bf
.bidr.io/	1970-01-20 11:58:06	Name: bito Value: AACnx07Ew3sAACJTPRdVhA
.bidr.io/	1970-01-20 11:58:06	Name: bitoIsSecure Value: ok

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://o.canada.com/privacy-statement/en/ Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security	error	URL: https://fem.prod.postmedia.digital/v56.0/fem.js Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security	error	URL: https://hb.districtm.io/prod/100549/all.postmedia.js Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security	error	URL: https://static.criteo.net/js/ld/publishertag.js Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security	error	URL: https://cdn.krxd.net/ctjs/controltag.js.f5d7048d3841bccb4f5d92333c20b066(Line 4) Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
worker	error	URL: https://o.canada.com/privacy-statement/en/ Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
worker	error	URL: https://o.canada.com/privacy-statement/en/ Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security	error	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security	error	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
javascript	warning	URL: https://o.canada.com/privacy-statement/en/ Message: The resource https://ak.sail-horizon.com/spm/spm.v1.min.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://o.canada.com/privacy-statement/en/ Message: The resource https://cdn.adsafeprotected.com/iasPET.1.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-dynamic' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co
aa.agkn.com
ak.sail-horizon.com
api.permutive.com
auth.lrcontent.com
beacon.krxd.net
c.amazon-adsystem.com
cdn.adsafeprotected.com
cdn.districtm.io
cdn.krxd.net
cdn.parsely.com
cm.g.doubleclick.net
config.lrcontent.com
connect.facebook.net
consumer.krxd.net
d395dw5zk780j2.cloudfront.net
dmx.districtm.io
dmx.us-east-31.districtm.io
eb2.3lift.com
fem.prod.postmedia.digital
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
hb.districtm.io
ib.adnxs.com
identity.mparticle.com
idsync.rlcdn.com
idx.liadm.com
js-sec.indexww.com
jssdkcdns.mparticle.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
ml314.com
mug.criteo.com
o.canada.com
p1.parsely.com
pixel-sync.sitescout.com
pixel.advertising.com
postmedia.hub.loginradius.com
ps.eyeota.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
stags.bluekai.com
static.criteo.net
stats.g.doubleclick.net
storage.googleapis.com
sync-tm.everesttech.net
sync.mathtag.com
sync.srv.stackadapt.com
ups.analytics.yahoo.com
usermatch.krxd.net
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.npttech.com
104.16.190.66
104.16.68.69
13.33.46.48
13.33.46.5
142.250.72.98
142.250.80.34
143.204.137.197
143.204.146.35
151.101.194.133
151.101.2.49
173.223.56.123
207.198.113.179
216.200.232.253
23.217.155.246
23.52.162.21
2600:9000:2140:a00:8:f216:eb80:93a1
2606:4700:10::6816:48e8
2606:4700:10::6816:49e8
2606:4700:3030::6815:5476
2606:4700::6812:451
2607:f8b0:4004:c06::9a
2607:f8b0:4006:80a::2010
2607:f8b0:4006:80d::2008
2607:f8b0:4006:81c::2003
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81d::200a
2607:f8b0:4006:822::200e
2607:f8b0:4006:824::2003
2620:100:a001::4
2620:100:a001::c
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:400::645
2a04:4e42:600::645
34.107.199.243
34.107.254.252
34.111.234.236
34.192.116.66
34.194.161.83
34.201.230.190
34.231.116.207
34.75.117.5
35.169.125.112
35.190.60.146
35.241.9.51
35.71.131.137
50.17.92.33
52.200.181.105
52.223.22.214
52.3.54.123
52.45.33.138
52.85.61.56
54.156.26.12
54.237.255.89
68.67.179.121
74.119.119.139
99.84.112.62
99.84.118.110
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06dac66f8ccb6659374711acb6acf073511421ff522d519cc1766746330679ad
06db09952ea7c3b22578f98d78f7e459a6fc8a929dfd35107d98549f9b38eb11
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
0abcd97f1c3ea08ef675d53a2756a5340e05e20a022c749edd9f76fbf478ebe8
0e31e684fe563f2521b0e68e7f711527dd492adda820ec1e2582288fb0ac8af6
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10069a973f0e968ccaabd621371035f11249b82d7957129392681a7866b78af6
1085fc6698feb5cbeb81075cb2139fdc8a5c40bcf2323e2c0b20dbe01559c003
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14086078b136458df89ffa9f3b78534695455cde9112124bb78a61c91d28abb4
179f43e8abd5e7bd49d05571dc29d22c9f5044eb17ca8253a49e3e28e716af61
1cf9d1e0389ed5f4599437e64d4a8ca04c0de09517f407b07907a1a818c3e9c8
249faa90c86b76bb0b47544093fa55436c6315ce70df8a2516fc6125bc0e35bd
24feb80c51aed43a0c5c52126fb1feea57f3f695e7bfa2e234a94bcb10463696
261e24e4b11ac71c64f38c0d8a0e20a7aa39029b10629bfd300626c634c078ef
28cc80ac3045d5b4a7ffbbbfeea8b2f4cbe6ef69b751cdfb825b237013a55368
2ad02e4a6cca7ca570c447fefe0d5c6c98cf28c7ff362ecd0bdcee4505084b8c
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2c9c93406a36ba5f02e8ffc46ea08493928095424471cf5833da8a57b50f3816
2e5965d26add20b8b67767233c5eb08ac51f00e4cd1956cac0f534cf477f0949
3016b250bcbd944985a07ea06a92377e3d1f7222c1d7d459e82affa98b6bdcae
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
34e9e99f036b499a93627f9d49594646260545f6ebaa660cd7b81d49982b48bd
36c7ec620aa2bdab2185c44a2b8c8bf3ea3d6639510d81f83a5c885bb1219658
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9
3da55e568e702d556e38da13bc5c2d1454743bf4e41e7e9a83ff033d9b027472
40981811e2391ee6448943f8653020dda680717c25e4b4d476c55b8a8812730f
40e562e806ce113ae7879d0dd76db82797b5c274794751c260381f2c8b283641
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
493717b5f1b3b9c6513dca0ee779229280742da0a9b3f7f90f7325b8c50da6a3
4d658adc4a27e1ac8a999a35377672d6d2e744629ffe42de8d35fbd1e592f5a2
5b6a197fb2868e493c28a9b59660289216fee9ecfcafcfa1660ec4189219cef3
5da910911e62cfe85db025c7b46c8fc8fe24ab98a57d8bdd7e0ae8b3cc0911b7
5eb247d50c79ece9c00d0c3206421e426500f567f8ec8465e66bb073ec5a7d42
5fdf5e0a79dca280250218280d513e55e5b585f612b126923756aaf7bea74b79
64056ae9b26fcb49f658fb93a008e60312f63350a09d3296543ee4383d7a421d
68910a4e5f85bcaf85782e3e6779e311e94ebff60a39fc8df48c5b1b071e05ea
68a335c0d87dce935fee1811892070e78c514828d50bfe2ae21fde739ec1002c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
75d893335a1d25db1bf02e25ab904d97a3af743128850d8566b93d197e56e9e9
7ddf73dc2654d76a2c2c685ccf1033a69df7ae1beb6d34290565a3411e6d6f59
8613493336c4799556e357bea5aa46cbc06af8b708d0578683a8c252d7b1e066
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
86e237ed9b364112595b37d570824f5ef46d4617c47bb5471c269893e51d56d6
87c55c63c2e41506556db72938b07312d1a8e3ccf4da4024fa4bea6b2147c31d
8ddf9e8fa96d1bbbeaf292ca94fc082dde61e4a6be90c87f8b2609fd88edbd4d
975a64dc9bbc5e1884ba8ca2e76d9b2791d16d5c9f3619bf30477cd21a8636d2
989d94d8baba214a6dcc1ba6795c35dc9ce9cf94863248b8970cd8e864674347
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99394b0f6e9f0aefd71dd6a9ad59129ff7852e7734905bead2f2cec5789e3436
9b9d16e4eb38f3b62a5a66b6b7652da069c41e608df26477b1dcee4152f820d8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a7af1e284075e490e052157637cad3710458e67cb7ac48d53f712e68b3d76a22
a9e3dba2aa1a96b4df0f27bca97f817ba4783a895cee58607f9b9eda65d7d039
abcb7b0fd4d08ef06c1ce93f88750ba5cad340ae2f7254af8711b75d7567c429
ad27e9e87b75a750b0bd9d26576b3d356ce2478183947309b853103631284c84
ae22c6869c91312b5361930ac0e1cff89cb54b6a3eec5d7bc4a913e8831b1028
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1999e376b9efaf872e3076f9a9f4d7e7f2af4d20238a553a99ce6f6c8a86cd1
b76cc5c679eef51e4d7298dc45effc3561508bf812dffeff02d74870372c71db
b7d1989a05660e8a27a04057cd5123be265770311c499cc89b5a0cc3713106e1
b907a4645c6ff50b8e4bac06d98d03c2e2fb11282c8758a90fb32642082255c6
bbe74c62945bca0d7d29f9784c7462326fb4f8100313f320468c67a947a267ad
bf03f4b78954bbd313f0df9a5fed54681647ed51dbf9f1a0bd2a7e0acd74a2fe
bfc093052de2b2dbe672ee2c69ff6199d8a31888dc4a6137a2a742f8aa79e963
c1a5b9edecfa17a485a708c42c22014f760e09de3299b8f777b3b3ea8809eb7f
c22fbbe4bf63288095e3c83d2858a1f4b65b1acdc77ac28785824b184953f0d4
c7b050f6c3726aea7b16cf1d3ec6dd6fe31382d20bb8c4e1f5178d8513a4e0cc
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce36d9ab89ae6f9ce5d13e73bacbda077fad2836d506c1db70f270d74846a512
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf99d92a8013ff9e10a23176b5dccb8375bd02dbd4deb73e8482c22b5e22d744
d06ae5e97e495832fc4526c3e93d7e9440f1faf5f77669b41678c9d564a25faf
d54b9572271c17bf84a4ca26486257daabf9356799d34e14d07a6d8db29c34f1
d5f7c1c0cbec2c27d4165db4cd06b7780f477fc9161008bde67c7a9d62b223aa
d86f3e9cc289a8baeafedc4d0b0f1f1f82c8a5a60320891f8163f2cb8aca7d58
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5888d09417b9ed66594c53074ffd494c506d1f642c617f958777179ef06bf23
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e79ff5fb403dfd221e1b8a531424bb7579536c61b54839ab8e77ba322a9b212a
e94e6d0a088b0a061d180d095d10defaded5999df172e3a7494a313a448f5513
edcc72e58692cb93f0dad13f3776596f36f1e7d6d7a98f0994302b232da0e66a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
f8b5b98fb22088795f8a5cc17ac968134ae8eb27cf86f9aefb829d41e1fc01be
fc2763025a022a9f9c6bd6756d3dcdda6afe604aa41ba359f7c4605319de954f

o.canada.com Open in urlscan Pro 34.107.199.243 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

119 Requests

83 %HTTPS

33 %IPv6

47 Domains

60 Subdomains

46 IPs

2 Countries

1641 kBTransfer

4478 kBSize

46 Cookies

24 Outgoing links

Redirected requests

119 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

o.canada.com Open in urlscan Pro
34.107.199.243 Public Scan

Screenshot
Live screenshot

Full Image

119
Requests

83 %
HTTPS

33 %
IPv6

47
Domains

60
Subdomains

46
IPs

2
Countries

1641 kB
Transfer

4478 kB
Size

46
Cookies

119 HTTP transactions
0 data transactions